Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-03-11 01:49:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

New Linux page (#491)

Browse Source 
Co-Authored-By: Daniel Gray <dng@disroot.org>
This commit is contained in:
Tommy 2021-12-22 09:14:00 -05:00 committed by Daniel Gray
parent 1fe813e254
commit a465dab437
No known key found for this signature in database
GPG Key ID: 41911F722B0F9AE3
40 changed files with 495 additions and 319 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
_data/nav/2_software.yml
View File

@ -5,10 +5,6 @@ items:
title: Browsers
icon: fad fa-browser
file: _evergreen/browsers.md
- type: link
title: Operating Systems (Legacy)
icon: fad fa-compact-disc
file: legacy_pages/os.html
- type: divider
- type: link
title: Calendar/Contacts Sync Tools

12
_data/nav/3_operating_systems.yml
View File

@ -5,3 +5,15 @@ items:
title: Android
icon: fab fa-android
file: _evergreen/android.md
- type: link
title: Linux Desktop
icon: fab fa-linux
file: _evergreen/linux-desktop.md
- type: link
title: Qubes OS
icon: fab fa-linux
file: _evergreen/qubes.md
- type: link
title: Router
icon: fa-duotone fa-circle-nodes
file: _evergreen/router.md

16
_data/operating-systems/linux-desktop-immutable/1_fedora-silverblue.yml Normal file
View File

@ -0,0 +1,16 @@
title: Fedora Silverblue (and Kinoite)
type: Recommendation
logo: /assets/img/linux-desktop/fedora-silverblue.svg
description: |
**Fedora Silverblue** and **Fedora Kinoite** are immutable variants of Fedora with a strong focus on container workflows. Silverblue comes with the [GNOME](https://www.gnome.org/) desktop environment while Kinoite comes with [KDE](https://kde.org/). Silverblue and Kinoite follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
Silverblue (and Kionite) differ from Fedora Workstation as they replace the [DNF](https://fedoraproject.org/wiki/DNF) package manager with a much more advanced alternative called [`rpm-ostree`](https://docs.fedoraproject.org/en-US/fedora/rawhide/system-administrators-guide/package-management/rpm-ostree/). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
After the update is complete the user will reboot the system into the new deployment. `rpm-ostree` keeps two deployments of the system so that a user can easily rollback if something breaks in the new deployment. There is also the option to pin more deployments as needed.
[Flatpak](https://www.flatpak.org) is the primary package installation method on these distrbutions, as `rpm-ostree` is only meant to overlay packages that cannot stay inside of a container on top of the base image.
As an alternative to Flatpaks, there is the option of [Toolbox](https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox/) to create [Podman](https://podman.io) containers with a shared home directory with the host operating system and mimic a traditional Fedora environment, which is a [useful feature](https://containertoolbx.org) for the discerning developer.
website: 'https://silverblue.fedoraproject.org'
privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#:~:text=Fedora%20may%20share%20your%20personal,described%20in%20this%20Privacy%20Statement.'

17
_data/operating-systems/linux-desktop-immutable/2_nixos.yml Normal file
View File

@ -0,0 +1,17 @@
title: NixOS
type: Recommendation
logo: /assets/img/linux-desktop/nixos.svg
description: |
<strong>NixOS</strong> is an independent distribution based on the <a href="https://nixos.org">Nix package manager</a> with a focus on reproducibility and reliability.
NixOS's package manager keeps every version of every package in a different folder in the **Nix store**. Due to this you can have different versions of the same package installed on your system. After the package contents have been written to the folder, the folder is made read-only.
NixOS also provides atomic updates; first it downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation; you can tell NixOS to activate it after reboot or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
Nix the package manager uses a purely functional language - which is also called Nix - to define packages.
[Nixpkgs](https://github.com/nixos/nixpkgs) (the main source of packages) are contained in a single Github repository. You can also define your own packages in the same language and then easily include them in your config.
Nix is a source-based package manager; if there's no pre-built available in the binary cache, Nix will just build the package from source using its definition. It builds each package in a sandboxed *pure* environment, which is as independent of the host system as possible, thus making binaries reproducible.
website: 'https://nixos.org'

16
_data/operating-systems/linux-desktop-tor/1_whonix.yml Normal file
View File

@ -0,0 +1,16 @@
title: Whonix
type: Recommendation
logo: /assets/img/linux-desktop/whonix.svg
description: |
**Whonix** is based on [Kicksecure](https://www.whonix.org/wiki/Kicksecure), a security-focused fork of Debian. It aims to provide privacy, security, and anonymity on the internet.
Whonix is meant to run as two virtual machines: a "Workstation" and a Tor "Gateway". All communications from the Workstation has to go through the Tor gateway, and will be routed through the Tor Network.
Some of its features include Tor Stream Isolation, [keystroke anonymization](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator.
Future versions of Whonix will likely include [full system Apparmor policies](https://github.com/Whonix/apparmor-profile-everything) and a [sandbox app launcher](https://www.whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
Whonix is best used [in conjunction with Qubes](https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers).
website: 'https://www.whonix.org/'
website_tor: 'http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/'

11
_data/operating-systems/linux-desktop-tor/2_tails.yml Normal file
View File

@ -0,0 +1,11 @@
title: Tails
type: Recommendation
logo: /assets/img/linux-desktop/tails.svg
description: |
**Tails** is a live operating system based on Debian that routes all communications through Tor.
It can boot on almost any computer from a DVD, USB stick, or sdcard. It aims to preserve privacy and anonymity while circumventing censorship and leaving no trace of itself on the computer it is used on.
By design, Tails is meant to completely reset itself after each reboot. Encrypted [persistent storage](https://tails.boum.org/doc/first_steps/persistence/index.en.html) can be configured to store some data.
website: 'https://tails.boum.org'

13
_data/operating-systems/linux-desktop/1_fedora-workstation.yml Normal file
View File

@ -0,0 +1,13 @@
title: Fedora Workstation
type: Recommendation
logo: /assets/img/linux-desktop/fedora-workstation.svg
labels: 'color==info::icon==fas fa-fw fa-trophy::text==Beginner friendly::tooltip==We highly recommend that new Linux users use Fedora Workstation.'
description: |
**Fedora Workstation** is our recommended distribution for users new to Linux.
It has a semi-[rolling release](https://en.wikipedia.org/wiki/Rolling_release) cycle. While some packages like [GNOME](https://www.gnome.org) are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
Fedora generally adopts newer technologies before other distributions e.g., [Wayland](https://wayland.freedesktop.org/), [PipeWire](https://pipewire.org), and soon, [FS-Verity](https://fedoraproject.org/wiki/Changes/FsVerityRPM). These new technologies often come with improvements in security, privacy, and usability in general.
website: 'https://getfedora.org'
privacy_policy: 'https://fedoraproject.org/wiki/Legal:PrivacyPolicy#Sharing_Your_Personal_Data'

11
_data/operating-systems/linux-desktop/2_opensuse-tumbleweed.yml Normal file
View File

@ -0,0 +1,11 @@
title: openSUSE Tumbleweed
type: Recommendation
logo: /assets/img/linux-desktop/opensuse-tumbleweed.svg
description: |
**openSUSE Tumbleweed** is a stable [rolling release](https://en.wikipedia.org/wiki/Rolling_release) distribution.
Tumbleweed follows a rolling release model where each update is released as a snapshot of the distribution. When the user upgrades their system, a new snapshot is downloaded. Each snapshot is run through a series of automated tests by the [openSUSE Build Service](https://build.opensuse.org) to ensure its quality.
openSUSE Tumbleweed has a [transactional update](https://kubic.opensuse.org/blog/2018-04-04-transactionalupdates/) system that uses [Btrfs](https://en.wikipedia.org/wiki/Btrfs) and [Snapper](https://en.opensuse.org/openSUSE:Snapper_Tutorial) to ensure that snapshots can be rolled back should there be a problem.
website: 'https://get.opensuse.org/tumbleweed/'

14
_data/operating-systems/linux-desktop/3_archlinux.yml Normal file
View File

@ -0,0 +1,14 @@
title: Arch Linux
type: Recommendation
logo: /assets/img/linux-desktop/archlinux.svg
description: |
**Arch Linux** is a lightweight, do-it-yourself (DIY) distribution meaning that you only get what you install. For more information see their [FAQ](https://wiki.archlinux.org/title/Frequently_asked_questions).
Arch Linux has a rolling release cycle. There is no fixed release schedule and packages are updated very frequently.
Being a DIY distribution, the user is expected to setup and maintain their system. Since September 2020, Arch has an [official installer](https://wiki.archlinux.org/title/Archinstall) to make the installation process a little easier.
A large portion of [Arch Linux's packages](https://reproducible.archlinux.org) are [reproducible](https://reproducible-builds.org").
website: 'https://archlinux.org'
privacy_policy: 'https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy'

11
_data/operating-systems/qubes/1_qubes.yml Normal file
View File

@ -0,0 +1,11 @@
title: Qubes OS
type: Recommendation
logo: /assets/img/qubes/qubes_os.svg
description: |
**Qubes** is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.
website: 'https://www.qubes-os.org/'
website_tor: 'http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/'
privacy_policy: 'https://www.qubes-os.org/privacy/'
downloads:
- icon: fab fa-github
url: 'https://github.com/QubesOS'

