A (very) short summary of a few points raised on that page would be:
Linux desktop OSes don’t have proper sandboxing (yes, flatpak is something, but it doesn’t have a robust permission model like others do).
X11 provides zero GUI isolation, so every app can look into what every other app is doing.
Linux (the kernel) is monolithic, meaning all modules and drivers run with the exact same permissions as the kernel itself, whereas MacOS and Windows use hybrid kernels, which segregate some processes to userspace.
Several exploit mitigations found in MacOS/Windows such as Control Flow Integrity, Arbitrary Code Guard, and Code Integrity Guard are scarcely used, not enabled by default, or completely nonexistent.
A valid assertion, you are free to choose how you handle your threat model.
I dislike those at-charge questions. When you look at something, you should look at it in an holistic manner, looking at least at the platform strength and weaknesses.
True, the article is fine but a thread asking all the bad things about Linux isn’t great I was just pointing that out.
I think the biggest security benefits of Linux compared to Windows is that you actually know what you give admin permission to. On Windows you have to click "Ok’ on the popup about wanting to use admin privileges and it’s not even specified what it is for. Since trivial tasks require it, you become used to it and it becomes essentially useless.
AOSP, in particular, seems to have covered all the points you list in your summary. Indications are, Android will be on desktops soon.
Linux is fairly modular, and Android’s (binderized) HAL (hardware abstraction layer) already demonstrated that a “hybrid” architecture is not a limitation imposed by Linux, but by the ecosystem that preceded it.
Apart from the drivers, the major source of concern remains the Kernel & its subsystems, which remain heavily configurable & are predominantly written in a memory unsafe language. Fuschia (also by Google) offers a way out & may yet take hold in Android (though, chances look grim after a decade of getting no where except on Nest devices).
Being fair, I don’t think anyone (including Madaidan) has Android in mind when they say “linux-based operating system” (or any colloquial term referring to them). But yeah, AOSP definitely addresses several security concerns!
Linux anecdotally provides better sandboxing than Windows in my experience. I’m not sure about the statistics, but it definitely feels like there are more Flatpaks proportionally than AppContainers, perhaps because UWP is in no longer in active development, or maybe because Flatpaks have a lot of other benefits (e.g. running on most distros).
The point usually raised about how Flatpaks have invasive permissions is invalid imo because you can very easily change them through CLI (flatpak override) and GUI (Flatseal). For when they’re not suitable, bubblejail exists.
it’s all relative. In android and iOS, the need for strong sandboxing is vital because the users are installing shitty user-hostile apps next to their banking apps by default. In android’s case, google wishes to protect its own access to your data as well as stop bad apps from going to town on your device.
But In the linux context, you might have only one bad app - probably the browser since it is running anything you put through it. Also, there is no google trying to lock your data in for its own purposes. If your other apps are just open source types (gimp, vlc, libre office) installed from a debian repo or whatever, then I’m not sure sandboxing is quite as critical.
There are also some sand boxing methods in linux, and if you wanted to go far with it, you could spin up VMs or containers à la qubes OS.
The reason linux is secure on servers, is that it only runs the minimum of what it has to. ‘Apps’ aren’t the issue - more likely protecting access to RAM from processes and segregating network access.
So if your linux box is basically a browser and a few open source apps, then who really cares about in-depth sandboxing? It’s not like you will be installing spyware that easily on linux anyway and your attack surface is probably very much reduced in comparison to a similar windows machine.
To elaborate:
Open source has no relation to security.
Grub, a core component of most distros, just had 73 security issues posted last month except they didn’t even bother to make a new release forcing distros to each manually pull the fixes in.
To quote the Arch maintainer:
Countless vulnerabilities, but no release management, no maintenance
branch, or whatever.
Grub maintainers aren’t even bothering to blacklist the binaries via the distributed secureboot dbx blocklist.
This time UEFI revocation list (dbx) will not be used and revocation of broken
artifacts will be done with SBAT only.
And many distros take many days to ship browser updates.
So for a start, android is linux and so is ChromeOS. Both incredibly highly secure linux distributions, with sandboxing and locked bootloaders.
That alone shits on all your possible arguments.
Now to be a little more in good faith, you also have less known variants - that run in RAM like TC, amnesic like TAILS or atomics like fedora silver blue… the list goes on and on. Each with their own protections and security that can go above and beyond whatever you have in mind as an alternative.
Sure, maybe your average pedestrian linux distro like ubuntu is not the most secure option. But it is still one of the most private.
And if you want a linux that is more secure, it is pretty simple to find yourself a secure distro that mitigates whatever brain worm problems with grub or otherwise that has you fixated on.
Security on linux is a skill issue. It can be as secure as you want it to be. It could literally be designed to self-destruct if you want to go full psycho with it.
Now if you are upset that it’s not all magically being done for you in the timely manner you want, then you’ll just have to accept whatever slop is given to you.
But then you don’t really have a leg to stand on as far as complaining about it.
I’m not upset at Linux and co.
I’m upset at users, like you, wrongly proclaiming Linux as secure when it isn’t.
I’m not going to fruitlessly continue to argue with you.
Have a good day.
Actually, there is nothing in the OP that says this is about specifically consumer and hobbiest distros.
The title is LINUX-BASED OPERATING SYSTEMS. I put it in caps so you can read it more easily.
Regardless, the existence of android and chromeos prove that linux can be secure on the desktop.
Of course a hackable and open OS such as ubuntu is more accessible. Of course, they’re not rushing to patch grub.
I’m confused if you are being purposefully single-minded about that. If something is designed with an open model. It is going to be more open!?
The main point I am making, is that in most average people’s usecase, that openess doesn’t impact negatively on their threat model. And for those that have the aspirations like you, then it can be made secure with some skill.
Now btw… grub is actually not at all necessary for booting linux. If you really cared about security you might want to use an encrypted bootloader on a separate usb device anyway… if you were really worried, you might even want to hide it inside your bottom.
