“[GNU/]Linux being secure is a common misconception in the security and privacy realm.”

https://madaidans-insecurities.github.io/linux.html

“[GNU/]Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features. This article is intended to debunk these misunderstandings”.

Based on this, one should try to do as much as possible on a GrapheneOS device

@privacy

  • J Lou@mastodon.socialOP
    link
    fedilink
    arrow-up
    5
    arrow-down
    3
    ·
    edit-2
    1 year ago

    The author in another article does recommend GrapheneOS.

    https://madaidans-insecurities.github.io/android.html

    “The best option for privacy and security on Android is to get a Pixel 4 or greater and flash GrapheneOS. GrapheneOS does not contain any tracking unlike the stock OS on most devices. Additionally, GrapheneOS retains the baseline security model whilst improving upon it with substantial hardening enhancements … includ[ing] a hardened memory allocator, hardened C library, [and] hardened kernel”

    • moreeni@lemm.ee
      link
      fedilink
      arrow-up
      18
      ·
      1 year ago

      on Android

      GrapheneOS is still not perfect. The general consensus among people is that running QubesOS with a Whonix/Kicksecure container is the best you can get atm but even that it is not perfect.

      The point of the Linux insecurities article is to fight common misconception by the FOSS community that using a Linux distro is going to solve every single security concern you might have. It does not mean, however, that Linux is inherently insecure and shouldn’t be used.

      The author himself had said he uses Linux and Firefox despite what he wrote in the posts.

      • Jesus_666@feddit.de
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        The real point is not that Linux is less secure than often said but that “inherently secure” is not a thing, especially not when a network is involved. Your system can make it easier for you but you still have to look after your own safety.

      • Pantherina@feddit.de
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I would say QubesOS is for sure the safest, but having normal sandboxes and permissions should be enough. QubesOS is like making an insecure OS secure, as there are no permissions or portals, so you need to go way beyond and run multiple VMs at a time. This is not suited for any daily use, my modern laptop really struggles to run 2 VMs at a time