A great idea - some of it might be of interest to Tails team too?
Kicksecure - Security Focused Linux Distribution based on Debian - In Development - Feedback Wanted!
Great project.
It will be good if it will use Pandora. Pandora automatically overwrites the RAM when the system is shutting down.
Also a good idea is to onionize souces.list and use Tor for updates. Maybe to use Anon Connection Wizard in case someone need to use proxy before Tor
Speaking of keeping dependencies down, if you could limit the dependencies to only what is necessary I will help you port the packages to Ubuntu. I started doing this for Whonix packages a couple years ago but there was enough differences in the Ubuntu/Debian KDE versions and dependancies that it became impossible so I dropped it. But I think if you stuck to minimal dependancies this will be much easier.
That would open up a whole new user base.
Dependencies for individual packages are minimal. Necessary stuff only.
Could you please have a look at some packages and let me know if
dependencies are non-minimal?
Many years ago (maybe up to Whonix 7 or so) there were no separate
packages but only packages like whonix-shared, whonix-gateway and
whonix-workstation with all files but that has long been deprecated in
favor of separate packages.
- GitHub - Kicksecure/sdwdate: Secure Distributed Web Date; privacy, anonymity and Tor friendly; console time fetcher and daemon; optional graphical user interface etc. Website: https://www.kicksecure.com/wiki/sdwdate
- GitHub - Kicksecure/security-misc: Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc
Hardened Debian would make a great introduction to Linux for Windows users who might want to try Linux out for the first time. Much of the documentation from the proposed "whonix-can-become-a-distribution-targeting-first-time-linux-users"
project could be used for this. Maybe even combine the two projects for maximum usefulness? I think that would be very reasonable with some community contributions.
We can’t call it Hardened Debian
.
As per Debian -- Debian Trademarks a new name as to be found.
- Use the Debian trademarks in their exact form, neither abbreviated or hyphenated, nor combined with any other word or words.
A new project name has to be found.
- It shouldn’t imply anonymity anything.
- We shouldn’t be watering down the
Whonix
brand by calling itWhonixClearnet
or something. (That name would be a contradiction too.)
Suggestions?
Very true indeed no diluting the hard (pun unintended) earned recogniztion allowed.
There is always that pre-existing notion in many users mind when they encounter the term “hardened” . Clearly the efforts often stray towards the notion with a “kernel” centric focus.
I am pretty sure Whonix efforts continue to encompass more.
The first word or English adjective that came to mind was “enhanced”
Perhaps to add to the consideration, the other words include
terms such as fortified, or reinforced.
Would you smile if I think out aloud with Whonix Steel / Whonix Stahl or even Whonix Stalo (in Esperanto)
Cheers !
I like that. Maybe someone could come up with a good acronym. For example:
SecLix
Security Enhanced Linux Distribution
(Brought to you by the developers of Whonix)
I’m smiling
One possible issue is that might imply a “Steel anonymity distribution” . I think Whonix should be mentioned but maybe not in the actual name.
That’s a good idea. However both examples have google results already.
@0brand Wow SecLix that name when said real quick sounds cheeky LOL
@Patrick - WOW… indeed its high time we make SEO work to our benefit
BTW… I was wondering if you and your entourage have already ideas on this effort become a darling template in Qubes as well. (No No but not as a HVM puhleese) Am I dreaming…? pinch me
How about HaLos
. Hardened Linux Operating System
Pronounce Hay-Low
. The “s
” is silent.
The thing is, can we get to google rank 1 after a while? I see halos already being used for other things.
Thats just wont happen for new comers to GNU/Linux. its self contradictory statement because Windows is for noobs when they come to Debian needs alot of changes and when there is “Hardened Debian” thats requires even more.
But if hardened debian going to be so idiotic one based on newbies configurations just like Ubuntu then no need the headache , freshly minimized Debian way much better in this case. (and most likely wont be considered hardened anyway…)
What about LEDAR, Linux Environment Designed for Attack Resistance?
We can’t call it HardenedDeb
or anything including Deb
either.
https://www.whonix.org/pipermail/whonix-devel/2019-May/001394.html
Generally we don’t encourage any derivatives to use parts of Debian’s name in their name, as it increases likelihood of confusion that it’s an official product of the Debian Project.
That said, we are perfectly happy with derivatives saying true statements like “…, based on Debian” or “Debian based”.
AAROS
Advanced Adversary Resistant Operating System
Sentient Linux
Sentient:
1 : responsive to or conscious of sense impressions sentient beings
2 : aware
3 : finely sensitive in perception or feeling
Trying to come up with a good acronym which uses ANTI-OS
Advanced. N. Threat. I. -OS
Haven’t gotten that far.
ha! i like aaros. phonetically sounds like eris.
What about…
- Sec1Linux
- 1st Security Linux
- Security First Linux
- First Security Linux
- Supreme Security Linux
- Securetty Linux
- SecurettyOS
- Securer Linux
?