All of this is moot if essential services like government or banking require root of trust attestation that is only available on windows. New chips already have Microsoft's pluton core.
Which is why Linux distros should be investing heavily in security now so they can prove to manufacturers / Microsoft / the government that they are secure (compared to other consumer operating systems) to avoid a future like that.
Linux distros should not have to prove anything to Microsoft for any reason. It's a major failure that our governments ever let a major operating system vendor get into a position where they can gatekeep other operating systems.
It's pretty hard to compete with open source plus byte-reproducible builds for anyone serious about security. Not only is MS neither of those, it's also the premier malware target and a voracious surveillance instrument on its own.
Open source doesn't necessarily imply it is secure. Security isn't free and open source projects can struggle funding such development.
>byte-reproducible builds
This is mostly a party trick. Meanwhile the system is one curl | sh away from having all its cookies stolen, files cryptolocked, mic spied on, keylogger installed, clipboard sniffed, etc. Reproducible builds can't save you from insecure design which my comment was referring to investing in fixing and is what this patch being highlighted in the article is doing.
>it's also the premier malware target
Having a large market share is why. If Linux overnight gained a ton of marketshare the malware situation would be worse than windows.
That's true if your definition of security is "I hope we found all the vulns" from the 1990s. Today we expect defense in depth and Linux is behind Windows in sandboxing, VBS, etc.
Moderation can't scale over populations around the world with entirely different attitudes and behaviors. Enforcing a global moderation consensus is about as effective as the UN.
The United States is certainly not solely responsible for the demolition of all of the factories of Europe. Sure, they played a majority role in the bombing of Germany, Czechoslovakia, occupied France, and Italy, but that is not the full picture and you know it. The British bombed, the Germans bombed, the Soviets bombed, and massive ground campaigns carried on by all of the above with the profligate use of artillery didn’t help either.
Again, sometimes you are unlucky, wrong place at the wrong time. If we replaced pilots with full autonomy, and people died from edge cases/tail risk events, would we bring back pilots? There is no way to get to zero risk. Derisk when you can, accept the remaining risk.
I agree. I think it speaks to the trend to attempt to find technological or bureaucratic solutions to what are fundamentally social problems. More of these problems will crop up as society shifts from high trust to low trust.
