mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-12-18 20:34:37 -05:00
PC Operating systems 2.0 (#1969)
This commit is contained in:
parent
825c653c3d
commit
b05bdd77b0
@ -87,7 +87,7 @@
|
||||
</summary>
|
||||
<span class="nav-dropdown">
|
||||
<a class="dropdown-item" href="/operating-systems/#os"><span class="fas fa-th-large fa-fw"></span> PC OS</a>
|
||||
<a class="dropdown-item" href="/operating-systems/#live_os"><span class="fas fa-compact-disc fa-fw"></span> PC Live OS</a>
|
||||
<a class="dropdown-item" href="/operating-systems/#tor_os"><span class="ptio-tor"></span> Tor focused distributions</a>
|
||||
<a class="dropdown-item" href="/operating-systems/#mobile_os"><span class="fas fa-mobile-alt fa-fw"></span> Mobile OS</a>
|
||||
<a class="dropdown-item" href="/operating-systems/#aaddons"><span class="fas fa-th fa-fw"></span> Android Privacy Add-ons</a>
|
||||
<a class="dropdown-item" href="/operating-systems/#firmware"><span class="fas fa-signal fa-fw"></span> Router Firmware</a>
|
||||
|
@ -1,16 +1,26 @@
|
||||
<h1 id="mobile_os" class="anchor"><a href="#mobile_os"><i class="fas fa-link anchor-icon"></i></a> Mobile Operating Systems</h1>
|
||||
|
||||
<h2 id="aosp_os" class="anchor"><a href="#aosp_os"><i class="fas fa-link anchor-icon"></i></a> Android-based Operating Systems</h1>
|
||||
|
||||
<div class="alert alert-warning" role="alert">
|
||||
<strong>Even though the source code of the following operating systems is provided, installing Google Apps may compromise your setup.</strong>
|
||||
</div>
|
||||
|
||||
{% include cardv2.html
|
||||
title="CalyxOS"
|
||||
image="/assets/img/svg/3rd-party/calyxos.svg"
|
||||
description='CalyxOS is a custom ROM based on the Android Open Source Project with Pixel phones. It aims to be secure and private by default including a number of good choices for default applications. It also supports <a href="https://source.android.com/security/verifiedboot">verified boot</a>.'
|
||||
badges="info:AOSP"
|
||||
website="https://calyxos.org"
|
||||
gitlab="https://gitlab.com/calyxos"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="GrapheneOS"
|
||||
image="/assets/img/svg/3rd-party/grapheneos.svg"
|
||||
image-dark="/assets/img/svg/3rd-party/grapheneos-dark.svg"
|
||||
description='GrapheneOS (formerly known as CopperheadOS) is a free and open-source security- and privacy-focused mobile operating system built on top of the Android Open Source Project. It currently specifically targets devices offering strong hardware security.'
|
||||
badges="info:AOSP"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
website="https://grapheneos.org/"
|
||||
github="https://github.com/GrapheneOS/"
|
||||
%}
|
||||
@ -20,49 +30,14 @@
|
||||
image="/assets/img/svg/3rd-party/lineageos.svg"
|
||||
description='LineageOS is a custom ROM based on the Android Open Source Project with <a href="https://wiki.lineageos.org/devices/">official support for a wide variety of devices</a>. The project is the successor to the popular CyanogenMod project, focusing on system control and customization, device longevity, and privacy. For security reasons, we do not recommend third-party builds of LineageOS for unsupported devices.'
|
||||
badges="info:AOSP"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
website="https://www.lineageos.org/"
|
||||
privacy-policy="https://www.lineageos.org/legal/"
|
||||
github="https://github.com/LineageOS"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="Ubuntu Touch"
|
||||
image="/assets/img/svg/3rd-party/ubuntu.svg"
|
||||
description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are <a href=https://devices.ubuntu-touch.io/>supported.</a>"
|
||||
badges="info:GNU/Linux"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
website="https://ubuntu-touch.io/"
|
||||
privacy-policy="https://ubports.com/privacy"
|
||||
github="https://github.com/ubports"
|
||||
%}
|
||||
|
||||
<h3>Worth Mentioning</h3>
|
||||
|
||||
<ul>
|
||||
<li><a href="https://www.replicant.us/">Replicant</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="AOSP"
|
||||
%}
|
||||
- An open-source operating system based on Android, aiming to replace all proprietary components with free software.
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="https://www.omnirom.org/">OmniROM</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="AOSP"
|
||||
%}
|
||||
{% include badge.html
|
||||
color="warning"
|
||||
icon="far fa-question-circle"
|
||||
text="contrib"
|
||||
tooltip="This software may depend on or recommend non-free software."
|
||||
%}
|
||||
- A free-software operating system for smartphones and tablet computers, based on the Android mobile platform.
