Hacker Neue

Preferences
wkat4242 parent
I don't think a mega corp having full access to my phone while me not having that is very "secure". Sure it's pretty ok against third parties but in my threat model Google and Apple are also adversaries. Microsoft too by the way.

In my model my Linux pc is a lot more secure as there's no adversary having direct access and more control than me.

gf000
Privacy != Security

We shouldn't be happy with the state of security on Linux, while simultaneously enjoying its privacy benefits.

wkat4242 OP
For me privacy = security.

If a company has access to my data without my -completely voluntary- consent, that's a security breach.

gf000
That makes no sense. Equality is commutative and security is most certainly not privacy. There are certain areas where a decision may help in case of both (e.g. simply not storing unnecessary data will decrease the scope of a real vulnerability), but that's not even remotely the same thing.
charcircuit
By this definition no operating system Google releases will be secure to you. I think it would be a more productive discussion if you could argue about security ignoring that you have to trust the person who wrote your operating system or designed your cpu.
bandrami
The point of open source is I don't have to trust the person who wrote it
_carbyau_
You don't have to. Which is good!

But in practical terms there is a lot of trusting of someone/their-code going on. Unless you are reading/understanding it all.

I trust linux more than windows. But I've never read a line of it...

ivell
I think their point is that the source being open keeps the developers more honest. Of course there have been supply chain attacks in open source, but that is more probable to be found out than closed source ones. In short, auditability improves security.
wkat4242 OP
The thing is, there's always someone who does read it or inspect changes. It will surface soon enough if untoward things are happening.
_carbyau_
And that is what is being trusted.

Not "the code is readable therefore trustable".

More "the code is readable, therefore I trust multiple someones, somewhere will read it or has read it and if they have a concern they will voice it".

Is it the greatest thing to trust? No, but like a lot of things in life, it's the best of the practical options.

omnifischer
It works well for you.. but for average person. No.

As a 20 year old linux user, I do often use ChromeOS or ChromeOSflex. Just works. Beautiful UI. No more pain with webcam or wifi drivers - Yes, these have improved by still one has the pain of dropped packets (realtek wifi) etc. guaranteed 10 hour battery life.

With ChromeOS I just get 4 or 5 second - update - immutable OS. Fedora Silverblue is coming up but still not there.

ulrikrasmussen
Congrats, you are trading freedom for some convenience.
raw_anon_1111
Do you personally go through every line of source code for your Linux distribution?
zrm
That's not the relevant part. The relevant part is, if you find it's doing something you don't want it to be doing, can you read and modify the code that does that?
izacus
So you're not.
wkat4242 OP
No but many people do. Try getting something by Linus and his kernel team lol. Good luck!
raw_anon_1111
There have been many long live security issues that have been in popular open source software - including Linux
wkat4242 OP
Yes sure but not intentional ones.
raw_anon_1111
Actually sometimes it is intentional.

https://www.theguardian.com/commentisfree/2024/apr/06/xz-uti...

That’s just one we know about it.

ajvs
Do you do that for Android?

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal