Corrections from the comments: @plugrolhuldo7736 - There were some problems regarding nvidia along with wayland as they did not add support for it in their driver, but they've just recently published a roadmap and opensourced some parts, that now wayland with nvidia works just as good as it does with AMD. Both on Nouveau as well as on the propriatary driver.
you can join the Discord server I have in the description! We're a group of IT people of all skill levels. You can also email me at pat@cybersecpat.com :D I'm happy to help you however possible
Such an odd statement, not sure if it was on purpose. A terminal used to be a dumb screen with basically no processing where everything is done on the computer it is remotely connected to. So offline in this case means: not connected to a computer. Well, I guess that does make it a pretty safe if it can't really run regular programs. 🙂
8:12 Based on my experience as an Nvidia + Wayland user, I’ve found that most of the bugs I’ve encountered-or helped others fix- were due to user errors, typically caused by misconfigurations and not reading the manual. I’d say the idea that Nvidia doesn’t work well is largely a thing of the past. I liked the video a lot and you mentioned things that I’ve never considered such as the repo admins having root privileges, you got a new subscriber.
I apologize if I got this wrong, but what you practically suggest in the present moment for people new to Linux is, either use immutable distros, or stick with Windows/Mac/ChromeOS until things get better in Penguinland? Upon further reflection, immutable distros basically means user packages are to be installed as snaps/flatpaks, but since snaps/flatpaks are also insecure (to a degree, perhaps quite a non-tolerable one, else it wouldn't be an issue in the first place), so if these insecurities are to be taken really seriously, isn't the logical conclusion for new users (who cannot hope to harden their system enough) is to no bother with Linux at all at the current state? As a Linux noob-started using Debian 12 not too long ago-the implications are worrying, to say the least.
I think that in general Linux is still more secure than Windows, especially immutable distros. Flatpaks have faults, but most of my issues with them are specifically about FlatHub. If you can avoid FlatHub and stick to for example the Fedora Flatpak repo, you’ll be in good shape.
From what I understand of immutable distros, they allow the user to boot up their bricked or conpromises computer to the previous version and eventually troubleshoot from there or wipe the compromised version altogether.
@@CybersecPat I run a Zorin box but also Windows 10 with the AME Wizard run on it. It guts Windows of all telemetry, and spyware and a bunch of other security changes to make it more secure. They had to Thankfully remove the entire Windows Update System as well as the ability to accept security updates because those were avenues of spyware and unwanted software Microsoft calls Features. No Home Windows user who knows how to safeguard what they install onto the system ever needs to run Windows Update (unless a feature is broken out the box) security updates or antivirus. My PC is as secure as any Linux box can be if it's connected to the internet. My experience is using Microsoft products from DOS 5 and up and from having home computers going back to 1980. I had the internet at least 15 years before the graphical WWW came out in 95. It was Bliss to not have the commercialism and corruption we have today.
talking about random ppl who are not affiliated with the project. it's the same with AUR from arch right? chrome for example. but how are we supposed to get these apps then. or am i missing something
Not only it's more secure, it's most secure. There are no ransomware targeting Linux even though it's a juicy target on account of EVERY SINGLE BANK IN THE WORLD USING IT, while there's plenty of them for other systems (even MacOS, remember Flashback?) but there's no run of the mill trojans either.
Simply disabling "Recall" (or even uninstalling it entirely) is much faster (a single console command and a reboot), more practical, and safer than switching to an unfamiliar system where you’d need a certain level of expertise to achieve even a fraction of the protection that works by default in both Windows and macOS.
@@JackLondon-q7n I think its more about the philosophy then the actual security risk. I would much rather use a OS that requires me to understand and maintain it then one that tries to raise its share price by forcing the currently hipped technology onto its users. edit: that may not be the right thing for your grandmother but I think it would be a good thing if the average Joe learned more about how there OS worked and how to maintain/fix it.
@JackLondon-q7n except we already know recall can't be removed and windows has decades of history showing they will change your settings every update turning everything you turned off back on without any warning.
I do my best to secure my linux desktop by doing updates, having a firewall, disabling services not needed and not installing programs outside the tepis.