14
_data/operating-systems/router/1_openwrt.yml Normal file
View File

@ -0,0 +1,14 @@
title: OpenWrt
type: Recommendation
logo: /assets/img/router/openwrt.svg
logo_dark: /assets/img/router/openwrt-dark.svg
description: |
**OpenWrt** is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc, and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers.
## Notes
Consult the [Table of Hardware](https://openwrt.org/toh/start) to check if your device is supported.
website: 'https://openwrt.org'
downloads:
- icon: fab fa-git
url: 'https://git.openwrt.org/'

11
_data/operating-systems/router/2_pfsense.yml Normal file
View File

@ -0,0 +1,11 @@
title: pfSense
type: Recommendation
logo: /assets/img/router/pfsense.svg
logo_dark: /assets/img/router/pfsense-dark.svg
description: |
pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and VPN endpoint.
website: 'https://www.pfsense.org'
privacy_policy: 'https://www.pfsense.org/privacy.html'
downloads:
- icon: fab fa-github
url: 'https://github.com/pfsense'

0
_data/software/browsers-resources/2_terms_of_service_didnt_read.yml → _data/software/browsers-resources/3_terms_of_service_didnt_read.yml
View File

45
_includes/legacy/sections/fourteen-eyes.html
View File

@ -1,45 +0,0 @@
<h2 id="ukusa" class="anchor"><a href="#ukusa"><i class="fas fa-link anchor-icon"></i></a> Global Mass Surveillance - The Fourteen Eyes</h2>
<img src="/assets/img/legacy_svg/layout/ukusa.svg" width="260" height="115" class="img-fluid float-end ms-2" alt="UKUSA Agreement">
<p>The UKUSA Agreement is an agreement between the United Kingdom, United States, Australia, Canada, and New Zealand to cooperatively collect, analyze, and share intelligence. Members of this group, known as the <a href="https://www.giswatch.org/en/communications-surveillance/unmasking-five-eyes-global-surveillance-practices">Five Eyes</a>, focus on gathering and analyzing intelligence from different parts of the world. While Five Eyes countries have agreed to <a href="https://www.pbs.org/newshour/world/an-exclusive-club-the-five-countries-that-dont-spy-on-each-other">not spy on each other</a> as adversaries, leaks by Snowden have revealed that some Five Eyes members monitor each other's citizens and <a href="https://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa">share intelligence</a> to <a href="https://www.theguardian.com/politics/2013/jun/10/nsa-offers-intelligence-british-counterparts-blunkett">avoid breaking domestic laws</a> that prohibit them from spying on their own citizens. The Five Eyes alliance also cooperates with groups of third-party countries to share intelligence (forming the Nine Eyes and Fourteen Eyes); however, Five Eyes and third-party countries can and do spy on each other.</p>
<div class="row mb-3">
{% include legacy/panel.html color="danger"
title="Five Eyes"
body='
<ol class="card-ol">
<li>Australia <div class="float-end"><span class="flag-icon flag-icon-au"></span></div></li>
<li>Canada <div class="float-end"><span class="flag-icon flag-icon-ca"></span></div></li>
<li>New Zealand <div class="float-end"><span class="flag-icon flag-icon-nz"></span></div></li>
<li>United Kingdom <div class="float-end"><span class="flag-icon flag-icon-gb"></span></div></li>
<li>United States of America <div class="float-end"><span class="flag-icon flag-icon-us"></span></div></li>
</ol>
'
%}
{% include legacy/panel.html color="danger"
title="Nine Eyes"
body='
<ol class="card-ol">
<li>Denmark <div class="float-end"><span class="flag-icon flag-icon-dk"></span></div></li>
<li>France <div class="float-end"><span class="flag-icon flag-icon-fr"></span></div></li>
<li>Netherlands <div class="float-end"><span class="flag-icon flag-icon-nl"></span></div></li>
<li>Norway <div class="float-end"><span class="flag-icon flag-icon-no"></span></div></li>
</ol>
'
%}
{% include legacy/panel.html color="danger"
title="Fourteen Eyes"
body='
<ol class="card-ol">
<li>Belgium <div class="float-end"><span class="flag-icon flag-icon-be"></span></div></li>
<li>Germany <div class="float-end"><span class="flag-icon flag-icon-de"></span></div></li>
<li>Italy <div class="float-end"><span class="flag-icon flag-icon-it"></span></div></li>
<li>Spain <div class="float-end"><span class="flag-icon flag-icon-es"></span></div></li>
<li>Sweden <div class="float-end"><span class="flag-icon flag-icon-se"></span></div></li>
</ol>
'
%}
</div>

86
_includes/legacy/sections/operating-systems.html
View File

@ -1,86 +0,0 @@
<h2 id="os" class="anchor"><a href="#os"><i class="fas fa-link anchor-icon"></i></a> Introductory Operating Systems</h2>
<div class="alert alert-warning" role="alert">
<strong>If you are currently using an operating system that collects data like Windows 10, you should pick an alternative here.</strong>
</div>
{% include legacy/cardv2.html
title="Fedora Workstation"
image="/assets/img/legacy_svg/3rd-party/fedora.svg"
description='Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops. Fedora by default comes with the GNOME desktop environment, other <a href="https://spins.fedoraproject.org/">desktop environments</a> are also available.'
badges="info:Linux"
website="https://getfedora.org/"
privacy-policy="https://fedoraproject.org/wiki/Legal:PrivacyPolicy?rd=Legal/PrivacyPolicy"
git="https://src.fedoraproject.org/"
%}
{% include legacy/cardv2.html
title="Ubuntu"
image="/assets/img/legacy_svg/3rd-party/ubuntu.svg"
description='Ubuntu is a Linux distribution developed by Canonical Ltd. Ubuntu is a reliable distribution that is user-friendly and can be run on desktops, servers, and IoT devices. Ubuntu uses GNOME as the default desktop environment, while other <a href="https://ubuntu.com/download/flavours">desktop environments</a> are also available.'
badges="info:Linux"
website="https://ubuntu.com"
privacy-policy="https://ubuntu.com/legal/data-privacy"
git="https://launchpad.net/ubuntu"
%}
<h2 id="advanced_os" class="anchor"><a href="#advanced_os"><i class="fas fa-link anchor-icon"></i></a> Advanced Operating Systems</h2>
<div class="alert alert-info" role="alert">
<strong>These options have advanced features and are unique in some way. These options will likely require the user to read technical background documentation.</strong>
</div>
{% include legacy/cardv2.html
title="Alpine Linux"
image="/assets/img/legacy_svg/3rd-party/alpinelinux.svg"
description='Alpine Linux is a very minimal distribution designed to be secure and very resource efficient. Alpine Linux can run from RAM, and merge configuration files into the system on boot using <a href="https://wiki.alpinelinux.org/wiki/Alpine_local_backup">Alpine local backup</a>. Alpine Linux is often used on servers and in Linux containers.'
badges="info:Linux"
website="https://alpinelinux.org/"
privacy-policy="https://alpinelinux.org/privacy-policy.html"
gitlab="https://gitlab.alpinelinux.org"
%}
{% include legacy/cardv2.html
title="Arch Linux"
image="/assets/img/legacy_svg/3rd-party/archlinux.svg"
description='A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement.'
badges="info:Linux"
labels="color==success::link==https://reproducible.archlinux.org::text==Reproducible builds"
website="https://www.archlinux.org/"
privacy-policy="https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy"
gitlab="https://gitlab.archlinux.org"
%}
{% include legacy/cardv2.html
title="Debian"
image="/assets/img/legacy_svg/3rd-party/debian.svg"
description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
badges="info:Linux"
labels="color==success::link==https://reproducible.debian.net::text==Reproducible builds"
website="https://www.debian.org/"
privacy-policy="https://www.debian.org/legal/privacy"
tor="http://5ekxbftvqg26oir5wle3p27ax3wksbxcecnm6oemju7bjra2pn26s3qd.onion/"
gitlab="https://salsa.debian.org/qa/debsources"
%}
{% include legacy/cardv2.html
title="NixOS"
image="/assets/img/legacy_svg/3rd-party/nixos.svg"
description='NixOS is a Linux distribution with a unique approach to package and configuration management. Built on top of the Nix package manager, it is completely declarative, makes upgrading systems reliable, and has many <a href="https://nixos.org/features.html">other advantages</a>.'
badges="info:Linux"
labels="color==success::link==https://r13y.com::text==Reproducible builds"
website="https://nixos.org"
privacy-policy="https://nixos.wiki/wiki/NixOS_Wiki:Privacy_policy"
github="https://github.com/NixOS"
%}
{% include legacy/cardv2.html
title="Qubes OS"
image="/assets/img/legacy_svg/3rd-party/qubes_os.svg"
description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
badges="info:Xen"
website="https://www.qubes-os.org/"
privacy-policy="https://www.qubes-os.org/privacy/"
github="https://github.com/QubesOS"
tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
%}

22
_includes/legacy/sections/router-firmware.html
View File

@ -1,22 +0,0 @@
<h2 id="firmware" class="anchor"><a href="#firmware"><i class="fas fa-link anchor-icon"></i></a> Open Source Router Firmware</h2>
{% include legacy/cardv2.html
title="OpenWrt"
image="/assets/img/legacy_svg/3rd-party/openwrt.svg"
image-dark="/assets/img/legacy_svg/3rd-party/openwrt-dark.svg"
description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
badges="info:Linux"
website="https://openwrt.org/"
git="https://git.openwrt.org/"
%}
{% include legacy/cardv2.html
title="pfSense"
image="/assets/img/legacy_svg/3rd-party/pfsense.svg"
image-dark="/assets/img/legacy_svg/3rd-party/pfsense-dark.svg"
description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
badges="info:BSD"
website="https://www.pfsense.org/"
privacy-policy="https://www.pfsense.org/privacy.html"
github="https://github.com/pfsense/"
%}

