Re: Torvalds Slams Theoretical Security

On 10/24/24 2:53 PM, Lester Thorpe wrote:

On Wed, 23 Oct 2024 03:07:15 -0400, 186282@ud0s4.net wrote:
 

>
    Yes, you can go totally overboard on "security",
    and, mostly, it won't do much good. Paranoia can
    push this to extremes where you can barely use
    the system/apps (think Vista) - and I think that's
    what Linus is concerned with.
>

 You should read the comments in the Phoronix link.
 Several posters indicate that there is a vast difference
between security that is relevant for a public-facing
server and for a desktop workstation.  Furthermore, the
posters claim, most GNU/Linux distros are configured
for public-facing servers only.

   I'd kinda argue that even yer biz desktop PCs are
   now "public-facing". There's probably a router
   in there somewhere, but the Greater Connectivity
   push kinda requires most desktops to be VERY
   connected. Most biz do not have the IQ/$$$ to
   look at, and mitigate, *everything*. Response
   is 99% reactive, not pro-active.

This is totally ridiculous.  As I already stated, there
should be a split between servers and workstations.
But there is not, and unless one "rolls ones own" then
one is stuck with a security-laden and crippled distro.

   As said, I think the line between 'servers' and
   'workstations' has blurred significantly and will
   blur even more. The 'cloud' push puts most of the
   data/access out of YOUR hands too. Yea, yea, you
   can claim it's not YOUR fault, but .....
   And then at least half the probs will be 'human
   engineering' related too ... no software fixes.
   Go ahead, fire the typical clueless worker, the
   damage will already be done and you'll just have
   to hire another clueless worker.