With Linux Fedora you get notifications to update. Or do it say once a week live evrey weekend i backup documents so i will update. Linux dose it quick and fast and i can do other stuff online while it is being done. You just have to shut down for some updates to install inside startup outside OS. You can use Calmav to scan weekly to. My mothers laptop crashed and she could not get into Windows. She is like i have lost personnel files i am like how often do you back up, she is like i don't backup. In a blue screen scenario you can re install OS and have a weekly backup to keep most of your files up to date.
@@CybersecPat It is a poorly built OS and it is one system suits all. With Linux you have a choise of what you want to use based on your demands. I like Gaming some people just surf web and run office apps.
@@CybersecPat Companies like Asus tend to have tens of thousands of laptop models on the market (just check their own list of models on their official websites). Some of these models - even non-budget business-class ones - are abandoned just six months after release. No driver updates, no BIOS updates, nothing. Starting with Windows 7, the only thing that can cause a BSOD is a faulty driver or a driver that cannot properly handle faulty hardware. This is a situation very similar to what happens when trying to install Linux distributions on many laptops, where the manufacturers haven’t bothered to provide drivers or provide robust drivers for Linux...
the reason 3 is funny because one of the reasons why people criticize windows is the exact same solution as snaps and flatpaks are using to solve the problem of an program no longer working after an update.
Completely off topic but for a moment i read the title as "Is Linus actually more secure? Maybe not..." and I was like "oh fuck they hacked him again ffs"
I loooove hyperland. my understanding is that hyperland uses wlroots as the compositor, so it is actually sitting on top of Wayland! the biggest thing I miss from Linux is the tiling window managers. macOS just doesn’t have an equivalent
@@CybersecPat In macOS, there are several apps (including freeware) designed to enhance window management capabilities, such as adding keyboard shortcuts. These apps can be used, to some extent, to replicate window management and tiling features similar to those found in Linux desktop managers or Windows.
Eeeeh, they are 2 different things... One is a display manager, the other are protocols. So in this case, if you use hprland, you are also using some wayland protocols.
Depending on users is one reason why corporations push updates to their connected computers. But you're quite right Patrick, in that I also have to push certain friends into doing updates on their computers. What think you of Clam AV?
The point that running wayland with a nvidia card is not possible is wrong. Not being able to share you screen is not waylands but rather discords fault for not updating their electron version. Electron itself does support it. You can however use Vesktop for example or the browser and you'll be able to share you screen. Regardless of your graphics card.
@CybersecPat there were some problems regarding nvidia along with wayland as they did not add support for it in their driver, but they've just recently published a roadmap and opensourced some parts, that now wayland with nvidia works just as good as it does with AMD. Both on Nouveau as well as on the propriatary driver.
X11 is as secure as the Windows desktop as they can also view any window on the screen. I don't know the situation on Mac but wayland is improving. fast. It's security standards are very high compared to windows
Valid point! I think you’re right on that Windows has the same issues relating to this. MacOS prevents screen spying by applications, but Wayland I think has the best implementation of these protections.
@@CybersecPat In Windows, there's a special abstraction called the Desktop. Good luck trying to "read" any content from a window opened on a different desktop (or, in general, programmatically interact with it in an attempt to screenshot it, read/modify input, or interact with UI controls). This functionality was introduced way back in Windows NT 3.1 (1993). It forms the foundation of the "Secure Desktop," which is used to display prompts for actions like confirming administrator privileges or entering the master password for key-management applications. And all of this is achieved without needing to run different apps under separate user accounts. macOS, on the other hand, has its own distinct approach to achieving similar security goals. But good luck implementing anything comparably robust on Linux with X11 - even now, after 30 years. Wayland, however, is a step in the right direction.
any time I decide to switch to linux tot try it I inevitably read further and find out a reason it may not be worth the effort 😫. Mint in particular is what I was thinking as it's posited as an easy transition for windows users...it's unfortunate because I love the idea of linux (free, open source) but the need for my computer to "just work" always holds me back
Most of Linux malware is targeted to Servers not broke ass people that can't even afford to buy new computers. There is no money to be made and its ca waste of there time and money. I have never heard of a Desktop use getting infected by malware, its rare. The Windows software or malware does not work on Linux.
about window spy on each other, there is an way to solve this, by running each window as an different user... but no one does that. i remember that i did that once, i cant remember all the details of how to... but its a bit of a mess setup , inconvenient as hell.
