Open Up the Source Code to
Lock Down Your Data
B Y J ONATHAN T ERRASI • L INUX I NSIDER • ECT N EWS
N ETWORK
Regular readers probably already know this, but the main consideration that persuaded me to try Linux was
security. With the many devastating breaches and unsettling privacy encroachments revealed in the past few
years, I wanted to take control my digital life.
My journey enriched my digital life in many other ways, some of which I've related in previous columns. In this
installment, I want to pay special attention to that first pivotal step I took by discussing the distinct advantages
Linux provides to the security-minded. Digital security may be a lifelong pursuit, but I hope that by sharing my
experience, I can encourage others to appreciate the basics.
Crowdsourcing Security
Meaningful security is more than an app or an operating system. It's a mindset. While I will highlight some
security tools Linux offers, by themselves they will not make you or anyone more secure. Security requires
trade-offs in convenience, so these tools are not recommended as "daily drivers." Only you can determine your
ideal balance point.
Perhaps the single greatest strength of Linux is that it is one of the few open source operating systems, and
among the most widely developed."But wait," you might ask, "wouldn't releasing the source code make a
system less secure?"
Framing open source software as secure understandably confuses people, but a close look reveals why that is
true. When source code is published online (the defining convention of open source software), it could allow an
attacker to locate weaknesses. However, in practice it allows many more observers to identify and disclose bugs
to the developers for patching.
On the whole, most people who find vulnerabilities want to get them fixed, and presenting the code for anyone
to view allows many more security professionals to participate in the process, making the final product that
much better. It's crowdsourcing applied to digital security.
Because Linux is a whole open source OS, practically every snippet of code running on your hardware is
subjected to this crowdsourced analysis. As such, it is one of the only OSes that has been proven to be
reasonably secure. Because Windows or macOS code is not publicly available, users have to rely on their
developers -- and only those developers -- to catch every error. They also must be trusted never to do anything
malicious on purpose.
16