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="https://microg.org/">MicroG</a>
|
||||
{% include badge.html
|
||||
@ -72,8 +47,6 @@
|
||||
{% include badge.html
|
||||
color="warning"
|
||||
icon="far fa-question-circle"
|
||||
text="contrib"
|
||||
tooltip="This software may depend on or recommend non-free software."
|
||||
%}
|
||||
- A project that aims to reimplement the proprietary Google Play Services in the Android operating system with a FLOSS replacement. The microG project also maintains a fork of LineageOS with microG and F-Droid preinstalled at <a href="https://lineage.microg.org/">Lineage for microG</a>.
|
||||
</li>
|
@ -1,33 +0,0 @@
|
||||
<h1 id="live_os" class="anchor"><a href="#live_os"><i class="fas fa-link anchor-icon"></i></a> PC Live Operating Systems</h1>
|
||||
|
||||
{% include cardv2.html
|
||||
title="Tails"
|
||||
image="/assets/img/svg/3rd-party/tails.svg"
|
||||
description='Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages.'
|
||||
badges="info:GNU/Linux"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
website="https://tails.boum.org/"
|
||||
git="https://git-tails.immerda.ch/tails/"
|
||||
%}
|
||||
|
||||
<h3>Worth Mentioning</h3>
|
||||
|
||||
<ul>
|
||||
<li>
|
||||
<a href="https://getfedora.org/">Fedora Workstation</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="GNU/Linux"
|
||||
%}
|
||||
- Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="https://debian.org/">Debian</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="GNU/Linux"
|
||||
%}
|
||||
- Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.
|
||||
</li>
|
||||
</ul>
|
@ -4,83 +4,83 @@
|
||||
<strong>If you are currently using an operating system like Windows 10, you should pick an alternative here.</strong>
|
||||
</div>
|
||||
|
||||
{% include cardv2.html
|
||||
title="Qubes OS"
|
||||
image="/assets/img/svg/3rd-party/qubes_os.svg"
|
||||
description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
|
||||
badges="info:Xen"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
website="https://www.qubes-os.org/"
|
||||
privacy-policy="https://www.qubes-os.org/privacy/"
|
||||
github="https://github.com/QubesOS"
|
||||
tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="Fedora Workstation"
|
||||
image="/assets/img/svg/3rd-party/fedora.svg"
|
||||
description='Fedora is a Linux distribution developed by the Fedora Project and sponsored by Red Hat. Fedora Workstation is a secure, reliable, and user-friendly edition developed for desktops and laptops, using GNOME as the default desktop environment.'
|
||||
badges="info:GNU/Linux"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
badges="info:Linux"
|
||||
website="https://getfedora.org/"
|
||||
privacy-policy="https://fedoraproject.org/wiki/Legal:PrivacyPolicy?rd=Legal/PrivacyPolicy"
|
||||
git="https://src.fedoraproject.org/"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="Ubuntu"
|
||||
image="/assets/img/svg/3rd-party/ubuntu.svg"
|
||||
description='Ubuntu is a Linux distribution developed by Canonical Ltd. Ubuntu is a reliable and distribution that is user-friendly and can be run on desktops, servers, and IoT devices.'
|
||||
badges="info:Linux"
|
||||
website="https://ubuntu.com"
|
||||
privacy-policy="https://ubuntu.com/legal/data-privacy"
|
||||
git="https://launchpad.net/ubuntu"
|
||||
%}
|
||||
|
||||
<h1 id="advanced_os" class="anchor"><a href="#advanced_os"><i class="fas fa-link anchor-icon"></i></a> Advanced Operating Systems</h1>
|
||||
|
||||
<div class="alert alert-info" role="alert">
|
||||
<strong>These options have advanced features and are unique in some way. These options will likely require the user to read technical background documentation.</strong>
|
||||
</div>
|
||||
|
||||
{% include cardv2.html
|
||||
title="Alpine Linux"
|
||||
image="/assets/img/svg/3rd-party/alpinelinux.svg"
|
||||
description='Alpine Linux is a very minimal distribution designed to be secure and very resource efficient. Alpine Linux can run from RAM, and merge configuration files into the system on boot using <a href="https://wiki.alpinelinux.org/wiki/Alpine_local_backup">Alpine local backup</a>. Alpine Linux is often used on servers and in Linux containers.'