And this is a software YOU PAY FOR? IMHO a better solution would be to NOT use (and pay for) an operating system that actively tracks you, spies on you and is full of ads.
@@unconnectedbedna sorry, read again. i said window not Windows, because i was refering to the windows on x on linux, not to the windows operating system by microsoft. i avoided puting an S because i didnt want to confuse people, but it was useless.
@@igorgiuseppe1862 Ah, my bad I guess. Since you failed to mention either x11 or linux, I just assumed "spying" and "window" meant microsoft windows. Are you surprised about that? xD
I only update my Browsers. Never update the Kernal, never update my Apps. I block my Apps in the Firewall, so they don't come on to my device period. I do a fresh install every 3-5 years. I have been doing it like this for years. Very Satisfied!!
Nice! Not only are you neglecting to update your apps and kernel, but you’re also ignoring system libraries, which are, for example, used by your browsers. I’d suggest doing a little research into how many critical vulnerabilities were discovered in the most important libraries just in, say, April 2024. (Here’s a small hint: it wasn’t a particularly nice month. Then again, there are almost never any completely “nice” months when it comes to vulnerabilities...)
The third party repository thing made me think about my own installations. How to audit the repository lists if one is not an expert? How to find the repos that did not come with the distro installation? Must find out the answers. Edit: Also, I congratulate myself for realizing the insecurity of the curl+script installation method already long ago. I always rather download the installer script and walk through it before executing anything. And about X11: as someone who only uses kind of outdated hardware, are there Linux distros with Wayland for, say, dual-core laptops with max 2G memory?
Fancy mic with Ear Buds Ugg! That's an odd match to me. You might not like my setup either, a pair of Soundcore Life Q30 headphones with a Mod Mic Wireless microphone. You may have a better mic but mine is the best wireless condenser mic you can buy for 140 bucks and I think I have better sound than you with my 40 MM drivers that is High Res Audio certified. I get it.. we all gotta do what we all gotta do... LOL
"If you want your operating system to be secure, it must be up to date".. Eeeeeh, you mean like with ALL software an ALL platforms? Pretty silly argument. Activate "automatic system updates" on linux mint and the "problem" is gone... How about you, as a security researcher, focus on the ACTUAL problem, witch is lack of education. Everybody in the country where I live, knows you have to keep software up to date for security reasons. If that is not the case in your country, maybe THAT is the issue, not "microsoft is so good because it updates automatically". Never mind those updates freezes your computer completely, takes forever and not unusually asks for TWO reboots to complete. Or the fact TONS of people still use win7 (not supported) and win10 (supported for about one more year). _Maaaaybe_ focus on that instead mr security, _maaaaaybe_ you should spend your energy on TEACHING people that they *DO NOT NEED TO USE AN OPERATING SYSTEM THAT SPIES ON YOU!* Every time I see someone claim to be any kind of expert when it comes to computers spreading Microsoft propaganda I always ask: Are you payed by ms?
Sorry this wasn’t your kind of video, but in the vid I was clear that Windows was less secure than Linux. My apologies if I wasn’t clear. I dislike Windows quite a bit.
@@CybersecPat Be assured that you were very clear and pointed out the things that one has to keep in mind very very clearly. Especially updates and using a somewhat modern system (wayland) are important.
@@CybersecPat OMG. Apologize harder, or it seems they (the non-technical Linux fans) might cancel you. Such freedom! :D (By the way, I’m a pro cross-platform dev lead - Linux is one of my target platforms, and it’s literally my job to be confident in Windows, Linux, and to some extent, macOS.)
@@JackLondon-q7n That is unlikely, but ppl who actually know something about computers, knows that the entire first part in the video is complete bs. Automatic updates on linux is very common. Besides, this goes for ANY software, not just the operating system. So if you are working in the field, yes, ms loving corps might get interest in you, but any of the respected security firms will see through this bs. But by all means, tell me again how great windows is to update ALL SOFTWARE at the same time compared to a linux distro (if you use the distros repos, and even flatpak, snaps etc. in some instances).
Linux is not necessarily more secure than Win/Mac, but it's definitely more private. The most secure OSes are iOS and Android because everything is sandboxed, neither of the desktop OSes are particularly secure.
