Lost on picking a host OS (Hardened GNU/Linux?)

Without giving out personal details, I need a computer with acceptable security and privacy while also being easy to use. I plan on using Whonix on my computer for when I need to do anything sensitive and anonymous. In my search I found a Whonix contributor who points out many security flaws in Linux and recommends people who require security avoid using Linux. Instead they recommend Windows 10, Mac, and ChromeOS. My issue with that advice is that I want to avoid locking myself in a box where my computer is ultimately owned by some massive foreign corporation which collects my data. I’ve even heard that these corporations also cooperate with intelligence agencies to backdoor their products, but I don’t know how true that is.

After skimming through the Whonix wiki, My understanding is that Qubes, GNU/Linux, and *BSD are generally recommended. I’m not quite sure what to do with this conflicting advice because both the wiki and madaidan make good points. I’m hoping to find something that is somewhat easy to use, respects my privacy/freedom, and isn’t a security nightmare. I’d love to hear what others recommend and their reasoning behind it. To start the conversation, I’ll go through what the Whonix wiki seems to recommend and explain why I do or don’t think something is a good fit.

  • BSD – Definitely doesn’t seem very usable or noob friendly (and doesn’t seem to be as secure as it’s often presented to be)

  • Qubes – Very limited hardware support, takes up lots of system resources, and though not as bad as BSD it isn’t quite as user friendly as I hoped. I might be wrong but their security seems to be solely reliant on Xen keeping different plain old Linux VMs separated. Not to bash Qubes, and I’m no expert, but it doesn’t look like a very comprehensive security model.

  • Debian or other GNU/Linux distro – As mentioned before, it looks like Linux security has many flaws. However, it does seem like it can be hardened to be more acceptable. My issue is that the hardening guide is very complicated and the recommended distributions certainly aren’t noob friendly. My hope is that someone can recommend a Linux distribution that is both easy to use (such as Ubuntu) but also has been hardened by default, or otherwise recommend some alternative I haven’t considered.

Conflicting advice…

From wiki footer:

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

See these links.

Tyrant Security vs Freedom Security

Wiki:

Discussion:

A lot of it has been done in Kicksecure and Whonix, if technically feasible at the level of a Linux distribution.

What hasn’t? That’s what this list is for:

A lot of it has been done in Kicksecure and Whonix, if technically feasible at the level of a Linux distribution.

I came across Kicksecure when browsing the wiki but I’m not sure how to install it, the wiki had a lot of information so as a noob I was quickly overwhelmed. I read something about distro-morphing but I’m confused about the process and exactly what to do. Also, if I’m installing Debian, would the installation process be a little more difficult than something like Linux Mint? I’ve heard that Debian is more for advanced users, but I never tried it so I’m not sure.

install debian on your machine (you can just type debian 10 installation using search engine there many pages and videos showing that)

Note: make sure to choose xfce interface.

then install kicksecure-xfce:

if you want to use any other desktop interface then choose kicksecure-cli.

1 Like