|
There are isolated problems with current patches, but they are well-known and documented on this site. |
Saw a forum thread by Kirsty. Followed the link to US-CERT and was a bit worried about the very long list of linux-kernel vulnerabilities…
https://www.us-cert.gov/ncas/bulletins/SB17-121
So… as a Windows 7 user slowly but steady working towards a Linux system, how worried (or scared!) should I be?
I’m guessing that your distro of Linux will be patched and secured soon from most of these vulnerabilities. Also, likely the smaller you are, the less at risk you are. (There’s no money in hacking the little guy.)
There’s no way to get perfect security, but you can minimize your risk: Be careful what you click on / open, and which web sites you visit. If you take sensible precautions, and you keep a low profile, you should be fine.
I am a former Windows 7 user who has already moved on to Xubuntu Linux. But I keep W7 around as a dual-boot in case I need it for something I can’t do in Linux.
Saw a forum thread by Kirsty. Followed the link to US-CERT and was a bit worried about the very long list of linux-kernel vulnerabilities… https://www.us-cert.gov/ncas/bulletins/SB17-121 So… as a Windows 7 user slowly but steady working towards a Linux system, how worried (or scared!) should I be?
1. Pls ID Kirsty’s post.
2. More interesting links.
https://www.cvedetails.com/index.php
3. Next Question – How to know and fix those problems.
Linux Vulnerabilities Explained: From Detection to Treatment.
https://linux-audit.com/linux-vulnerabilities-explained-from-detection-to-treatment/
HF
Re: 1 Pls ID post
https://www.askwoody.com/forums/topic/ncas-weekly-vulnerability-summary/
🙂
All computers have vulnerabilities, so there will never be any that are 100% secure.
But there are many different types of vulnerabilities, and some that you see published may not apply to the way that you use a computer. So no need to fear everything that you read.
In the broadest sense, there are two main types of vulnerabilities, the remote access type, and the type that requires an attacker to have access to the computer and local file system (or by proxy, having a user dumb enough to install an exploit locally).
In the Linux world, most of the installed Linux computers are used as web servers, with network ports that are open and exposed to the internet. Most of the security patches issued probably address fixes for the remote access type exploits where the attacker exploits a code vulnerability to compromise a server.
Yyour Linux desktop should not ordinarily have any network ports open to the internet.
For the local exploit types, using good user account administration with strong passwords, running without admin privileges as a normal user, and home folder encryption, prevents a lot of risk. Same as with Windows, if you download and install untrusted code from an unknown source using an elevated admin prompt, the vulnerability is you!
I would think that most desktop Linux users would use a good firewall and not expose their computer network ports to the wild internet, much as a smart Windows desktop user would do. So with good computing and network security practices, frequent security updates, desktop Linux is probably the most secure and private computing platform you could use.
Windows 10 Pro 22H2
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
