Dieser Bereich kann Inhalte enthalten, die nicht für alle Nutzer geeignet sind. Dazu können unter anderem Texte, Medien oder Diskussionen gehören, die als beleidigend, extremistisch, gewaltbezogen oder anderweitig belastend empfunden werden. Wenn du solche Inhalte nicht sehen möchtest, nutze bitte die jeweiligen Filter- und Meldeoptionen der Plattform oder meide entsprechende Threads/Communities.
There was never an actual notion of “security through obscurity”. LInux runs the complete Internet and most coporate server infrastructure. That’s where the actual money is.
People hallucinating that Linux is something obscure simply have no clue and confused their home desktop for real computing. Windows desktops are constantly targeted not because they are -unlike Linux- so wide-spread but because they are already insanely insecure. They are the low hanging fruit where you can cobble together some cheap shit and will still find million of PCs vulnerable. If you want to find a Linux comparison it’s definitely not server or desktops but cheap IoT devices not having seen an update (or any security to speak of) for many years.
For reference: We are talking about guests in a virtual pc escaping it’s container. That’s not something obcure. That’s basically all cloud hoster’s whole business model, thus the reason Google pays a lot of money for finding such exploits.
Windows desktops are targeted because any place you have a user, you have a vulnerability. The vast majority of Linux installs are servers with extremely limited user activity, which narrows the attack vectors significantly.
In any system, the human is usually the weakest link.
You could have just said that you don’t know what “security through obscurity” is.
You are right. I don’t know what your personal definition of “security through obscurity” is as it’s very obviously not matching actual reality.
Just google the term next time rather than embarrassing yourself.
Yes, please do.
The actual notion of “security through obscurity” (that will surely come up on Google if their AI bullshittery hasn’t screwed up completely…) for Linux is insane because open source is the polar opposite. By that definition proprietary code is actually much more linked to the concept.
The often more unprecise and colloquial usage I thus assumed you were using doesn’t apply either, for the reasons I summarised.
So which imaginary definition of “security through obscurity” are you using and assuming that it will come up on Google when none of the real ones makes any sense?
OMG.
https://en.wikipedia.org/wiki/Security_through_obscurity
You don’t know what you’re talking about - please stop. It’s embarrassing. It’s a long-standing industry term not some weird phrase I just made up. Nobody is saying “Linux is obscure”.
You quoted something directly contradicting what you said. Nothing is concealed, every line of erroneous code could have been analysed for 15 years. All information needed to find the bug was public since it the code has been written and checked in publicly.
How about scrolling up to the exact comment I anwered to? Or -as you seem to be on the exceptional dense side- let me do it for you…
As already explained above I did not expect that statement to use the common “long-standing industry term” because -again- it would be utterly insane to claim security through obscurity for something open source.
deleted by creator
That’s literally the opposite of what open source and Linux does, though. Anyone can see how it works, so they have to have actual security instead of relying on security through obscurity.