|
||||
badges="info:Linux"
|
||||
website="https://alpinelinux.org/"
|
||||
privacy-policy="https://alpinelinux.org/privacy-policy.html"
|
||||
gitlab="https://gitlab.alpinelinux.org"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="Arch Linux"
|
||||
image="/assets/img/svg/3rd-party/archlinux.svg"
|
||||
description='A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement.'
|
||||
badges="info:Linux"
|
||||
labels="color==success::link==https://tests.reproducible-builds.org/archlinux/archlinux.html::text==Reproducable builds"
|
||||
website="https://www.archlinux.org/"
|
||||
privacy-policy="https://wiki.archlinux.org/index.php/ArchWiki:Privacy_policy"
|
||||
gitlab="https://gitlab.archlinux.org"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="Debian"
|
||||
image="/assets/img/svg/3rd-party/debian.svg"
|
||||
description='Debian is a Unix-like computer operating system and a Linux distribution that is composed entirely of free and open-source software, most of which is under the GNU General Public License, and packaged by a group of individuals known as the Debian project.'
|
||||
badges="info:GNU/Linux"
|
||||
badges="info:Linux"
|
||||
labels="color==success::link==https://reproducible.debian.net::text==Reproducable builds"
|
||||
website="https://www.debian.org/"
|
||||
privacy-policy="https://www.debian.org/legal/privacy"
|
||||
tor="http://sejnfjrq6szgca7v.onion"
|
||||
gitlab="https://salsa.debian.org/qa/debsources"
|
||||
%}
|
||||
|
||||
<h3>Worth Mentioning</h3>
|
||||
{% include cardv2.html
|
||||
title="NixOS"
|
||||
image="/assets/img/svg/3rd-party/nixos.svg"
|
||||
description='NixOS is a Linux distribution with a unique approach to package and configuration management. Built on top of the Nix package manager, it is completely declarative, makes upgrading systems reliable, and has many <a href="https://nixos.org/features.html">other advantages</a>.'
|
||||
badges="info:Linux"
|
||||
labels="color==success::link==https://r13y.com::text==Reproducable builds"
|
||||
website="https://nixos.org"
|
||||
privacy-policy="https://nixos.wiki/wiki/NixOS_Wiki:Privacy_policy"
|
||||
github="https://github.com/NixOS"
|
||||
%}
|
||||
|
||||
<ul>
|
||||
<li><a href="https://www.openbsd.org/">OpenBSD</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="BSD"
|
||||
%}
|
||||
- A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="https://www.archlinux.org/">Arch Linux</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="GNU/Linux"
|
||||
%}
|
||||
{% include badge.html
|
||||
color="warning"
|
||||
icon="far fa-question-circle"
|
||||
text="contrib"
|
||||
tooltip="This software may depend on or recommend non-free software."
|
||||
%}
|
||||
- A simple, lightweight Linux distribution. It is composed predominantly of free and open-source software, and supports community involvement. <a href="https://www.parabola.nu/">Parabola</a> is a
|
||||
completely open source version of Arch Linux.
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="https://trisquel.info/">Trisquel</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="GNU/Linux"
|
||||
%}
|
||||
- Derived from Ubuntu, this project aims for a fully free software system without proprietary software or firmware and uses Linux-libre, a version of the Linux kernel with the non-free code (binary blobs) removed.
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="https://www.whonix.org/">Whonix</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="GNU/Linux"
|
||||
%}
|
||||
- A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation"
|
||||
and a Tor "Gateway". All communication are forced through the Tor network to accomplish this.
|
||||
</li>
|
||||
</ul>
|
||||
{% include cardv2.html
|
||||
title="Qubes OS"
|
||||
image="/assets/img/svg/3rd-party/qubes_os.svg"
|
||||
description='Qubes is an open-source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.'
|
||||
badges="info:Xen"
|
||||
website="https://www.qubes-os.org/"
|
||||
privacy-policy="https://www.qubes-os.org/privacy/"
|
||||
github="https://github.com/QubesOS"
|
||||
tor="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/"
|
||||
%}
|
||||
|
11
_includes/sections/other-mobile-operating-systems.html
Normal file
11
_includes/sections/other-mobile-operating-systems.html
Normal file
@ -0,0 +1,11 @@
|
||||
<h2 id="other_os" class="anchor"><a href="#other_os"><i class="fas fa-link anchor-icon"></i></a> Other Mobile Operating Systems</h1>
|
||||
|
||||
{% include cardv2.html
|
||||
title="Ubuntu Touch"
|
||||
image="/assets/img/svg/3rd-party/ubuntu.svg"
|
||||
description="Ubuntu Touch is a free and open-source operating system for smartphones and tablets. It's an alternative to the current popular mobile operating systems on the market. Only a few devices are <a href=https://devices.ubuntu-touch.io/>supported.</a>"
|
||||
badges="info:Linux"
|
||||
website="https://ubuntu-touch.io/"
|
||||
privacy-policy="https://ubports.com/privacy"
|
||||
github="https://github.com/ubports"
|
||||
%}
|
@ -6,7 +6,6 @@
|
||||
image-dark="/assets/img/svg/3rd-party/openwrt-dark.svg"
|
||||
description="OpenWrt is an operating system (in particular, an embedded operating system) based on the Linux kernel, primarily used on embedded devices to route network traffic. The main components are the Linux kernel, util-linux, uClibc and BusyBox. All components have been optimized for size, to be small enough for fitting into the limited storage and memory available in home routers."
