Silk Road forums
Discussion => Security => Topic started by: The Reverand on July 24, 2012, 07:28 am
-
So is their a major difference between the different versions of Linux, such as Linux Mint, Liberte, etc in terms of security, with Liberte being one of the most secure, or does it all just depend, with the difference being how you encrypt and use it?
-
There are big differences between the security provided by different linux distros. Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.
-
There are big differences between the security provided by different linux distros. Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.
This is correct.
As OP mentioned it I'll just say Linux Mint is just Ubuntu anyway with pretty graphics.
Variations of Linux aren't however the absolute most secure operating systems, but Linux operating systems such as Liberte are accessible and relatively easy to use, and definitely more secure than things such as Windows or Mac OS X.
-
You should download backtrack. It's mainly used on a USB drive as a live environment, but there are ways to do a full install on the flash drive. Backtrack is very secure, and if you're worried about security having your evidence on a flash drive is great. It's easy to hide, and easy to physically destroy if need be. Also, they're cheap.
-
Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.
What seems to be missing ?
-
Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.
What seems to be missing ?
Is Liberte 64 bit? If not it is not taking proper advantage of ASLR. Has he configured MAC profiles? If not it is not taking advantage of MAC. Hardened Gentoo provides tools that require both the proper version of the OS (ie: 64 bit) and proper configuration to take advantage of. Using Hardened Gentoo without the proper settings and configuration does not take advantage of what it has to offer.
-
I tried the portable version of ubuntu on usb stick and it wiped out my windows 7 so be careful children
-
I tried the portable version of ubuntu on usb stick and it wiped out my windows 7 so be careful children
How the hell did you manage that? Were you messing around in a partition editor? Or did you try to "install" Ubuntu without knowing what it was doing, thinking you were installing a video game? There is no way Ubuntu did this all by itself, it would've needed some assistance.
-
What are everyones view of OpenBSD, as the main desktop or proxy?
TWM
-
What are everyones view of OpenBSD, as the main desktop or proxy?
TWM
If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.
-
What are everyones view of OpenBSD, as the main desktop or proxy?
TWM
If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.
The general consensus I have seen is that Hardened Gentoo has more potential than OpenBSD, but that OpenBSD out of the box is better. I would actually say pretty much the opposite of what you said, BSD is secure out of the box and less a pain in the ass to secure than hardened gentoo, hardened gentoo is less secure out of the box but has more potential and is a total bitch to configure properly (or even install).
-
Some people even say that Unix type operating systems in general are shitty security , and offer up alternatives such as Inferno, however I know very little about these operating systems.
-
What are everyones view of OpenBSD, as the main desktop or proxy?
TWM
If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.
The general consensus I have seen is that Hardened Gentoo has more potential than OpenBSD, but that OpenBSD out of the box is better. I would actually say pretty much the opposite of what you said, BSD is secure out of the box and less a pain in the ass to secure than hardened gentoo, hardened gentoo is less secure out of the box but has more potential and is a total bitch to configure properly (or even install).
Yes you are correct, Gentoo is a much bigger bitch to install and configure for a basic user than BSD, simply due to it's nature, that's how people who regularly use it want it to be, that's the whole point of Gentoo.
However I would say the main failing of Gentoo, that it can't escape from, is it's Linux Kernel, and simply for this reason I believe a properly locked down BSD installation with it's BSD kernel is more secure, and the main reason why most publicly accessible secure servers containing highly sensitive materials such as bank servers tend to use BSD as their main operating systems rather than a variation of Linux or GNU / Linux.
I'm only speaking from my personal experience here, dealing with banks and a few other institutions here in the UK and US, it may be different in other places.
Debian BSD which takes the best of both worlds is of huge interest to me currently, but seems to be incredibly poorly supported, especially in regards to propitiatory drivers:
http://www.debian.org/ports/kfreebsd-gnu/
-
What are everyones view of OpenBSD, as the main desktop or proxy?
TWM
If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.
The general consensus I have seen is that Hardened Gentoo has more potential than OpenBSD, but that OpenBSD out of the box is better. I would actually say pretty much the opposite of what you said, BSD is secure out of the box and less a pain in the ass to secure than hardened gentoo, hardened gentoo is less secure out of the box but has more potential and is a total bitch to configure properly (or even install).
Yes you are correct, Gentoo is a much bigger bitch to install and configure for a basic user than BSD, simply due to it's nature, that's how people who regularly use it want it to be, that's the whole point of Gentoo.
However I would say the main failing of Gentoo, that it can't escape from, is it's Linux Kernel, and simply for this reason I believe a properly locked down BSD installation with it's BSD kernel is more secure, and the main reason why most publicly accessible secure servers containing highly sensitive materials such as bank servers tend to use BSD as their main operating systems rather than a variation of Linux or GNU / Linux.
I'm only speaking from my personal experience here, dealing with banks and a few other institutions here in the UK and US, it may be different in other places.
Debian BSD which takes the best of both worlds is of huge interest to me currently, but seems to be incredibly poorly supported, especially in regards to propitiatory drivers:
http://www.debian.org/ports/kfreebsd-gnu/
That is false.
If you feel you need to be publicly humiliated again please reply and I will make it happen.
-
The best way to determine linux version security is:
-what does it install by default?
-how committed are they to releasing patches in a timely manner? do they have enough devs to do this or is it a 2-man show?
-what security history do they have?
-is it focused on noob users who want nothing but graphical interface? then it's probably insecure as it's just trying to be a windows or apple clone.
-do the kernel devs focus on trusted code auditing or are they rapidly releasing shit like Linus Torvalds?
Of course you can take any version of linux and lock it down yourself but easier to get a blank install with nothing enabled, then you have to make it insecure but activating shit instead of finding shit to turn off. If the NSA/CIA/Secret Service or Scotland Yard, or hired criminal hackers aren't after you for being Scarface or Mega Carding Kingpin, then you're prob fine with any linux installation. If worried disable X-windows and lock down everything else.
Or look into other operating systems like OpenBSD or shit like this:
http://www.scs.stanford.edu/histar/
Here's an article about it, Nikolai is an MIT comp sci prof now
http://soe.stanford.edu/research/profiles/infotech_mazieres.html
Only 17,000 lines of code?!?! Compare that to a typical linux distro with millions of lines of code.
OpenBSD also audits absolutely everything so you have a trusted code guarantee.
Security is about trusted audited code running on trusted audited hardware, and constant vigilence to patch and update your system, adapt to new threats, run behind a pf firewall running carp, and a whole host of sociology like not giving away who you are easily. Bruce Schneir's blog covers a lot of this.