Which OS (Linux, BSD or other) is the most secure out of the box?

Which OS (Linux, BSD or other) is the most secure out of the box?

I'm not looking for military grade security, I know that requires a lot of work

I mean just decent security with updates, out of the box, to run something bitcoin related?

Other urls found in this thread:

cryptome.org/2012/01/0032.htm
arstechnica.com/information-technology/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack/
cnet.com/news/report-of-fbi-back-door-roils-openbsd-community/
qubes-os.org/doc/split-bitcoin/
twitter.com/SFWRedditImages

If I were you I'd read up on Arch Linux's wiki page on Security topics.

Any Linux distro will do as long as you can fine tune it a bit. Not ubuntu though, and from what I head systemd may somehow compromise security so beware of that, although I'm not sure.

Windows is just for muh Adobe and games.

Never used BSD or MacOS

Why do you say "not Ubuntu"?
what about Debian?

Install Hardened Gentoo

He's retarded

>If you're serious about security, QubesOS is the best OS available today. It's what I use, and free. Nobody does VM isolation better.
Edward Snowden

>systemd may somehow compromise security so beware of that, although I'm not sure.
This is largely just something that's popular to say around here, like hating net neutrality and wanting AMD to literally go bankrupt and give NVIDIA a GPU monopoly.

It's not completely baseless though. The issue with Systemd is it is now a very large very privileged piece of software that has grown beyond it's original "init script" goals. It's size and necessary privilege level means it has an enormous attack surface where exploits might be hiding. The reality of the situation though is that millions of servers all around the world use it every day and remote code execution exploits in anything are exceptionally rare, big bloated piece of shit or not.

Objectively OpenBSD.

Ubuntu, as far as I can tell, isnt bad for security, but it is for privacy. But sure you can have custom installations and even simply turning off these invasive features.

In my mind security and privacy are somehow interconnected but well thats just me. If your concern is to avoid people having access to your computer through the internet and fucking your shit I would just be careful around systemd and that's about it.

I'm tempted to learn OpenBSD
how hard would it be to set up for someone who has only moderate knowledge of Linux (but used it for many years)?

CentOS comes with a few security profiles for SELinux that you can turn on install, you can also use SELinux on any other distro however SELinux its difficult to set up manually.

Not hard at all if you just follow the FAQ.

You probably are referring to the amazon lens shit that isn't even activated by default anymore, and before that it was Unity-only and who uses Unity anyway?
If you're worried about privacy you should avoid Google, not Ubuntu.

Oh well. It's been a while since I last used Ubuntu so yeah

BSD (specially OpenBSD) or CentOS if you wanna go Linux, at least it comes with some nice SELinux profiles

Wasted quints on two pieces of shitware.

>OpenBSD
No
cryptome.org/2012/01/0032.htm
arstechnica.com/information-technology/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack/
cnet.com/news/report-of-fbi-back-door-roils-openbsd-community/

>free software
>backdoors
Pick one.

thoughts on Qubes OS? good or autistic?

The cool thing about it is being able to use Windows in a secure way.

>FBI agents undercover
>pushing backdoors to development

Those claims were never substantiated and OpenBSD conducted a full code audit directly afterward anyway.

The entire story is basically that some guy said "openbsd has a backdoor lol" without backing anything up

what hardware do you recommend to use?

I can run 2 OSes at the same time?

Cool story bro, point to them in the source code then.

Qubes has some tools for bitcoin wallet use.
qubes-os.org/doc/split-bitcoin/

Can i run games with qubes?

>muh vidya

course, it's not all the time, only sporadically

better than bitcoin mining

No, the OS checks if a binary looks like it might be fun and then it makes sure to not run those.

>muh sporadic vidya

yeah, making money is totally worse than wasting your time with vidya

CentOS Fedora and RHEL all come with selinux enabled by default as well as firewalld.

>firewalld
With or without firewall rules.

Also, i can run 4k videos?

With? Although I'm not sure how I feel about the default profile on fedora. It leaves ingress open on high range ports, meaning anything can start listening on port 1025 and it's world accessible. Easy enough to fix, but then you're not using defaults like the OP asked for.

>muh animu

shut fuck up!

Just asking since firewalld alone wouldn't have to mean shit.

>ok baka senpai XDDD desu ne

Redhat/CentOS/Fedora due to SELinux.

hardened gentoo

CentOS/Fedora VS OpenBSD , in your opinion ?

Out of the box, depending on definition, probably hardened gentoo. Otherwise, qubes.

Best security is to run a custom firejail-based container for each application using aufs or overlayfs, firejail's chroot and x isolation.

how hard is it to set up qubes?

dude the amazon spyglass is hardcoded into unity OF COURSE ubuntu is compromised.

Very easy. The problem is that HVMs are limited and the software is beyond buggy. They've also had fuckloads of problems with systemd and fedora but they're paid to use them so they hack around it instead of using something else.

target psyops. all i can say.

Debian doesn't have SELinux/AppArmor or firewall out-of-the-box, Fedora/Ubuntu are fine.

Jesus

Tux is such a shitty mascot