What is the best Linux distribution for security?

The one with the best monitoring, the least possible security breach, the best update .. the least easily hackable.
I would say Debian and Tails (but Tails is not pratical).

Other urls found in this thread:

wiki.gentoo.org/wiki/Security_Handbook
twitter.com/SFWRedditGifs

ok

Windows 10 with Google Chrome.

why does everyone spit so much on chrome
before firefox nightly it was the fastest

It makes me angry. All my walls have at least one hole caused by an emotional outburst. I had to start using the desktop and devote one room to emotional damage since I visit Sup Forums and am a Chrome lover. Decked out my pad with Chrome gear. Went all out.

lmao

so?

...

Qubes

hardened gentoo, but you should read everything here:
wiki.gentoo.org/wiki/Security_Handbook
because nothing will make up for a dumb ass user with root privileges (you).

thanks
not pratical

Centos. Dont listen to anything else

what is that picture

mr robot

lol

Gentoo

why not debian

>closed source ad/spyware

systemd, that's why

any gentoo derived distro.

Bonsoir Elliot.

both have systemd

Not if you aren't a retard.

relationship between systemd and security?
Debian has the biggest security team that examines it night and day

Hardened Red Hat.

Triggered autists think that Lennart will touch them in their sleep.

>Hardened Red Hat.
>
>Triggered autists think that Lennart will touch them in their sleep.
arguments?

systemd is more robust than a bunch of shell scripts, easily parallelizes start without some meme flag and follows the whole less is more philosophy by minimizing what is needed for booting.
What are YOUR arguments?

Any mainstream linux distro + firewall.
Really. If your threat model is the NSA, unplug your computer.

Hardened Gentoo

Debian has always been very cautious/deliberate very stable and very trustworthy, and it’s comparably easy to use for the security it provides. Also the community is big, so it’s more likely that somebody notices shenanigans.

>systemd is more robust than a bunch of shell scripts
No it isn't. systemd unit files break if you don't use a lennart approved username

>easily parallelizes start without some meme flag
openrc's parallel start works great

>follows the whole less is more philosophy by minimizing what is needed for booting
That's why systemd comes with its own mount tool?

So is Red Hat, which has most of the Linux ENTERPRISE market in their pocket.
Honestly, I trust more the guys making a profit out of this.

>No it isn't. systemd unit files break if you don't use a lennart approved username
Nice FUD, now tell me how to replicate that.
>openrc's parallel start works great
Now it doesn't tell you SHIT WILL BREAK in the config file if you enable it?
>That's why systemd comes with its own mount tool?
Because file system mounts are a bottleneck in sysvinit, the whole daemon spawning has to wait for file system mounting to end.

>Honestly, I trust more the guys making a profit out of this.
wtf
so let trust microsoft, apple, google..

Yes, I'm sure they make great products even though not with user's best interests in mind.
Red Hat is a business and military grade OS, you can't just throw data mining in it without getting sued to hell and back.
You'll tell me a bunch of hobbyists can do better in their free time? They need to eat too you know.

> Yes, I'm sure they make great products even though not with user's best interests in mind.

but not secure

> You'll tell me a bunch of hobbyists can do better in their free time? They need to eat too you know.
many more professionals hobbyists, yes
they have a recognized security team
and no risk of backdoor

>Nice FUD, now tell me how to replicate that.
Sure make a username that starts with a number and then tell the service file to run as that user. Instead, systemd will run that service as root. Great job.

>Now it doesn't tell you SHIT WILL BREAK in the config file if you enable it?
It just gives a polite warning, but the parallel feature in openrc works very well and is quite trustworthy.

>Because file system mounts are a bottleneck in sysvinit, the whole daemon spawning has to wait for file system mounting to end.
This is a nonsense feature. You won't get any notable speed improvements from this.

>and no risk of backdoor
LOL

>and no risk of backdoor
Tell that to the OpenSSL team. Money doesn't solve all problems but it sure as hell can get more auditors to look at the source.

Install Hardened Gentoo. Not even joking.

1) redhat was not spared by the technical flaw
2) Core Infrastructure Initiative
3) Debian has many more resources, especially humans

>Install Hardened Gentoo. Not even joking.
why

Because it shifted from being a new browser that only the cool kids used to bloated spyware full of normies.

>bloated spyware full of normies.
source?

k

I'd just like to interject for a moment. What you're referring to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called "Linux", and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.

There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called "Linux" distributions are really distributions of GNU/Linux.

It's not a linux distribution at all.

thanks Doc !

So they don't fuck with the military version of the OS and give us the one with backdoors and shit.

+1

QubesOS if you want to be practical and still be safe.

Feel free to audit the source code yourself :^)

I genuinely want some opinions on this, what do you think is the better out of these 3
Kali
Backbox
Red Arch

It comes with many additional security features like address randomization, selinux, compile time buffer checks, position independent executables, and integrity checking.

TAILS

not pratical

thanks

Redhat

and what do you think of debian?

?

farting

parrotsec

CentOS

>unplug your computer
tall order

thanks

1. Qubes
2. Whonix or Tails
3. Debian

Debian is also a good general purpose Linux distro with large, well maintained repos, good support, and frequent security patches. You can make it as secure as you want/know how to. Many security and pentesting distros are based on Debian.

Whats not practical about it. Sometimes the hardest ways are the best ways

Tails is practical to boot of a USB

>2017
security is a meme, join the blue team

Why leave security to your operating system when you can store all data with Google? No more worries.

But what if Google gets compromised?

That would never happen, and if it did, it's not like they collect any data on us.