"It's not safe to run an internet facing Windows box right now," a hacker who used to work in the US Department of Defense said to Motherboard.
I'm thinking this could be a good time to introduce your friends to #Linux.
I wrote a bit on why over on Reddit: https://www.reddit.com/r/linux/comments/65gnkm/this_could_be_a_good_time_to_talk_to_your_friends/
@forteller from an exploit mitigation perspective, the main Linux distributions trail behind Windows. With grsecurity making their patch private, all distributions will fall behind. When it comes down to it, Windows is likely more secure than stock Linux. It's simply that Windows has a larger market share on the desktop. If Linux had that same market share, you'd see it be targeted more.
@lattera If Linux had a larger market share then there would be more eyes and resources on finding and fixing security holes too. Just think what could be done if say 5-10 countries switched all their administrative PCs in government, police, healthcare, etc to Linux and spent all the Win+MS Office license money on making Linux better.
@forteller we thought the same about OpenSSL until Heartbleed. The "it's open source, so there's eyes on it" argument means nothing.
@lattera @forteller that was not his argument. His argument was: the more people use it, the more resources are available to do the audits and improve it.
Your logical fallacy is: Straw Man. https://yourlogicalfallacyis.com/strawman
@forteller @lattera that's the point. Investing in FLOSS is investing in a public good, it actually pays off both for governments, and the people.
Also, think of local companies being able to help with development of features needed by local governments. We really don't need to send buckets of cash to Redmond.
@forteller @lattera @rysiek Not happening.
By which I mean: Any government that can save money on dropping OS costs will not reinvest that into an open-source project. They'll sooner channel that money somewhere else.
For eg, the whole world basically runs on OpenSSL, including all firewall vendors. None of them found Heartbleed before it was too late.
Many eyes doesn't mean they're always looking.
@wogan @forteller @lattera nobody says it means that. But at least they *can* look. It's our choice if we choose to actually use that chance.
And it's up to us, the citizens, to push the governments to Do The Right Thing. Surprise, surprise.
@rysiek @wogan @lattera My greatest fear is software controlling critical systems for peoples life and liberty and for the possibility of whistleblowing, journalism and resisting the state power intentionaly being made say "I can't let you do that" in some cases. In a world where everything is computers that can be the death of freedom.
FOSS can be hacked, but not built to serve others than the users without anyone knowing about it.
@forteller @wogan @lattera Democracy always lives in the cracks of the system. We need to preserve these cracks. FLOSS is a way of doing just that.
@forteller @lattera Linux has an enormous market share on servers (Without Linux the Internet would stop working), phones and gadgets, but not so much on desktops. Companies like Google and IBM have been putting money into Linux development since years. Agreed on the money saving re: Microsoft. Money flowing towards Redmond WA, USA is like a black hole, and not worth it.
@yellowfrog @forteller and, yet, nearly all the IoT devices that run Linux have critical vulnerabilities that will never, ever be fixed.
@lattera @forteller Yes, indeed. A terrible truth.
@forteller @lattera @yellowfrog honest question: are the vulnerabilities in the actual kernel or on the software running on top of it?
@lattera @Maltimore @yellowfrog There's always voulnerabilities in all software would be my guess (I am not a coder)
@lattera @yellowfrog @forteller well that's a very fatalist point of view. The conclusion of that would be that I could also just do my online banking with internet explorer on windows (ugh). Sure all software has vulnerabilities but some more than others.
@Maltimore @lattera @yellowfrog You just litteraly said the same thing that I did, though ;) I never said there's no differences, or else I wouldn't have posted that original toot in the first place :)
@forteller @lattera @yellowfrog actually I can't see your first post in this thread. For me the first post is by Shawn Webb starting with:
"@forteller from an exploit mitigation perspective, the main Linux distributions trail behind [...]"
@yellowfrog @lattera @forteller
I think I found your original post on your profile now though
@Maltimore @lattera @yellowfrog Yeah, there is a problem with not geting the full thread from other instances. That's a big issue that really needs to be fixed. I hope it's high on the dev's list
@forteller Setting them up a pfsense box would go a lot further towards protecting them.
@munin @forteller at least use a firewall that has exploit mitigations baked in, like OPNsense. ;)
@forteller @lattera If you are capable of doing more then do so.
The point is to raise the bar and help people stay safe, not to sit around virtue signaling over one's choice of software
@GitmoBob Yes, I adress that in my Reddit post.
@forteller Has it ever been a good time to use Windows?
@forteller It's unfortunate we're peddling this nonsense as fact.
@forteller It's not safe to point most computers towards the internet, with a P(compromise) proportional to the deployment footprint of the OS.
You don't point Linux servers at the internet without careful care and constant patches, either.
It's just FUD, to use the classical term.
@forteller lately all NSA hacking tools have been released by hacking group so now using Windows is generally dangerous...
kɜ:ʳ 
@forteller this is kind of an overreaction
1) home users are almost always behind a router which doesn't forward ports to their boxes
2) Microsoft has already released patches that fix the 0days, so if they're keeping their systems up to date (like they'd also have to do on Linux) then they're unaffected
3) the "it support guy over the phone" bit is still way easier to pull off & probably more effective for stealing bank accts or whatever you think home users are vulnerable to
@forteller do you have a link for this Windows quote?
@rysiek It's in the Reddit post I linked to :)
@forteller MacOS then. I think you would confuse them with Linux.
@xvilo I don't see how Linux would be any more confusing than Mac for most people. And FOSS is the important part, because this is the main worry: https://octodon.social/@forteller/612775
@xvilo @forteller It isn't.
A Linux-based OS is no more or less confusing than an NTOSKRNL or Darwin one, just different.
Just like switching from a Ford to a Toyota; gear changes a clunky for a while but you soon get the hang of it.
Security? All for naught when you forget to lock either one - meat-sacks are the weakest link.
Seems like I've become my own, personal cult. Nice. https://octodon.social/media/fNPt-vsNJpoZ6nh3BwY
@forteller Congratulations! Do you know what sort of cult it is?
@lilletale Some sort of Freedom cult, I guess…? :P
@forteller The US Government, unfortunately, even the really deep tech network groups, eventually, generally, have to answer to their own security audits and recommendations, which are so far behind the times as to beggar the imagination. So yeah, they know about Linux and use it where they can, because there are so many Windows exploits, but the requirements and audits are so mandatory they cannot always do so (I contracted to the DHS for a while).
@forteller Yeah this is definitely "year of linux" for me.
Always gamed on W7 so reluctantly did browsing etc too but no more.
Just gaming.
