Let's not pretend that Linux is invulnerable to the class of exploits that make this kind of malware possible [1]. Windows isn't a target because it's vulnerable (all software is vulnerable). Windows is targeted because it's widely used. If the majority of systems were using Linux, malware authors would simply adapt to write malware targeting Linux instead.
This is false, and spreads FUD. It does a great disservice to those who do meticulously maintain their systems, to those who sacrifice convenience and beauty for stability and security, to those who take the time to scrutinize other people's work. It is possible to build and deploy secure software.
Linux dominates the datacenter; we are a high value target, and have been for quite some time now.
I mean secure as in, when the last of that product line's devices have retired or died of old age, there have been no successful exploits against that product.
Critical devices should either be simple, or they should run open source firmware. If governments had required the ability to audit the IC designs that go into medical, military and national infrastructure equipment, then we would now have open source ICs.
I am seeing an incredible resistance to this idea of increasing the situational awareness and capabilities of the people who provision and maintain large deployments. Perhaps it is too soon to propose solutions. Perhaps, today, we should just express solidarity with the victims, and try to warn operators of unaffected, but vulnerable systems to temporarily take them offline.
My apologies to those that I have offended. As a software developer who has struggled for years to articulate the need for transparency and simplicity in our systems, I feel very frustrated right now.
By simplifying the design, until your team can verify its security without throwing up their arms in frustration at the mere prospect. When people's lives are on the line, security is more important than features or convenience.
What you're describing is formal verification. While I agree with what you're saying, I'm not sure if you're just understating the the complexity of formally verifying systems or if you're implying that "being really careful and doing your due diligence" is practically invulnerable.
I had a feeling I might get called out on that... I meant that for all practical purposes, all software is theoretically vulnerable. Of course verifiable computing is a thing, but wildly impractical for most applications.
Meticulously maintained is not even close to being invulnerable. Everyone would like to say they meticulously maintain the projects they work on, but it would be incredibly arrogant to say that you couldn't conceive of ever unintentionally introducing a vulnerability.
Imagine if your next surgeon had this sort of attitude about the cleanliness of her tools, the operating theater, and her staff's equipment. Cleaning is hard, maintaining cleanliness is hard, and pathogens evolve in amazingly clever ways. Perhaps, it will always be possible to propose a theoretical flaw in the procedure.
This is no reason to give up though! It is no excuse for not following best practices, consistently! That is malpractice, when done by a doctor! And their field is at least as complex as our own.
I don't know why you think I'm advocating that attitude. I'm not disagreeing that open source is a good thing for security. I'm just saying it's not the silver bullet that some people are claiming it to be.
I would be equally concerned if my surgeon said "I already know the best possible techniques for surgery. No point in investigating further or exploring better methods."
[1] https://nvd.nist.gov/vuln/detail/CVE-2016-7117