It’s security through small market share. There’s just not enough major organizations using Linux as a default to warrant large numbers of all manor of gray or black hats to dig deep into finding the exploits.
You do know that almost the entire Internet runs on linux? Even Microsoft isn’t running very many windows servers. In my humble opinion, if you are running a server on Windows, you are batshit crazy.
I run a winServer, but only to test if our device we develop works with LDAP(S) hosted on winServer->ActiveDirectory/entraID, as well as WinServer->RADIUS->eap-tls
There’s more money flowing through linux systems than you can even imagine. It’s an incredibly lucrative target that runs approx 85-90% of all internet service servers.
Much of the security that comes with most linux distros is due to how software is installed. On windows, you typically install random .exe files online and have to put your trust in whoever provided you with the installer. On linux, it’s much more common to use a package manager to install packages, which means you are putting your trust in the package repositories instead, which can be policed by the maintainers who can decline to add suspicious packages.
I have been a Linux user since 1995. Anyone that thinks that Linux is invulnerable is just silly.
And has bad memory, regreSSHion wasn’t even half a year ago
That’s the one that avoided any enterprise SSHd, right?
Only people running bleeding edge were affected.
nothing is invulrenable. but good luck finding a vulrenability on openSUSE for example. Almost impossible. But just almost
It’s security through small market share. There’s just not enough major organizations using Linux as a default to warrant large numbers of all manor of gray or black hats to dig deep into finding the exploits.
There is an entire Linux server segment - exploiting Linux can be insanely profitable
Can be, but less likely given how ubiquitous Windows is on major systems across all industries.
You do know that almost the entire Internet runs on linux? Even Microsoft isn’t running very many windows servers. In my humble opinion, if you are running a server on Windows, you are batshit crazy.
I run a winServer, but only to test if our device we develop works with LDAP(S) hosted on winServer->ActiveDirectory/entraID, as well as WinServer->RADIUS->eap-tls
There’s more money flowing through linux systems than you can even imagine. It’s an incredibly lucrative target that runs approx 85-90% of all internet service servers.
Much of the security that comes with most linux distros is due to how software is installed. On windows, you typically install random .exe files online and have to put your trust in whoever provided you with the installer. On linux, it’s much more common to use a package manager to install packages, which means you are putting your trust in the package repositories instead, which can be policed by the maintainers who can decline to add suspicious packages.