• kekmacska@lemmy.zip
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    7 hours ago

    for security, use Tails, Qubes, Whonix, or if you want gaming + security, then Bazzite or Garuda

    • UrheaKekkola@sopuli.xyz
      link
      fedilink
      arrow-up
      3
      arrow-down
      5
      ·
      6 hours ago

      You’re confusing security with privacy. While distros you mentioned are great for preventing ISPs and governments from spying on you (privacy), they’re not really any better at preventing hackers from exploiting your vulnerable web server than fedora (security).

      • dan@upvote.au
        link
        fedilink
        arrow-up
        1
        ·
        3 hours ago

        While distros you mentioned are great for preventing ISPs and governments from spying on you (privacy),

        How do they do that?

        • UrheaKekkola@sopuli.xyz
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          2 hours ago

          I’m not really expert in this topic, but as far as I know tails is amnesiac os that forgets everything on reboots for example. Both whonix and tails also routes your traffic through TOR which helps hiding your identity.

          Concerning other mentioned distros and also security wise, this comment explains it lot better than I would: https://lemmy.zip/comment/15305364

      • kekmacska@lemmy.zip
        link
        fedilink
        English
        arrow-up
        9
        ·
        6 hours ago

        no, Qubes, Bazzite, Garuda were made with security in mind. Containerization, selinux enforcing, hash checks, address space layout randomization is also built in. These are all more secure than Fedora. Qubes for example, uses vm containers to completly isolate every app, so the system is almost impossible to compromise by malware or hacking. Bazzite uses immutable root file system, much like stock android. it may not along well with unix philosophies, but there isn’t really a way for a malicious code to run with elevated privilages or to manipulate system files. Garuda automatically creates snapshota from the system, so if it is compromised, it can be rolled back quickly. Snapshots for external devices or cloud are supported as well. It uses zram compression on swap, this helps avoid data leakages to the disk, so makes sure that after a reboot, every session quits, since data from ram can’t leak on the disk. it also uses firejail and chaotic aur sandboxing. There is a smaller support for secure boot too. So these are all highly secure operating systems. And to some degree, privacy and security overlap each other.

        • UrheaKekkola@sopuli.xyz
          link
          fedilink
          arrow-up
          1
          ·
          3 hours ago

          Yeah my bad, you’re right. I got too stuck on tails, which is in my opinion more focused on privacy than security, and ignored everything else.

          • kekmacska@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1
            ·
            46 minutes ago

            Tails in itself is reasonably secure too, but it was mostly designed for use with public computers and forensics, and ofc to conceal network activity that might seem suspicious. And it is a good solution if you need a portable linux, and your android phone is not a good choice for your use case.