this post was submitted on 19 Jul 2024
1130 points (96.8% liked)

linuxmemes

21014 readers
555 users here now

Hint: :q!

Sister communities:

Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
    • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
    • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

    • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS
    poopsmith
    zephyr
    rtxn
    1130
    IT Department's Plan (i.imgur.com)
    submitted 3 months ago by [email protected] to c/linuxmemes
    114 comments fedilink hide all child comments
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] Brkdncr 7 points 3 months ago (1 children)

    MS’s built-in security platform is top tier also. Some companies like alternative products.

    [–] [email protected] 10 points 3 months ago* (last edited 3 months ago) (2 children)

    There is nothing Microsoft I would consider "top tier" when it comes to security.

    Defender does a great job for many AV tasks. Crowdstrike does more, and protection isn't tied to windows updates.

    This isn't a situation where companies just chose not to use the free item, the free item has other costs (management overhead) and is missing some features.

    The best answer, of course, is to not use windows for anything that needs to be secure.

    Edit: For those who think I'm wrong, cool. I'm not but you are welcome to disagree.

    There is a difference between the free defender and paid for defender. If you're a home user, check out defenderui.com to get (many, not all) features that are normally limited to intune/gpo.

    A full and proper deployed defender stack is very good, but in terms of management.... The approach to different os's is practically cobbled together, the webui is horrific, and it lacks some basic functionality. A problem to manage a system like this is a problem to deploy a system like this.

    If you're on the free Defender level, you are not getting anywhere near the same features as falcon, there is absolutely zero question about that.

    [–] [email protected] 4 points 3 months ago (1 children)

    The best answer, of course, is to not use windows for anything that needs to be secure.

    Edit: For those who think I'm wrong, cool. I'm not but you are welcome to disagree.

    • Linux admins here: Quiet nods and knowing looks.
    • Windows admins here: quiet awkward glances at each other to see if anyone wants to defend MS today.
    • Mac admins here: quiet awkward glances to see if anyone feels like this was any better than a coin toss chance of happening just to Macs, today, instead.
    [–] [email protected] 6 points 3 months ago

    Theoretically, this could hit Linux too. You could run a Linux kernel mod containing closed source stuff from a third party vendor which causes the system to kernel panic. The difference is really cultural. Linux admins would howl at that kind of setup, whereas for Windows it's more standard.

    [–] [email protected] 3 points 3 months ago (1 children)

    There is nothing Microsoft I would consider "top tier" when it comes to security.

    Counterpoint: Xbox consoles. They just stick everything inside of VMs a la QubesOS

    [–] [email protected] 2 points 3 months ago* (last edited 3 months ago) (1 children)

    I'll be totally candid, I have no idea what version of Xbox is current these days.

    But didn't they have a CVE a few months ago they previously claimed wasn't an issue?

    Edit: Found it. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28916

    [–] [email protected] 4 points 3 months ago (1 children)

    Seems like that's a Windows issue and not Xbox. There was a recently released kernel exploit for Xbox, but it's sandboxed to the SystemOS.

    If you want to pwn the Xbox OS entirely, you would need a hypervisor escape exploit, which is very difficult to accomplish.

    [–] [email protected] 3 points 3 months ago (1 children)

    That's gaming services, so I guess it's windows only then, you're right. Like I said, no idea regarding anything about current consoles for me. Haven't played on a console since the 360.

    [–] [email protected] 1 points 3 months ago* (last edited 3 months ago) (1 children)

    Are you familiar with QubesOS? It has a similar security model to the Xbox consoles.

    Basically, the host OS only exists to run VMs, which includes separate VMs for networking, USB devices, applications, etc. With QubesOS, you can also pass through something like a GPU for use in a dedicated gaming VM (although you can do that on any Linux distro).

    [–] [email protected] 2 points 3 months ago

    Plenty familiar with qubes, just not familiar with any current consoles.