|
||||
badges="info:Linux"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
website="https://openwrt.org/"
|
||||
git="https://git.openwrt.org/"
|
||||
%}
|
||||
@ -17,46 +16,7 @@
|
||||
image-dark="/assets/img/svg/3rd-party/pfsense-dark.svg"
|
||||
description="pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint."
|
||||
badges="info:BSD"
|
||||
labels="color==warning::text==contrib::tooltip==This software may depend on or recommend non-free software."
|
||||
website="https://www.pfsense.org/"
|
||||
privacy-policy="https://www.pfsense.org/privacy.html"
|
||||
github="https://github.com/pfsense/"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="LibreCMC"
|
||||
image="/assets/img/svg/3rd-party/librecmc.svg"
|
||||
image-dark="/assets/img/svg/3rd-party/librecmc-dark.svg"
|
||||
description="LibreCMC is a GNU/Linux-libre distribution for computers with minimal resources, such as the Ben Nanonote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. The project's current goal is to aim for compliance with the GNU Free System Distribution Guidelines (GNU FSDG) and ensure that the project continues to meet these requirements set forth by the Free Software Foundation (FSF)."
|
||||
badges="info:GNU/Linux"
|
||||
website="https://librecmc.org"
|
||||
git="https://gogs.librecmc.org/libreCMC/libreCMC"
|
||||
%}
|
||||
|
||||
<h3>Worth Mentioning</h3>
|
||||
|
||||
<ul>
|
||||
<li>
|
||||
<a href="https://www.openbsd.org/">OpenBSD</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="BSD"
|
||||
%}
|
||||
- A project that produces a free, multi-platform 4.4BSD-based UNIX-like operating system. Emphasizes portability, standardization, correctness, proactive security and integrated cryptography.
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="https://dd-wrt.com/">DD-WRT</a>
|
||||
{% include badge.html
|
||||
color="info"
|
||||
text="GNU/Linux"
|
||||
%}
|
||||
{% include badge.html
|
||||
color="warning"
|
||||
icon="far fa-question-circle"
|
||||
text="contrib"
|
||||
tooltip="This software may depend on or recommend non-free software."
|
||||
%}
|
||||
- A Linux-based open-source firmware compatible with several models of routers and access points.
|
||||
</li>
|
||||
</ul>
|
||||
|
23
_includes/sections/tor-operating-systems.html
Normal file
23
_includes/sections/tor-operating-systems.html
Normal file
@ -0,0 +1,23 @@
|
||||
<h1 id="tor_os" class="anchor"><a href="#tor_os"><i class="fas fa-link anchor-icon"></i></a> Tor-Focused Distributions</h1>
|
||||
|
||||
<div class="alert alert-info" role="alert">
|
||||
<strong>These Linux distributions are developed with the purpose of directing all network traffic through Tor.</strong>
|
||||
</div>
|
||||
|
||||
{% include cardv2.html
|
||||
title="Tails"
|
||||
image="/assets/img/svg/3rd-party/tails.svg"
|
||||
description='Tails is a live operating system that can boot on almost any computer from a DVD, USB stick, or SD card you control. It aims at preserving privacy and anonymity, and circumventing censorship by forcing Internet connections through the Tor network; leaving no trace on the computer; and using state-of-the-art cryptographic tools to encrypt files, emails, and instant messages.'
