TheGodfather They should not have access to state-level exploits. They're not even wealthy, so I was surprised about QubesOS. It's either that or they somehow managed to read data transferred with HTTPS, after they compromised the router. I don't know what is more likely. They already managed to compromise a basic Linux distro before, but that isn't surprising.
What is your desktop OS?
aosjdio It's either that or they somehow managed to read data transferred with HTTPS, after they compromised the router
HTTPS has nothing to do with your router. It works between your endpoint device and the server.
aosjdio so I was surprised about QubesOS.
If you use QubesOS like it's supposed to, a compromise from some hobby hacker will be very unlikely. How do you know that it got compromised?
I use Pop OS. I prefer Debian-based distros and I've found Pop OS's ability to have hard drive encryption built in, built in backup storage when things inevitably go wrong, no snap packages, flatpak automatically included, the ability to install any of the four major desktop environments, and potential paid support from System76 if necessary to be a nice combination. It is Ubuntu without the shortcomings of Ubuntu.
- Edited
TheGodfather The person posted information on social media that could not have been retrieved in any other way. I was in another country in a temporary location, so there's no physical access. The stalker is kind of an idiot in some ways, but he/she is good at manipulating people into helping him/her.
I know for a fact that they are capable of this because someone who was close to him/her in the past told me. The person who told me is currently in hiding as well.
When I mentioned the router I meant some kind of MITM attack, but I think that's unlikely? I didn't see any certificate errors.
aosjdio When I mentioned the router I meant some kind of MITM attack, but I think that's unlikely? I didn't see any certificate errors.
Not possible then via MITM. You would have seen certificate errors.
TheGodfather
Indeed, that is why I use it, I am kind of a n00b with GNU+Linux so that is why I began with Mint, it is quite stable for me and does not demand too much knowledge of terminal commands.
But if I would choose a security-based OS, I would choose Qubes with its sandboxing possibilities, it sounds fantastic, but I honestly don't think I am ready for that kind of difficulty yet.
[deleted]
Windows 11 for the gaming and Fedora KDE on my laptop and surface go
I have tried countless linux distros, none of them satisfied my security needs. Deksktop OSs are all flawed by design. I can say that with probably more confidence than a dumbass like me should have. I will link a bunch of websites where I have found useful information. Do your own research. My personal conclusion is that Standard Linux distros are a big nono, Immutable ones are better. Maybe try secureblue. But it also sucks, because it's always about tradeoffs. I am still searching for what I want, currently dual booting into kionite with hardedining applied and windows as my primary. I want to leave windows at some point completely, but I can't find anything like equalizer APO for linux. Qubes OS is a very niche thing and imo a waste of time for most people. I'm sorry if I offend anyone with my incoherrent ramblings, but I wrote this in one go on my phone without stopping for a second except for adding the links. I wish you more luck than I have had until this point researching this.
Some useful links:
https://madaidans-insecurities.github.io/index.html
https://www.qubes-os.org/intro/
https://privsec.dev/
https://seclists.org/dailydave/2010/q3/29
I recmmend reading every link possible on all the linked sites that refrences something. And of course, check other sources aswell. This is very basic information, that as I already mentioned, was sharted out by a dumbass in one go.
- Edited
[deleted] GigaN Deksktop OSs are all flawed by design
They're not, especially the ones that allow you to tweak everything.
From the first link he shared:
It's a common assumption that the issues within the security model of desktop Linux are only "by default" and can be tweaked how the user wishes; however, standard system hardening techniques are not enough to fix any of these massive, architectural security issues. Restricting a few minor things is not going to fix this. Likewise, a few common security features distributions deploy by default are also not going to fix this. Just because your distribution enables a MAC framework without creating a strict policy and still running most processes unconfined, does not mean you can escape from these issues.
The hardening required for a reasonably secure Linux distribution is far greater than people assume. You would need to completely redesign how the operating system functions and implement full system MAC policies, full verified boot (not just for the kernel but the entire base system), a strong sandboxing architecture, a hardened kernel, widespread use of modern exploit mitigations and plenty more. Even then, your efforts will still be limited by the incompatibility with the rest of the desktop Linux ecosystem and the general disregard that most have for security.
I've replaced Fedora Kinoite with Arch and I'm now considering using Tommytran's script, I'd probably make it my daily Linux driver if what I want to do with it doesn't pose any particular issues.
5 days later
Debian 12 on my PC and NixOs on Laptops, looking to go full nix soon and keep Debian on Servers. (Also some Windows for Gaming only)
3 months later
Private: Gentoo Linux since years and I am very happy with it.
Mobile: GrapheneOS, and I am also very happy with that.
At work I am forced to use Windows. Definitely NOT happy with that.
In my private life the only windows I have are made from glass :)
rainforest In my private life the only windows I have are made from glass
I bricked all my windows up. They aren't getting me that way.
Qubes. Very secure, but with a learning curve and some restrictions due to the level of security.
[deleted]
Windows 11 and Graphene OS
Tails OS is not focused on security, it's focused on privacy. Security and privacy are not the same things.
[deleted]
Was thinking of switching to Linux.. I don't do much in front of my computer with windows.
I was kind of excited when I switched to Gos, and maybe am I in search of something 'challangeing'.
With zero knowledge about Linux or anything remote of windows. Will I even manage to handle Linux?
My main goal is something easy and prepared for gaming. Will Nobara be a good entry point into Linux?
What should I research before a potential switch?