So, It’s just okay to use debian I guess. If it feels right for me.
I am unsure about it. It’s more of focused for a Whistleblower like stuff when I see it.
So, It’s just okay to use debian I guess. If it feels right for me.
I am unsure about it. It’s more of focused for a Whistleblower like stuff when I see it.
Yeah. Use Debian if that’s where you are most comfortable. Just set a policy to do updates in reasonable time and if it were me, I would install applications via Flatpak and further deny all apps that don’t need :home or other similar sensitive permissions with Flatseal. There’s not a good guide to do this so it’s very much trial and error but it is a very effective way to sandbox apps.
Actually, that’s what I have been planning to do too. Kicksecure seems good but using XFCE and doesn’t seem to provide other DE’s as an option. So, I doubt, I would use it.
It’s not about features, it’s about security and other bug fixes.
Security is not a product to consume, features however are.
I am considering OpenSUSE slowroll. So, I get the latest but also with a gap. Instead of dumping updates, it’s the closest I could have.
So, Tumbleweed users are always on the latest whereas Slowroll (essentially tumbleweed under the hood) will release updates as required after testing not instantly.
Have you looked into other apps like https://motrix.app/ seems a lot modern. If you want a popular option which is also open source and works great, you can use JDownloader.org - Official Homepage but I really hate everything about it other than software, in their main installer (not the one I linked) they add an adware, and how their source code requires you to install an IDE to view it.
https://abdownloadmanager.com/ - This satisfies my need. They will provide RPM package in the future - This is a very recent project.
I tried motrix, Browser integration not good, aria2 - messes up.
The more I dive into Linux security, the more I stop caring about fixing it, because it is such a mess, which you can’t fix in a reasonable time and effort as an end user. The main problem is a lack of proper security model and security boundaries around applications. But as long as the threat landscape is the way it is now on Linux and you stick to official repos, I think it’s unlikely that you will have severe security incidents, even if you choose Debian. Is it the best choice for security? No. But it fits your requirements.
I dunno for sure if this will happen. But I need to test Debian and also SUSE to figure it out.
Linux is great but at the sametime, it’s a huge mess.
So, It’s just okay to use debian I guess. If it feels right for me.
It’s getting there though. Shouldn’t AppArmor + Bubblejail + A secure display server fix most issues? PulseAudio is still an issue but other than that, I can’t think of anything else that is a major concern.
major concern.
the part where we have ~12 years worth of awesome compile time hardening features capable of mitigating entire bug classes that no major Linux distro has bothered to ship
Hmm, could you share which ones? I currently have this in CFLAGS
CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fexceptions \
-Wp,-D_FORTIFY_SOURCE=3 -Wformat -Werror=format-security \
-fstack-clash-protection -fcf-protection \
-fno-omit-frame-pointer -mno-omit-leaf-frame-pointer \
-flto -fvisibility=hidden -fsanitize=cfi" # Clang
I think the first 4 lines are a default in makepkg.conf (unless I added and forgot about it)
@ikelatomig
Maybe you can have a look at Spirallinux:
Maybe it fits your needs
Try Peppermint OS
I don’t think I will ever find a debian based distro as I desire. Debian seemed good, when I tried it in a VM. But yeah, it’s super stable with almost no updates when I installed the latest one. It’s good for people that doesn’t turn on system or senior citizens.
Only thing I don’t get is Plasma 6. Which I might need to wait for sometime. Because of which I can’t switch.
OpenSUSE is another thing I considered because of it’s slowroll option. But it is still in experimental phase and YaST, it’s very odd. So, I decided to settle on Fedora and just put things that work the way I want. One thing I liked about OpenSUSE is their software update which I found out in dnfdragora
as GUI. So, I guess I am all good as of now.
Using debian in distrobox, in case if it’s needed.
It looks good in the paper, but in reality, you would be better off with Tumbleweed.
For instance, when Tumbleweed’s update broke Intel WiFi card recently, it was fixed in a few days.
Since the issue was known and fixed on Tumbleweed, it shouldn’t happen on Slowroll, right? Nope. It happened on Slowroll as well
I don’t think it’s ready for prime time yet, at least, it’s not currently doing what it’s supposed to do very well.
It’s kind of a hard nut to crack. I am settling in fedora as I said. But I sure will swap things out at a later point of time. I just hope macOS was Open-source, it has a great ecosystem and unified UI.
Hey Guys, What do you think about ParrotOS, it uses Debian Testing out of the box with Tor only problem is, it uses MATE as its desktop environment.
If not siduction ?