Linux

48165 readers

1172 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Linux (In)security - Article arguing that Linux isn't as secure as people claim. Thoughts? (madaidans-insecurities.github.io)

submitted 3 years ago by MarcellusDrum@lemmy.ml to c/linux@lemmy.ml

33 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] KLISHDFSDF@lemmy.ml 9 points 3 years ago* (last edited 3 years ago) (1 children)

Another thing to point out is that he states how the Linux kernel has hundreds of vulnerabilities found compared to other OS's. Well yeah, Linux is open source and literally any researcher/security expert can read the code to find bugs. Good luck trying to do the same with Windows or MacOS.

Lastly, most Linux distros are "complete" in the sense that you generally (or at least for the majority) don't have to install much software outside of whats already in your distribution's repos; you're not having to google/download sketchy apps, so this threat model of rogue apps trying to hack/steal your data is minimal, if not non-existent.

The real problem is those systems (Windows, MacOS, iOS, Android) all have an app store where a ton of developers are trying to make money off of you in any way possible by stealing your data/invading your privacy, so they had to build a permission system because you can't trust those random people. You can generally trust your Linux distro to not package malware and can safely install any app that's available.

Edit: I should add, its still a good writeup. I think he makes some good points and it would be great to see Linux improve in some areas, even if the problem doesn't really exist as much as it does for the more commercially backed operating systems.

[–] Lunacy@lemmy.ml -5 points 3 years ago (2 children)

Good luck trying to do the same with Windows or MacOS.

When it comes to find bug, vulnerabilities, audit etc. closed source is not so different from open source, people can actually reverse engineering closed source software, that's why Windows 10, for instance, has malware. If I recall correctly, reverse engineering is used even for open source software because its more easy to understand how the code work.

[–] ninchuka@lemmy.ml 4 points 3 years ago* (last edited 3 years ago) (1 children)

how the fuck is reverse engineered code easier to read then the source which anyone can see?? that makes no sense what so ever

[–] Lunacy@lemmy.ml 1 points 3 years ago* (last edited 3 years ago)

Hi. Can you please be more nice in the future? I don't see any reasons to be rude. Maybe I'm wrong, I'm open to discussion, but your point doesn't prove anything in my opinion.

In software design, reverse engineering enables the developer or programmer to add new features to the existing software with or without knowing the source code. Different techniques are used to incorporate new features into the existing software.

Reverse engineering is also very beneficial in software testing, as most of the virus programmers don’t leave behind instructions on how they wrote the code, what they have set out to accomplish etc. Reverse engineering helps the testers to study the virus and other malware code. The field of software testing, while very extensive, is also interesting and requires vast experience to study and analyze virus code.

The third category where reverse engineering is widely used is in software security. Reverse engineering techniques are used to make sure that the system does not have any major vulnerabilities and security flaws. The main purpose of reverse engineering is to make the system robust so as to protect it from spywares and hackers. Infact, this can be taken a step forward to Ethical hacking, whereby you try to hack your own system to identify vulnerabilities.

https://blog.udemy.com/reverse-engineering-tutorial/

Beyond that, there are different articles about this topic, including,

Reverse engineering is a process that hackers use to figure out a program’s components and functionalities in order to find vulnerabilities in the program. You recover the original software design by analyzing the code or binary of the program, in order to hack it more effectively.

https://medium.com/swlh/intro-to-reverse-engineering-45b38370384

After a while, I decided a write a short blog post about Linux binary reversing CTFs in general.

https://osandamalith.com/2019/02/11/linux-reverse-engineering-ctfs-for-beginners/

During a past job interview, I was tasked to reverse four linux binaries of increasing difficulties as proof of my ability into the reverse engineering field.

https://blog.kartone.ninja/2019/03/25/when-a-reverse-me-ctf-binary-makes-you-loose-that-job/