24
_includes/legacy/sections/tor-operating-systems.html
View File

@ -1,24 +0,0 @@
<h2 id="tor_os" class="anchor"><a href="#tor_os"><i class="fas fa-link anchor-icon"></i></a> Tor-Focused Distributions</h2>
<div class="alert alert-info" role="alert">
<strong>These Linux distributions are developed with the purpose of directing all network traffic through Tor.</strong>
</div>
{% include legacy/cardv2.html
title="Tails"
image="/assets/img/legacy_svg/3rd-party/tails.svg"
description='Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages.'
badges="info:Linux"
website="https://tails.boum.org/"
gitlab="https://gitlab.tails.boum.org/tails/tails"
%}
{% include legacy/cardv2.html
title="Whonix"
image="/assets/img/legacy_svg/3rd-party/whonix.svg"
description='A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway". All communication are forced through the Tor network to accomplish this. <a href="https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers">Whonix is best used in conjunction with Qubes.</a>'
badges="info:Linux"
website="https://www.whonix.org/"
tor="http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/"
github="https://github.com/Whonix"
%}

107
_includes/legacy/sections/windows10.html
View File

@ -1,107 +0,0 @@
<h2 id="win10" class="anchor"><a href="#win10"><i class="fas fa-link anchor-icon"></i></a> Don't use Windows 10 - It's a privacy nightmare</h2>
<div class="alert alert-warning" role="alert">
<strong>Microsoft introduced a lot of new features in Windows 10 such as Cortana. However, most of them are violating your privacy.</strong>
</div>
<img src="/assets/img/legacy_svg/layout/windows_privacy.svg" width="367" height="369" class="img-fluid float-end ms-3" alt="Windows 10 Privacy">
<ol>
<li><strong>Data syncing is by default enabled.</strong>
<ul>
<li>Browsing history and open websites.</li>
<li>Apps settings.</li>
<li>WiFi hotspot names and passwords.</li>
</ul>
</li>
<li><strong>Your device is by default tagged with a unique advertising ID.</strong>
<ul>
<li>Used to serve you with personalized advertisements by third-party advertisers and ad networks.</li>
</ul>
</li>
<li><strong>Cortana can collect any of your data.</strong>
<ul>
<li>Your keystrokes, searches and mic input.</li>
</ul>
<ul>
<li>Calendar data.</li>
</ul>
<ul>
<li>Music you listen to.</li>
</ul>
<ul>
<li>Credit Card information.</li>
</ul>
<ul>
<li>Purchases.</li>
</ul>
</li>
<li><strong>Microsoft can collect any personal data.</strong>
<ul>
<li>Your identity.</li>
</ul>
<ul>
<li>Passwords.</li>
</ul>
<ul>
<li>Demographics.</li>
</ul>
<ul>
<li>Interests and habits.</li>
</ul>
<ul>
<li>Usage data.</li>
</ul>
<ul>
<li>Contacts and relationships.</li>
</ul>
<ul>
<li>Location data.</li>
</ul>
<ul>
<li>Content like emails, instant messages, caller list, audio and video recordings.</li>
</ul>
</li>
<li><strong>Your data can be shared.</strong>
<ul>
<li>When downloading Windows 10, you are authorizing Microsoft to share any of above-mentioned data with any third-party, with or without your consent.</li>
</ul>
</li>
</ol>
<p><a class="btn btn-warning" href="https://www.winprivacy.de/english-home/">Download: W10Privacy</a></p>
<p>This tool uses some known methods that attempt to disable major tracking features in Windows 10.</p>
<h3>Related Information</h3>
<ul>
<li><a href="https://privacy.microsoft.com/en-us/privacystatement">Microsoft Privacy Statement</a> - Microsoft collects, uses and discloses personal information as described here. This allows OneDrive data, Cortana searches, and MS browser history to be sold to third parties.</li>
<li><a href="https://support.microsoft.com/en-us/help/4468233/cortana-and-privacy-microsoft-privacy">Cortana and privacy</a> - To personalize your experience and provide the best possible suggestions, Cortana accesses your email and other communications and collects data about your contacts (People), like their title, suffix, first name, last name, middle name, nicknames, and company name. If you call, email, or text someone or they call, email, or text you, Cortana collects that persons email address or phone number.</li>
</ul>
<div class="container">
<div class="row">
<div class="col-md-6">
<h3>Some good news</h3>
<ul>
<li><a href="https://github.com/crazy-max/WindowsSpyBlocker/releases">WindowsSpyBlocker</a> - Open-source tool that blocks data collection.</li>
<li><a href="https://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools/">Comparison of Windows 10 Privacy tools</a> - ghacks.net</li>
</ul>
</div>
<div class="col-md-6">
<h3>More bad news</h3>
<ul>
<li><a href="https://thehackernews.com/2016/02/microsoft-windows10-privacy.html">
Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings</a> - The Hacker News.</li>
<li><a href="https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">Even when told not to, Windows 10 just can't stop talking to Microsoft. It's no wonder that privacy activists are up in arms.</a> - Ars Technica.</li>
<li><a href="https://www.techdirt.com/articles/20150820/06171332012/windows-10-reserves-right-to-block-pirated-games-unauthorized-hardware.shtml">Windows 10 Reserves The Right To Block Pirated Games And 'Unauthorized' Hardware.</a> - Techdirt.</li>
</ul>
</div>
</div>
</div>

BIN
assets/img/legacy_png/3rd-party/adguard.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 7.1 KiB

2
assets/img/legacy_svg/3rd-party/alpinelinux.svg vendored
View File

@ -1,2 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g fill="#0d597f"><g transform="matrix(.22745 0 0 -.22745 12.303 20.536)"><path d="m0 0v15.687l-11.296-11.308c1.217-0.847 2.364-1.543 3.443-2.109 1.079-0.567 2.089-1.005 3.03-1.338 0.941-0.334 1.814-0.562 2.617-0.71 0.804-0.147 1.539-0.213 2.206-0.222m57.751 1.304c0.02-0.017 0.13-0.11 0.333-0.239 0.204-0.13 0.502-0.297 0.898-0.462 0.395-0.164 0.889-0.327 1.485-0.448 0.596-0.122 1.294-0.202 2.098-0.202 0.671 0 1.411 0.059 2.222 0.2 0.812 0.142 1.693 0.367 2.645 0.699 0.953 0.333 1.976 0.773 3.07 1.344 1.094 0.572 2.259 1.276 3.495 2.136l-8.572 8.397-28.41 28.516-12.466-12.469-16.816 17.341-42.204-41.727c1.235-0.86 2.398-1.564 3.491-2.136 1.093-0.571 2.115-1.011 3.067-1.344 0.951-0.332 1.832-0.557 2.643-0.698 0.81-0.142 1.55-0.201 2.22-0.201 0.804 0 1.502 0.08 2.097 0.202 0.596 0.121 1.089 0.284 1.485 0.449 0.396 0.164 0.693 0.331 0.897 0.461s0.314 0.223 0.334 0.24l19.052 19.052 6.813 6.533 18.866-18.866 6.591-6.778c0.02-0.017 0.13-0.11 0.334-0.239 0.204-0.13 0.501-0.297 0.897-0.462 0.396-0.164 0.89-0.327 1.485-0.448 0.596-0.122 1.295-0.202 2.099-0.202 0.67 0 1.411 0.059 2.222 0.2 0.811 0.142 1.693 0.367 2.645 0.699 0.952 0.333 1.975 0.773 3.069 1.344 1.094 0.572 2.259 1.276 3.495 2.136l-15.139 14.825 2.818 2.818 13.101-13.101 7.64-7.57m-0.163 79.016 37.219-64.482-37.219-64.482h-74.463l-37.219 64.482 37.219 64.482z" fill="#0d597f"/></g><g transform="matrix(.22745 0 0 -.22745 20.119 16.219)"><path d="m0 0-9.913 9.895 0.705 0.709 9.983-9.874z" fill="#0d597f"/></g></g></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 1.6 KiB