|
||||
badges="info:Linux"
|
||||
website="https://tails.boum.org/"
|
||||
git="https://git-tails.immerda.ch/tails/"
|
||||
%}
|
||||
|
||||
{% include cardv2.html
|
||||
title="Whonix"
|
||||
image="/assets/img/svg/3rd-party/whonix.svg"
|
||||
description='A Debian-based security-focused Linux distribution. It aims to provide privacy, security and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway". All communication are forced through the Tor network to accomplish this. <a href="https://www.whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers">Whonix is best used in conjunction with Qubes.</a>'
|
||||
badges="info:Linux"
|
||||
website="https://www.whonix.org/"
|
||||
github="https://github.com/Whonix"
|
||||
%}
|
2
assets/img/svg/3rd-party/alpinelinux.svg
vendored
Normal file
2
assets/img/svg/3rd-party/alpinelinux.svg
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g fill="#0d597f"><g transform="matrix(.22745 0 0 -.22745 12.303 20.536)"><path d="m0 0v15.687l-11.296-11.308c1.217-0.847 2.364-1.543 3.443-2.109 1.079-0.567 2.089-1.005 3.03-1.338 0.941-0.334 1.814-0.562 2.617-0.71 0.804-0.147 1.539-0.213 2.206-0.222m57.751 1.304c0.02-0.017 0.13-0.11 0.333-0.239 0.204-0.13 0.502-0.297 0.898-0.462 0.395-0.164 0.889-0.327 1.485-0.448 0.596-0.122 1.294-0.202 2.098-0.202 0.671 0 1.411 0.059 2.222 0.2 0.812 0.142 1.693 0.367 2.645 0.699 0.953 0.333 1.976 0.773 3.07 1.344 1.094 0.572 2.259 1.276 3.495 2.136l-8.572 8.397-28.41 28.516-12.466-12.469-16.816 17.341-42.204-41.727c1.235-0.86 2.398-1.564 3.491-2.136 1.093-0.571 2.115-1.011 3.067-1.344 0.951-0.332 1.832-0.557 2.643-0.698 0.81-0.142 1.55-0.201 2.22-0.201 0.804 0 1.502 0.08 2.097 0.202 0.596 0.121 1.089 0.284 1.485 0.449 0.396 0.164 0.693 0.331 0.897 0.461s0.314 0.223 0.334 0.24l19.052 19.052 6.813 6.533 18.866-18.866 6.591-6.778c0.02-0.017 0.13-0.11 0.334-0.239 0.204-0.13 0.501-0.297 0.897-0.462 0.396-0.164 0.89-0.327 1.485-0.448 0.596-0.122 1.295-0.202 2.099-0.202 0.67 0 1.411 0.059 2.222 0.2 0.811 0.142 1.693 0.367 2.645 0.699 0.952 0.333 1.975 0.773 3.069 1.344 1.094 0.572 2.259 1.276 3.495 2.136l-15.139 14.825 2.818 2.818 13.101-13.101 7.64-7.57m-0.163 79.016 37.219-64.482-37.219-64.482h-74.463l-37.219 64.482 37.219 64.482z" fill="#0d597f"/></g><g transform="matrix(.22745 0 0 -.22745 20.119 16.219)"><path d="m0 0-9.913 9.895 0.705 0.709 9.983-9.874z" fill="#0d597f"/></g></g></svg>
|
After Width: | Height: | Size: 1.6 KiB |
2
assets/img/svg/3rd-party/archlinux.svg
vendored
Normal file
2
assets/img/svg/3rd-party/archlinux.svg
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(.73138 0 0 .73138 10.776 17.764)" fill="#1793d1"><path d="m7.2435-23.121c-1.9571 4.7983-3.1375 7.9369-5.3165 12.593 1.336 1.4161 2.9758 3.0653 5.6389 4.9279-2.8631-1.1781-4.8161-2.361-6.2756-3.5884-2.7887 5.819-7.1577 14.108-16.024 30.038 6.9685-4.023 12.37-6.5033 17.405-7.4497-0.21617-0.92976-0.33908-1.9355-0.33073-2.9848l0.0083-0.22324c0.11057-4.4645 2.433-7.8978 5.1842-7.6646 2.7512 0.23311 4.8896 4.0435 4.779 8.508-0.0208 0.84008-0.11556 1.6482-0.28112 2.3978 4.9796 0.9741 10.324 3.448 17.198 7.4166-1.3555-2.4955-2.5653-4.745-3.7207-6.8874-1.8199-1.4106-3.7182-3.2464-7.5902-5.2338 2.6614 0.69155 4.567 1.4894 6.0523 2.3812-11.747-21.871-12.698-24.777-16.727-34.23z" fill-rule="evenodd"/><g transform="matrix(.23141 0 0 .23141 -26.057 -55.67)"><path d="m239.84 313.7v-5.2094h-1.946v-0.697h4.6816v0.697h-1.954v5.2094h-0.78162"/><path d="m243.39 313.7v-5.9064h1.1765l1.398 4.182c0.12892 0.38947 0.22293 0.6809 0.28202 0.87429 0.0671-0.21488 0.1719-0.53048 0.31426-0.94681l1.4142-4.1095h1.0516v5.9064h-0.75341v-4.9435l-1.7163 4.9435h-0.70506l-1.7083-5.0281v5.0281h-0.75342"/></g></g></svg>
