My apologies if this isn’t the appropriate category for this post, as it’s mostly development related I’m assuming it’s fine…
As a long time security enthusiast I’ve distro-hopped with my main system a fair bit over the years mostly between hardened-gentoo, Archlinux and a heavily tweaked Fedora installation. Somehow despite this and my knowledge of fairly obscure operating systems that never really got off the ground like Subgraph OS I’ve only just recently learned about Kicksecure after taking a fresh look at the current os-security landscape.
At this point it feels like I should just trash my current setup but I’m really conflicted as to whether or not I should go with Qubes or Kicksecure as my host os. They’re both wonderful projects but Qubes sadly seems to be very slow at implementing the “latest and greatest” security features offered by Kicksecure(even if they’re not all defaults yet) so I’m hoping someone more informed on all of this could share what they’ve chosen and why.
This will certainly be documented when Kicksecure developed further. At minimum after having a dedicated website kicksecure.com being ready as well as ISO host operating system release.
Some of this will is related:
That’s great to hear, I’m very thankful that individuals such as yourself and other contributors are willing to sacrifice your free time to selflessly work on this project, which is sadly far more important than the majority of people currently realize.
I have indeed read that page and tried to do a reasonably thorough job of researching this before posting, though I could have been more clear about what I’m trying to determine.
Qubes and non-Qubes Whonix both offer unique security features and for a laptop that will be traveling around quite a bit I think I could confidently say the benefits offered by Qubes probably outweigh those of a non-Qubes Whonix system. My system should be quite stationary so I was hoping to hear some developers share their insight on the technical/security merit of choosing a Qubes Whonix system over a non-Qubes(Kicksecure) Whonix system for your average desktop PC and vice versa with regard to protection against an internet-based network attacker, keeping in mind that I’m also happy to get my hands dirty going beyond the defaults.
I find it quite difficult even with my prior experience to confidently say which is better than the other in a given scenario due to the complex nature of security features in general, particularly when trying to determine the net benefit of one group of features over another/which group is more likely to protect a user from current real world threats. As the developers certainly understand these nuanced issues better than most I’d greatly appreciate it if they shared their personal opinions on the topic.
On less of a support request-ish note(would you say this is the wrong category for my post?) I’m also interested in knowing why Qubes is slower to implement some of these features. Is it simply a lack of available manpower or current higher priorities? And is this is expected to change at all in the near future? I’m sure the current pandemic has been rough on FOSS projects.