2
assets/img/legacy_svg/3rd-party/debian.svg vendored
View File

File diff suppressed because one or more lines are too long
Side by Side

Before

Width:  |  Height:  |  Size: 5.5 KiB

2
assets/img/legacy_svg/3rd-party/ubuntu.svg vendored
View File

@ -1,2 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="128" height="128" version="1.1" viewBox="0 0 33.866 33.866" xmlns="http://www.w3.org/2000/svg"><circle cx="16.933" cy="16.933" r="16.933" fill="#dd4814" stroke-width=".37358"/><path d="m5.4192 14.672c-1.2493 0-2.2613 1.012-2.2613 2.2613 0 1.2485 1.012 2.2605 2.2613 2.2605 1.2485 0 2.2605-1.012 2.2605-2.2605-3.74e-4 -1.2493-1.0124-2.2613-2.2605-2.2613zm16.141 10.275c-1.0815 0.62463-1.4521 2.0065-0.82748 3.0873 0.62388 1.0815 2.0058 1.4521 3.0873 0.82749 1.0815-0.62388 1.4521-2.0058 0.82748-3.0873-0.62426-1.0804-2.0069-1.4514-3.0873-0.82749zm-11.231-8.0137c0-2.234 1.1099-4.208 2.8078-5.4031l-1.6527-2.7682c-1.9781 1.3221-3.4497 3.3424-4.0612 5.7087 0.71354 0.58242 1.1704 1.4689 1.1704 2.4627 0 0.99298-0.45689 1.8795-1.1704 2.4619 0.61081 2.367 2.0823 4.3874 4.0612 5.7095l1.6527-2.769c-1.6979-1.1943-2.8078-3.168-2.8078-5.4024zm6.6034-6.6042c3.4497 0 6.2803 2.645 6.5769 6.018l3.2214-0.04744c-0.1584-2.4903-1.2463-4.7258-2.9181-6.37-0.85961 0.32464-1.8526 0.27496-2.7107-0.21967-0.85961-0.49612-1.3987-1.3329-1.5463-2.2415-0.83533-0.2305-1.7147-0.35677-2.6237-0.35677-1.5631 0-3.0406 0.36686-4.3522 1.0165l1.5709 2.8149c0.84504-0.39301 1.788-0.61417 2.7817-0.61417zm0 13.208c-0.99373 0-1.9367-0.22116-2.7813-0.61454l-1.5709 2.8149c1.312 0.65003 2.7895 1.0173 4.3522 1.0173 0.9093 0 1.7883-0.12627 2.6237-0.35752 0.14757-0.90855 0.68664-1.7446 1.5463-2.2415 0.85887-0.49537 1.8511-0.54431 2.7107-0.21967 1.6718-1.6438 2.7597-3.8797 2.9181-6.37l-3.2222-0.04744c-0.29662 3.3742-3.1269 6.0184-6.5765 6.0184zm4.6268-14.619c1.0815 0.62463 2.4634 0.25478 3.0873-0.82674 0.62463-1.0815 0.25478-2.4634-0.82674-3.088-1.0815-0.62388-2.4634-0.25329-3.088 0.82823-0.62388 1.0808-0.25329 2.4627 0.82748 3.0865z" fill="#fff" stroke-width=".37358"/></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 1.8 KiB

2
assets/img/legacy_svg/layout/windows_privacy.svg
View File

@ -1,2 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg fill="#0078d6" version="1.1" viewBox="0 0 128 128" xmlns="http://www.w3.org/2000/svg"><g transform="translate(113.69 -45.538)" fill="#0078d6"><polygon transform="matrix(3.0244 0 0 3.0244 -112.79 45.538)" points="18.502 20.219 41.727 20.219 41.727 0 18.502 3.389"/><polygon transform="matrix(3.0244 0 0 3.0244 -112.79 45.538)" points="16.865 20.219 16.865 3.627 0 6.087 0 20.219"/><polygon transform="matrix(3.0244 0 0 3.0244 -112.79 45.538)" points="16.865 21.855 0 21.855 0 36.167 16.865 38.655"/><polygon transform="matrix(3.0244 0 0 3.0244 -112.79 45.538)" points="18.502 21.855 18.502 38.897 41.727 42.323 41.727 21.855"/><g><rect x="-77.809" y="106.54" width="56.243" height="38.441" ry="4.9184" fill="#8e8e8c" stroke-width=".3077"/><circle cx="-49.688" cy="122.78" r="3.8313" fill="#0078d6" stroke-width=".97917"/><path d="m-49.688 121.1 3.7347 11.989h-7.4694z" fill="#0078d6" stroke-width=".611"/><path d="m-56.436 77.843c-7.9131 0-14.283 7.0486-14.283 15.805v15.805h9.1248v-13.409c0-5.6074 3.909-10.12 8.765-10.12h6.283c4.8561 0 8.765 4.19 8.765 10.12v3.2047h9.1248v-5.5998c0-8.7559-6.3702-15.805-14.283-15.805z" fill="#8e8e8c" stroke-width="1.0992"/></g></g></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 1.2 KiB

0
assets/img/legacy_svg/3rd-party/archlinux.svg → assets/img/linux-desktop/archlinux.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.2 KiB

After

Width:  |  Height:  |  Size: 1.2 KiB

2
assets/img/linux-desktop/fedora-silverblue.svg Normal file
View File

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g><rect x=".038222" y=".15318" width="33.79" height="33.56" rx="7.8844" ry="7.8844" fill="#fff" style="paint-order:normal"/><path d="m7.9686 0.15319c-4.4146 0-7.9686 3.5539-7.9686 7.9686 0 9.1039 0.07644 25.592 0.07644 25.592h25.822c4.4146 0 7.9686-3.5539 7.9686-7.9686v-25.592zm-0.25096 5.176c1.2539 0 2.2868 1.0326 2.2868 2.2865 0 0.97544-0.62626 1.8145-1.4942 2.1402v14.471l7.76-7.7342v-6.7055c-0.9126-0.30083-1.5799-1.1643-1.5799-2.1719 3e-6 -1.2539 1.0326-2.2865 2.2865-2.2865 1.2539 0 2.2868 1.0326 2.2868 2.2865 0 0.9688-0.6177 1.8032-1.4764 2.1336v5.2317l6.4098-6.3884c-0.14254-0.29726-0.22489-0.62784-0.22489-0.97689 0-1.2539 1.0326-2.2865 2.2865-2.2865 1.2539 0 2.2868 1.0326 2.2868 2.2865 0 1.2539-1.0329 2.2865-2.2868 2.2865-0.35546 0-0.69177-0.0854-0.99318-0.23289l-6.3707 6.3496h5.2981c0.33047-0.85866 1.1651-1.4761 2.1339-1.4761 1.2539 0 2.2865 1.0327 2.2865 2.2865s-1.0326 2.2865-2.2865 2.2865c-1.0076 0-1.8712-0.66726-2.1721-1.5798h-6.7819l-7.7855 7.7597h14.574c0.30629-0.90334 1.1647-1.5621 2.1656-1.5621 1.2539 0 2.2865 1.0326 2.2865 2.2865 0 1.2539-1.0326 2.2868-2.2865 2.2868-0.97544 0-1.8147-0.62626-2.1404-1.4942h-17.193v-17.032c-0.90333-0.30621-1.5621-1.1644-1.5621-2.1653 0-1.2539 1.0326-2.2865 2.2865-2.2865zm0 1.517c-0.43403 0-0.76948 0.33551-0.76948 0.76948 0 0.43398 0.33545 0.76948 0.76948 0.76948s0.76978-0.3355 0.76978-0.76948c0-0.43398-0.33574-0.76948-0.76978-0.76948zm9.2593 0c-0.43404 0-0.76948 0.33551-0.76948 0.76948 2e-6 0.43398 0.33545 0.76948 0.76948 0.76948 0.43404 0 0.76978-0.3355 0.76978-0.76948 0-0.43398-0.33574-0.76948-0.76978-0.76948zm9.2818 0c-0.43403 0-0.76948 0.33551-0.76948 0.76948 0 0.43398 0.33545 0.76948 0.76948 0.76948 0.43404 0 0.76978-0.3355 0.76978-0.76948 0-0.43398-0.33574-0.76948-0.76978-0.76948zm0.06815 9.2136c-0.43404 0-0.76978 0.33551-0.76978 0.76949 0 0.43397 0.33574 0.76948 0.76978 0.76948s0.76948-0.33551 0.76948-0.76948c0-0.43398-0.33545-0.76949-0.76948-0.76949zm0 9.1908c-0.43404 0-0.76978 0.3355-0.76978 0.76947 0 0.43398 0.33574 0.76979 0.76978 0.76979s0.76948-0.33581 0.76948-0.76979c0-0.43397-0.33545-0.76947-0.76948-0.76947z" fill="#8d9fb4" style="paint-order:normal"/><path d="m33.828 0.15319-5.9443 5.904c0.38457 0.40988 0.62311 0.95808 0.62311 1.5585 0 1.2539-1.0329 2.2865-2.2868 2.2865-0.35546 0-0.69177-0.0854-0.99318-0.23289l-6.3707 6.3496h5.2981c0.33047-0.85866 1.1651-1.4761 2.1339-1.4761 1.2539 0 2.2865 1.0327 2.2865 2.2865s-1.0326 2.2865-2.2865 2.2865c-1.0076 0-1.8712-0.66726-2.1721-1.5798h-6.7819l-7.7855 7.7597h14.574c0.30629-0.90334 1.1647-1.5621 2.1656-1.5621 1.2539 0 2.2865 1.0326 2.2865 2.2865 0 1.2539-1.0326 2.2868-2.2865 2.2868-0.97544 0-1.8147-0.62626-2.1404-1.4942h-17.162l-6.9481 6.9007h25.822c4.4146 0 7.9686-3.5539 7.9686-7.9686zm-7.0163 6.9686-1.0895 1.0821c0.13324 0.11205 0.30458 0.18133 0.49778 0.18133 0.43404 0 0.76978-0.3355 0.76978-0.76948 0-0.19127-0.06797-0.36121-0.17807-0.49392zm-0.52356 8.9381c-0.43404 0-0.76978 0.33551-0.76978 0.76949 0 0.43397 0.33574 0.76948 0.76978 0.76948s0.76948-0.33551 0.76948-0.76948c0-0.43398-0.33545-0.76949-0.76948-0.76949zm0 9.1908c-0.43404 0-0.76978 0.3355-0.76978 0.76947 0 0.43398 0.33574 0.76979 0.76978 0.76979s0.76948-0.33581 0.76948-0.76979c0-0.43397-0.33545-0.76947-0.76948-0.76947z" fill="#436795"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 3.3 KiB

