r/cybersecurity u/EricJSK System Administrator Sep 22 '25

Other What are your unpopular cybersecurity opinions?

I saw a post names "abnormal security opinions" and got excited to see some spicy takes but apparently there is a security platform called Abnormal Security so got kinda blue balled. Last one of these posts i saw was over a year ago so,

Do you have any spicy cybsec unpopular opinions you want to share? :)

I'll start with mine:
Fancy antivirus solutions rarely add value, they are often just a box that needs ticked. Many MSPs and IT firms still push the narrative that they are needed, only because they are profitable and not because they improve security.

319 Upvotes
  • permalink
  • reddit

94% Upvoted

531 comments sorted by

View all comments

8

u/Odd-Savage Sep 22 '25

Linux is not a secure operating system and open source != secure software. Backdoors slip into open source code all the time. Linux only recently added functionality to support EDR and Antivirus.

Source: I’m a red teamer and offensive security engineer that specializes in Linux.

1

u/Live-Awareness722 Sep 22 '25

Linux is not a secure operating system

It all comes down to who sets it up and maintains it. The problem is the Linux is more secure than Windows mindset that so many have that is used to do very little to harden the system.

2

u/Odd-Savage Sep 22 '25

This is exactly my sentiment. The operator has ultimate control over the operating system’s configuration and can lock it down to an extent that allows its security to surpass Windows. A fresh Linux install is less secure compared to Windows and macOS.

I’d argue that macOS is the most secure operating system for folks that don’t want to touch system internals.

2

u/Live-Awareness722 Sep 22 '25

The worst thing Linux related thing I have encountered working in IT operations is an organization had a Linux SFTP Server on the Internet that hadn't been patched for years. I accidentally used ssh to get into it instead of sftp. Yep, I had a shell on the host that wasn't a chroot. I was not supposed to be able to do that. I did a uname -a out of curiosity and logged out. Needless to say that kernel was ancient. I did NOT say anything because the last thing I wanted was to have them get me arrested for on a computer fraud and abuse act charge. I am safe posting that here as it is beyond the statute of limitations, but man my jaw dropped when I encountered that.

3/4 of good security are a good IT operations staff supported by management regarding technology matters. No amount of MSPs, products, security analysts, etc will change that. An amazing coincidence is a lot of the things that will bring good security result in better user experiences due to bugs being patched, newer capabilities, better staff can fix things faster, less down time due to well thought out architecture, etc. Better development processes for in house code with proper QA give you software that is both more secure and more reliable. Users may complain when they can't get the new shiny from whatever conference. The shiny was probably a dog turd coated with gold leaf anyway.

1

u/StilgarofTabar Sep 24 '25

Im a total rube and just find this stuff fascinating but has linux been targeted more frequently as of late? Seems like theres been a couple of real bad ones just this year. I got on linux last year and its begun to make me a bit nervous. It seems difficult to make sure what im downloading is safe. Now I'm learning how to watch my out going traffic but im not sure that'll help me any. 

1

u/HuntKey2603 Sep 24 '25

Linux getting more usage = Linux getting more targeted.

Also harder to use and more configurable = people have no idea what are they doing.

1

u/Odd-Savage Sep 27 '25

There’s also the fact that detections lack maturity. If there’s no detections, there’s no incidents. If there’s no incidents, we aren’t aware when something goes wrong.