My apologies if this is the wrong place to ask this.
I’ve been reading around online about keeping software secure, and I’ve been puzzled by something for a while now. I’m not sure if this is a stupid question or not.
Generally, when I see online conversation about Linux vulnerabilities, I often see people detailing the how big the attack surface of the Linux kernel itself is due to its’ monolithic kernel; I saw a blog post about this very thing linked somewhere here on Lemmy recently. I also see folks glamoring about how the BSD ‘spinoffs’ (?) all have much better fundamental approaches to security, and they get compared to Linux quite often as ‘the superior platform’ due to things like the non-monolithic kernel and BSD Jails. Hell, one of the main self-touted benefits of the BSDs is that there is significant effort placed on discovering vulnerabilities.
Could someone knowledgeable tell me why desktop Linux has seemed to be ‘chosen’ in comparison to something like FreeBSD or OpenBSD? I don’t see any open-source forks of a BSD spinoff (only proprietary ones like what runs on the PS5), nor do I see anyone talking about using them for desktop computing purposes. Is there a fundamental challenge too great to overcome right now with using something like FreeBSD as a desktop OS, or has there simply not been enough volunteer manpower to throw at it, and Linux already has that problem, in comparison, solved? It shocks me that the adoption is so low, especially considering the reportedly amazing binary compatibility with most existing Linux software.
Honestly when Linux was becoming popular (moreso than minix anyway) the future of BSD UNIX was uncertain because of active lawsuits by SCO UNIX.
https://en.wikipedia.org/wiki/SCO_Group,_Inc._v._International_Business_Machines_Corp.
It was in such a bad state that lots of businesses were paralyzed and the future looked pretty bad for BSD overall. Usage was dropping and Linux was just hitting the scene. Linus Torvalds even stated that if he had heard of FreeBSD, he would have not had to make the Linux kernel.
https://news.ycombinator.com/item?id=8641073
I was a sys admin and used FreeBSD for years and even ran it on the desktop until I tried Ubuntu and Debian shortly thereafter. The hardware support for laptops and GPU support for desktops were non existent in BSD, but Debian was easy to install and was much better at gaming.
Today I use a combo of Debian in servers and cachyos on my laptop and gaming computer. Linux and UNIX are vastly different in how they are implemented for security. Imagine two glasses, both 8 oz. One is titled usability and the other titled security. You have only 8 oz of water to divide among them.
UNIX Is all about security. Even though you can pour a little into usability to make it do what you need to do, you’ll have to custom compile kernels and add tons of pkgs to make it more usable and that affects security. Each pkg is potentially a security issue.
Linux wants to install on all the things, so tons of kernel modules are installed and gobs of software come by default. Most of their water stays on the usability glass because they don’t want you to struggle. They want it to just work right out of the box.
Because of this, BSD will always lag behind in usability, and Linux will always be more liberal about security. Just my 2 cents, take it fwiw
And one is the dumpster fire that is Windows 11.
I feel like these security arguments are overblown. Linux is still pretty damn secure, and the Linux community is still tough on fixing security bugs.
Would you rather be using a UNIX-based secure OS, or Windows update-and-crash 11?
I don’t use UNIX any more, I use Linux. I don’t see what windows 11 has to do with the security focus of UNIX vs Linux. Can you help me understand more clearly what you’re asking?