0
assets/img/legacy_svg/3rd-party/fedora.svg → assets/img/linux-desktop/fedora-workstation.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.2 KiB

After

Width:  |  Height:  |  Size: 2.2 KiB

0
assets/img/legacy_svg/3rd-party/nixos.svg → assets/img/linux-desktop/nixos.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.9 KiB

After

Width:  |  Height:  |  Size: 1.9 KiB

2
assets/img/linux-desktop/opensuse-tumbleweed.svg Normal file
View File

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><path d="m25.988 9.0047c-1.556 0-3.0622 0.44692-4.403 1.2083-1.3076 0.74486-2.4498 1.7545-3.4594 2.8636-0.39726 0.43036-0.77796 0.89384-1.1587 1.3573-0.36415 0.44692-0.69521 0.91038-1.0428 1.3739-0.16552 0.23173-0.3476 0.48002-0.51312 0.71175-0.3476 0.48002-0.69521 0.9435-1.0759 1.3739-0.36415 0.39726-0.74486 0.77796-1.1256 1.1587-0.96004 0.94348-1.9863 1.8207-3.1284 2.5491-0.89384 0.56278-1.9532 1.109-3.0457 1.109-2.9297 0-5.5451-2.3173-5.5451-5.843 0-3.5256 2.516-5.4457 5.5451-5.4457 1.7545 0 3.294 0.74487 4.8002 2.0359l-0.81107 0.82762 3.9394 0.99315-1.0925-3.9064-0.87728 0.91038c-1.5393-1.3739-3.4429-2.4829-5.843-2.4829-3.9229 0-7.1506 2.8305-7.1506 7.1506 0 4.138 3.2277 7.1506 6.8527 7.1506 1.5062 0 2.9628-0.44692 4.2374-1.2083 1.1587-0.67865 2.1684-1.5724 3.0953-2.5491 0.31449-0.33105 0.61244-0.66209 0.91038-0.99315 0.39726-0.43036 0.76141-0.86072 1.0925-1.3573 0.14897-0.21517 0.28139-0.43036 0.43036-0.64555 0.26483-0.39726 0.51312-0.79452 0.79452-1.1752 0.52968-0.71175 1.0759-1.407 1.6553-2.069 0.99314-1.109 2.1188-2.1353 3.4263-2.8305 1.0428-0.56278 2.2015-0.86072 3.3932-0.86072 4.138 0 6.4555 2.8801 6.4555 6.5547 0 3.4263-2.218 6.2568-6.0416 6.2568-2.1849 0-4.1051-0.59589-6.1244-2.3339l0.9435-1.1421-4.0056-0.66209 1.4235 3.8072 0.79452-0.96004c1.9532 1.7711 4.0884 2.9297 6.8692 2.9297 4.6346 0 7.6638-3.5256 7.6638-7.9617-0.01655-4.6677-3.1449-7.8955-7.879-7.8955z" fill="#35b9ab" stroke-width=".13516"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

0
assets/img/legacy_svg/3rd-party/tails.svg → assets/img/linux-desktop/tails.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.9 KiB

After

Width:  |  Height:  |  Size: 4.9 KiB

0
assets/img/legacy_svg/3rd-party/whonix.svg → assets/img/linux-desktop/whonix.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.5 KiB

After

Width:  |  Height:  |  Size: 1.5 KiB

0
assets/img/legacy_svg/3rd-party/qubes_os.svg → assets/img/qubes/qubes_os.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.6 KiB

After

Width:  |  Height:  |  Size: 1.6 KiB

0
assets/img/legacy_svg/3rd-party/openwrt-dark.svg → assets/img/router/openwrt-dark.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.7 KiB

After

Width:  |  Height:  |  Size: 8.7 KiB

0
assets/img/legacy_svg/3rd-party/openwrt.svg → assets/img/router/openwrt.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.7 KiB

After

Width:  |  Height:  |  Size: 8.7 KiB

0
assets/img/legacy_svg/3rd-party/pfsense-dark.svg → assets/img/router/pfsense-dark.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.0 KiB

After

Width:  |  Height:  |  Size: 2.0 KiB

0
assets/img/legacy_svg/3rd-party/pfsense.svg → assets/img/router/pfsense.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.0 KiB

After

Width:  |  Height:  |  Size: 2.0 KiB

2
collections/_evergreen/android.md
View File

@ -215,7 +215,7 @@ GrapheneOS doesn't compromise on security, therefore they do not include the F-D
CalyxOS includes the [privileged extension](https://f-droid.org/en/packages/org.fdroid.fdroid.privileged), which may lower device security. Seamless app updates should be possible with [Aurora Store](https://auroraoss.com) in Android 12.
### Additional Hardening
### Additional hardening
GrapheneOS improves upon [AOSP](https://source.android.com/) security with:

310
collections/_evergreen/linux-desktop.md Normal file
View File

@ -0,0 +1,310 @@
---
layout: evergreen
title: Linux Desktop
mathjax: false
description: |
Linux distributions are commonly recommended for privacy protection and user freedom. Below are some suggestions with some general privacy and security improvements.
---
## Traditional distributions
{% for item_hash in site.data.operating-systems.linux-desktop %}
{% assign item = item_hash[1] %}
{% if item.type == "Recommendation" %}
{% include recommendation-card.html %}
{% endif %}
{% endfor %}
## Immutable distributions
{% for item_hash in site.data.operating-systems.linux-desktop-immutable %}
{% assign item = item_hash[1] %}
{% if item.type == "Recommendation" %}
{% include recommendation-card.html %}
{% endif %}
{% endfor %}
## Anonymity-focused distributions
{% for item_hash in site.data.operating-systems.linux-desktop-tor %}
{% assign item = item_hash[1] %}
{% if item.type == "Recommendation" %}
{% include recommendation-card.html %}
{% endif %}
{% endfor %}
## GNU/Linux
It is often believed that [open source](https://en.wikipedia.org/wiki/Open-source_software) software is inherently secure because the source code is available. There is an expectation that community verification occurs regularly; however, this isn't always [the case](https://seirdy.one/2022/02/02/floss-security.html). It does depend on a number of factors, such as project activity, developer experience, level of rigour applied to [code reviews](https://en.wikipedia.org/wiki/Code_review), and how often attention is given to specific parts of the [codebase](https://en.wikipedia.org/wiki/Codebase) that may go untouched for years.
At the moment, desktop GNU/Linux does have some areas that could be better improved when compared to their proprietary counterparts, e.g:
* A verified boot chain, unlike Apple's [Secure Boot](https://support.apple.com/guide/security/startup-security-utility-secc7b34e5b5/web) (with [Secure Enclave](https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/1/web/1)), Android's [Verified Boot](https://source.android.com/security/verifiedboot) or Microsoft Windows's [boot process](https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process) with [TPM](https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/how-windows-uses-the-tpm). These features and hardware technologies can all help prevent persistant tampering by malware or [evil maid attacks](https://en.wikipedia.org/wiki/Evil_Maid_attack)
* Strong sandboxing solution such as that found in [MacOS](https://developer.apple.com/library/archive/documentation/Security/Conceptual/AppSandboxDesignGuide/AboutAppSandbox/AboutAppSandbox.html), [ChromeOS](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/sandboxing.md), and [Android](https://source.android.com/security/app-sandbox). Commonly used Linux sandboxing solutions such as [Flatpak](https://docs.flatpak.org/en/latest/sandbox-permissions.html) and [Firejail](https://firejail.wordpress.com/) still have a long way to go
* Strong [exploit mitigations](https://madaidans-insecurities.github.io/linux.html#exploit-mitigations)
Despite these drawbacks, desktop GNU/Linux distributions are great if you want to:
* Avoid telemetry that often comes with proprietary operating systems
* Maintain [software freedom](https://www.gnu.org/philosophy/free-sw.en.html#four-freedoms)
* Have purpose built systems such as [Whonix](https://www.whonix.org) or [Tails](https://tails.boum.org/)
This page uses the term "Linux" to describe desktop GNU/Linux distributions. Other operating systems which also use the Linux kernel such as ChromeOS, Android, and Qubes OS are not discussed here.
### Release cycle
We highly recommend that you choose distributions which stay close to the stable upstream software releases. This is because frozen release cycle distributions often don't update package versions and fall behind on security updates.
For frozen distributions, package maintainers are expected to backport patches to fix vulnerabilities (Debian is one such [example](https://www.debian.org/security/faq#handling)) rather than bump the software to the "next version" released by the upstream developer. Some security fixes [do not](https://arxiv.org/abs/2105.14565) recieve a CVE (particularly less popular software) at all and therefore do not make it into the distribution with this patching model. As a result minor security fixes are sometimes held back until the next major release.
We don't believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme/) has a presentation about this:
<iframe width="100%" style="height:50vh"
src="https://www.youtube-nocookie.com/embed/i8c0mg_mS7U"
title="Regular Releases are Wrong, Roll for your life"
frameborder="0"
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
allowfullscreen>
</iframe>
### Traditional vs Atomic updates
Traditionally, Linux distributions update by sequentially updating the desired packages. Traditional updates such as those used in Fedora, Archlinux, and Debian based distributions can be less reliable if an error occurs while updating.
Atomic updating distributions apply updates in full or not at all. Typically, transactional update systems are also atomic.
A transactional update system creates a snapshot that is made before and after an update is applied. If an update fails at any time (perhaps due to a power failure), the update can be easily rolled back to a "last known good state".
The Atomic update method is used for immutable distributions like Silverblue, Tumbleweed, and NixOS and can achieve reliability with this model. [Adam Šamalík](https://twitter.com/adsamalik) provided a presentation on how `rpm-ostree` works with Silverblue:
<iframe width="100%" style="height:50vh"
src="https://www.youtube-nocookie.com/embed/-hpV5l-gJnQ"
title="Let's try Fedora Silverblue — an immutable desktop OS! - Adam Šamalik"
frameborder="0"
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
allowfullscreen>
</iframe>
### "Security-focused" distributions
There is often some confusion about "security-focused" distributions and "pentesting" distributions. A quick search for "the most secure Linux distribution" will often give results like Kali Linux, Black Arch, and Parrot OS. These distributions are offensive penetration testing distributions that bundle tools for testing other systems. They don't include any "extra security" or defensive mitigations intended for regular use.
### Arch-based distributions
Arch based distributions are not recommended for new users, regardless of the distribution. Arch does not have an distribution update mechanism for the underlying software choices. As a result the user of the system must stay aware with current trends and adopt technologies as they supersede older practices.
For a secure system, the user is also expected to have sufficient Linux knowledge to properly set up security for their system such as adopting a [mandatory access control](https://en.wikipedia.org/wiki/Mandatory_access_control) system, setting up [kernel module](https://en.wikipedia.org/wiki/Loadable_kernel_module#Security) blacklists, hardening boot parameters, manipulating [sysctl](https://en.wikipedia.org/wiki/Sysctl) parameters, and knowing what components they need such as [Polkit](https://en.wikipedia.org/wiki/Polkit).
Any user using the [Arch User Repository (AUR)](https://wiki.archlinux.org/title/Arch_User_Repository), **must** be comfortable in auditing PKGBUILDs that they install from that service. AUR packages are user-produced content and are not vetted in any way and therefore are vulnerable to software supply chain attacks, which has in fact happened [in the past](https://www.bleepingcomputer.com/news/security/malware-found-in-arch-linux-aur-package-repository/). AUR should always be used sparingly and often there is a lot of bad advice on various pages which direct users to blindly use [AUR helpers](https://wiki.archlinux.org/title/AUR_helpers) without sufficient warning. Similar warnings apply to using third party Personal Package Archives (PPAs) on Debian based distributions or Community Projects (COPR) on Fedora.
For advanced users, we only recommend Arch Linux, not any of its derivatives. We recommend against these two Arch derivatives specifically:
* **Manjaro**: This distribution holds packages back for 2 weeks to make sure that their own changes don't break, not to make sure that upstream is stable. When AUR packages are used, they are often built against the latest [libraries](https://en.wikipedia.org/wiki/Library_(computing)) from Arch's repositories.
* **Garuda**: They use [Chaotic-AUR](https://aur.chaotic.cx/) which automatically and blindly compiles packages from the AUR. There is no verification process to make sure that the AUR packages don't suffer from supply chain attacks.
### Linux-libre kernel and "Libre" distributions
We strongly recommend **against** using the Linux-libre kernel, since it [removes security mitigations](https://www.phoronix.com/scan.php?page=news_item&px=GNU-Linux-Libre-5.7-Released) and [suppresses kernel warnings](https://news.ycombinator.com/item?id=29674846) about vulnerable microcode for ideological reasons.
## General Recommendations
### Drive Encryption
Most Linux distributions have an installer option for enabling [Linux Unified Key Setup (LUKS)](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup) encryption upon installation.
If this option isn't set at installation time, the user will have to backup their data and re-install, as encryption is applied after [disk partitioning](https://en.wikipedia.org/wiki/Disk_partitioning) but before [file systems](https://en.wikipedia.org/wiki/File_system) are [formatted](https://en.wikipedia.org/wiki/Disk_formatting).
When securely erasing storage devices such as a [Solid-state drive (SSD)](https://en.wikipedia.org/wiki/Solid-state_drive) you should use the [ATA Secure Erase](https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase) command. This command can be issued from your UEFI setup. If the storage device is a regular [hard drive](https://en.wikipedia.org/wiki/Hard_disk_drive), consider using [`nwipe`](https://en.wikipedia.org/wiki/Nwipe).
### Swap
Consider using [ZRAM](https://wiki.archlinux.org/title/Swap#zram-generator) or [encrypted swap](https://wiki.archlinux.org/title/Dm-crypt/Swap_encryption) instead of unencrypted swap to avoid potential security issues with sensitive data being pushed to [swap space](https://en.wikipedia.org/wiki/Memory_paging). Fedora based distributions [use ZRAM](https://fedoraproject.org/wiki/Changes/SwapOnZRAM) by default.
### Wayland
We recommend using a desktop environment that supports the [Wayland](https://en.wikipedia.org/wiki/Wayland_(display_server_protocol)) display protocol as it developed with security [in mind](https://lwn.net/Articles/589147/). Its predecessor, [X11](https://en.wikipedia.org/wiki/X_Window_System), does not support GUI isolation, allowing all windows to [record screen, log and inject inputs in other windows](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html), making any attempt at sandboxing futile. While there are options to do nested X11 such as [Xpra](https://en.wikipedia.org/wiki/Xpra) or [Xephyr](https://en.wikipedia.org/wiki/Xephyr), they often come with negative performance consequences and are not convenient to set up and are not preferable over Wayland.
Fortunately, common environments such as [GNOME](https://www.gnome.org), [KDE](https://kde.org), and the window manager [Sway](https://swaywm.org) have support for Wayland. Some distributions like Fedora and Tumbleweed use it by default and some others may do so in the future as X11 is in [hard maintenance mode](https://www.phoronix.com/scan.php?page=news_item&px=X.Org-Maintenance-Mode-Quickly). If you're using one of those environments it is as easy as selecting the "Wayland" session at the desktop display manager ([GDM](https://en.wikipedia.org/wiki/GNOME_Display_Manager), [KDM](https://en.wikipedia.org/wiki/KDE_Display_Manager)).
We recommend **against** using desktop environments or window managers that do not have Wayland support such as Cinnamon (default on Linux Mint), Pantheon (default on Elemetary OS), MATE, XFCE, and i3.
### Proprietary firmware (microcode updates)
Linux distributions such as those which are [Linux-libre](https://en.wikipedia.org/wiki/Linux-libre) or DIY (Archlinux) don't come with the proprietary [microcode](https://en.wikipedia.org/wiki/Microcode) updates. Some notable examples of these vulnerabilities include [Spectre](https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)), [Meltdown](https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)), [SSB](https://en.wikipedia.org/wiki/Speculative_Store_Bypass), [Foreshadow](https://en.wikipedia.org/wiki/Foreshadow), [MDS](https://en.wikipedia.org/wiki/Microarchitectural_Data_Sampling), [SWAPGS](https://en.wikipedia.org/wiki/SWAPGS_(security_vulnerability)), and other [hardware vulnerabilities](https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/index.html).
We **highly recommend** that you install the microcode updates, as your CPU is already running the proprietary microcode from the factory.
Fedora or openSUSE have the microcode updates applied by default.
## Privacy tweaks
### MAC address randomization
Many desktop linux distributions (Fedora, openSUSE etc) will come with [NetworkManager](https://en.wikipedia.org/wiki/NetworkManager), to configure ethernet and WiFi settings.
It is possible to [randomize](https://fedoramagazine.org/randomize-mac-address-nm/) the [MAC address](https://en.wikipedia.org/wiki/MAC_address) when using NetworkManager. This provides a bit more privacy on WiFi networks as it makes it harder to track specific devices on the network you're connected to. It does [**not**](https://papers.mathyvanhoef.com/wisec2016.pdf) make you anonymous.
We recommend changing the setting to **random** instead of **stable**, as suggested in the [article](https://fedoramagazine.org/randomize-mac-address-nm/).
If you are using [systemd-networkd](https://en.wikipedia.org/wiki/Systemd#Ancillary_components), you will need to set [`MACAddressPolicy=random`](https://www.freedesktop.org/software/systemd/man/systemd.link.html#MACAddressPolicy=) which will enable [RFC 7844 (Anonymity Profiles for DHCP Clients)](https://www.freedesktop.org/software/systemd/man/systemd.network.html#Anonymize=).
There isn't much point in randomizing the MAC address for ethernet connections as a system administrator can find you by looking at the port you are using on the [network switch](https://en.wikipedia.org/wiki/Network_switch). Randomizing WiFi MAC addresses depends on support from the WiFi's firmware.
### Other identifiers
There are other system [identifiers](https://madaidans-insecurities.github.io/guides/linux-hardening.html#identifiers) which you may wish to be careful about. You should give this some thought to see if it applies to your [threat model](/threat-modeling):
* [10.1 Hostnames and usernames](https://madaidans-insecurities.github.io/guides/linux-hardening.html#hostnames)
* [10.2 Timezones / Locales / Keymaps](https://madaidans-insecurities.github.io/guides/linux-hardening.html#timezones-locales-keymaps)
* [10.3 Machine ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id)
### System counting
The Fedora project [counts](https://fedoraproject.org/wiki/Changes/DNF_Better_Counting) how many unique systems access its mirrors by using an ID on the system access its mirrors by counting using an ID on the system. They do this to determine load and provision better servers for updates where necessary.
This [option](https://dnf.readthedocs.io/en/latest/conf_ref.html#options-for-both-main-and-repo) appears to be off by default. We recommend adding `countme=false` to `/etc/dnf/dnf.conf` just in case it is enabled in the future. On systems that use `rpm-ostree` such as Silverblue, the countme option is disabled by masking the [rpm-ostree-countme](https://fedoramagazine.org/getting-better-at-counting-rpm-ostree-based-systems/) timer.
openSUSE also uses a [unique ID](https://en.opensuse.org/openSUSE:Statistics) to count systems, which can be disabled by deleting the `/var/lib/zypp/AnonymousUniqueId` file.
## Sandboxing and Application confinement
Some sandboxing solutions for desktop Linux distributions do exist, however they are not as strict as those found in MacOS or ChromeOS. Applications installed from the package manager (`dnf`, `apt`, etc.) typically have **no** sandboxing or confinement whatsoever. Below are a few projects that aim to solve this problem:
### Flatpak
[Flatpak](https://flatpak.org) aims to be a universal package manager for Linux. One of its main goals is to provide a universal package format which can be used in most Linux distributions. It provides some [permission control](https://docs.flatpak.org/en/latest/sandbox-permissions.html). Madaidan [points out](https://madaidans-insecurities.github.io/linux.html#flatpak) that Flatpak sandboxing could be improved as particular Flatpaks often have greater permission than required.
There does seem to be [some agreement](https://theevilskeleton.gitlab.io/2021/02/11/response-to-flatkill-org.html) that this is the case.
