@ashwinvis
> FOSS is no guarantee for privacy and security.
I know I'm not the first to say source code under a freedom-respecting license is necessary but not sufficient.
@strypey @ashwinvis There was an interesting presentation at a security conference where the speaker highlighted the shortcomings of the disorganized linux development. Without an oversight authority, & with contributors doing their own thing, linux can't make big strides in security.
@ashwinvis @strypey IIRC, one example he gave was that linux has drivers and things running in system space instead of userland. My memory is patchy on this but i seem to recall that Windows is making big improvements toward getting more things to run in user space with restricted privilege.
@aktivismoEstasMiaLuo @ashwinvis @strypey
There's no good answer here: kernel code offers much better performance but isn't confined as much as userland code. This is precisely why high-performance code such as Wireguard is better implemented in kernel.
Security always comes at a performance penalty - there's actually a recipe on how to speed up your Linux box by turning off all the SPECTRE/MELTDOWN mitigations added over the last years https://make-linux-fast-again.com/