|
After Width: | Height: | Size: 1.2 KiB |
2
assets/img/svg/3rd-party/calyxos.svg
vendored
Normal file
2
assets/img/svg/3rd-party/calyxos.svg
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(.43429 0 0 .43429 -102.24 -35.595)" stroke-width=".26458"><path d="m313.4 119.93c-7.7343 13.52-22.298 22.631-38.991 22.631-16.692 0-31.256-9.1114-38.991-22.631 7.7346-13.521 22.299-22.632 38.991-22.632 16.693 0 31.257 9.1115 38.991 22.632" fill="#9acc01"/><path d="m298.61 144.6-6.8334-12.569c2.364-3.4422 3.7478-7.6102 3.7478-12.101 0-11.819-9.5811-21.4-21.4-21.4-11.819 0-21.4 9.5806-21.4 21.4 0 11.819 9.5811 21.4 21.4 21.4 4.4736 0 8.6265-1.3727 12.061-3.7206l12.422 6.9937z" fill="#231f20"/><path d="m284.91 125.24c0 5.7915-4.7106 10.502-10.502 10.502-5.7915 0-10.502-4.7106-10.502-10.502v-12.917c0-0.80301 0.65352-1.456 1.4565-1.456 0.80275 0 1.456 0.65299 1.456 1.456v7.8192c0 0.4236 0.34263 0.76623 0.76702 0.76623 8e-3 0 0.0167-2e-3 0.0257-2e-3s0.0164 2e-3 0.0251 2e-3c0.4236 0 0.7665-0.34263 0.7665-0.76623v-11.856c0-0.80354 0.65299-1.4571 1.4565-1.4571s1.4565 0.65352 1.4565 1.4571v11.166c0 0.42387 0.34343 0.76624 0.76677 0.76624 0.42254 0 0.76623-0.34264 0.76623-0.76624v-13.875c0-0.80301 0.65378-1.4555 1.4563-1.4555 0.80354 0 1.4568 0.65246 1.4568 1.4555v13.773c0 0.42413 0.34317 0.76703 0.7665 0.76703 0.42307 0 0.7665-0.34317 0.7665-0.76703v-11.37c0-0.80327 0.65352-1.4565 1.4565-1.4565 0.80327 0 1.456 0.65352 1.456 1.4565v14.555c-1.7436 0.16219-5.8518 1.0464-7.543 5.7222-0.14366 0.39793 0.0622 0.83767 0.46038 0.9824 0.0857 0.031 0.1741 0.0455 0.26009 0.0455 0.31379 0 0.60748-0.19474 0.72125-0.50536 1.7732-4.903 6.6273-4.7546 6.8313-4.7464l0.80354 0.0386v-8.0939c0-0.80301 0.7112-1.4565 1.5843-1.4565 0.87392 0 1.5841 0.65352 1.5841 1.4565v9.2625zm-1.5841-12.253c-0.57864 0-1.1192 0.15557-1.5843 0.41963v-5.4277c0-1.6486-1.3409-2.9901-2.9895-2.9901-0.53314 0-1.0327 0.14261-1.4666 0.38761-0.10398-1.555-1.3991-2.789-2.98-2.789-1.6484 0-2.9893 1.3409-2.9893 2.989v0.10001c-0.4318-0.2413-0.92763-0.381-1.4565-0.381-1.6481 0-2.9893 1.3409-2.9893 2.9901v1.4594c-0.44344-0.26035-0.95752-0.41222-1.5079-0.41222-1.6486 0-2.99 1.3404-2.99 2.9893v12.917c0 6.636 5.3991 12.035 12.036 12.035 6.636 0 12.035-5.3991 12.035-12.035v-9.2631c0-1.6484-1.3981-2.9893-3.1171-2.9893" fill="#9acc01"/></g></svg>
|
After Width: | Height: | Size: 2.2 KiB |
2
assets/img/svg/3rd-party/nixos.svg
vendored
Normal file
2
assets/img/svg/3rd-party/nixos.svg
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><linearGradient id="linearGradient4328" x1="200.6" x2="290.09" y1="351.41" y2="506.19" gradientTransform="translate(70.65 -1055.2)" gradientUnits="userSpaceOnUse"><stop stop-color="#699ad7" offset="0"/><stop stop-color="#7eb1dd" offset=".24345"/><stop stop-color="#7ebae4" offset="1"/></linearGradient><linearGradient id="linearGradient4330" x1="-584.2" x2="-496.3" y1="782.34" y2="937.71" gradientTransform="translate(864.7 -1491.3)" gradientUnits="userSpaceOnUse"><stop stop-color="#415e9a" offset="0"/><stop stop-color="#4a6baf" offset=".23169"/><stop stop-color="#5277c3" offset="1"/></linearGradient></defs><g transform="matrix(.067518 0 0 .067518 -10.566 65.26)"><path id="path3336-6" d="m309.55-710.39 122.2 211.68-56.157 0.5268-32.624-56.869-32.856 56.565-27.902-0.011-14.291-24.69 46.81-80.49-33.229-57.826z" fill="url(#linearGradient4328)" fill-rule="evenodd"/><use