Users can restrict applications further by issuing [flatpak overrides](https://docs.flatpak.org/en/latest/flatpak-command-reference.html#flatpak-override). This can be done with the commandline or by using [Flatseal](https://flathub.org/apps/details/com.github.tchx84.Flatseal). Some sample overrides are provided by [tommytran732](https://github.com/tommytran732/Flatpak-Overrides) and [rusty-snake](https://github.com/rusty-snake/kyst/tree/main/flatpak).
We generally recommend revoking access to:
* the Network (`share=network`) socket (internet access)
* the pulse audio socket (for both audio in and out), `device=all` (access to all devices including the camera)
* `org.freedesktop.secrets` dbus (access to secrets stored on your keychain) for applications which do not need it
If an application works natively with Wayland (and not running through the [XWayland](https://wayland.freedesktop.org/xserver.html) compatibility layer), consider revoking its access to the X11 (`socket=x11`) and [Inter-process communications (IPC)](https://en.wikipedia.org/wiki/Unix_domain_socket) socket (`share=ipc`) as well.
We also recommend restricting broad filesystem permissions such as `filesystem=home` and `filesystem=host` which should be revoked and replaced with just the directories that the app needs to access.
Hard-coded access to some kernel interfaces like [`/sys`](https://en.wikipedia.org/wiki/Sysfs) and [`/proc`](https://en.wikipedia.org/wiki/Procfs#Linux) and weak [seccomp](https://en.wikipedia.org/wiki/Seccomp) filters unfortunately cannot be secured by the user with Flatpak.
### Firejail
[Firejail](https://firejail.wordpress.com/) is another method of sandboxing. As it is a large [setuid](https://en.wikipedia.org/wiki/Setuid) binary, it has a large [attack surface](https://en.wikipedia.org/wiki/Attack_surface) which may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation).
The main risk is that Firejail may make the system safer from processes confined by it, but make it also less safe from processes running outside of Firejail. We [don't recommend](https://madaidans-insecurities.github.io/linux.html#firejail) the use of Firejail.
### Mandatory Access Control
[Mandatory access control](https://en.wikipedia.org/wiki/Mandatory_access_control) systems require policy files in order to force constraints on the system.
The two main control systems are [SELinux](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) (used on Android and Fedora) and [AppArmor](https://en.wikipedia.org/wiki/AppArmor).
Fedora includes SELinux preconfigured with some policies that will confine [system daemons](https://en.wikipedia.org/wiki/Daemon_(computing)) (background processes). We don't recommend disabling SELinux.
openSUSE gives the choice of AppArmor or SELinux during the installation process. We recommend sticking to the default for each variant (AppArmor for [Tumbleweed](https://get.opensuse.org/tumbleweed/) and SELinux for [MicroOS](https://microos.opensuse.org/)). openSUSE's SELinux policies are derived from Fedora.
Arch and Arch-based operating systems often do not come with a mandatory access control system and that must be configured manually for either [AppArmor](https://wiki.archlinux.org/title/AppArmor) or [SELinux](https://wiki.archlinux.org/title/SELinux).
### Making your own policies/profiles
For advanced users, you can make your own AppArmor profiles, SELinux policies, Bubblewrap profiles, and [seccomp](https://en.wikipedia.org/wiki/Seccomp) blacklist to have better confinement of applications. This is quite a tedious and complicated task so we won't go into detail about how to do it here, but we do have a few projects that you could use as reference.
* Whonix's [AppArmor Everything](https://github.com/Whonix/apparmor-profile-everything)
* Krathalan's [AppArmor profiles](https://github.com/krathalan/apparmor-profiles)
* noatsecure's [SELinux templates](https://github.com/noatsecure/hardhat-selinux-templates)
* Seirdy's [Bubblewrap scripts](https://sr.ht/~seirdy/bwrap-scripts)
### Securing Linux containers
If you're running a server you may have heard of Linux Containers, Docker, or Podman which refer to a kind of [OS-level virtualization](https://en.wikipedia.org/wiki/OS-level_virtualization). Containers are more common in server and development environments where individual apps are built to operate independently.
[Docker](https://en.wikipedia.org/wiki/Docker_(software)) is one of the most common container solutions. It does not run a proper sandbox, and this means that there is a large kernel [attack surface](https://en.wikipedia.org/wiki/Attack_surface). The [daemon](https://en.wikipedia.org/wiki/Daemon_(computing)) controls everything and [typically](https://docs.docker.com/engine/security/rootless/#known-limitations) runs as root. If it crashes for some reason, all the containers will crash too. The [gVisor](https://en.wikipedia.org/wiki/GVisor) runtime which implements an application level kernel can help limit the number of [syscalls](https://en.wikipedia.org/wiki/System_call) an application can make and can help isolate it from the host's [kernel](https://en.wikipedia.org/wiki/Kernel_(operating_system)).
Redhat develops [Podman](https://docs.podman.io/en/latest/) and secures it with SELinux to [isolate](https://www.redhat.com/sysadmin/apparmor-selinux-isolation) containers from each other. One of the notable differences between Docker and Podman is that Docker requires [root](https://en.wikipedia.org/wiki/Superuser) while Podman can run with [rootless containers](https://developers.redhat.com/blog/2020/09/25/rootless-containers-with-podman-the-basics) that are also [daemonless](https://developers.redhat.com/blog/2018/08/29/intro-to-podman), meaning if one crashes they don't all come down.
Another option is [Kata containers](https://katacontainers.io/), where virtual machines masquerade as containers. Each Kata container has its own Linux kernel and is isolated from the host.
These container technologies can be useful even for enthusiastic home users who may want to run certain web app software on their local area network (LAN) such as [vaultwarden](https://github.com/dani-garcia/vaultwarden) or images provided by [linuxserver.io](https://www.linuxserver.io) to increase privacy by decreasing dependence on various web services.
## Additional hardening
### Firewalls
A [firewall](https://en.wikipedia.org/wiki/Firewall_(computing)) may be used to secure connections to your system. If you're on a public network, the necessity of this may be greater than if you're on a local trusted network that you control.
We would generally recommend that you block incoming connections only, unless you're using an application firewall such as [OpenSnitch](https://github.com/evilsocket/opensnitch) or [Portmaster](https://safing.io/portmaster/).
Redhat distributions (such as Fedora) are typically configured through [firewalld](https://en.wikipedia.org/wiki/Firewalld). Redhat has plenty of [documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/using-and-configuring-firewalld_configuring-and-managing-networking) regarding this topic. There is also the [uncomplicated firewall](https://en.wikipedia.org/wiki/Uncomplicated_Firewall) which can be used as an alternative.
As for what to block, consider blocking all ports which are **not** [system or well known](https://en.wikipedia.org/wiki/Registered_port) range such as 1000 up to 65535 with both [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) and [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) after the operating system is installed.
If you use Fedora, consider removing the whitelist for for [smb](https://en.wikipedia.org/wiki/Server_Message_Block)-client and [mdns](https://en.wikipedia.org/wiki/Multicast_DNS) services if you do not use them.
All these firewalls use the [Netfilter](https://en.wikipedia.org/wiki/Netfilter) framework and therefore cannot protect against malicious programs running on the system. A malicious program could insert its own rules.
If you are using Flatpak packages, you can revoke their network socket access using Flatseal and prevent those applications from accessing your network. This permission is not bypassable.
If you are using non-classic [Snap](https://en.wikipedia.org/wiki/Snap_(package_manager)) packages on a system with proper snap confinement support (with both AppArmor and [CGroupsv1](https://en.wikipedia.org/wiki/Cgroups) present), you can use the Snap Store to revoke network permission as well. This is also not bypassable.
### Kernel hardening
There are some additional kernel hardening options such as configuring [sysctl](https://en.wikipedia.org/wiki/Sysctl#Linux) keys and [kernel command-line parameters](https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html) which are described in the following pages. We don't recommend you change these options unless you learn about what they do.
* [2.2 Sysctl](https://madaidans-insecurities.github.io/guides/linux-hardening.html#sysctl)
* [2.3 Boot parameters](https://madaidans-insecurities.github.io/guides/linux-hardening.html#boot-parameters)
* [2.5 Kernel attack surface reduction](https://madaidans-insecurities.github.io/guides/linux-hardening.html#kernel-attack-surface-reduction)
Note that setting `kernel.unprivileged_userns_clone=0` will stop Flatpak, Snap (that depend on browser-sandbox), Electron based AppImages, Podman, Docker, and LXC containers from working. Do **not** set this flag if you are using container products.
### Linux-Hardened
Some distributions like Arch Linux have the [linux-hardened](https://github.com/anthraxx/linux-hardened), kernel package. It includes [hardening patches](https://wiki.archlinux.org/title/security#Kernel_hardening) and more security-conscious defaults. Linux-Hardened has `kernel.unprivileged_userns_clone=0` disabled by default. See the [warning above](/linux-desktop/#kernel-hardening) about how this might impact you.
### Simultaneous multithreading (SMT)
[SMT](https://en.wikipedia.org/wiki/Simultaneous_multithreading) has been the cause of numerous hardware vulnerabilities, and subsequent patches for those vulnerabilities often come with performance penalties that negate most of the performance gain given by SMT. If you followed the "kernel hardening" section above, some kernel parameters already disable SMT. If the option is available to you, we recommend that you disable it in your firmware as well.
### Hardened memory allocator
The [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) from [GrapheneOS](https://grapheneos.org) can be used on Linux distributions. It is available by default on Whonix and is available as an [AUR package](https://wiki.archlinux.org/title/Security#Hardened_malloc) on Arch based distributions. If you are using the AUR package, consider setting up `LD_PRELOAD` as described in the [Arch Wiki](https://wiki.archlinux.org/title/Security#Hardened_malloc).
### Umask
If you are not using openSUSE, consider changing the default [umask](https://en.wikipedia.org/wiki/Umask) for both regular users and root to 077. Changing umask to 077 can break snapper on openSUSE and is **not** recommended.
### Mountpoint hardening
Consider adding the [following options](https://man7.org/linux/man-pages/man8/mount.8.html) `nodev`, `noexec`, and `nosuid` to [mountpoints](https://en.wikipedia.org/wiki/Mount_(computing)) which do not need them. Typically, these could be applied to `/boot`, `/boot/efi`, `/home`, `/root`, and `/var`.
If you use [Toolbox](https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox/), `/var/log/journal` must not have any of those options. If you are on Arch Linux, do not apply `noexec` to `/var/tmp`.
### Linux Pluggable Authentication Modules (PAM)
There is also further hardening to [PAM](https://en.wikipedia.org/wiki/Linux_PAM) to secure authentication to your system. [14. PAM](https://madaidans-insecurities.github.io/guides/linux-hardening.html#pam) has some tips on this.
On Redhat distributions you can use [`authselect`](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_authentication_and_authorization_in_rhel/configuring-user-authentication-using-authselect_configuring-authentication-and-authorization-in-rhel) to configure this e.g.:
```
sudo authselect select <profile_id, default: sssd> with-faillock without-nullok with-pamaccess
```
On systems where [`pam_faillock`](https://man7.org/linux/man-pages/man8/pam_tally.8.html) is not available, consider using [`pam_tally2`](https://man7.org/linux/man-pages/man8/pam_tally.8.html) instead.
### USB port protection
To better protect your [USB](https://en.wikipedia.org/wiki/USB) ports from attacks such as [BadUSB](https://en.wikipedia.org/wiki/BadUSB) we recommend either [USBGuard](https://github.com/USBGuard/usbguard). USBGuard has [documentation](https://github.com/USBGuard/usbguard#documentation) as does the [Arch Wiki](https://wiki.archlinux.org/title/USBGuard).
Another alternative option if you're using the [linux-hardened](/linux-desktop/#linux-hardened) is the [`deny_new_usb`](https://github.com/GrapheneOS/linux-hardened/commit/96dc427ab60d28129b36362e1577b6673b0ba5c4) sysctl. See [Preventing USB Attacks with `linux-hardened`](https://blog.lizzie.io/preventing-usb-attacks-with-linux-hardened.html).
### Secure Boot
[Secure Boot](https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_Boot) can be used to secure the boot process by preventing the loading of [unsigned](https://en.wikipedia.org/wiki/Public-key_cryptography) [UEFI](https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface) drivers or [boot loaders](https://en.wikipedia.org/wiki/Bootloader). Some guidance for this is provided in [21. Physical security](https://madaidans-insecurities.github.io/guides/linux-hardening.html#physical-security) and [21.4 Verified boot](https://madaidans-insecurities.github.io/guides/linux-hardening.html#verified-boot).
For further resources on Secure Boot we suggest taking a look at the following for instructional advice
* The Archwiki's [Secure Boot](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot) article. There are two main methods, the first is to use a [shim](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#shim), the second more complete way is to [use your own keys](https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#Using_your_own_keys).
For background of how Secure Boot works on Linux:
* [The Strange State of Authenticated Boot and Disk Encryption on Generic Linux Distributions](https://0pointer.net/blog/authenticated-boot-and-disk-encryption-on-linux.html)
* [Rod Smith's Managing EFI Boot Loaders for Linux](https://www.rodsbooks.com/efi-bootloaders/)
* [Dealing with Secure Boot](https://www.rodsbooks.com/efi-bootloaders/secureboot.html)
* [Controlling Secure Boot](https://www.rodsbooks.com/efi-bootloaders/controlling-sb.html)
One of the problems with Secure Boot particularly on Linux is that only the [chainloader](https://en.wikipedia.org/wiki/Chain_loading#Chain_loading_in_boot_manager_programs) (shim), the [boot loader](https://en.wikipedia.org/wiki/Bootloader) (GRUB), and the [kernel](https://en.wikipedia.org/wiki/Kernel_(operating_system)) are verified and that's where verification stops. The [initramfs](https://en.wikipedia.org/wiki/Initial_ramdisk) is often left unverified, unencrypted, and open up the window for an [evil maid](https://en.wikipedia.org/wiki/Evil_maid_attack) attack. There are a few things that can be done to reduce risk such as:
* Creating an [EFI Boot Stub](https://docs.kernel.org/admin-guide/efi-stub.html) that contains the [kernel](https://en.wikipedia.org/wiki/Kernel_(operating_system)), [initramfs](https://en.wikipedia.org/wiki/Initial_ramdisk) and [microcode](https://en.wikipedia.org/wiki/Microcode). This EFI stub can then be signed. If you use [dracut](https://en.wikipedia.org/wiki/Dracut_(software)) this can easily be done with the [`--uefi-stub` switch](https://man7.org/linux/man-pages/man8/dracut.8.html) or the [`uefi_stub` config](https://www.man7.org/linux/man-pages/man5/dracut.conf.5.html) option.
* [Encrypting the boot partition](https://wiki.archlinux.org/title/GRUB#Encrypted_/boot). However, this has its own issues, the first being that [GRUB](https://en.wikipedia.org/wiki/GNU_GRUB) only supports [LUKS1](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup) and not the newer default LUKS2 scheme. As the bootloader runs in [protected mode](https://en.wikipedia.org/wiki/Protected_mode) and the encryption module lacks [SSE acceleration](https://en.wikipedia.org/wiki/Streaming_SIMD_Extensions) the boot process will take minutes to complete.
* Using [TPM](https://en.wikipedia.org/wiki/Trusted_Platform_Module) to perform a [measured boot](https://www.krose.org/~krose/measured_boot).
After setting up Secure Boot it is crucial that you set a "firmware password" (also called a "supervisor password, "BIOS password" or "UEFI password"), otherwise an adversary can simply disable secure boot.
These recommendations can make you a little more resistant to [evil maid](https://en.wikipedia.org/wiki/Evil_maid_attack) attacks, but they not good as a proper verified boot process such as that found on [Android](https://source.android.com/security/verifiedboot), [ChromeOS](https://support.google.com/chromebook/answer/3438631) or [Windows](https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process).

