The one with the best monitoring, the least possible security breach, the best update .. the least easily hackable.
I would say Debian and Tails (but Tails is not pratical).
What is the best Linux distribution for security?
Other urls found in this thread:
wiki.gentoo.org
twitter.com
ok
Windows 10 with Google Chrome.
why does everyone spit so much on chrome
before firefox nightly it was the fastest
It makes me angry. All my walls have at least one hole caused by an emotional outburst. I had to start using the desktop and devote one room to emotional damage since I visit Sup Forums and am a Chrome lover. Decked out my pad with Chrome gear. Went all out.
lmao
so?
...
Qubes
hardened gentoo, but you should read everything here:
wiki.gentoo.org
because nothing will make up for a dumb ass user with root privileges (you).
thanks
not pratical
Centos. Dont listen to anything else
what is that picture
mr robot
lol
Gentoo
why not debian
>closed source ad/spyware
systemd, that's why
any gentoo derived distro.
Bonsoir Elliot.
both have systemd
Not if you aren't a retard.
relationship between systemd and security?
Debian has the biggest security team that examines it night and day
Hardened Red Hat.
Triggered autists think that Lennart will touch them in their sleep.
>Hardened Red Hat.
>
>Triggered autists think that Lennart will touch them in their sleep.
arguments?
systemd is more robust than a bunch of shell scripts, easily parallelizes start without some meme flag and follows the whole less is more philosophy by minimizing what is needed for booting.
What are YOUR arguments?
Any mainstream linux distro + firewall.
Really. If your threat model is the NSA, unplug your computer.
Hardened Gentoo
Debian has always been very cautious/deliberate very stable and very trustworthy, and it’s comparably easy to use for the security it provides. Also the community is big, so it’s more likely that somebody notices shenanigans.
>systemd is more robust than a bunch of shell scripts
No it isn't. systemd unit files break if you don't use a lennart approved username
>easily parallelizes start without some meme flag
openrc's parallel start works great
>follows the whole less is more philosophy by minimizing what is needed for booting
That's why systemd comes with its own mount tool?
So is Red Hat, which has most of the Linux ENTERPRISE market in their pocket.
Honestly, I trust more the guys making a profit out of this.
>No it isn't. systemd unit files break if you don't use a lennart approved username
Nice FUD, now tell me how to replicate that.
>openrc's parallel start works great
Now it doesn't tell you SHIT WILL BREAK in the config file if you enable it?
>That's why systemd comes with its own mount tool?
Because file system mounts are a bottleneck in sysvinit, the whole daemon spawning has to wait for file system mounting to end.
>Honestly, I trust more the guys making a profit out of this.
wtf
so let trust microsoft, apple, google..
Yes, I'm sure they make great products even though not with user's best interests in mind.
Red Hat is a business and military grade OS, you can't just throw data mining in it without getting sued to hell and back.
You'll tell me a bunch of hobbyists can do better in their free time? They need to eat too you know.
> Yes, I'm sure they make great products even though not with user's best interests in mind.
but not secure
> You'll tell me a bunch of hobbyists can do better in their free time? They need to eat too you know.
many more professionals hobbyists, yes
they have a recognized security team
and no risk of backdoor
>Nice FUD, now tell me how to replicate that.
Sure make a username that starts with a number and then tell the service file to run as that user. Instead, systemd will run that service as root. Great job.
>Now it doesn't tell you SHIT WILL BREAK in the config file if you enable it?
It just gives a polite warning, but the parallel feature in openrc works very well and is quite trustworthy.
>Because file system mounts are a bottleneck in sysvinit, the whole daemon spawning has to wait for file system mounting to end.
This is a nonsense feature. You won't get any notable speed improvements from this.
>and no risk of backdoor
LOL
>and no risk of backdoor
Tell that to the OpenSSL team. Money doesn't solve all problems but it sure as hell can get more auditors to look at the source.
Install Hardened Gentoo. Not even joking.
1) redhat was not spared by the technical flaw
2) Core Infrastructure Initiative
3) Debian has many more resources, especially humans
>Install Hardened Gentoo. Not even joking.
why
Because it shifted from being a new browser that only the cool kids used to bloated spyware full of normies.
>bloated spyware full of normies.
source?
k
I'd just like to interject for a moment. What you're referring to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.
Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called "Linux", and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.
There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called "Linux" distributions are really distributions of GNU/Linux.
It's not a linux distribution at all.
thanks Doc !
So they don't fuck with the military version of the OS and give us the one with backdoors and shit.
+1
QubesOS if you want to be practical and still be safe.
Feel free to audit the source code yourself :^)
I genuinely want some opinions on this, what do you think is the better out of these 3
Kali
Backbox
Red Arch
It comes with many additional security features like address randomization, selinux, compile time buffer checks, position independent executables, and integrity checking.
TAILS
not pratical
thanks
Redhat
and what do you think of debian?
?
farting
parrotsec
CentOS
>unplug your computer
tall order
thanks
1. Qubes
2. Whonix or Tails
3. Debian
Debian is also a good general purpose Linux distro with large, well maintained repos, good support, and frequent security patches. You can make it as secure as you want/know how to. Many security and pentesting distros are based on Debian.
Whats not practical about it. Sometimes the hardest ways are the best ways
Tails is practical to boot of a USB
>2017
security is a meme, join the blue team
Why leave security to your operating system when you can store all data with Google? No more worries.
But what if Google gets compromised?
That would never happen, and if it did, it's not like they collect any data on us.