Crowdstrike's malware-as-a-service is now affecting Linux. Red Hat, Rocky and Debian stable are affected. According to distrowatch.com, most of us here running linux as a desktop are using debian and debian stable based distros like Mint, Ubuntu, MX. Stop updating, 2 wks+
(www.theregister.com)
🚔 Crime & Democrats 💸
No, linux is still much more secure than windows. Your guru is right.
The security models are better in linux than windows. Windows is and always has been a total security mess on the other side of the tapestry.
Windows is LITERALLY only good for one thing: Playing Games.
And that's because game developers go where there is greater market share, and they don't take the extra time to make a game work in all platforms.
Also, the first thing people do in linux-as-a-desktop is they turn off automatic updates. Many distros don't do this any more. People in linux are encouraged to update their systems themselves with apt-get / apt update or 'yay' on the commandline. And in linux you can choose which updates to get, and by default, distros try to be very safe and conservative with the updates they get.
There's a lot more checking of software before sending it out. It's very rare for a bad linux update to go out there, but believe me it's happened before. There is a famous example recently of an update that nearly affected every linux (xz hack)
This would be the first such thing to happen in maybe over 20 yrs, to my memory. I also want to note that it DID NOT happen. It ALMOST happened, but ironically a microsoft engineer found it first.
User or admin having complete control over the OS is fundamentally more secure than a central 'authority' releasing updates and pushing them no matter what the use case for the device. I am so sick of people trying to argue that Microsoft should be able to update Windows and reboot it on something like a factory control system computer rather than to keep entire control over when and how the control system OS updates and reboots with those designing and maintaining the control system.
Security and stability go hand in hand.. Without stability, there is zero security. Somehow the software industry has pushed this idea of 'security no matter what' which means often the least tested code is pushed out to everyone to close 'security holes' that may or may not matter depending on the end user environment.
Exactly. Which is a good example of why decentralized systems are superior to excessively centralized alternatives.
In the companies where I worked, no patch or update was EVER made directly to production environments... especially for Windows and Linux OS (many companies run mixed environments).
All patches and updates were downloaded to safe environments, thoroughly tested and proven to be safe BEFORE ever pushing them to production environments - which in corporate networks also included user desktops/laptops, etc.
Crowdstrike Falcon pushed updates directly from the cloud to local computers - which is bat shit crazy from a security/reliability perspective. Will people learn from this? That remains to be seen...
I wonder if Crowdstrike hiring policies, and the people they have attracted to their company due to such policies, had anything to do with it:
"CrowdStrike is an advocate for diversity and equal employment opportunities. To enhance our culture as we grow, we offer unconscious bias training for recruiters and hiring managers with the goal of helping our people be more inclusive managers, run inclusive meetings and be thoughtful of inclusivity in everyday process and practice."
https://www.crowdstrike.com/about/environmental-social-governance/diversity-equity-inclusion/
It’s really not. I manage tens of thousands of these as server capacity and can tell you we get very bad exploits on a semi annual basis. The kind where we have to batten down the hatches and everyone scrambles.
I would not use it as a desktop gui workstation simply because of how much pain there would be. I need to be productive because time is important and not waste time on tinkering. That said , the false premise that it is more secure is simply because nobody (relatively) uses it as a workstation. Windows exploits are more visible because it’s easier to attack from users clicking on stupid shit. Whereas a server is less likely to click on random things on the internet. That really is what it boils down to. Linux gets very bad exploits that were pushed out by bad actors foreign agents who actually are part of the dev team for its software. Check out this one https://www.wired.com/story/jia-tan-xz-backdoor/
The CrowdStrike situation isn’t applicable to users clicking on stupid shit. Tbh it is an anomaly and imo was not an accident. But basic end users like yourselves have no need to worry about the CrowdStrike issue it isn’t on your simpleton gaming laptop it is solely affecting (and imo) targeting critical infra systems.
And even this is really only down to compatibility and anticheat blacklists.
Most games play better on Linux for various reasons, not least of all is all of the bloat going on in Windows that is integral to its operation (e.g. high RAM usage and CPU usage that is all over the place.)
Frame pacing is better in almost every circumstance on Linux nowadays.
This reminds me of a story: https://www.theregister.com/2021/04/21/minnesota_linux_kernel_flaws_update/