Actually, browsers are sandboxed on both Windows and macOS (and other applications can also request sandboxing for their subprocesses if needed). However, this is not the case on Linux - unless you know what a "sandbox" is, how to install one, and which implementation is robust enough to be usable, rather than breaking after a few minutes of use and requiring a full system reinstallation.
Corrections from the comments:
@plugrolhuldo7736
- There were some problems regarding nvidia along with wayland as they did not add support for it in their driver, but they've just recently published a roadmap and opensourced some parts, that now wayland with nvidia works just as good as it does with AMD. Both on Nouveau as well as on the propriatary driver.
Keep Going Bro your videos are so Informative 😍
Thanks so much! Appreciate the kind words
@ You’re welcome; bro do you have any way of communication that can I discuss with you in the field of cyber Security?😅
you can join the Discord server I have in the description! We're a group of IT people of all skill levels. You can also email me at pat@cybersecpat.com :D I'm happy to help you however possible
@@CybersecPat Thank you my brother to repond my comment, Im going to Text or email to you 😃
Only my offline terminal is secure 🗿🗿
terminaligy is there
Such an odd statement, not sure if it was on purpose.
A terminal used to be a dumb screen with basically no processing where everything is done on the computer it is remotely connected to.
So offline in this case means: not connected to a computer.
Well, I guess that does make it a pretty safe if it can't really run regular programs. 🙂
If you want auto updates, choose a distro that does auto updates?
I know! Thanks... no applause please
You're 100% on point!
Or enable the package manager to enable auto update.
8:12 Based on my experience as an Nvidia + Wayland user, I’ve found that most of the bugs I’ve encountered-or helped others fix- were due to user errors, typically caused by misconfigurations and not reading the manual. I’d say the idea that Nvidia doesn’t work well is largely a thing of the past.
I liked the video a lot and you mentioned things that I’ve never considered such as the repo admins having root privileges, you got a new subscriber.
I apologize if I got this wrong, but what you practically suggest in the present moment for people new to Linux is, either use immutable distros, or stick with Windows/Mac/ChromeOS until things get better in Penguinland?
Upon further reflection, immutable distros basically means user packages are to be installed as snaps/flatpaks, but since snaps/flatpaks are also insecure (to a degree, perhaps quite a non-tolerable one, else it wouldn't be an issue in the first place), so if these insecurities are to be taken really seriously, isn't the logical conclusion for new users (who cannot hope to harden their system enough) is to no bother with Linux at all at the current state?
As a Linux noob-started using Debian 12 not too long ago-the implications are worrying, to say the least.
I think that in general Linux is still more secure than Windows, especially immutable distros. Flatpaks have faults, but most of my issues with them are specifically about FlatHub. If you can avoid FlatHub and stick to for example the Fedora Flatpak repo, you’ll be in good shape.
From what I understand of immutable distros, they allow the user to boot up their bricked or conpromises computer to the previous version and eventually troubleshoot from there or wipe the compromised version altogether.
@@CybersecPat I run a Zorin box but also Windows 10 with the AME Wizard run on it. It guts Windows of all telemetry, and spyware and a bunch of other security changes to make it more secure. They had to Thankfully remove the entire Windows Update System as well as the ability to accept security updates because those were avenues of spyware and unwanted software Microsoft calls Features. No Home Windows user who knows how to safeguard what they install onto the system ever needs to run Windows Update (unless a feature is broken out the box) security updates or antivirus. My PC is as secure as any Linux box can be if it's connected to the internet. My experience is using Microsoft products from DOS 5 and up and from having home computers going back to 1980. I had the internet at least 15 years before the graphical WWW came out in 95. It was Bliss to not have the commercialism and corruption we have today.
talking about random ppl who are not affiliated with the project. it's the same with AUR from arch right? chrome for example. but how are we supposed to get these apps then. or am i missing something
You would install from the distributions repository, or build from source.
Not only it's more secure, it's most secure. There are no ransomware targeting Linux even though it's a juicy target on account of EVERY SINGLE BANK IN THE WORLD USING IT, while there's plenty of them for other systems (even MacOS, remember Flashback?) but there's no run of the mill trojans either.
