Language Selection

English French German Italian Portuguese Spanish

Security: Unpatched and Doing Fine?

Filed under
Linux

It's been a year since the Honeynet project published the results of their study, which concluded that Linux systems can last much longer than Windows systems unpatched on the Internet. I am sure that to some extent this remains true, but I wonder when I see things such as statistics that claim the highest percentage of attacks are seen on Linux systems and the number two reason they are attacked is because they are unpatched.

This has long been a sore spot for me in the Linux world, not because Linux systems are "unsafe", but because patching (not just for enterprises, but even for home users) on Linux is a pain. Some versions are easier than others, but simply trying to get the patches and ensure that you don't break anything is usually a challenge. And I don't see it getting easier, either.

Just to prove my point, I took a gander at some patching methods for several different platforms:

Full Story.

*yawn*

I just read it...This is just a pointless whinge article. (And it smells like someone was hired by Microsoft to write this nonsense...Either that, or they really had no frigging clue to begin with).

In fact, its a non-issue. You pick a distro, you use it, you learn how to update it, you keep it secure. That's it.

Its a non-issue unless you keep moving distro to distro. If you stick with the one distro from the beginning, you'll do fine.

How hard is it to update "easy to use" distros like Ubuntu, OpenSUSE, etc? Its all clicking with the mouse! (Apparently, according to the article, that is still too hard. If that's hard, then how do people handle Windows Update via the "manually select patches to install" way?)

The article has very little substance, and doesn't offer anything but FUD tones to scare people about maintaining Linux systems.

Even for Gentoo...Is it hard to teach a newbie to type: emerge ?

1000 to 1 the author of that article has never touched a Linux system in their lives...Let alone write about it.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Linux/FOSS Events

  • The Linux Foundation Announces Session Lineup for ApacheCon(TM) Europe
  • OpenShift Commons Gathering event preview
    We're just two months out from the OpenShift Commons Gathering coming up on November 7, 2016 in Seattle, Washington, co-located with KubeCon and CloudNativeCon. OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. Origin adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams. And we're excited to say, the 1.3 GA release of OpenShift Origin, which includes Kubernetes 1.3, is out the door! Hear more about the release from Lead Architect for OpenShift Origin, Clayton Coleman.

Security News

  • Report: Linux security must be upgraded to protect future tech
    The summit was used to expose a number of flaws in Linux's design that make it increasingly unsuitable to power modern devices. Linux is the operating system that runs most of the modern world. It is behind everything from web servers and supercomputers to mobile phones. Increasingly, it's also being used to run connected Internet of Things (IoT) devices, including products like cars and intelligent robots.
  • security things in Linux v4.6
    Hector Marco-Gisbert removed a long-standing limitation to mmap ASLR on 32-bit x86, where setting an unlimited stack (e.g. “ulimit -s unlimited“) would turn off mmap ASLR (which provided a way to bypass ASLR when executing setuid processes). Given that ASLR entropy can now be controlled directly (see the v4.5 post), and that the cases where this created an actual problem are very rare, means that if a system sees collisions between unlimited stack and mmap ASLR, they can just adjust the 32-bit ASLR entropy instead.

Raspberry Pi PIXEL and More Improvements

Trainline creates open source platform to help developers deploy apps and environments in AWS