• 0 Posts
  • 12 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle

  • You described a problem you have with an OS you use, which I fix every day at work. No Linux, just Windows. It is the most normal thing, that drivers might not work or the Hardware is faulty. We often have to change something, try different things and you don’t need Linux to tinker around, the Windows environment offers enough opportunity to do so. And your problem sounds like a driver problem or maybe faulty hardware. It has nothing to do with Linux.

    You definitely don’t work in IT, otherwise you wouldn’t mentioned printing. Printers are evil beings itself and these fuckers don’t care wich OS you use, they just don’t want to work properly. Hardware supports depends on the kernel. That’s normal, Windows 7 also doesn’t support newest hardware. There is still nothing specific Linux. Regarding UI: KDE Neon is great, try it.

    Yeah, Windows has problems. But those arise more typically for advanced users (and that’s including Windows 11 being more and more broken over time).

    Would this be true, I probably would need to change my profession.

    But until the more boring stuff gets worked out, it’ll still be hard for it to be used more commonly, and thus harder for it to get more funding and usage as well.

    Because of your ethernet problem? I understand that you are mad for the problems you have now, but I wouldn’t use your experience with the ethernet NIC as a basis for the question how good all Linux distributions are usuable for everyday work.

    Idk, maybe it’s just Debian based distros these days and I’m behind in the curve. Fedora based ones like Bazzite haven’t given me issues so far at least.

    Look, drivers get updated or introduced in newer Linux kernels. You could decide which distribution you want to use depending on the kernel. amdgpu got fucked up since a specific release and my RX580 won’t work if it loads, so I am still using an older kernel. In Windows the drivers crashes often sadly. You need to look how well a specific hardware works and then decide which kernel you should use. We always do this on work with Windows and it is really needed, because manufactures sometimes don’t really care about there drivers and compatibility with newer Windows 10 versions or Windows 11.

    This is probably also the reason why you got downvoted so much, because you describe a generic, OS independent problem and then you blame Linux kernel for it and all Linux distributions, while you are using a specific distribution named Linux Mint. If you replace Linux with Window in your rant, it would be the same way wrong. But I hope that your problem gets fixed. You are free to describe your problem in specific communities, they probably might find a solution with you together.



  • Every bugfix is a CVE. Even if it is maybe not a security problem in first place, but it might be one in the kernel context, so everything is a CVE. Also other CVEs from other applications, open source or not, doesn’t have to mean that much. You have to see those database quite critical. Especially if you need very esoteric, almost magical methods to exploit.

    When the people of the Linux Kernel started flooding them, because every bug is a security problem, those Database providers were and are very happy. It makes good money, those data is seller from other providers to companies. And now you really have to use their service, because the kernel have soooooooo many security problems! It is not like developers or security teams are happy about this shit. But if the senior leaders insist on use those CVEs, you don’t have any choice. And it is not that unusual, that it is not needed to address them.

    The Linux Kernel can provide and provides more security when you use them. It is the decision of the distribution if they want to enable selinux or apparmor, enable kernel options, which make your system more hardened with memory encryption, page poison or kernel lock down and and and. Since this is only the kernel, the userland can provide more features, which some distributions also enables.

    The way you can elevate applications and define special rights for the usage of devices or OS functions, is incomparable to standard Windows. Would only user, group and rwx exist, they wouldn’t be any lxc, podman, docker or whatever today. Windows does not the same now. Windows does it different and can’t do some things regarding elevation of rights and their restriction by design.


  • Linux Kernel provides more security techniques than Windows indeed, but they need to be used. To point out CVEs is kind of stupid. The Linux kernel never commited any entries to the CVE database for years, they started since February 2024 doing so, because they gave up on their opposition. They warned, if they do this now, the databases will get flooded with CVEs. Because in the kernel context, every bug counts as a security problem, if you look at it from the right perspective. This is a difference to Windows CVEs.

    Of course this is great for those CVEs database providers because they now can sell their stuff happily.

    What you need are not CVE entries for the Linux Kernel, but the latest supported Linux Kernel installed.

    And srsly: Antivirus is snake oil. Using software with Administrator rights in Windows or even Linux, which parses every file, is fucking dangerous. It is usable on a mailserver, where the antivirus process is containerised or virtualized.

    And what is the point with firewalls I read here? The most distros have firewalls enabled. When were they not there? Iptables was always there and I had to configure it, so I could allow or disallow incoming traffic. I almost never had to install it manually.

    Edit:

    Regarding CVEs, here the what Linux CNA tells:

    Note, due to the layer at which the Linux kernel is in a system, almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed. Because of this, the CVE assignment team is overly cautious and assign CVE numbers to any bugfix that they identify. This explains the seemingly large number of CVEs that are issued by the Linux kernel team.

    Source

    Any bugfix is a CVE


  • I did it few times between 2008 and 2010 when I was way younger. Idk how I did it, but after two times I was used to it and learned also a lot. Today I don’t have the nerves to install arch without archinstall or anarchy. The wiki helped me a lot. The wiki gives an excellent guide to install arch and to set up everything you need. It is well written enough, that no deep Linux knowledge is needed

    The archlinux wiki is great for everything. I used it when I had Fedora, Debian or sometimes if I used OpenBSD.