[l24ztj]

I'd say desktop Linux is more insecure than Windows, and the only reason we don't see malware is that nobody uses it. So if high profile targets, like energy companies, started using Linux on the desktop, it may end up being worse than Windows.

[ejstronge]

> I'd say desktop Linux is more insecure than Windows, and the only reason we don't see malware is that nobody uses it. So if high profile targets, like energy companies, started using Linux on the desktop, it may end up being worse than Windows.

What's the basis for your assertion?

At the level of systems we're discussing, a Windows installation would be operated by experienced Windows administrator. Thus the appropriate comparison group for Linux would be something like a university-run supercomputing cluster. We don't often hear of these being taken over for ransom.

[l24ztj]

I said desktop, not server.

I don't have any basis, just what I expect. Windows has been fuzzed and reverse engineered to the moon and back. Desktop Linux? I doubt it.

[penagwin]

You do know that "desktop linux" and "server linux" are the same thing, just with different default programs and configuration styles?

I'd agree that yes, distros meant for desktop usage have less secure defaults, but that's not necessarily to say they're "less secure" if you understand how you're using them.

[l24ztj]

No, they are not the same thing in their USE, which is exactly the point I'm making.

I trust nginx, sshd, postgres, postfix, etc. much more than I trust the gnome file manager, evince, dbus, pulse.

For every exploit that nginx currently has, there probably are a thousand lurking in gnome's file roller.

[SmellyGeekBoy]

But Gnome runs as the currently logged in user, right? So the worst damage it can do would be to files that that user has write permissions on (ie, not system files).

Unless your entirely hypothetical scenario involves privilege escalation vulnerabilities, which I'll admit aren't unheard of in Linux but are fairly rare and usually patched within hours when they are discovered.

[daeken]

This is the case with the vast majority of Windows malware as well. System files aren't important; sure, you need them to run the system, but it's not like you can't reinstall. The issue is damage to user-owned files, no matter which OS you're talking about.

[saalweachter]

Don't spit into the wind, don't tug on Superman's cape, don't rely on no LEP existing.

[l24ztj]

Once again, we're talking about DESKTOP Linux here.

https://xkcd.com/1200/

[Data_Junkie]

Haha, that's funny.