Fair point but Linux is inherently safe either? The local library here has client PCs running Ubuntu 16.04 lts… my point being that IT infrastructure is only ever as secure as the amount of continuous effort you put into securing it. Linux doesn’t solve that.
I’m not the best person to explain, but they’re distros with a read-only root filesystem. In some implementations, any changes, like installing a new package, or upgrading a version, can be interpreted as migrating a system from a state to another. This can mitigate some security risks and make machines easier to maintain.
Fair point but Linux is inherently safe either? The local library here has client PCs running Ubuntu 16.04 lts… my point being that IT infrastructure is only ever as secure as the amount of continuous effort you put into securing it. Linux doesn’t solve that.
Perhaps this will change drastically with immutable distros
What is immutable distros?
I’m not the best person to explain, but they’re distros with a read-only root filesystem. In some implementations, any changes, like installing a new package, or upgrading a version, can be interpreted as migrating a system from a state to another. This can mitigate some security risks and make machines easier to maintain.
In more technical terms, it’s an image-based VCS system with an immutable root filesystem.
Check fedora atomic builds. They explain it very well.
It’s not that it’s inherently safe, but that Microsoft is inherently not.