this post was submitted on 04 Feb 2022
1 points (100.0% liked)

Security

5014 readers
4 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS
 

I find people who agree with me for the wrong reasons to be more problematic than people who simply disagree with me. After writing a lot about why free software is important, I needed to clarify that there are good and bad reasons for supporting it.

You can audit the security of proprietary software quite thoroughly; source code isn't a necessary or sufficient precondition for a particular software implementation to be considered secure.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 2 years ago* (last edited 2 years ago) (1 children)

He is a security grifter that recommends Windows and MacOS over Linux for some twisted security purposes.

Windows Enterprise and macOS are ahead of Linux's exploit mitigations. Madaidan wasn't claiming that Windows and macOS are the right OSes for you, or that Linux is too insecure for it to be a good fit for your threat model; he was only claiming that Windows and macOS have stronger defenses available.

QubesOS would definitely give Windows and macOS a run for their money, if you use it correctly. Ultimately, Fuchsia is probably going to eat their lunch security-wise; its capabilities system is incredibly well done and its controls over dynamic code execution put it even ahead of Android. I'd be interested in seeing Zircon- or Fuchsia-based distros in the future.

When it comes to privacy: I fully agree that the default settings of Windows, macOS, Chrome, and others are really bad. And I don't think "but it's configurable" excuses them: https://pleroma.envs.net/notice/AB6w0HTyU9KiUX7dsu

I think you have gotten influenced by madaidan’s grift because you use a lot of closed source tools and want to justify it to yourself as safe.

Here's an exhaustive list of the proprietary software on my machine:

  • Microcode
  • Intel subsystems for my processor (ME, AMT is disabled. My next CPU hopefully won't be x86_64 because the research I did on ME and AMD Secure Technology gave me nightmares).
  • Non-executable firmware
  • Patent-encumbered media codecs with open-source implementations (AVC/H.264, HEVC/H.265). This should be FLOSS but algorithms are patented; commercial use and distribution can be subject to royalties.
  • Web apps I'm required to use and would rather avoid (e.g. the web version of Zoom for school).
  • Some Nintendo 3DS games I play in a FLOSS emulator (Citra). Sandboxed, ofc.

That's it. I don't even have proprietary drivers. I'm strongly against proprietary software on ideological grounds. If you want to know more about my setup, I've made my dotfiles available.