• Synapse@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    ·
    1 year ago

    Some time ago all the tech “news” headlines where “Linux is less secure than Windows, look at all the CVEs open !”, well yes Linux has tones more CVE reported because anyone can audit the code, bugs are discovered and reported, people are informed and can put mitigations in place, unlike with Windows…

    • jayandp@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      14
      ·
      1 year ago

      Also, statistically, a lot of Linux users are more technically minded and capable of identifying and reporting issues. This will naturally lead to higher reporting numbers, skewing stats.

      • Synapse@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        Linux users are participants. We choose purposely this OS, proactively download, install and configure it on our computers, we chose it because it’s FOSS, and we are happy to report bugs because we have the hope it will eventually get fixed for our own benefit. We all know that Linux strives because we are few (or not so few) to care about our OS and any help counts even if it’s just reporting a bug. This mindset extends to the whole FOSS ecosystem and even some proprietary SW like games ! Because we want those games to run well on Linux and therefore report bugs to developers. And this is why I love Linux and FOSS so much. It’s wonderful :)

    • Narann@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      The other thing is companies care about CVEs as they use Linux to run their critical infrastructures.

      • Synapse@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        I am sure companies care about CVEs in Windows and other proprietary SW as well. They can only wish they get found, disclosed and fixed.

        • Narann@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Of course they do, but their are not big in number and market share. Maybe « Almost all world wide deployed critical infrastructures runs on Linux » is a better statement.