Linux community isn't in a reasonable position to criticise Microsoft on security. Mainstream distributions are much worse off than Windows.
A good Linux distro, or even a mediocre distro with competent admin to remove crap packages, is not vulnerable to remote attacks.
-
-
Can't agree with that at all. Even if you ignore all of userspace, the Linux kernel has plenty of RCE bugs and very weak defences there.
-
Userspace brings a whole lot more, and it has significantly weaker defences that Windows and more of a memory unsafe language culture.
-
On a normal server your only network-facing userspace is sshd and an httpd or similar. Good luck finding RCE there.
-
You aren't arguing against what was actually stated.
-
You're arguing that security on Linux servers is Good Enough already which we don't agree with at all but it wasn't the original topic.
-
Wanted to talk about desktop Linux vs desktop Windows, not mobile, not servers and not state of security independent from that comparison.
End of conversation
New conversation -
-
-
PIE, ASLR, etc. are mainly important to harden crappy user sw processing malicious input, not stuff like sshd, nginx, etc.
-
nginx has loads of memory corruption bugs. sshd has them too. OpenSSH has sandboxing and uses memory corruption mitigations for a reason.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.