Language Selection

English French German Italian Portuguese Spanish

Security: Unpatched and Doing Fine?

Filed under
Linux

It's been a year since the Honeynet project published the results of their study, which concluded that Linux systems can last much longer than Windows systems unpatched on the Internet. I am sure that to some extent this remains true, but I wonder when I see things such as statistics that claim the highest percentage of attacks are seen on Linux systems and the number two reason they are attacked is because they are unpatched.

This has long been a sore spot for me in the Linux world, not because Linux systems are "unsafe", but because patching (not just for enterprises, but even for home users) on Linux is a pain. Some versions are easier than others, but simply trying to get the patches and ensure that you don't break anything is usually a challenge. And I don't see it getting easier, either.

Just to prove my point, I took a gander at some patching methods for several different platforms:

Full Story.

*yawn*

I just read it...This is just a pointless whinge article. (And it smells like someone was hired by Microsoft to write this nonsense...Either that, or they really had no frigging clue to begin with).

In fact, its a non-issue. You pick a distro, you use it, you learn how to update it, you keep it secure. That's it.

Its a non-issue unless you keep moving distro to distro. If you stick with the one distro from the beginning, you'll do fine.

How hard is it to update "easy to use" distros like Ubuntu, OpenSUSE, etc? Its all clicking with the mouse! (Apparently, according to the article, that is still too hard. If that's hard, then how do people handle Windows Update via the "manually select patches to install" way?)

The article has very little substance, and doesn't offer anything but FUD tones to scare people about maintaining Linux systems.

Even for Gentoo...Is it hard to teach a newbie to type: emerge ?

1000 to 1 the author of that article has never touched a Linux system in their lives...Let alone write about it.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Red Hat General and Financial News

today's howtos

Tizen in Bolivia and India

Security Leftovers

  • Security updates for Wednesday
  • Microsoft says its best not to fiddle with its Windows 10 group policies (that don't work)

    On Monday, we revealed that a security researcher had used a packet sniffer to show that many settings designed to prevent access to the internet were being ignored with connections to a range of third party servers including advertising hubs.

  • What's got a vast attack surface and runs on Linux? Windows Defender, of course
    Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too. Ormandy's project is to port Windows DLLs to Linux for his vuln tests (“So that's how he works so fast!” Penguinistas around the world are saying). Typically self-effacing, Ormandy made this simple announcement on Twitter (to a reception mixing admiration, humour, and horror):
  • Hacked in Translation – from Subtitles to Complete Takeover
    Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.
  • A Samba remote code execution vulnerability
    Distributors are already shipping the fix; there's also a workaround in the advisory for those who cannot update immediately.