Linux has been exposed as the least secure Operating System around…sometimes not finding vulnerabilities for 12 Years.

Windows 10 isn’t the most vulnerable operating system – it’s actually Linux:

An analysis of the National Institute of Standards and Technology’s National Vulnerability Database, compiled by Thebestvpn.com, tracked ‘technical vulnerabilities’ in popular pieces of software between 1999 and 2019.

And Debian, a flavor of Linux, was top of the table with 3,067 vulnerabilities over the last two decades. Reasonably close behind was Android on 2,563 vulnerabilities, with the Linux kernel in third place having racked up a count of 2,357. Apple’s macOS was only slightly behind that with 2,212, with Ubuntu in fifth place on 2,007.

Vulnerability Alerts

Products with most Vulnerabilities from 1999 – 2019

Trouble With Your Operating System?

Linux (In)security

Remember, Windows 10 ‘n Windows 11 have over 1.4 *BILLION* worldwide users compared to less than 5 million worldwide Linux users (a year ago was about 4 million Linux users so there could be even less now wid the emergence of Chromebook’s Chrome OS).

Linux being secure is a common misconception in the security and privacy realm. Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features.

As my *Linux Security Issues* page shows, Linux has been lacking in security for a long long time, but in recent years it has been exposed as having a Linux Kernel is a “code mess”, ‘Stale Open Source Code’, continually seeks help from Microsoft – #1#2#3, ‘Threat Groups *ATTACK* daily with ease!’, etcetera etcetera etcetera.

Overall, other operating systems have a much stronger focus on security and have made many innovations in defensive security technologies, whereas Linux has fallen far behind.

Flatpak aims to sandbox applications, but its sandboxing is very flawed. It fully trusts the applications and allows them to specify their own policy.

3. Kernel

The Linux kernel itself is also extremely lacking in security. It is a monolithic kernel, which means that it contains a colossal amount of code all within the most privileged part of the operating system and has no isolation between internal components whatsoever. The kernel has huge attack surface and is constantly adding new and dangerous features. It encompasses hundreds of subsystems, tens of thousands of configuration options and millions of lines of code. The Linux kernel’s size grows exponentially across each release, and it can be thought of as equivalent to running all user space code as root in PID 1, if not even more dangerous.

Another example of these features is user namespaces. User namespaces allow unprivileged users to interact with lots of kernel code that is normally reserved for the root user. It adds a massive amount of networking, mount, etc. functionality as new attack surface. It has also been the cause of numerous privilege escalation vulnerabilities which is why many distributions, such as Debian, had started to restrict access to this functionality by default, although most distributions eventually dropped these patches in favour of usability. The endless stream of vulnerabilities arising from this feature shows no sign of stopping either, even after years since its introduction.

4. The Nonexistent Boundary of Root

On ordinary Linux desktops, a compromised non-root user account with access to sudo is equal to full root compromise, as there are an abundance of ways for an attacker to retrieve the sudo password. Usually, the standard user is part of the “sudo” or “wheel” group which makes a sudo password security theatre.

Read that entire article for full info ‘n other Security Researchers’ Views on Linux.

Conclusion

Anyone telling you that Linux is more secure than Windows 10 or Windows 11 is either lying, doesn’t know what they are talking about, is a Linux Troll, etcetera etcetera etcetera.

Will add this post to the *Linux Security Issues* page

LINUX IS LIKE A BOX OF CHOCOLATES – you never know what you’re gonna get!