Bonum Certa Men Certa

Nearly 40 Years Without Security Incidents

posted by Roy Schestowitz on Nov 03, 2024

Wires

LATER THIS week (on Thursday) this site turns 18 and we've already bought some party kits for the sister site's 21st anniversary. Next year the combined age - the age of both sites - will be 40. Over the years the sites ran Gentoo, Debian, CentOS, and Alpine.

In all this time we've never suffered a breach (security incidents) and since upgrading to Debian 12 we've hardly had to endure DDOS attacks. Aside from increased capacity owing to static pages replacing WordPress, Drupal, and MediaWiki, there are also some firewalling mechanisms that obstruct abusive bots and botnets.

Speaking for myself, I never ever had security incidents on my desktops/laptops. In my childhood, way back in the DOS days, there would be the occasional "rogue" floppy disk with a virus on it, but that predates the Web and viruses could not pass from one computer to another wirelessly or over a network cable (which most homes did not have at the time). As this predated hard-drives (for most people), a virus would be hard to transmit from one program to another (except RAM) and many boiled down to pranks, not ransom, extensive data loss, or permanently damaged hardware.

People who use Windows have come to sort of "accept" that security incidents are part of life or "normal". Disaster is always "imminent" and "unavoidable" (inevitable). At my last employer we saw clients' systems suffering security incidents (reasons varied), as did the last university I worked for. GNU/Linux isn't invulnerable to 'Windowsheads' assigned to manage it. Yes, a common pattern was neglect and mismanagement; misconfiguration was one symptom. One client put JBoss on Windows. Yes, Windows!! All the other machines (back end) ran GNU/Linux. This boiled down to an old technician (in his 60s) who used Microsoft for everything, even for his E-mail!

People who know how to run GNU/Linux (and not just reboot any time something goes wrong) can use it safely for many years. In my case, my two primary laptops have already had a combined uptime of 700+ days. And yes, those are safe. The world-facing (e.g. over SSH) machine is fully patched and was last rebooted (for a new kernel) about a week ago. It runs Debian 12.

The Microsoft-funded (e.g. by "ads") media likes to claim that "Linux" is not secure, but it often boils down to GPL violations or appliances/servers running Linux (or other key packages) that's years out of date while connected to the Net, sometimes needlessly. Not every machine needs to be accessible by anyone on the Net; or facilitate printing by every/any random IP address, even from North Korea.

3 years ago Dr. Andy Farnell said that "We Can't Teach Cybersecurity" in today's universities. He explained that real security practices are verboten or ridiculed, whereas snake-oil and charlatans take their place. Revisit what he wrote this past summer about "Clown Computing". This issue isn't limited to Microsoft, even if Microsoft remains the "worst of breed".

Other Recent Techrights' Posts

Legal Letters Are Not Postcards
It seems like intimidation, nothing more
European Patent Office (EPO) Strikes Persist, EPO Management Tries to Give False Impression of "Happy Staff"
EPO is trying to broadcast to the world a totally phony image of itself
The End of FOSSPost (fosspost.org), It Has become an LLM Slopfarm Like FOSSLinux
These sites will never get lucky with slop. These experiments always end badly.
 
Government Bailouts Won't be Enough to Save IBM
Bailouts from taxpayers in the US
Links 23/05/2026: Social Media Bans and Demise of Userbase of LLM Chatbots
Links for the day
SLAPP Censorship - Part 85 Out of 200: The United Kingdom's Rating for Press Freedom Has Improved, But We Can Do Even Better
we see the US at #64
Sites Realise That Becoming More Active by Using Bots (LLM Slop) is Self-Destructive
We'll soon (maybe next year) also show that some of the 85+ KG of legal papers sent our way are computer-generated garbage, which might run afoul of some rules
Gemini Links 23/05/2026: Patience, LLM Chatbts Being Bad, and Unexpected Computer Surgery
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 22, 2026
IRC logs for Friday, May 22, 2026
Links 22/05/2026: Ebola Crisis and Samsung Averts a Walkout With Big Bonuses
Links for the day
Links 22/05/2026: Inflation Fears and Thailand Tightens Visa Rules for Tourists From Dozens of Nations
Links for the day
EPO Staff Representation Speaks of This Week's Discussion With the EPO's Budget and Finance Committee (BFC) Amid Mass Strikes
The Central Staff Committee's outline (prepared in a rush) or the "flash report"
SLAPP Censorship - Part 84 Out of 200: New Legislation Against SLAPPs on the Way (After We Reached Out to Ministers)
They dealt with the matter individually too, but we won't share this in public, at least not at this time
The Corrupt Lecture the Non-Corrupt - Part XXX - Where Was "The Ethics and Compliance Team" When the Family of EPO President Campinos Was Caught Doing Cocaine?
It remains to be seen if national delegates will tolerate this in future meetings
Gemini Links 22/05/2026: Esperanto Music History, Suspicious Adoption of Signal, and Unauthorised LLM Slop in Code
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 21, 2026
IRC logs for Thursday, May 21, 2026
Links 21/05/2026: "Declining America" and Why Slop 'Code' is Made to Fail
Links for the day
Techrights and Tux Machines Subjected to Cyberattacks for Several Weeks
In the past I spoke to the cybercrime unit of British Police. Maybe it's time to do so again.
The Register MS Has Become a 'Content' Farm Promoting Slop for Hostile Corporations
Now they call it "PARTNER CONTENT" - not "SPONSORED" - as if semantics make the difference
Latest Example of Widespread Fake Assertions (False News) About "Hey Hi"
The false narrative of "Hey Hi layoffs"
Links 21/05/2026: Facebook Rewarded With Tax Breaks to Destroy the Environment and Cause Global Warming, Shortages, Pollution; SpaceX (SPCX) Continues Losing Billions of Dollars
Links for the day
Codecs and Software Patents - Part VIII - GNU Audio/Video Team Has Chosen the AV1 Video Codec and It Explains Why (They've Researched Their Options)
AV1 video codec will be used to encode and share GNU videos online
Dr. Stallman Helps Establish Free Software Advocacy Outside the Free Software Foundation (FSF) as Well
The ideals or principles of Free Software needn't be centralised or monopolised; they can be federated
22 Years of Tux Machines and a Community Stronger Than Ever Before
We've already received some feedback from the community and improved it accordingly
Microsoft Under Investigation for Breaches of Law in the UK
Just like the Microsofters
More Microsoft Layoffs on the Way (June and July 2026)
with or without PIPs
LWN Sponsored by the Linux Foundation (Monopolies)
We must be able to casually point this out
The Corrupt Lecture the Non-Corrupt - Part XXIX - European Patent Office (EPO) Tells Staff "Speaking up" is Good, But Not When the "Brother-in-law" of EPO's President Does Cocaine
Do we still have a functioning democracy and potent press?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 20, 2026
IRC logs for Wednesday, May 20, 2026
Gemini Links 21/05/2026: Immigration, Slop, and Slop 'Code' Suggestions Infesting Code Repositories
Links for the dayGemini Links 21/05/2026: Immigration, Slop, and Slop 'Code' Suggestions Infesting Code Repositories