Linux

9948 readers

268 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

177

I ditched Linux for Windows 11 for one week - and found 9 big problems (www.zdnet.com)

submitted 4 days ago* (last edited 4 days ago) by tomenzgg@midwest.social to c/linux@programming.dev

139 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] quick_snail@feddit.nl 2 points 3 days ago (1 children)

AV is a joke. Best thing is ephemerality. No persistence

[–] fruitycoder@sh.itjust.works 6 points 3 days ago (2 children)

Immutable, ephemerable, granularly permissioned, and encrypt EVERYTHING to enforce said permissions.

1000x better than software signature hunting

[–] quick_snail@feddit.nl 3 points 3 days ago (2 children)

You lost me at the encryption part. How does encrypting enforce permissions?

[–] fruitycoder@sh.itjust.works 2 points 3 days ago

Enforces confidentiality and integrity.

Encryption on transports protects from man in the middle and sniffing. At rest protects evil maid exploits, which for these systems is more about preventing malicious software being swapped in place of trusted software.

The same applies to encryption of links like pcie and memory with the time of transport and rest changing.

[–] rumba@lemmy.zip 2 points 3 days ago (1 children)

It's all fun and games until some asshole slips something into your trusted package manager.

Exploits are the deal pain

[–] fruitycoder@sh.itjust.works 1 points 2 days ago

Yep SLSA is more than just a trusted end point. Package signatures, reproducible builds, SBOMs, signed commits and more!