transform="rotate(60 407.11 -715.79)" width="100%" height="100%" xlink:href="#path3336-6"/><use transform="rotate(-60 407.31 -715.7)" width="100%" height="100%" xlink:href="#path3336-6"/><use transform="rotate(180 407.42 -715.76)" width="100%" height="100%" xlink:href="#path3336-6"/><path id="path4260-0" d="m309.55-710.39 122.2 211.68-56.157 0.5268-32.624-56.869-32.856 56.565-27.902-0.011-14.291-24.69 46.81-80.49-33.229-57.826z" color="#000000" color-rendering="auto" fill="url(#linearGradient4330)" fill-rule="evenodd" image-rendering="auto" shape-rendering="auto" solid-color="#000000" style="isolation:auto;mix-blend-mode:normal"/><use transform="rotate(120 407.34 -716.08)" width="100%" height="100%" xlink:href="#path4260-0"/><use transform="rotate(240 407.29 -715.87)" width="100%" height="100%" xlink:href="#path4260-0"/></g></svg>
|
After Width: | Height: | Size: 1.9 KiB |
2
assets/img/svg/3rd-party/whonix.svg
vendored
Normal file
2
assets/img/svg/3rd-party/whonix.svg
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g stroke-width=".1341"><path d="m17.336 3.5727e-7h-0.62626c-4.1469 0-7.621 3.3074-7.621 7.455v10.012c0 4.1474 3.4741 7.476 7.621 7.476h0.62626c4.1469 0 7.4429-3.3286 7.4429-7.476v-10.012c0-4.1476-3.296-7.455-7.4429-7.455zm4.0903 13.798c0 2.5527-2.0032 4.708-4.5566 4.708h-0.20947c-2.5533 0-4.6212-2.1553-4.6212-4.708v-6.4729c0-2.5533 2.0679-4.6433 4.6212-4.6433h0.20947c2.5533 0 4.5566 2.09 4.5566 4.6433z" fill="#c3c3d1"/><circle cx="16.933" cy="21.636" r="12.23" fill="#c3c3d1"/><path d="m21.734 18.136-0.10916-0.1164c-0.02682-0.02803-0.05472-0.05699-0.08033-0.08449h-0.0023l-4.6797-4.9303-4.6782 4.9303c-0.0052 0.0052-0.01234 0.01167-0.01757 0.0169l-0.08315 0.08837-0.08918 0.09562-0.0042 0.0035c-1.125 1.2269-1.7442 2.8146-1.7442 4.4716 0 3.6496 2.9677 6.6168 6.6168 6.6168 3.65 0 6.6195-2.9672 6.6195-6.6168 0-1.657-0.61916-3.2446-1.7448-4.4716z" fill="#20aae6"/></g><g transform="matrix(.1341 0 0 .1341 -4.5903 -4.5595)" clip-rule="evenodd" fill-rule="evenodd"><path d="m196.35 202.61c0 20.085-16.274 36.365-36.364 36.365-20.086 0-36.361-16.279-36.361-36.365s16.274-36.361 36.361-36.361c20.089 0 36.364 16.274 36.364 36.361z" fill="#fff"/><path d="m182.34 202.61c0 12.347-10.005 22.351-22.351 22.351-12.343 0-22.347-10.004-22.347-22.351 0-12.344 10.004-22.347 22.347-22.347 12.347-1e-3 22.351 10.003 22.351 22.347z" fill="#d8e620"/><circle cx="159.99" cy="202.61" r="10.008" fill="#fff"/></g></svg>
|
After Width: | Height: | Size: 1.5 KiB |
@ -73,12 +73,14 @@ permalink: /classic/
|
||||
|
||||
{% include sections/operating-systems.html %}
|
||||
|
||||
{% include sections/live-operating-systems.html %}
|
||||
{% include sections/tor-operating-systems.html %}
|
||||
|
||||
{% include sections/mobile-operating-systems.html %}
|
||||
{% include sections/android-operating-systems.html %}
|
||||
|
||||
{% include sections/android-addons.html %}
|
||||
|
||||
{% include sections/other-mobile-operating-systems.html %}
|
||||
|
||||
{% include sections/router-firmware.html %}
|
||||
|
||||
{% include sections/windows10.html %}
|
||||
|
@ -13,41 +13,14 @@ description: "Even your own computer could be compromising your privacy. Discove
|
||||
<li><a href="#win10"><i class="fas fa-link"></i> Don't use Windows 10 - It's a privacy nightmare</a></li>
|
||||
</ul>
|
||||
|
||||
<h4 id="cpuvulns">Remember to check CPU vulnerability mitigations</h4>
|
||||
{% include sections/tor-operating-systems.html %}
|
||||
|
||||