That's because linux's typical use case isn't a good attack vector for ransomware. Ransomware is for workstations and PC, not servers
If you believe no ransomeware exists for Linux you'll very much be surprised. Having said that: it's not very common, but it does exist.
8:08 not anymore! Discored pushed an update to Canary version with proper Wayland screensharing.
I would say any os that isn’t taking a screenshot every 5 seconds and saving them in a searchable database is more secure then windows.
Simply disabling "Recall" (or even uninstalling it entirely) is much faster (a single console command and a reboot), more practical, and safer than switching to an unfamiliar system where you’d need a certain level of expertise to achieve even a fraction of the protection that works by default in both Windows and macOS.
@@JackLondon-q7n I think its more about the philosophy then the actual security risk. I would much rather use a OS that requires me to understand and maintain it then one that tries to raise its share price by forcing the currently hipped technology onto its users.
edit: that may not be the right thing for your grandmother but I think it would be a good thing if the average Joe learned more about how there OS worked and how to maintain/fix it.
@JackLondon-q7n except we already know recall can't be removed and windows has decades of history showing they will change your settings every update turning everything you turned off back on without any warning.
I do my best to secure my linux desktop by doing updates, having a firewall, disabling services not needed and not installing programs outside the tepis.
That is the way to do it!
@CybersecPat thanks. I meant outside the repos. But when typing on a phone keyboard it puts the wrong word. Lol
no worries I knew what you meant :D
You have great points, specially the flatpack one
whats the banging sound in the background??
Sorry about that, my tortoise was making sweet love with his basking rock
Dude. Do you own a car? Is maintenance someone else's responsibility? Come now!
Yes, I have a mechanic.
@@CybersecPat it's his responsibility to perform repairs, not to maintain your car. That is your responsibility.
Vanilla OS seem to be the best option for regular people. It's based on Ubuntu.
Edit: Apparently it's based on Debian now and not Ubuntu. My bad.
With Linux Fedora you get notifications to update. Or do it say once a week live evrey weekend i backup documents so i will update. Linux dose it quick and fast and i can do other stuff online while it is being done. You just have to shut down for some updates to install inside startup outside OS. You can use Calmav to scan weekly to. My mothers laptop crashed and she could not get into Windows. She is like i have lost personnel files i am like how often do you back up, she is like i don't backup. In a blue screen scenario you can re install OS and have a weekly backup to keep most of your files up to date.
This is valid for sure! Windows is an absolute catastrophe
@@CybersecPat It is a poorly built OS and it is one system suits all. With Linux you have a choise of what you want to use based on your demands. I like Gaming some people just surf web and run office apps.
@@CybersecPat Companies like Asus tend to have tens of thousands of laptop models on the market (just check their own list of models on their official websites). Some of these models - even non-budget business-class ones - are abandoned just six months after release. No driver updates, no BIOS updates, nothing.
Starting with Windows 7, the only thing that can cause a BSOD is a faulty driver or a driver that cannot properly handle faulty hardware.
This is a situation very similar to what happens when trying to install Linux distributions on many laptops, where the manufacturers haven’t bothered to provide drivers or provide robust drivers for Linux...
the reason 3 is funny because one of the reasons why people criticize windows is the exact same solution as snaps and flatpaks are using to solve the problem of an program no longer working after an update.
I can install my distro and every tool I need offline - so yes... more secure :)
Completely off topic but for a moment i read the title as "Is Linus actually more secure? Maybe not..." and I was like "oh fuck they hacked him again ffs"
what do you think of Hyprland instead of wayland?
I loooove hyperland. my understanding is that hyperland uses wlroots as the compositor, so it is actually sitting on top of Wayland! the biggest thing I miss from Linux is the tiling window managers. macOS just doesn’t have an equivalent
@@CybersecPat Cool! you mentioned Fedora Silverblue as a secure Linux OS but what about Arch Linux?
@@CybersecPatit’s been a few months since Hyprland moved to Aquamarine instead or wlroots, but yeah, Hyprland IS wayland
@@CybersecPat In macOS, there are several apps (including freeware) designed to enhance window management capabilities, such as adding keyboard shortcuts. These apps can be used, to some extent, to replicate window management and tiling features similar to those found in Linux desktop managers or Windows.
Eeeeh, they are 2 different things...
One is a display manager, the other are protocols.
