You seem to imply that most Journalism wasn't *already* crap.

Words matter. I said the Linux desktop market isn't large enough for hackers to care about. it's literally in the part of my post that you quoted. Heartbleed was a problem for Linux servers, where Linux dominates, with more than 60% of the market. So yes, that's plenty enough for hackers to care, and they have indeed gone after Linux servers. Heartbleed is just one of many. https://www.exploit-db.com/sea...

Mac and Chrome have been mostly left alone because they, like the Linux desktop, have a small share of the market.

Android has certainly not been immune to attacks, though it, like Chrome and iOS, was built from the ground up with security in mind. Windows, Linux, and MacOS were designed and built long before security was a major concern, and security had to be bolted on. That's not easy to do.

I don't think you've worked in IT for a while. IT these days have specific OS update schedules. If they don't, the security guys are onto them about it all the time.

Is that actually true?

Companies that run Linux servers are becoming more vigilant about keeping their servers updated, and I'd guess that commercial server farms are the largest users of Linux servers.

You could be right, I don't know, but it seems doubtful given the current times we're in.

Yep, I agree with all that. I've got another 10 years in my career, so I'll put up with it for a while longer, because it still works for finding jobs. My particular role is hard enough to find, that I can't rely on my own personal connections to find that next opportunity.

I don't think you understand what it means that the CPI is composed 40% of housing costs. This means that if housing costs increased 4x the rate of overall inflation, the rate of overall inflation was skewed *higher* due to the large percentage of the CPI that comes from housing costs. The CPI looks at everything a typical person buys, including housing. (For homeowners, the CPI uses a measure called "owner's equivalent rent" that determines how much rent the person would pay for the equivalent house.)

Your 4x estimate is high. That 1950's house rent of about $40 a month, would equate to about $500 today. Actual rents today for a 1-bedroom apartment is around $1,000 in most cities. So rent has inflated at about 2x that of overall inflation, not 4x. Now, if you're talking about California and New York, sure. But that's not where most people in the US live, and those inflation rates are not due to normal cost of living increases.

The reality is, people today want *much* bigger living spaces than in the 1950s, and they want modern conveniences that didn't exist in the 1950s. Sorry, you can't both want more, and expect to pay the same. That's not how life works. Get a roommate. That's how they did it back then too.

No, nobody separates out security updates from feature updates in this way. Literally nobody. That's because it's too hard to untangle the code changes related to feature updates, from code changes related to security updates. It would be necessary to put every single change behind a feature flag, and track which feature flags each person has chosen. The permutations that would result are insanely complex, nobody, even mega-rich tech giants, can test that many combinations of settings.

The result is, security patches get rolled in to the same code base as feature changes. There is literally no other way. At best, software vendors can track and test a few different flavors, but certainly not every single choice individual users make.

We were talking about Linux desktop, not Linux server.

There are indeed a lot of Linux server exploits. https://www.exploit-db.com/sea...

The CPI "basket of goods" does include Housing (40%) and transportation (16-18%).

So no, you can't just dismiss real wage gains so easily. That clerk at a store in the 1950s made $25-50 per week. After adjusting for inflation, that would be $339-678 per week. Based on home prices in the 1950s, that clerk could have afforded a mortgage on an 800-1,000 square foot house with 1 bathroom and no air conditioning.

Now tell me again how good those clerks had it in the 1950s!

I never said Microsoft had it all together. What I said was that it's a fantasy to assume that Linux is inherently more secure. It tends to have fewer exploits in the wild because hackers, when given a choice between going after 60% of the desktop market, and going after 5% of the desktop market, will nearly always choose the 60% piece of the pie. It's just not profitable enough to go after a tiny sliver of the market.

You keep bringing up this so-called stagnation of wages as if it were a real thing. It is not. Wages, adjusted for inflation have risen consistently over the past 50 years, in every income category: low, middle, and high. We older folks have a tendency to look back at the "good old days" with rose-colored glasses.

And you believe that you personally have sufficient understanding of every patch-note to make a wise determination of whether you need that patch?

Let's suppose you *are* a security expert and know what the patch-note means for your security. The reality is, that patch contains many changes, the patch-note is just a summary, probably more or less as accurate as an AI summary. Unless you inspect the source code diff, you wouldn't actually know everything that is in that patch.

And even if you did inspect the source code diff, security vulnerabilities have a way of hiding in plain sight. Heartbleed is one such example. Nobody saw it for years, even though it was completely within open source code, and affected millions of Linux machines in the wild.

This is a fantasy not substantiated by evidence. Heartbleed--a Linux vulnerability in an open source library--was lying in plain sight for years before some hacker discovered it, and it was exploited in the wild for years before anybody discovered the attack.

My point was, employers can forbid all they want, but that doesn't stop employees for talking.

Your experience is not an indication of a good practice. Linux is somewhat sheltered because of its low adoption as a desktop operating system. If Linux had a 60% market share like Windows, you can bet hackers would be all over it, finding all kinds of ways to attack.