jesus, would you kindly get lost with unnecessary nitpicking eh?
I’ve made some pretty simple and generalized arguments in good faith and you haven’t really addressed any of those beyond bombarding specific examples that refer only to very specific distros and configurations that suit your stance.
You’ve completely ignorred the highly secure linux-based projects like graphene-OS or chromeOS…
And posting yet another unclickable link to some frankly uninteresting development on ubuntu’s stance or status on the grub fiasco is just missing the point further.
Given that this is a forum for a website that recommends software (among other things) to everyday people without a particular exclusion to those that may not have a lot of technical skill, I didn’t specify consumer distros because I thought the context was obvious. That’s my bad.
It shouldn’t be, though. That’s the whole point of recommending software with good defaults. The average person shouldn’t have to be technically skilled for them to get decent protection when doing their computing tasks.
As a side note, you’re strangely defensive about your position. I suggest you tone it down. Politeness can go a long way, and we’re all here because we care about things that are in alignment, I hope.
Now because I’m not only just having fun. Here is an actual answer to your only actual question.
An OS that runs in RAM is inherently read-only unless there is some persistence expressly configured elsewhere. It doesn’t even need a hard disk installed. If you couple that with an encrypted and physically separate boot disk…
Well good luck picking up any kind of persistent malware as you peruse the grub and cvc mailing lists!
But that’s not it. It also provides protection from driveby evil maid attacks. No hard disk means no vector for controller malware or just regular malware on your system disk. A reboot, similar to an atomic distribution returns the OS to its original state.
You’re focused on persistence while entirely overlooking the fact that any data you processed/accessed can still be siphoned off by the malware or that the malware can attack adjacent devices on your network.
Current atomic distros provide zero security benefit as they all lack verified boot.
Yeah this is the point the other guy should be making.
The main issure wrt security is that linux isn’t a centralized OS like android and the fact that it is open and hackable lends it to these kinds of unwanted developments. Also, trickle down solutions that take a while to dissipate. If you’ve ever waited for new kernel developments to trickle down to your LTS using distro, you would understand exactly what I mean.
We cannot have the blazing fast distribution of patches across all the distros when each variety has a different purpose and a different structure.
But that’s also the point of linux. There are different flavors for different tastes. You make of it what you want. If you cannot make your own, you make do with what has been made available.
The constant compromise is always security+privacy vs convenience. There are clearly secure linux options, as well as alternatives such as qubes OS. They maybe aren’t super convenient, or private though.
But this is the same compromise we make elsewhere. Like using your degoogled android that has no play store, banking app, google pay etc.
So to say that linux as a general os that someone might install on their grandma’s PC isn’t secure is disingenuous. Grandma has actually been using wayland without knowing it for ages, her only app is a browser, and everytime she installs driveby malware, it doesn’t even know what to make of her system, let alone worry about sandboxing.
Honestly, I think overbearing centralization is antithetical what linux is.
I’m not familiar with verified boot on secure distros, but that is surprising as I was already using this feature in fedora over a decade ago. Same goes for wayland btw. And full disk encryption.
I’m not trying to provide a perfect solution. You were asking for one that is premade and widely distributed and I was just trying to convey that being absolutist on this wasn’t going to work in the context of a private and open OS.
If you are going as far as running your OS in RAM and have hidden your secure boot disk as far up your butt as you can, then I’m sure you can go to the trouble of installing your browser in a VM.
Fedora Atomic Workstation aka Silverblue is not a decade old.
Nor does any Linux distro offer verified boot.
Please do not confuse verified boot with the joke that is (EFI) secure boot.
It is a niche OS. It has 1-3% market share if you discount chromeos and android, as you are happily already doing. That is not a fallacy, it is a fact.
I havent used the fedora atomics yet… when i was using fedora a decade ago, i was using verified boot already… so i am confused that it would not be available now in the atomic versions
[Edit].. oh I see you discount EFI secure boot as a verified boot. Would that also fail your inspection if you had generated your own keys?
Aren’t all these problems solved by using something like a core-booted laptop anyway? I genuinely don’t know since the last couple of laptops were chromebooks anyway since I don’t have the energy or time for home made solutions anymore.
When I made my first comment in this thread, which was just neutral and polite. Your man there, replied with (before editing a bunch of times):
“This argument is delusional.
Linux is not secure.”
That did not seem very polite to me, nor helpful. Since then their arguments seemed to me, mostly provided in bad faith - arguing details against generalized points, and giving general statements as facts as if their word is law. Not taking the time to meet me any length of the way… And so I am merely responding in kind.
This is security through obscurity. It may work for now, but it won’t the moment a malicious site has if (os == "linux") { ... } for their drive-by malware distribution mechanism.
This is a valid belief, but it’s also very dependent on what Linux as a kernel/OS family/community means to you (and each of us) personally. I am, of course, not advocating for every distro to be tightly locked down and have them all be just slightly different variations of “FOSS MacOS”.
However, people should be aware of the tradeoffs they’re accepting when using Linux as their OS, and that is that most distros aren’t set up to be secure by default. Linux (the kernel) may have many security features already set up in the code, but that doesn’t mean much if your distro doesn’t enable it out of the box. If you argue that the risk of anything actually infecting grandma’s computer on Mint (as an example) is lower than the risk of Microsoft’s or Apple’s malicious treatment of users affecting her, that is a very fair assessment. But you’re making it with the knowledge of the compromise it entails. Others should be able to, as well.
This is fair. @anonymous306, please be respectful when disagreeing with someone in a public forum. Otherwise it all devolves into name-calling and such.
Security through obscurity is still security if not perfect… but in this context I see it more as being a numbers game, it’s better when you’re grandma isn’t not part of the low-hanging fruit.
Because out of 100 given fictional grannies, let’s be honest, the one and only that’s rocking linux mint is way less likely to be harboring some OS-level malware than the others.
If that is the trade-off you are willing to make, go ahead, but I would think it irresponsible to call it a viable security measure when the workaround an attacker has to make is trivial.
It was a question as I had just admitted to not knowing. Would you care to explain how a core-booted laptop is not up to measure, or whether self generated keys on an EFI secure booted laptop is still not enough to keep grandma safe?.. or are you just going to continue being unhelpfully vile?
I mean, in the context of an every day person, doing every day things. Then yes I think we can say that your average linux distro is secure enough.
I think that for the type of utilization - open source style apps installed from the main repo - inherently brings less risks than installing shitty android apps, making the lack of standardized containerization in linux less problematic than other OS.
There are fair points being made about the disadvantage of opensource models for finding, implementing counter measures and patching security issues. But it can go both ways, where the centralized model is slower to respond. Just look at router firmware for example.
Thank you for the apology @anonymous306. I will also give @laugh.oysters the benefit of the doubt and thank you in advance for accepting it since I locked this thread before you could respond.
This is the reason I am locking this post, for everyone’s information.
I don’t think this discussion is going anywhere. This entire conversation could have gone:
The rest of this post to my eyes is mostly bickering back and forth with neither of you actually having a conversation about the other’s arguments.
I’m also locking this post because nobody besides you two and the OP are really chiming in with any information, so I assume there’s not much to add. Correct me in a DM if I’m wrong, anyone.
I do agree with this issue, although it is not entirely one-sided in this conversation.