So in this case, if you use hprland, you are also using some wayland protocols.
If the highest level isn't Ring 0 in an OS, then that OS isn't worth using, for anything serious.
Depending on users is one reason why corporations push updates to their connected computers. But you're quite right Patrick, in that I also have to push certain friends into doing updates on their computers. What think you of Clam AV?
ClamAV being signature based isn’t the best, but it is better than nothing
@@CybersecPat Thanks!
Me running EndeavorOS with both yay and chaotic aur installed hearing him saying how flathub is inherently insecure 😂
Finally someone said it again!!
The point that running wayland with a nvidia card is not possible is wrong.
Not being able to share you screen is not waylands but rather discords fault for not updating their electron version. Electron itself does support it.
You can however use Vesktop for example or the browser and you'll be able to share you screen. Regardless of your graphics card.
Idk, I tried vesktop but it crashes when I try to share my screen. I just use OBS to stream to discord nowadays.
@@ArtemSayapovI've once had this issue as well, but it got quickly fixed with an update.
Thank you for taking time to correct me! To make sure I understand, what exactly about NVIDIA and Wayland was incorrect?
@CybersecPat there were some problems regarding nvidia along with wayland as they did not add support for it in their driver, but they've just recently published a roadmap and opensourced some parts, that now wayland with nvidia works just as good as it does with AMD. Both on Nouveau as well as on the propriatary driver.
Perfect, thank you my friend. I'm adding this to the pinned comment for corrections at the top
X11 is as secure as the Windows desktop as they can also view any window on the screen. I don't know the situation on Mac but wayland is improving. fast. It's security standards are very high compared to windows
Valid point! I think you’re right on that Windows has the same issues relating to this. MacOS prevents screen spying by applications, but Wayland I think has the best implementation of these protections.
@@CybersecPat In Windows, there's a special abstraction called the Desktop. Good luck trying to "read" any content from a window opened on a different desktop (or, in general, programmatically interact with it in an attempt to screenshot it, read/modify input, or interact with UI controls). This functionality was introduced way back in Windows NT 3.1 (1993). It forms the foundation of the "Secure Desktop," which is used to display prompts for actions like confirming administrator privileges or entering the master password for key-management applications. And all of this is achieved without needing to run different apps under separate user accounts. macOS, on the other hand, has its own distinct approach to achieving similar security goals. But good luck implementing anything comparably robust on Linux with X11 - even now, after 30 years. Wayland, however, is a step in the right direction.
Nice talk, but what about the person sorting boxes behind the camera? Kind of distracting.. o)
sorry about that, my tortoise was humping his basking rock
any time I decide to switch to linux tot try it I inevitably read further and find out a reason it may not be worth the effort 😫. Mint in particular is what I was thinking as it's posited as an easy transition for windows users...it's unfortunate because I love the idea of linux (free, open source) but the need for my computer to "just work" always holds me back
Most of Linux malware is targeted to Servers not broke ass people that can't even afford to buy new computers. There is no money to be made and its ca waste of there time and money. I have never heard of a Desktop use getting infected by malware, its rare. The Windows software or malware does not work on Linux.
I’m in a similar boat, but I find Fedora Silverblue to be very “set and forget”
about window spy on each other, there is an way to solve this, by running each window as an different user...
but no one does that.
i remember that i did that once, i cant remember all the details of how to... but its a bit of a mess setup , inconvenient as hell.
qubesos!
And this is a software YOU PAY FOR?
IMHO a better solution would be to NOT use (and pay for) an operating system that actively tracks you, spies on you and is full of ads.
@@unconnectedbedna sorry, read again.
i said window not Windows, because i was refering to the windows on x on linux, not to the windows operating system by microsoft.
i avoided puting an S because i didnt want to confuse people, but it was useless.
@@igorgiuseppe1862 Ah, my bad I guess. Since you failed to mention either x11 or linux, I just assumed "spying" and "window" meant microsoft windows.
Are you surprised about that? xD
I only update my Browsers. Never update the Kernal, never update my Apps. I block my Apps in the Firewall, so they don't come on to my device period. I do a fresh install every 3-5 years. I have been doing it like this for years. Very Satisfied!!
