2016, Linux has 25 XNUMX life-saving. It began as a project for students and is everywhere: from smartphones, supercomputers, web servers and cloud boxes to the latest smart cars.
Even the exception, the end user, moves to Linux if you think Android is today the most popular mobile device. In addition, Chromebooks are becoming more and more popular.
Even traditional Linux desktops such as Arch, Debian, Fedora, openSUSE, MintAnd Ubuntu they seem to be gaining ground. Of course, the Linux desktop market share is still very small compared to other operating systems, although Linux users have always been.
On the other hand, almost all web pages and too many Software-as-a-Service (SaaS) run on with this particular operating system.
Even Microsoft is reportedly making a penetration of the penguin, since the year we passed it became an official member Linux Foundation.
So, with everything that happens last, why worry?
Because now every hacker who is really a hacker and not just a script-kiddie can hit Linux as an open source, chasing vulnerabilities.
The leader of the open-source community Eric S. Raymond pointed out years ago in Linus's Law, that: "having enough eyes the bugs will not exist" in a free translation of "Given enough eyeballs all bugs are shallow ”. This is one of the basic concepts that made open source functional to have the success it has today as it strengthens open source software.
But it works only if there are enough eyes looking for bugs to correct the code. The estimates of the number of errors per thousand lines of code (KLOC) ranges from 15 to 50 errors per KLOC and to three if the code has been checked and tested very strictly. The Linux kernel alone today comes with over 16 million lines of code. Account λογαριασ.
2016 and we have seen two big Linux security flaws to be skipped before they are fixed. These voids were in LUKS disk encryption and Dirty Cow, a problem in Linux memory. There were also other minor bugs in Linux, 2016, but in honor of the developers, these problems were repaired almost as soon as they appeared.
In fixing code problems, Linux has broken all records, and the support provided is far superior and much more direct than that of Apple, Microsoft, or any other provider of closed source software.
But let's make the bills:
There are at least 3.000 bugs that need to be discovered and fixed…
There are, of course, leading Linux security developers who are responsible for hunting these bugs. There are instructions on how to report errors when you find them. But there are never enough developers to fix even the reported bugs.
One of the leaders of Linux Jon "Maddog" Hall noticed a few years ago:
"Some people argue that Free Software has unlimited resources but every product or project is limited in resources one way or another. The number of people who can work in free software is limited to the people who have the ability, time and willingness to contribute. ”
When he wrote that in 2009, that many users of the operating system are also developers, it may have been but this is no longer the case. Yes, many developers use the operating system, but there are hundreds of millions of "users" who could not tell the difference between Java and JavaScript, let alone fix an error.
At the same time, hackers are more motivated than ever to crack open source operating systems. Irish developer Donncha O'Cearbhaill, who recently revealed two bugs on the Ubuntu desktop Reported, that they made him an offer of $ 10.000 from a malware company.
"These financial incentives only increase when software becomes more secure and bugs are harder to detect," he said.
As you can see from above, the popular open source operating system has gained great power. And because great power is also a big responsibility, developers will have to take over to maintain its security.
The idea of publication came from ZDNet and the article by Steven J. Vaughan-Nichols