Advice on best security focussed daily driver desktop OS

Mwgg

Volatile161 If you use tor to stay on the darknet it's secure, but as soon as you go on the open web you don't know the exit nodes, you don't know if your information will be intercepted. The telephone network and the Internet must be considered hostile, so I think you should use the most secure browser possible: vanadium/chrome/safari.

riddlemethis

QubesOS. There's no competition.

For a relatively secure phone OS alternative. Either GOS phone (Pixel 8 up) or tablet in Desktop mode and attached to a display which accepts video in/out via USB-C. There's topics on hardware additions to achieve this in other threads here. https://discuss.grapheneos.org/d/9775-pixel-8-desktop-mode-guide-and-personal-experience

ivicaivica

Volatile161 Any updates? Have you chosen Fedora or openSUSE? :D

mmmm

Volatile161 Compartmentalization

Just to touch on what you mentioned regarding compartmentalisation with Qubes V GOS.

I’m not a GOS user yet, but I am a Qubes user of several years. In theory, the newer model OS type that modern mobile OS’ follow, like GOS, AOSP, iOS, iPadOS, ChromeOS etc, is leaps a bounds more secure than traditional OS’ are. Qubes really excellently mitigates that, but should a Qubes style system be implemented over the top of a modern OS base, such as GOS, then that latter version would hands down beat Qubes as it stands today.

But - also as stands today, Qubes verses profiles on GOS, in theory, sounds comparable. In reality it’s not, at least not in anything other than a rudimentary way.

Qubes has a unified desktop (qube) to manage it all, this is completely offline. It has a Qubes manager to manage Qubes, it has multiple options of networking, vpn, tor, firewall, usb etc etc Qubes by which you can or not attach other Qubes to. It has extremely simple cut and paste between Qubes, any Qube can be any OS (actually any qube can be anything), just to mention a few of the things that make it what it is.

If this type of granular situation appeared in GOS, and if there could be a manager profile something similar to dom0 to connect/disconnect everything together, and if there can exist a secure built in and simple way of cut and paste, then Qubes for the most part would be redundant for me.

GOS is bordering a perfect system, and its security mitigations far surpass probably anything else around but it can’t be compared to the compartmentalisation abilities of Qubes yet.

[deleted]

mmmm It's part of grapheneos' roadmap to work on virtualization, but computer attacks will have evolved too. And no matter what grapheneos does, there will always be security holes, and the cost of the attack will increase.

[deleted]

I'm not familiar with qubesos, but no matter how secure an operating system is, the graphics and other components are far from infallible. The VLC developer said that NVIDIA was a problem because of beug.

missing-root

Linux is still a mess, and so is Android. Linux is getting better, and in the end both OSses will share the same problem, the monolithic Kernel.

So in the future, RedoxOS would be great. As long as this doesnt exist, Secureblue

It is a project integrating many security features into Fedora Atomic (Has 3 Wayland Desktops already), like the hardened malloc, Kernel hardening, disabling of many services, enabling of only the verified Flathub apps and more. I used it, have to reinstall as some opinionated nonsense made storing passwords impossible so I had no wifi lol. And I realized at least starting it takes abut 1,5 times are regular Fedora Kinoite, which may be due to hardening. So far the "usability issues". Flatpaks work and they fixed them using the hardened_malloc for now (a Flatpak runtime may come in the future), and you can install apps from Flathub or layer them. Distrobox (Podman) is not working on the no-userns variants, and disabling user namespaces is controversial as many projects focus on them a lot. For example it is likely that Chromium may drop using setuid for their Tab Sandbox in the future, and userns are whats used by default.

It is the best option for a general purpose OS, while QubesOS may be better.

ChromeOS really is a secure OS, but only because it can do that, as its basically either using a browser, or running stuff in Containers (Android afaik) / Containers in VMs (Linux). Regular Linux can't just do that, so there will be apps that are completely insecure, use XWayland, have no permission system at all etc. The option is to simply not install them, and the flathub-verified repo mitigates at least unmaintained and unofficial apps. But there are many ones missing, so it isn't really a good option currently. You can add regular flathub though, or edit the current repo with

flatpak remote-modify --subset= flathub

this will remove the "verified" subset. I am working on a List of Recommended Linux Apps which are not secure, but the least insecure in their segment.

UpStream

Mwgg This aged well (considering the new 0-click 0 day ;))

[deleted]

UpStream Which one?

UpStream

[deleted]

https://securelist.com/triangledb-triangulation-implant/110050/

Well not new just recently discovered. Who knows for how long this "backdoor" was in place.

Take a look at:

https://support.apple.com/en-us/HT213841

CVE-2023-32434
CVE-2023-32435
etc.

Basically it uses some "unknown/ undocumented CPU registers".

« Previous Page