I'm just tired. On the last post about having Linux at our work, many people that seems to be an IT worker said there have been several issues with Linux that was not easy to manipulate or control like they do with Windows, but I think they just are lazy to find out ways to provide this support. Because Google forces all their workers to use Linux, and they have pretty much control on their OS as any other Windows system.
Linux is a valid system that can be used for work, just as many other companies do.
So my point is, the excuse of "Linux is not ready for workplaces" could be just a lack of knowledge of the IT team and/or a lack of intention to provide to developers the right tools to work.
Yes, they're targeted attacks. That's the point. That's what you will be facing when putting Linux in your workplace. The main threat for workplaces will be targeted attacks.
So saying that putting Linux in your workplace because it has no viruses is irresponsible. Or at the very least it's lying by omission.
The text in the post's image literally says "just set it and forget it".
I think I get it now. You're using the word 'virus' as a synonym for an attack on computers. I'm using the word in the sense of a computer program that replicates on it's own and in practice also spreads and does some kind of damage. I get why we cannot agree. But the distinction has vastly different implications.
I read that quote in the context it was written in. And I'd partly agree. If you're talking with someone who has a small/moderately sized company and they're thinking about renewing their Sophos subscription. Hot-glue the USB-ports and protect their samba-share against being encrypted by some ransomware... You can't lump in highly targeted attacks on the top 5 companies in the world and every hypothetical scenario. Without any regards of statistical likelihood... If you want to condense it into a simple truth (which I think was the main point of that post), it's: There are no Linux viruses. And there probably won't be.
I think this is technically false. But practically true in the context it was written. And for most people anyways. If you want to talk about cybersecurity as a whole, your webserver and 150 PCs for your employers, I wouldn't recommend paying a 14 yo $50 to set it up Linux and fire and forget.
I agree. “just set it and forget it” is just bad, bad advice. I think I know where that comes from. I've seen >10 years old RHEL servers that hadn't been touched for quite some time. And a ridiculous hundreds and hundreds of days of uptime. They're kind of “just set it and forget it”... But... You gotta do it right. Do updates. Have it set up properly and with security in mind. Put in the effort. Lock it down. Don't expose them to the internet. Pay for longterm support and someone backporting patches and have them installed automatically etc.... You can't do it with any other OS (except for BSD and some specialized stuff). But you can't say “set it and forget it”. I agree. That's more than misleading. It's just false.