Debian Privacy Issues

jerm · November 7, 2024, 8:30pm

https://wiki.debian.org/PrivacyIssues

Issue categories

logging & verbose logging

homephoning without user consent

cleartext

TLS

featurebug: when a bug is also a feature

privacy defaults

optin

optout

traceability

no deletion of config files when uninstalling a package

data leakage

software names and version numbers

Lukas · November 7, 2024, 8:31pm

This is nothing compared to Debian security and usability issues caused by outdated packages, etc.

lurkeroy99245 · November 8, 2024, 1:07am

Most of these issues can be reconfigured or disabled entirely. Debian is one of the best distros available. Certainly the best for newbies leaving Microsoft. It’s far better than the stuff I see people normally recommending, like Ubuntu or Mint. Just don’t agree to the popularity data collection, it’s off by default (unless they’ve recently changed this). You can disable crash reports by disabling apport. You can use tools like logrotate or just limit the amount of information logged in the first place. I don’t know really why someone would say they couldn’t delete their config files when removing packages. This would only happen if they don’t remove the package properly. Typically all you gotta do is run sudo apt purge <yourpkg> and then sudo apt autoremove. This should take care of it most of the time. If you want to remove all doubt, you can manually search using dpkg -l | grep ^rc

NeoBMS · November 8, 2024, 8:53pm

I disagree. I’d rather use Debian than Ubuntu or Mint but I wouldn’t recommend a stable distro that updates most packages every 2 years for a desktop, and definitely not for normies since Debian requires some technical knowledge to install and use securely if that’s even possible.

sha123 · November 9, 2024, 12:34pm

I doubt that many newbies would enjoy a direct move to Debian.

lurkeroy99245 · November 9, 2024, 4:09pm

Oh I don’t think it’s the optimal distro by any means (I’m an Arch guy). But I think it’s okay for newbies for 2 fundamental reasons. 1) Mint and Ubuntu are some of the most recommended distros for newbies. I don’t mean here at PG per se, just in the wider scope of the internet. The gap in “know-how” needed to learn Ubuntu vs needed to learn vanilla Debian very small. So if someone is making the switch to Linux, they’ve already commit to learning Ubuntu, so they might as well just commit to learning Debian. 2) If you choose Debian over Ubuntu or Mint, you’re also choosing a real community-driven project over something like Canonical. I would also apply the same logic to RedHat. I think their GUI install process would be less intimidating for new users, and certain security features, like apparmor, come preloaded whereas with a more minimalist distro you have to do that manually.

lurkeroy99245 · November 9, 2024, 4:13pm

To be candid, I’m not even sure I would recommend Arch anymore to people either. Yes I use it, but the based thing to do is move away from systemd (runit is way easier to learn anyways, lol). Use Artix instead.

Lukas · November 9, 2024, 4:15pm

Moving away from systemd is one of the worst decisions that one could make.

NeoBMS · November 9, 2024, 4:46pm

Mint and Ubuntu are recommended for newbies (not here) because they took Debian’s stable base and made it user-friendly. Debian in itself isn’t. You still have to use the commandline for things like upgrading to new releases, the Debian installer is more complicated, it doesn’t support secure boot out of the box, in general it’s not a normie-friendly distro.

The thing about community-driven distros is that they expect most of their users to actually contribute to the development of those distros, like donating, maintaining packages, and stuff. Most people don’t have the technical knowledge to contribute anyways.

I disagree. There are plenty of valid reasons to move away from systemd, although said reasons wouldn’t apply to normies who don’t even know what an init system is not to mention incompatibility with some software like most VPN clients. Systemd wouldn’t be an issue if it didn’t try to replace everything and become a complete operating system, almost as if every Linux distro using it was a distro of GNU/Systemd/Linux.

lurkeroy99245 · November 10, 2024, 5:35am

Maybe I’m just tone deaf to the user experience of newbies switching to Linux are these days. My first distro was Mint after switching from Windows ( I had a brief stent with OS X in between). But I stuck with Mint for a few years before switching to Debian and when I did all I could think about at the time was I wished I did it sooner. I found the learning curve between the two minimal. The real pain was the switch to Arch, lol. I guess it’s easier now with the install scripts, but a fully-encrypted Arch OS the manual way will test your patience if you’re not use to configuring grub, UUID’s, etc. lol

NeoBMS · November 10, 2024, 3:52pm

Arch is easier to install but users are still expected to have the knowledge and dedication to perform daily system maintenance, harden their system (including setting up full MAC policies, sandboxing, and secure boot on their own), monitor and review every single package installed on their system (this applies to all Linux distros), and contribute to Arch’s development.

sha123 · November 11, 2024, 9:51am

Nothing in there is a requirement for using Arch and barely any users do that on any distro

Topic		Replies	Views
How degoogled is Linux? Questions software	5	864	November 25, 2023
The Insecurity of Debian Privacy	34	1104	September 10, 2024
How do you balance privacy and convenience? Questions	16	4537	June 8, 2023
If you were to recommend an Ubuntu-based distro for privacy, which one would you recommend? Questions	6	448	September 9, 2024
Non-corporate, beginner-friendly Linux distributions Questions software	41	754	September 6, 2024

Debian Privacy Issues

Issue categories

Related topics