cross-posted from: https://piefed.world/c/uncommon/p/1089778/linux-is-actually-very-vulnerable-to-exploits-and-it-s-showing-with-high-value-vulnerabi
I hate when people keep repeating the myth that Linux is more secure than X OS without any understanding of how much Linux gets exploited.
On the other hand, FreeBSD rarely suffers from wide security issues.
Overall, I don’t think anyone should repeat the myth that Linux is secure.
And at least if they gonna recommend Linux, they better recommend a good distro with SeLinux, hardened kernel and hardened OS.
My response to the other person kind of explains some of the things I do to keep my devices secure. As for what it means to me: being able to control everything to be able to define level of access. I try to treat every device on my network as though it’s already compromised. How can I block the scope of the devices from spreading on the network? How can I limit the scope of damage for what’s available on the compromised device to a minimum? Heavy firewall configurations help limit the devices spread to. Encrypting private data such as contracts, government docs, etc into their own containers or partitions helps limit leaks. Alerts and dashboards on unexpected changes of any devices allows me to react quickly, of automation hasn’t already reacted for me.
You’re right in the fact I’m not going to look at millions of lines of code for many tools and such I use. It doesn’t mean I don’t look though. Being given the option to look at what I’m running is always better to me than not having it, in my opinion