In 2016, Linux happily turned 25 years old. It started as a project for students and is everywhere: from smartphones, supercomputers, web servers and cloud boxes, even in the latest smart cars.
Even the exception, the end user, moves to Linux if you think Android is today the most popular mobile device. In addition, Chromebooks are becoming more and more popular.
Even traditional Linux desktops such as Arch, Debian, Fedora, openSUSE, MintAnd Ubuntu they seem to be gaining ground. Of course, the Linux desktop market share is still very small compared to other operating systems, although Linux users have always been.
On the other hand, almost all web pages and too many Software-as-a-Service (SaaS) run on with this particular operating system.
Even Microsoft is reportedly making a penetration of the penguin, since the year we passed it became an official member Linux Foundation.
So, with everything that happens last, why worry?
Because now every hacker who is really a hacker and not just a script-kiddie can hit Linux as an open source, chasing vulnerabilities.
Open-source community leader Eric S. Raymond pointed out years ago in Linus's Law, that: "having enough eyes bugs will not exist" in a free translation of "Given enough eyeballs all bugs are shallow ”. This is one of the basic concepts that made open source functional to have the success it has today as it strengthens open source software.
But it works only if there are enough eyes looking for bugs to correct the code. The estimates of the number of errors per thousand lines of code (KLOC) ranges from 15 to 50 errors per KLOC and to three if the code has been checked and tested very strictly. The Linux kernel alone today comes with over 16 million lines of code. Account λογαριασ.
2016 and we have seen two big Linux security flaws to be skipped before they are fixed. These voids were in LUKS disk encryption and Dirty Cow, one problem in Linux memory. There were other less important Linux bugs in 2016, but to the developers' credit, these problems were fixed almost as soon as they appeared.
In fixing problems in its code, Linux has broken all records, and the support provided is far superior and far more immediate than that of Apple, Microsoft, or any other vendor. software closed source.
But let's make the bills:
There are at least 3.000 bugs that need to be discovered and fixed…
There are, of course, leading Linux security developers who are responsible for hunting these bugs. There are instructions on how to report errors when you find them. But there are never enough developers to fix even the reported bugs.
One of the leaders of Linux Jon "Maddog" Hall noticed a few years ago:
"Some people argue that Free Software has unlimited resources but every product or project is limited in resources one way or another. The number of people who can work in free software is limited to the people who have the ability, time and willingness to contribute. ”
When he wrote that in 2009, that many users of the operating system are also developers, it may have been but this is no longer the case. Yes, many developers use the operating system, but there are hundreds of millions of "users" who could not tell the difference between Java and JavaScript, let alone fix an error.
At the same time, hackers are more motivated than ever to break open source operating systems. Irish developer Donncha O'Cearbhaill, who recently revealed two bugs in the Ubuntu desktop Reported, that they made him an offer of $ 10.000 from a malware company.
"These financial incentives only increase when software becomes more secure and bugs are harder to detect," he said.
As you can see from above, the popular open source operating system has gained great power. And because great power is also a big responsibility, developers will have to take over to maintain its security.
The idea of publication came from ZDNet and the article by Steven J. Vaughan-Nichols
