“[GNU/]Linux being secure is a common misconception in the security and privacy realm.”

https://madaidans-insecurities.github.io/linux.html

“[GNU/]Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features. This article is intended to debunk these misunderstandings”.

Based on this, one should try to do as much as possible on a GrapheneOS device

@privacy

  • Pantherina@feddit.de
    3·
    8 months ago

    Many applications come with home and host permissions

    This is a true statement? As long as they are not rewritten partly to use portals, many especially big applications need that.

    • wreckage@lemmy.worldEnglish
      3·
      8 months ago

      You’re correct, but just like you said, many applications need that.

      If I install LibreOffice on Windows or Android, it’ll also have access to all my files. I really don’t see how that makes Linux more insecure.

      Sure, ideally it would use portals, I just don’t like the attitude of the blog post.

      Addressing concerns or areas for improvement, and suggesting users solutions like installing Flatseal, would be far more constructive. Even better would be submitting pull requests to enhance security themselves, since they seem to know so much about it. Instead, they’re just spreading FUD and complaining about small problems or nonsensical arguments like Windows adopting rust. Since when Rust is more used on Windows than Linux?

      For instance, the blog post mentions Xorg’s security concerns but overlooks mentioning Xorg’s alternative Wayland, the default in most distributions when using KDE Plasma or Gnome, which are also the most used.

      If security is so important, there are distros like Qubes OS, but most users don’t need that level of paranoia, specially if it ruins workflow, performance and productivity

      • Pantherina@feddit.de
        2·
        8 months ago

        Yes agree on that. Linux needs more standardization.

        It is big problem, because it lacks the structure somehow. If there is easy tooling for app development, as Flatpaks with all the modern security practices (safe language, portals, modern GUI, Wayland, Accessibility APIs) then developers could easily follow these rules and create good apps more easily.

        Currently app development is not easy and thus also very random.