Looks like ‘Chromebook‘ (my new Chromebook) is getting ready to replace all my Linux Distros as my #1 ‘Companion Platform’ to Windows 10 Pro. Still early into those tests, but Chromebooks offer full security ‘n a *TOTAL* package of both software ‘n hardware.
To be clear, I am not referring to Linux in the Developer ‘n IT specialist areas, but just when it comes to the actual “Desktop/Laptop” OS.
The Developers ‘n IT specialists ‘n etc. have their hands full with the never ending malware hacks ‘n attacks happening daily to Linux & Open Source Software.
Linux has never been an actual Desktop OS, even after 30 years of mediocre attempts at making it one. Total lack of security, i.e. beyond annoying “Authenticate” popups or other ‘Pesky Passwords’, there just isn’t any security around Linux “Desktop OS” and/or Open Source Software in general.
I have documented a small percentage of the *Linux Security Issues* facing Linux & Open Source Software here, but it never ends – *AND* – in fact, those security issues ‘n failures are growing more each year.
snip…Open source software is now the foundation for the vast majority of applications across all industries. But many of those industries are struggling to manage open source risk.
snip…Researchers analyzed more than 1,500 commercial codebases and found that open source security, license compliance, and maintenance issues are pervasive in every industry sector. The report highlights trends in open source usage within commercial applications and provides insights to help commercial and open source developers better understand the interconnected software ecosystem.
snip…The Synopsys report details the pervasive risks posed by unmanaged open source code. These risks range from security vulnerabilities, to outdated or abandoned components, to license compliance issues.
- Note my “New Series:” section on the *Linux Security Issues* page where I followed the story of two University of Minnesota students who conducted tests on the vulnerabilities surrounding even the Linux Kernel – On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits.
snip…Open source risk trends identified in the 2021 OSSRA report reveal that outdated open source components in commercial software is the norm. A hefty 85 percent of the codebases contained open source dependencies that were more than four years out-of-date.
snip…The prevalence of open source vulnerabilities is trending in the wrong direction, according to researchers. In 2020, the percentage of codebases containing vulnerable open source components rose to 84 percent, a nine percent increase from 2019.
Similarly, the percentage of codebases containing high-risk vulnerabilities jumped from 49 percent to 60 percent. Several of the top 10 open source vulnerabilities found in codebases in 2019 reappeared in the 2020 audits with significant percentage increases.
snip…”But open source management has not yet caught up with open source use. Many development teams are still using manual processes like spreadsheets to track open source. There is now much too much open source to track without automating the process,” he added.
The entire Linux Leadership Community – which *INCLUDES* The Linux Foundation, The Linux Kernel Organization, The Linux Kernel Archives, Greg Kroah-Hartman (the Linux kernel maintainer), Linus Benedict Torvalds, etcetera etcetera etcetera – are to blame for these many security issues.
LINUX IS LIKE A BOX OF CHOCOLATES – you never know what you’re gonna get!