Safest OS from your experience

Discussion in 'all things UNIX' started by John Smith Junior, Sep 11, 2013.

Thread Status:
Not open for further replies.
  1. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
  2. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    i dont go with unknown OS best safest for me which are backed my biggies like open suse redhat Canonical....etc

    for banking i have used scientific linux and Ubuntu so far :)

    also you can consider LPS but i didnt try it yet :)
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Any one you choose.
    Mrk
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Another stunning post by Mrkvonic. Bravo.

    Anyways...

    Chromium OS is very safe. You can set up most Linux distros to be quite safe, I highly suggest NoScript with Firefox if you're going to be doing banking.
     
  5. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
    have tried LPS , Cyber Shield and few others , Tails OS looks better

    this one have quite good test http://ip-check.info/?lang=en


    Im using PCBSD Mozila and No script but getting lots of reds in this test , PCBSD needs VPN service

    Anyway safe OS should from live CD or USB ,so I didint find anything better that is for free than Tails OS

    Im interested in that Blackbox laptop but it costs near 4700 EUR, as I understood that is a price for unlimited VPN service as well. Have sent them a letter did-int got response yet.
     
    Last edited: Sep 11, 2013
  6. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    From a purely practical standpoint, I think Linux wins by a wide margin.

    - Software repos make updating software easier

    - Updates are applied locally faster than on Windows

    - Package management is generally more convenient than on UNIX

    - More applications are compiled natively for 64-bit processors (and so can take advantage of improved memory protection mechanisms)

    - Desktop usage is still very low, so malware is uncommon

    However, you should still take some basic precautions. A badly configured Linux desktop will be insecure, and some distros (e.g. Mint) have terrible default configurations.

    - Make sure Samba, FTP, and other listening services are turned off on a desktop or laptop; same with SSH if you don't actually use it. If you do use SSH, it should be set to require login by public key, and never by plaintext password!

    - Use a password manager. Yes, really. I cannot begin to tell you how incredibly useful and important these things are. Any decent GPG frontend can also work as a password encryption tool, and tools like pwgen can produce decent passwords. Or you could use KeepassX for a really complete, cross-platform solution.

    - Use Chrome/Chromium if possible, or Firefox with Noscript. At the least, enable click-to-play for plugins, to avoid automatic pwnage.

    - Use an inbound iptables firewall, in case some stupid program decides to open a listening port without notifying you.

    For Mint this probably isn't enough, because there are other insecure settings... I'd recommend avoiding that distro altogether actually.
     
  7. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    Although I don't understand them all, Ubuntu and its derivatives look to be fortified with a good number of security measures...

    https://wiki.ubuntu.com/Security/Features

    Any of these default Ubuntu-based installs can be secured rather easily. The information's readily available all over the 'net. Anyone willing to learn can take things a big step further and Apparmor their browser at least. Actually, Chromium and Firefox already have profiles available for them, although I don't know how well they secure the browsers as compared to a carefully configured customized profile.
     
  8. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677

    i disagree with you mrk on this all linux are not safe.............for example anonymous OS said to be hidden rootkit in it :)
     
  9. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
    most serious servers runs on unix , but its a little bit difficult with unix desktop , Im using PCBSD it is quite stable and safe has lots off programs , but configuration is more difficult for specific tasks, this is for everyday work.

    But for real security OS should run from Live CD / USB device with restricted modification , so no one could modify or add new files to configuration.

    Also it depends from PC hardware and internet router/firewall

    As for big OS distribution like Windows , Ubuntu , Mac... serious hackers know their way around , even Java and Flash player are serious threats...

    didint try this one yet http://www.ipredia.org/
     
    Last edited: Sep 12, 2013
  10. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    Safe about what?
    If this terminology is related to an infection time survey, then any MS alternative is enough.
    There is already hardened and security focused OS and distributions available, that have been discussed many times on this area (even if a specific thread is welcome).
    At last, an exotic OS provides less career opportunities for malwares, but client/server side attacks remains the same due to cross platform languages and protocols.
    kernel virtualization is currently in vogue for military grade OS.
    Then, it is not difficult to build his own Safe OS, by choosing the right OS or distro, and extra security/privacy features like hardware encryption and VPN...

