Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
danieldk a month ago

That assumes that there are never zero days or other unpatched vulnerabilities. You should not trust applications because you have access to the source. Nobody is actively auditing the vast majority of open source code, well except of malicious actors who probably have a handful of remotes in a lot of RSS readers, chat apps, microblogging clients, etc., which they can use to compromise activists and journalist naive enough to trust desktop Linux.

A lot of Android vulnerabilities are bugs in open source parsers of untrusted data (open source as in AOSP or more widely used open source libraries). But the impact is smaller because Android has proper security boundaries. If desktop Linux was as popular as Android -- we would have a security disaster of epic proportions.

realusername a month ago | parent [-]

But in the mean time, I still trust a Linux distribution more than my phone when it comes to my private data.

My Linux distribution doesn't have a built-in advertising id, unknown manufacturer modifications I can't even look at or shady processes which have more power than I do.

I think it's time for the tech community to move beyond just the tech side and understand that security is also a social contract.

0dayz a month ago | parent | next [-]

This is just a pivot though, if you don't have good security then your privacy is worth nothing.

Irony being that Mac OS X is the best at privacy out of the commercial OS out there.

realusername a month ago | parent [-]

In today's world, attacks on your data are much more common than targeted exploits on the kernel so I would put it in opposite order. If there's no privacy then there's no security.

> Irony being that Mac OS X is the best at privacy out of the commercial OS out there.

The bar is very low and OSX is still way below a Linux distribution

danieldk a month ago | parent | prev [-]

Install GrapheneOS on your phone, problem solved? You get all the security sandboxing and layering of Android (plus the Titan M2 secure element). And you can decide which app stores you want to use and if you find sandboxed Google Play Services acceptable.