17
collections/_evergreen/qubes.md Normal file
View File

@ -0,0 +1,17 @@
---
layout: evergreen
title: Qubes OS
mathjax: false
description: |
Qubes OS is a distribution of Linux that uses [Xen](https://en.wikipedia.org/wiki/Xen) provide app isolation.
---
{% for item_hash in site.data.operating-systems.qubes %}
{% assign item = item_hash[1] %}
{% if item.type == "Recommendation" %}
{% include recommendation-card.html %}
{% endif %}
{% endfor %}

17
collections/_evergreen/router.md Normal file
View File

@ -0,0 +1,17 @@
---
layout: evergreen
title: Router
mathjax: false
description: |
Below are a few alternative operating systems, that can be used on routers, wifi access points etc.
---
{% for item_hash in site.data.operating-systems.router %}
{% assign item = item_hash[1] %}
{% if item.type == "Recommendation" %}
{% include recommendation-card.html %}
{% endif %}
{% endfor %}

22
legacy_pages/os.html
View File

@ -1,22 +0,0 @@
---
layout: page
permalink: /operating-systems/
title: "Operating Systems"
description: "Even your own computer could be compromising your privacy. Discover our recommended OS choices for all the devices you use."
---
{% include legacy/sections/operating-systems.html %}
<h3>Warning</h3>
<ul>
<li><a href="#win10"><i class="fas fa-link"></i> Don't use Windows 10 - It's a privacy nightmare</a></li>
</ul>
{% include legacy/sections/tor-operating-systems.html %}
{% include legacy/sections/ios-addons.html %}
{% include legacy/sections/router-firmware.html %}
{% include legacy/sections/windows10.html %}