    And why not an instant on OS?
    http://wiki.mandriva.com/en/Mandriva_InstantOn
    http://event.msi.com/mb/winki/index.html

    Rgds
     
  11. wtsinnc

    wtsinnc Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    943
    Would a Linux LiveCD running outside of Windows XP and used exclusively for financial transactions be as/more safe than a properly configured Linux install ?
     
  12. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,103
    Hi John Smith Junior,

    You mjght want to investigate/try the Qubes OS.

    -- Tom
     
  13. Andz

    Andz Registered Member

    Joined:
    Jan 9, 2013
    Posts:
    75
    Not to nit pick, but what about Chrome OS?
     
  14. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,103
    Chrome OS gives you Google's propensity to snoop.

    -- Tom
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't know if there are any rips of ChromeOS online, so you'd have to be a Chromebook. ChromiumOS is free.
     
  16. Andz

    Andz Registered Member

    Joined:
    Jan 9, 2013
    Posts:
    75
    Would it be fair to say that Chromium OS is better with privacy and Chrome OS is better with security, since a Chromebook includes the full suite of security features such as verified boot?
     
  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I would consider them about equal, but only one is available to the general public.
     
  18. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
    not really, since is an majors in the market and knows NSA well even decent hackers are able to crack gmail... so OS could have an backdoor

    http://news.cnet.com/8301-13578_3-5...ch-firms-over-prism-says-latest-snowden-leak/

    http://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance-cheat-sheet

    have found interesting mail option www.valeso.com
     
  19. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
    Only live bootable OS and if you are using flash drive rather than a CD it should have manual write protection button

    Linux on hard disk also not the best choice , main OS should be safe as possible from modifications and updated with prepared update packs
     
    Last edited: Sep 13, 2013
  20. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
  21. TheCatMan

    TheCatMan Registered Member

    Joined:
    Aug 16, 2013
    Posts:
    327
    Location:
    sweden
    Or on ubuntu you can press F6> add the command toram
    and the live cd installs to ram and runs from it, same can be done with a usb flash drive and then the flash removed.

    I feel live cds are best, no hdd even in the system to recover any files or data from. Only when its logged in and running would it pose an issue, a good kill switch or perhaps I am unsure of this if there is an option to lock the system without password may help!
     
  22. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    Regarding GreenHill and LynuxWorks OS, they are mostly RTOS, different from desktop OS http://en.wikipedia.org/wiki/Real-time_operating_system
    Polyxene uses the same architecture http://www.polyxene.com/secure-operating-system.aspx

    For more information, Qubes leader developper provides interesting answer and info on his blog
    http://theinvisiblethings.blogspot....howComment=1347126709621#c4893499838894776599

    http://theinvisiblethings.blogspot.fr/2012/09/how-is-qubes-os-different-from.html

    With Fortress linux ( https://www.fortresslinux.org/ ), the Joanna baby is the most interesting project of Secure OS available for those who are looking for the Graal of Safest OS...even if this Graal, by experience, appears to me as a dead end...

    Rgds
     
  23. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
    Fortress Linux seams to be serious but why everybody use linux not unix ?

    Im using an PCBSD (unix) is not going through vpn by default or something but is really hard to break down harder than linux
     
  24. TheCatMan

    TheCatMan Registered Member

    Joined:
    Aug 16, 2013
    Posts:
    327
    Location:
    sweden
    thanks, that fortress linux looks great an os built with privacy and security to mind, but can't see much info on its privacy features.

    Does PCBSD built for privacy ie logs and security ?
     
  25. John Smith Junior

    John Smith Junior Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    15
    Location:
    Europe
    Lots of serious servers are build on FreeBSD so by itself PCBSD has a good background also Tor (Tork) Open VPN are available to use but its difficult to configure

    PCBSD goal is to built OS for for more advanced user and after get it done for simple user I have already wrote to them to make some security levels that it would be possible to choose on the boot , like using VPN I2P or TOR as standard modes
     
Loading...
Thread Status:
Not open for further replies.