That is an interesting approach! Thank you for sharing. That is the amazing thing about Linux - it puts you in control!
so if an exploit is found in the kernel you still gonna use the vulnerable kernel until your next reinstall cycle?
Nice! Not only are you neglecting to update your apps and kernel, but you’re also ignoring system libraries, which are, for example, used by your browsers. I’d suggest doing a little research into how many critical vulnerabilities were discovered in the most important libraries just in, say, April 2024. (Here’s a small hint: it wasn’t a particularly nice month. Then again, there are almost never any completely “nice” months when it comes to vulnerabilities...)
@@CybersecPat Not the best approach, actually - just read through the other comments in this thread.
@@JackLondon-q7n you’re spot on. Keeping up to date is important.
The third party repository thing made me think about my own installations. How to audit the repository lists if one is not an expert? How to find the repos that did not come with the distro installation? Must find out the answers. Edit: Also, I congratulate myself for realizing the insecurity of the curl+script installation method already long ago. I always rather download the installer script and walk through it before executing anything. And about X11: as someone who only uses kind of outdated hardware, are there Linux distros with Wayland for, say, dual-core laptops with max 2G memory?
Fancy mic with Ear Buds Ugg! That's an odd match to me. You might not like my setup either, a pair of Soundcore Life Q30 headphones with a Mod Mic Wireless microphone. You may have a better mic but mine is the best wireless condenser mic you can buy for 140 bucks and I think I have better sound than you with my 40 MM drivers that is High Res Audio certified. I get it.. we all gotta do what we all gotta do... LOL
"If you want your operating system to be secure, it must be up to date"..
Eeeeeh, you mean like with ALL software an ALL platforms?
Pretty silly argument. Activate "automatic system updates" on linux mint and the "problem" is gone...
How about you, as a security researcher, focus on the ACTUAL problem, witch is lack of education. Everybody in the country where I live, knows you have to keep software up to date for security reasons. If that is not the case in your country, maybe THAT is the issue, not "microsoft is so good because it updates automatically". Never mind those updates freezes your computer completely, takes forever and not unusually asks for TWO reboots to complete.
Or the fact TONS of people still use win7 (not supported) and win10 (supported for about one more year).
_Maaaaybe_ focus on that instead mr security, _maaaaaybe_ you should spend your energy on TEACHING people that they *DO NOT NEED TO USE AN OPERATING SYSTEM THAT SPIES ON YOU!*
Every time I see someone claim to be any kind of expert when it comes to computers spreading Microsoft propaganda I always ask: Are you payed by ms?
"maybe not" 🤣🤣🤣😂😂
Maybe Linux isnt as secure as people think, but ass licking for Microsoft is going to far. Im out. Rather look at more serious security videos.
Sorry this wasn’t your kind of video, but in the vid I was clear that Windows was less secure than Linux. My apologies if I wasn’t clear. I dislike Windows quite a bit.
@@CybersecPat Be assured that you were very clear and pointed out the things that one has to keep in mind very very clearly. Especially updates and using a somewhat modern system (wayland) are important.
@@CybersecPat OMG. Apologize harder, or it seems they (the non-technical Linux fans) might cancel you. Such freedom! :D (By the way, I’m a pro cross-platform dev lead - Linux is one of my target platforms, and it’s literally my job to be confident in Windows, Linux, and to some extent, macOS.)
@@JackLondon-q7n That is unlikely, but ppl who actually know something about computers, knows that the entire first part in the video is complete bs. Automatic updates on linux is very common. Besides, this goes for ANY software, not just the operating system. So if you are working in the field, yes, ms loving corps might get interest in you, but any of the respected security firms will see through this bs.
But by all means, tell me again how great windows is to update ALL SOFTWARE at the same time compared to a linux distro (if you use the distros repos, and even flatpak, snaps etc. in some instances).
Linux is not necessarily more secure than Win/Mac, but it's definitely more private. The most secure OSes are iOS and Android because everything is sandboxed, neither of the desktop OSes are particularly secure.
Actually, browsers are sandboxed on both Windows and macOS (and other applications can also request sandboxing for their subprocesses if needed). However, this is not the case on Linux - unless you know what a "sandbox" is, how to install one, and which implementation is robust enough to be usable, rather than breaking after a few minutes of use and requiring a full system reinstallation.