Hey 👋 dear Linux Community,

I’m still kinda new to Linux (started using this year 😅) I already made it to my main OS, even if I still missing some things which I used on Windows, anyway. What I wanted to ask you guys, what recommendations do you have for Linux Mint (Cinnamon)? In terms of security, optimization, (a way to make the UI looking modern ;-;) and privacy? I would be very interested in what you do guys to optimize your Linux setup :) I’m pretty technical, so there is nothing which could overwhelm me (probaly).

Thx! 🤍

#privacy #dataprotection #linux #linuxmint #opensource #foss #cybersecurity @linux

  • @Nibodhika
    link
    011 months ago

    The funny thing is that a few of the articles I found that I thought you were missquoting were using quotes from that thread just a few comments below but no one was quoting that particular part. In any case there’s one important word left out “typical”, that’s important because you can harden the security of Linux by a lot more than you can Windows, which means that even if the typical Linux was less secure than the typical Windows that says nothing about which can be made more secure.

    I’m glad we see eye-to-eye on privacy, because unlike him I don’t think you can decouple both of them so easily, and in fact I believe that privacy is one subset of security (George Orwell and all of that).

    I’m not a cybersecurity expert by any means, but I did study for OSCP for a while but ended up working in programming servers instead, so I’m also not a layman on this. Every cybersecurity expert I’ve ever met uses Linux, it’s not universally seen as less secure like you’re describing, one guy has that idea and from his answers on that thread it looks like he’s focusing on one aspect, i.e. binary isolation, as the be end all for security and forgetting all other areas of attack, not to mention that even if you were to consider that then Linux has native docker and almost everything exposed to the internet nowadays runs inside docker which provides a lot more isolation than most other comparable technology.

    Which leads me to believe he’s talking about home use, and if you go to home use Linux has a package manager, so on that alone it beats windows on security since that can’t be MITM like a website can. So in windows you’re never sure if what you’re installing is the program you want or a virus. Even if we forget about that for a second, most people use windows with their admin account, so any malware a user inadvertently puts in the system has full system access, unlike Linux where the default is a limited user account with password prompt to use sudo. Even if a person uses windows with a non-admin account and has a hardened security, privilege escalation on windows is a joke, if you’re interested go check out hackthebox and run through a few machines, you’ll notice that on Linux privesc is usually looking for missconfigurations or errors from the user, whereas Windows is 90% of time check version, look out a CVE, exploit it.

    So, let’s recap, it’s harder to get into your Linux system, if something gets in by default it has less access, and to extend that access is also harder. How exactly is Windows more secure? Just because it checks a chip to ensure your hardware hasn’t changed? Chances that an attack would change my hardware at home are close to zero, and if someone stole my hardware good luck getting past luks, if I have the slightest suspicion that my hardware has been compromised I can simply unplug the disk, use a separate hardware to boot, copy the info from that disk and nuke everything, something that would be insecure in windows because it auto executes mounted drives by default, so plugging my old disk in could trigger whatever trap someone had setup.

    Honestly, the more I think about it the more absurd it sounds that someone would prefer Windows for security reasons. Servers have to be the most secure computers, actual people get paid a lot of money to make sure servers are secure, and the vast majority of servers run Linux.