• Natanox
    link
    fedilink
    English
    271 day ago

    I don’t know where you got the notion from that Linux as a whole uses this concept, but it’s nonsense. There’s exactly one place where this definition fits, which is the GRUB bootloader encryption (which merely shifts the target for the Evil Maid attack from the initramfs to GRUB). But this is already adressed with Verified Boot.

    Nothing else, let it be LUKS, PAM, SELinux, AppArmor or whatever has any business with STO.

    • @DarkCloud@lemmy.world
      link
      fedilink
      English
      -28
      edit-2
      1 day ago

      From the fact it used to have to smallest user base of the big three. Less users = less probability of a nefarious person.

      It’s really not that difficult a concept. I’m surprised people here are asking what it is.

      • Helix 🧬
        link
        fedilink
        English
        1123 hours ago

        You confused “obscurity” as in a synonym for low popularity with the word “obscurity” as in people not knowing how it works and people deliberately hiding the inner workings of a system.

        Everyone using Linux can know how it works, that’s the opposite of obscurity in the sense it is used within “security by obscurity”.

        Apart from that, Linux is very popular, just not on the Desktop. It is therefore not obscure in the sense of popularity either, at least the components which are hit by the bug mentioned in the article.

        • @notfromhere@lemmy.ml
          link
          fedilink
          English
          48 hours ago

          Thanks for pointing out the actually definition of security by obscurity. Popularity has nothing to do with it.

      • Natanox
        link
        fedilink
        English
        221 day ago

        That doesn’t make any sense as argument no matter how you spin it. Linux is the dominant system for servers for decades now, and a Debian Desktop is quite literally the same as Debian on a server except it also got a GUI of your choice slapped on top. There’s absolutely nothing obscure about it, neither did anyone from the kernel team (Linux), FSF (GNU utils) nor IBM / Red Hat (systemd & honestly way too much other stuff) etc. ever design something around STO. That’s a domain firmly situated in proprietary code since for FOSS it doesn’t make sense to begin with. The false errand of GRUB is the sole exception, well known and solved.

        The desktop market share says absolutely nothing about what you’re trying to argue. Now if you were to argue that Linux is lacking in terms of desktop software isolation then you’d have a point, things like Flatpak still are addressing lots of issues. But to say “Linux” approaches security with obscurity is total nonsense.