I have a few questions (and within those questions, a great many sub-questions) about the recommended Linux distributions.
Preface:
I’m pretty familiar with Linux at this point, my current main OS is Fedora and I’m also familiar with Debian-based distros through Linux Mint. My threat model usually involves avoiding being identifiable/trackable on/by Wi-Fi networks at all costs, and similarly, avoiding being tracked/identified by websites and other internet parties.
For my first question…
The only distro currently recommended for people new to Linux is Fedora. Why aren’t others recommended for people new to Linux?
– Arch is self-evident of course
– OpenSUSE I presume is just a bit more complex and less beginner-friendly by nature than Fedora?
– Atomic distros are a different thing entirely and I’m never sure what the pros and cons of them are anyway… I’ll probably ask about them in a different post at some point, unless anyone wants to inform me here.
– Qubes OS and Whonix I understand the decision simply because of how … different they are…?
But then there’s Kicksecure? I can’t find many reasons why it wouldn’t be beginner-friendly, but I think it’s likely I just… haven’t found those reasons
What makes Kicksecure less beginner-fiendly than Fedora?
(Additionally, as a side-note, I saw some old-ish stuff about Daniel Micay saying Kicksecure does nothing good enough to make Debian decently secure. I presume that this is just [standard (as in standard for him) bullsh*t] and nothing to worry about? Is this how I should treat other similar Daniel Micay comments?)
For my second question…
Are there any downsides to just going straight to using Qubes OS from where I am now?
And additionally,
Are there any downsides to using Whonix as a main Qube / Qube OS? (configured w/ VPN as such)
In Privacy Guides’ Tor Overview, there are a number of risks listed with both the Tor browser, and Tor exit nodes. (link)
Additionally, Tor browser is the only browser Privacy Guides recommends for using Tor.
How does Whonix fit in to all of this?
I assume it is unsuitable/impractical to use Whonix for all internet stuff, or as a main Qube / Qube OS?
For my third question…
What is the ideal configuration for avoiding being tracked/identified across multiple connections to the same or different Wi-Fi networks?
My checklist is currently the following:
– MAC Randomization
This seems to be one of the main methods that can be used to identify devices as such.
– VPN w/ Kill switch
– OS that’s safe privsec-wise and respects/supports the above list items (preferably automatically, or especially well?..)
Does this effectively cover any/all grounds?
Is there any other information leaking that needs to be seen to?
(Also, how do Tor and Whonix’s implementation of Tor fit in here?)
Additionally, how can I avoid leaking MAC/IP when first setting up an operating system?
MAC randomization seems to be enabled for networks by default on Android and GrapheneOS, but not on Fedora?
What is the state of this on Qubes OS?
How must MAC randomization be configured on Qubes OS to prevent leaks?
And, does it require any configuration, or is Qubes OS configured by default to have little/no risk of MAC leaks?
Additionally, a connection must be briefly unprotected during the process of signing in to a VPN — can this be prevented? (The only thing I’ve found is Windscribe VPN’s emergency connection feature, but I have no idea if that stops leaks, as it wont work while Windscribe’s kill switch is active)
Sorry for so many concurrent questions, hope this reads okay.
I will try to reply to replies as soon as possible, but I’m quite busy at the moment.