Linux security right now reminds me of Windows security in the 90s. Attackers are running around networks at scale and people don’t even realise.

I realise that is not new, I was doing it as a teen. Just the needle hasn’t moved much so far. It’s a bit inadvertently this GIF.

Windows world has changed for many reasons - EDR solutions, more focus from boards and InfoSec industry, large scale ransomware etc.

Linux.. it’s everywhere in business nowadays (eg larger than Windows in Azure) but, well, not so much the focus and knowledge.

I should be super clear that I’m not talking Linux (or open source in general) as being insecure. The platform isn’t the problem - I love Linux long time.

It does a ton of things very right, and things like SELinux and AppArmor are *chefs kiss* good.

The problem for me is I’ve seen Linux at real world large enterprise IT, in the trenches - orgs are logging in as root, disabling SELinux etc, not monitoring etc etc.

That’s the 90s element, InfoSec industry needs to help elevate that situation.