• UrheaKekkola@sopuli.xyz
    link
    fedilink
    arrow-up
    2
    ·
    9 hours ago

    You’re confusing security with privacy. While distros you mentioned are great for preventing ISPs and governments from spying on you (privacy), they’re not really any better at preventing hackers from exploiting your vulnerable web server than fedora (security).

    • kekmacska@lemmy.zip
      link
      fedilink
      English
      arrow-up
      9
      ·
      9 hours ago

      no, Qubes, Bazzite, Garuda were made with security in mind. Containerization, selinux enforcing, hash checks, address space layout randomization is also built in. These are all more secure than Fedora. Qubes for example, uses vm containers to completly isolate every app, so the system is almost impossible to compromise by malware or hacking. Bazzite uses immutable root file system, much like stock android. it may not along well with unix philosophies, but there isn’t really a way for a malicious code to run with elevated privilages or to manipulate system files. Garuda automatically creates snapshota from the system, so if it is compromised, it can be rolled back quickly. Snapshots for external devices or cloud are supported as well. It uses zram compression on swap, this helps avoid data leakages to the disk, so makes sure that after a reboot, every session quits, since data from ram can’t leak on the disk. it also uses firejail and chaotic aur sandboxing. There is a smaller support for secure boot too. So these are all highly secure operating systems. And to some degree, privacy and security overlap each other.

      • UrheaKekkola@sopuli.xyz
        link
        fedilink
        arrow-up
        1
        ·
        6 hours ago

        Yeah my bad, you’re right. I got too stuck on tails, which is in my opinion more focused on privacy than security, and ignored everything else.

        • kekmacska@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 hours ago

          Tails in itself is reasonably secure too, but it was mostly designed for use with public computers and forensics, and ofc to conceal network activity that might seem suspicious. And it is a good solution if you need a portable linux, and your android phone is not a good choice for your use case.

    • dan@upvote.au
      link
      fedilink
      arrow-up
      1
      ·
      6 hours ago

      While distros you mentioned are great for preventing ISPs and governments from spying on you (privacy),

      How do they do that?

      • UrheaKekkola@sopuli.xyz
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        4 hours ago

        I’m not really expert in this topic, but as far as I know tails is amnesiac os that forgets everything on reboots for example. Both whonix and tails also routes your traffic through TOR which helps hiding your identity.

        Concerning other mentioned distros and also security wise, this comment explains it lot better than I would: https://lemmy.zip/comment/15305364