Other "secure" operating systems

That’s up to interpretation. What is “more upstream” supposed to mean in your opinion? “More upstream” was somehow used as an comparative of “upstream”, which does not really make sense and is both wrong, because it is not upstream.

I wish you included the next line after that sentence though

Google develops Chromium and Chrome, so Chrome is more upstream than Brave and will receive updates faster.

This is what @HauntSanctuary meant.

3 Likes

HardenedBSD is probably a better option, if you are looking for a desktop system.

1 Like

Brave is usually at most a day or two behind Chrome on security issues when the issue is within the Chromium code base. Such is tolerable for me.

2 Likes

I know, but it seemed like jerm was looking for a desktop OS?

I suggested he use a popular Linux distro because that has the benefit of being open source like Open BSD but with a popular Linux distro he’ll have MUCH more support and MUCH more App options while still getting a nix* OS and also while staying away from Windows 10/11.

Welcome to community!!!

This is the first time I’ve come across HardenedBSD. It looks like it’s supposed to be even more secure than FreeBSD which is crazy as FreeBSD is already amazingly secure.

How is HardenedBSD for number of App choices and how big is the support community???

As it is, BSD desktop users are unicorns. (hundreds globally?)

Looking at the fork of a rare distro… Thats a shiny golden unicorn… (20s globally? :rofl:)

Just pulling numbers out of the air but you get the point.

2 Likes

Yah… with such a small user community it almost seems like you’re harming yourself by using a BSD OS for a desktop OS and that you’ll be spending more time/energy on trying to get the BSD OS working the right way.

They can’t. There’s no privacy without security, and there’s no security without privacy. Having big tech and the government know all your information can have severe consequences even if you don’t do anything illegal.

Nice slogan but that’s objectively not true. Privacy is contingent on security because you can’t be private without protection from snooping, but you can be secure without privacy if you have a trusted source managing the security of something – e.g., MSSPs who provide better security to companies small enough to not have a proper security team but big enough to pay in exchange for an external company having a high degree of visibility of their environment.
Another good example is work computers at a company with a proper cyber team, where individual workers will probably have pretty low privacy on their work machines from their higher ups but can have a good level of security from external parties.

Ultimately, it’s a matter of what risk a given person/company/etc is willing to accept and what they’re trying to mitigate

4 Likes

It depends what you mean by privacy. A “do not disturb” sign is sufficient to get the message across that you want privacy. The latch on public toilet doors is sufficient to prevent someone from accidentally walking in on you, and you can be reasonably certain that no one will bash the door down or crawl over/under the door despite that being very easy to do so. Window curtains/blinds provide privacy even if your door is open or unlocked for some reason.

If your requirements for being private are such that your activities cannot be revealed to anyone, the better terminology for that is security.

Privacy does not depend on security but is strengthened by it, and the same goes the other way, despite the erroneous claim that security through obscurity is bad. It’s bad if you rely on it, but obscurity (privacy) is an additional measure that can improve your security posture if layered on top of existing security.

Neither are mutually exclusive and they can both be placed on an XY axis, or even XYZ with usability.

1 Like

The FBI has admitted putting people on the terrot list for their political views. That’s what the “security without privacy” of Chrome will get you in when your browsing history is sent to the NSA in real time via Google Safe Browsing.

1 Like

I was arguing against your slogan and saying that you can have security without good privacy, not whether security without privacy is good. I personally believe that security with higher privacy is good, but that isn’t the point being argued since we do agree on that.

2 Likes

The day Kicksecure has a full ISO to install directly will be a good day. For some reason any time I have tried in the past to use the distro morph it has never worked correctly.

Various issues, last time was early last year so do not remember the errors but do recall having to spend far too long just getting to the actual install. My system was simply not letting it be easy.

Having said that if you feel comfortable giving it a try it is the one I would say to do. The VM works wonderfully.

I agree in principle. Privacy and security are different concepts, and of course it’s not black and white and there are a few special cases, some maybe-plausible but still questionable cases being mentioned in this thread. But I don’t understand why so many people think it’s generally feasible to have one without the other.

If your requirements for being private are such that your activities cannot be revealed to anyone, the better terminology for that is security.

No, security means the prevention of unauthorized activity. Privacy and security aren’t on a spectrum, they are largely orthogonal concepts.

To securely connect to google, I use https so that unauthorized actors can’t see the request contents. Google in this case is an actor I have authorized to receive the contents of the request by visiting their website. Even if via those requests google collects a bunch of advertising information about me, that information is being collected securely since google is an authorized actor and the connection is using HTTPS so other actors are prevented from viewing the request.

To be private in this case usually means deeming google an unauthorized actor and avoiding making requests to them in the first place.

What I’m getting at is that security is a well-defined and understood industry standard concept about how to go about setting up the right sets of locks and keys so that those systems can then be used to control authorization to something. Privacy on the other hand is simply taking those locks and keys and making a personal determination about what corporate, state, etc actors to consider unauthorized. This makes privacy an inherently more nebulous, personalized, and often arbitrary concept, as opposed to security. It also means that privacy depends on security while security does not depend on privacy.

Say you had a diary and kept it locked with a key. If the lock could be picked (insecure), the information in your diary would be accessible to anyone who can pick a lock (unprivate). However, if your lock was unpickable (secure), you could still be unprivate by unlocking your diary and showing your friends (loss of privacy via secure, authorized means). Ergo you can’t be private without being secure, but you can easily be secure without being private.

5 Likes

Given that kicksecure dropped hardened_malloc, have you taken a look at secureblue?

:smile:

Just use Fedora with a Brace.

1 Like

security through obscurity is bad.

The article and embedded video you linked is breaking down the misuse of the term and clarifying what is actually meant by security by obscurity being something to avoid.

Specifically, it refers to Kerckhoffs's principle - Wikipedia

The principle holds that a cryptosystem should be secure, even if everything about the system, except the key, is public knowledge. This concept is widely embraced by cryptographers, in contrast to security through obscurity, which is not.

The article you linked agrees with this and contrasts it with other things that are unrelated but often lumped in together with “security by obscurity”.

The pieces you mentioned that are good to layer on top of existing security are not actually examples of “security by obscurity”, which is part of the point of the article.

Brace and secureblue are similar. Brace is missing a few things like suid root reduction and optional userns disablement. I also don’t see hardened_malloc being used in Brace which is surprising to me since brace builds a hardened_malloc rpm.

But those differences aside, it’s really down to how you want the system delivered. When hardening improvements are added to secureblue, the CICD kicks off a new image build which is then pushed to GHCR for ingestion by rpm-ostree’s update mechanism. The user doesn’t have to update a repo, run a script, or anything like that, so there’s a stronger certainty that the hardening changes are being applied persistently and correctly across users.

Also FYI, I’m the maintainer of secureblue :slight_smile:

5 Likes