Hacker News new | past | comments | ask | show | jobs | submit login

> they can't change my system files, but they can literally buy an entire new PC with my money

This is a problem that's fixable with additional security additions, but only if you haven't granted everyone root access.

You can set up ssh with appropriate privileges and chown private keys so that they require a password to access. You can run certain programs like games as unprivileged users without full access to your $HOME directory. You can start using Flatpak and Wayland. Unless you have a Spectre/Meltdown vulnerability, in which case most of that is pointless.

I don't understand the mentality that says, "my system is broadly insecure, so I'd better make it impossible to secure." I mention this elsewhere[0], but a big part of getting to a secure Linux system is patching the holes we can right now.

[0]: https://news.ycombinator.com/item?id=22833614




Yeah but I will do none of those things. So why also make my system slow on top of insecure?

Broadly, my security profile is "if a remote user can execute code on my system, I have already as lost as hard as it's possible to lose."




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: