Ubuntu Touch VS Graphene OS

missing-root

Yeah, immutability is one core component of a secure system. Together with verified boot, no root access (or really restricted, not hackable through a completely unprotected .bashrc), sandboxed apps etc.

But as it is implemented currently it is supposed to be slightly changed, which would probably break verified boot. Only if it fully works, and likely if you cannot boot anything else and the firmware supports verified boot, it is comparable.

Xtreix

admin No, this is wrong. It is not paired with any form of verified boot, and privileged components don't have to be part of the read-only portion. It is not a security feature.

Yes, there is no verified boot and this had completely slipped my mind, I haven't bothered to implement it (assuming I actually can) because my threat model is relatively low on my desktop PC, I guess I'm lazy and shouldn't be taken as an example.

I use a recent Microsoft Surface if I want something much more secure, of course, even if I don't like the bloat level.

On traditional Linux distributions, I've sometimes had to completely reinstall the system after a bad modification, I no longer have this problem on Aeon, I seem to have greatly overestimated the value of safety here, but the theater it offers suits me quite well.

admin I'm just forced to degrade SELinux security

I suppose I could leave the change permanently, but I'm not decided.

missing-root sandboxed apps etc.

Apps on Flathub are not really sandboxed and cannot be compared to real sandboxing like on Android.

it also depends completely on the implementation made by the application developer, a Flathub application can get all the privileged authorizations, you can slightly reduce the attack surface with something like Flatseal but don't expect much.

https://privsec.dev/posts/linux/desktop-linux-hardening/#application-confinement

missing-root

Xtreix

I maintain a list of good flatpak apps

Flatpaks dont really have the power to force app devs to do anything, just like Android. Not even Windows can do that.

mmmm

missing-root Your link doesn’t lead anywhere..

Dumdum

mmmm
They keep adding this thread's address to the link for some reason.

missing-root

mmmm https://github.com/trytomakeyouprivate/recommended-flatpak-apps

bookreader

trilogy6202 Linux have the weakest security model compared to macOS, Windows, iOS and Android.

I find it comical when anybody tries to suggest that windows has any security whatsoever. Its basically a pile of smoke and mirrors that amounts to absolutely nothing. Want to get hacked? Try windows.

Xtreix

bookreader No system is bulletproof, and the user will always be the weakest link, but Microsoft has made progress in security since Windows 7, notably on the authorization model compared with the X11 interface on Linux, which doesn't even require an exploit.

https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html

TheGodfather

bookreader I find it comical when anybody tries to suggest that windows has any security whatsoever. Its basically a pile of smoke and mirrors that amounts to absolutely nothing. Want to get hacked? Try windows.

Create a WDAC policy (signed for best protection) for your device in conjunction with Microsoft security baselines on a secured-core device and you should be much more secure than on any Linux desktop OS. Theoretically you can get verified boot including apps and attestation. With win32 app isolation hopefully coming to 24h2, users will be able to sandbox win32 apps. Contrary to Flatpaks or Snaps, AppContainer is considered a true security boundary. Windows already has better exploit mitigations than desktop Linux and browsers like FF have stronger sandboxing on Windows.

d9780

trilogy6202
Can I use a Mac computer and put a Linux distro like Ubuntu on it for the OS? I don't like the idea of being in the apple ecosystem. Am I wrong to feel that way and Apple is really safe if I turn off cloud backup and tweak it a bit is it actually secure?

I thought I was secure w full disc encryption, proton VPN and Ubuntu with all location turned off.

N1b

d9780 you need to differentiate between security (protect data against unauthorized access), privacy (control over what data you share and with whom) and anonymity (not being identifiable, mostly by hiding in a crowd).

With MacOS you get really decent security (more compared to Windows, much more compared to Ubuntu). However your privacy (especially towards Apple) is down the drain as you have little control over it and Apple has been and will be patronizing you. Btw. anonymity you won't get easily from any system out there.

If you install Linux on a Macbook (which is currently limited to Asahi Linux and will not work with everything), you don't gain anything as you don't have more security or privacy, simply the Apple Hardware which isn't working so well with Linux.

There are way more details to this, but the gist of it is you need to make a threat model and find the right answer for yourself. I personally don't trust Apple with my data, but I trust in their Laptop and Desktop security model for Business stuff that can be shared. Privately, I'm running Fedora Silverblue on a Framework 13 Laptop as these devices have great Linux compatibility (among other advantages), but now I have to do better OPSEC with encryption and security.

I'd really like to fully switch to GrapheneOS for all desktop experiences once AOSP has a proper desktop mode. I would get better security and privacy (and foundation for anonymity) by default.

GrapheneOS

d9780 You will lose nearly all the hardware-based security benefits by replacing macOS since other operating systems don't leverage it and don't provide comparable security to macOS at a software level either.

I thought I was secure w full disc encryption, proton VPN and Ubuntu with all location turned off.

With a distribution not doing the basics of proper security patches, not providing complete/working app sandboxing, not providing anything close to modern exploit mitigations or heavily adopting memory safe languages, etc. macOS is much more secure than it and much more heavily takes advantages of hardware-based security features.

DeletedUser95

N1b

I'm probably gonna stick with Windows on my next computer. Mainly because Linux almost never worked well for me something always went horribly wrong and for 2-3 years spent feeling like I've achieved nothing I'm starting to be convinced that it just really isn't worth the privacy benefits especially when I have trouble with hardened Linux variants too but i don't want to use a completely insecure variant either.

I'm not sure if I entirely feel comfortable with Windows either however. Wondering the best ways I could harden it without compromising the actual user experience. And also limit telemetry too. Yes I'm aware no matter what I do it will never be private but I hope to at least try to limit the main bad aspect of it.

de0u

N1b With MacOS you get really decent security (more compared to Windows, much more compared to Ubuntu). However your privacy (especially towards Apple) is down the drain as you have little control over it and Apple has been and will be patronizing you. [...]

If you install Linux on a Macbook (which is currently limited to Asahi Linux and will not work with everything), you don't gain anything as you don't have more security or privacy, simply the Apple Hardware which isn't working so well with Linux.

I'm not sure I follow. As I understand it, when an Apple Silicon Mac is off, all storage is encrypted at rest. Also, I believe there is verified boot through the OS loader. At present Asahi isn't verifying the rest of the boot chain, but it may be possible. And presumably concerns about macOS sharing various user telemetry with Apple would not apply to s third-party OS.

The situation is not as good as GrapheneOS, e.g., Asahi doesn't seem to have access to the hardware-wrapped storage key mechanism, but it sounds as if the situation is more secure than random PC hardware, and private with respect to Apple. Is that not accurate?

GrapheneOS

N1b Desktop Linux distributions lack a complete and working implementation of app sandboxing which means every application you use can scrape up all your data and do whatever it wants. Sticking to only open source apps does not assure your privacy at all. Many open source apps are privacy invasive.

OfflinePuffin

If I can provide my two cents. GOS is more secure by design because of a combination of software and implementation of hardware security measures. But that's not to say UT is a open system, UT dose have some features that make it secure but lacks the fusion of modern security based on the android security model.

I feel like comparing them is like comparing apples to bananas, they like a lot of Linux projects are distinct from eachother and have different goals.

Security is important for the end user but the complexity at what layer "the hardware, the kernel, the userspace, the 3rd party software layer" depends on your security model.

UT is great to use and play around with but lacks features and usability that Android offers. If your ripped BTW the two then I would wait until Android's Fabled desktop mode, once we get that Android will dwarf UT in usability.

N1b

de0u yes, sorry I wasn't clear about it. The security of Asahi on Macbooks is way worse compared to MacOS on Macbooks. My point was that installing Asahi on Macbooks won't get any advantage for OP compared to installing Ubuntu/Fedora on any compatible laptop (assuming verified boot). They simply end up having an expensive and well designed piece of hardware which they don't use to any of its potential.

I'm not savvy in the details though, and you might just as well be correct there's a measurable difference that would fit some threat models when comparing e.g. Fedora on a Framework 13 vs Asahi on a Macbook M1.

GrapheneOS

Xtreix GrapheneOS is a Linux distribution. It is not systemd, glibc or GNOME that makes it Linux. It being a Linux distribution is a negative, not a positive, since the Linux kernel has an insecure architecture and is written in a language prone to introducing severe security vulnerabilities everywhere due to tiny mistakes. It is not as secure as the iOS kernel and is a major weak point we will have to continue working on addressing.

Xtreix

GrapheneOS

I know, these are old comments where @admin replied to me, of course, new members can still read wrongs comments I may have written months ago if they're still available. I also know that we need to stop relying on the Linux kernel as the core of the operating system and the foundation of the security model and move towards a microkernel-based model with a Linux compatibility layer, plus the rest you know but I won't list it all.

GrapheneOS

Xtreix That's not how so-called immutable distributions work. They aren't immutable images. So-called immutable desktop Linux distributions do not have any real verified boot or security properties gained from it. They do not have verified boot. Additionally, the way verified boot is integrated in systems like Fedora is barely used to do anything and is not remotely comparable to how it's used in Android. Having a feature but not actually making much use of it or completing it is not the same thing.

Scott

GrapheneOS d9780 You will lose nearly all the hardware-based security benefits by replacing macOS since other operating systems don't leverage it and don't provide comparable security to macOS at a software level either.

Thanks for clear words. I am now very stupid guy.

I tried to migrate from macOS to Fedora Sliverblue.

Should I stop now?

« Previous Page