<p><em><a href="https://support.microsoft.com/en-us/help/4073757/protect-windows-devices-from-speculative-execution-side-channel-attack">This also affects Windows 10</a>, but it doesn't expose this information or mitigation instructions as easily. MacOS users check <a href="https://support.apple.com/en-us/HT210108">How to enable full mitigation for Microarchitectural Data Sampling (MDS) vulnerabilities on Apple Support</a>.</em></p>
|
||||
|
||||
<p>When running a recent enough Linux kernel, you can check the CPU vulnerabilities it detects by <code>tail -n +1 /sys/devices/system/cpu/vulnerabilities/*</code>. By using <code>tail -n +1</code> instead of <code>cat</code>, the file names are also visible.</p>
|
||||
|
||||
<p>
|
||||
In case you have an Intel CPU, you may notice "SMT vulnerable" display after running the <code>tail</code> command. To mitigate this, disable <a href="https://en.wikipedia.org/wiki/Hyper-threading">hyper-threading</a> from the UEFI/BIOS. You can also take the following mitigation steps below if your system/distribution uses GRUB and supports <code>/etc/default/grub.d/</code>:
|
||||
</p>
|
||||
|
||||
<ol>
|
||||
<li><code>sudo mkdir /etc/default/grub.d/</code> to create a directory for additional grub configuration</li>
|
||||
<li><code>echo GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT l1tf=full,force mds=full,nosmt mitigations=auto,nosmt nosmt=force" | sudo tee /etc/default/grub.d/mitigations.cfg</code> to create a new grub config file source with the echoed content</li>
|
||||
<li><code>sudo grub-mkconfig -o /boot/grub/grub.cfg</code> to generate a new grub config file including these new kernel boot flags</li>
|
||||
<li><code>sudo reboot</code> to reboot</li>
|
||||
<li>after the reboot, check <code>tail -n +1 /sys/devices/system/cpu/vulnerabilities/*</code> again to see that everything referring to SMT now says "SMT disabled."</li>
|
||||
</ol>
|
||||
|
||||
<h5>Further reading</h5>
|
||||
|
||||
<ul>
|
||||
<li><a href="https://cpu.fail/">CPU.fail</a></li>
|
||||
<li><a href="https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/">Hardware vulnerabilities index on The Linux kernel user's and administrator's guide</a></li>
|
||||
<li><a href="https://www.cyberciti.biz/faq/install-update-intel-microcode-firmware-linux/">How to install/update CPU microcode firmware on Linux</a> - Regardless of your CPU manufacturer, you should always install the latest microcode packages available to be protected from CPU vulnerabilities, especially if the command above reports <strong>no microcode</strong> in its output.</li>
|
||||
<li><a href="https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html">MDS - Microarchitectural Data Sampling on The Linux kernel user's and administrator's guide</a></li>
|
||||
<li><a href="https://mdsattacks.com/">RIDL and Fallout: MDS attacks on mdsattacks.com</a></li>
|
||||
<li><a href="https://en.wikipedia.org/wiki/Simultaneous_multithreading">Simultaneous multithreading on Wikipedia</a></li>
|
||||
</ul>
|
||||
|
||||
{% include sections/live-operating-systems.html %}
|
||||
|
||||
{% include sections/mobile-operating-systems.html %}
|
||||
{% include sections/android-operating-systems.html %}
|
||||
|
||||
{% include sections/android-addons.html %}
|
||||
|
||||
{% include sections/other-mobile-operating-systems.html %}
|
||||
|
||||
{% include sections/router-firmware.html %}
|
||||
|
||||
{% include sections/windows10.html %}
|
||||
|
Loading…
Reference in New Issue
Block a user