I trust code more than politics.
Epic, only because I've never heard of it so it probably isn't recommended often. I should note that Vanadium is only available on Android and is very difficult to install if you don't use GrapheneOS. Trivalent is only available for a small subset of Linux distros (and comes preinstalled on secureblue). Brave Browser is cross-platform and recommended by GrapheneOS as an alternative to Vanadium if you want specific features Vanadium lacks.
Chromium, as I mentioned, as well as the Android Open Source Project used as the base for GrapheneOS. Their hardware is also very secure, which is why it is used by GrapheneOS. Google Play Store is also one of the most secure app stores for Android, but one of the least private. This is where Google becomes a double edged sword.
Organic Maps and OpenStreetMap should be listed as map alternatives. Mullvad Leta is a recently popular private search engine.
Google isn't inherently bad; they are bad for privacy but good for security. For that reason, Chromium-based browsers such as Vanadium, Trivalent, or Brave Browser are still good alternatives to Google Chrome even though Chromium (which is the open source base for Chromium-based browsers) is developed by Google.
Also: the "T" in
PeerTubeshould be capitalized.How many hours of sleep I'll be losing /s
It's terrible to use, and it has no themes, so using it at night is a death sentence for your eyes.
On my list it shows that I have not personally used the software, so I have no idea. This is good to know, though, so thank you! I'll be sure to replace it with a better alternative if one exists.
I would be very interested to here what those other ways are.
I've thought a lot about the many places governments can get funding from. The most obvious would be donations, if you can build a culture that is strongly oriented around donations. Housing, land, and school costs are sources we have today. Some more creative funding sources include: taxing companies (since companies are transparent this can be enforced), adding a wealth cap (and any extra income once that cap is hit goes towards the government), and heavy legal fines (currently legal fines are pretty small, especially for big corporations). The best way for a government to make money is to spend it responsibly to avoid useless costs or overspending. There's plenty of other sources of income, but if done correctly they should cover the cost of no taxes and free healthcare.
Your link does not work.
Invalid connection link Please check that you used the correct link or ask your contact to send you another one.I suggest editing the post with a fresh invite link.
If you don’t mind I am curious to hear your reasons.
For the same reasons KeePassXC encrypt their databases and Signal got backlash for storing encryption keys in plaintext. Encryption doesn't protect against everything, but it is a big deterrent against many attacks.
Fedora isn’t that secure without some effort either.
Fedora's philosophy is being a modern and security oriented (not security focused) distro. An easy example is that Fedora uses Linux kernel 6.14.2, whereas Debian uses Linux kernel 6.1 (I know they backport fixes, but the point remains).
Unfortunately, I have no way to confirm which one out of them is “more secure”.
Do you have any sort of automated test framework in mind which one can use to test distros against attacks?
Generally trust what security experts say about it, but if you really want an automated test, you can look at Lynis
Why do you rank secureblue over Whonix?
Whonix on its own isn't very secure. It's more privacy focused than security focused. It's based on Debian, which has a host of issues I won't get into.
dom0in Qubes OS is based on Fedora for its security, and it's no coincidence that secureblue is also based on Fedora.Hey, I recognise you now!
Look mom, I'm famous! :P
That was a great post, I had a lot of fun reading it.
Thank you!
If I could follow people on Lemmy I’d follow you.
The best you can do in regards to that is adding my profile to your preferred RSS reader, so you get notified each time I post. A few good ones for android are Feeder, Read You, or (my favorite) Capy Reader.
What do you think about Kicksecure (and Kicksecure inside of Qubes)?
I'm not sure if you mean actual Kicksecure or if you mean Whonix. Either way, if I were to use Qubes OS, I would do Whonix inside of Qubes (until a secureblue template is made).
SecureBlue too but I hear SecureBlue isn’t a big team, not sure how much time they have to address the broad range of desktop Linux security issues
secureblue backports a lot of fixes from other projects (e.g. their browser, Trivalent, backports fixes from GrapheneOS's Vanadium). Their team is small but mighty.
I personally think that if you were to put GrapheneOS and Qubes OS side-by-side on uncompromised hardware, I’d take Qubes.
GrapheneOS compartmentalizes as well, but in a different fashion. All apps on GrapheneOS are sandboxed, Once GrapheneOS implements App Communication Scopes, apps will be able to be completely* isolated. Without App Communication Scopes, the best way to isolate apps is by setting up separate profiles.
*While APC prevents communication between apps, they are still installed on the same profile, and thus have access to unique profile identifiers. Apps with network access can technically communicate with each other via a third party. Furthermore, apps may be able to directly communicate with each other through a telephone effect (e.g. Pixel Camera tells Google Play Services to tell Google Calendar about the photo you just took). I am massively oversimplifying this, but you get the gist.
I mentioned in my post that security is going to become very interesting with the introduction of the Linux terminal into Android. If GrapheneOS chooses to expand on this, that means, like Qubes OS, GrapheneOS could emulate multiple Linux distros.
Anyways, this is how I would rank them in terms of security (again, oversimplified):
GrapheneOS > Qubes-secureblue > Qubes-Whonix > secureblue
Each project fundamentally has different goals, so there is no one "security" to rank them by.
Though, for desktop, I prefer secureblue, as I don't have a secondary GrapheneOS device, and secureblue is far more usable than Qubes OS.
I edit notes using vim or vscodium.
You should probably try moving away from this practice. First, this leaves your notes vulnerable as they are not encrypted at rest. Second, those programs are not designed for private notes, meaning there is the potential for various leaks to happen that you may not even be able to catch (temporary system files, etc.). Using a dedicated notes editor (like Joplin) means you are using something designed to keep your notes confidential.
Disclaimer: In the case of Joplin specifically, the developers take issue with implementing encryption at rest. Their philosophy is "If your computer's disk is encrypted, then all your notes are already encrypted at rest." This is flawed thinking for many reasons that I won't get into here.
I would recommend Joplin, for these reasons:
- It's digital (of course)
- It's cross platform: iOS, Linux, Windows, macOS, and Android
- It's fully open source
- It supports end-to-end encrypted syncing with different providers: Joplin Cloud, Dropbox, OneDrive, File system (for things like Syncthing), Nextcloud, WebDAV, S3 (Beta), and Joplin Server (Beta)
- It supports markdown editing
When looking for software in general, write down what you are looking for and what your requirements are. Then, consider if there are any conflicting requirements (e.g. "I want my handwritten notes to be transcribed, but I don't want any kind of handwriting recognition"). From there, you can make tough decisions or find a compromise. Then, think about any problems that may arise in the future. Do you plan to switch operating systems to something like GrapheneOS? Do you want to move away from cloud storage altogether? From there, you can get a good idea of what to look for. Good luck!
Lemmy is open source, maybe someone could make a JavaScript-free frontend?
Some things simply cannot be done without JavaScript, as unfortunate as that is.
https://privsec.dev/posts/linux/linux-insecurities/
That's a more up-to-date article about security issues with Linux.
TL;DR is that Linux (the desktop, not the kernel) is fundamentally insecure, and so the more secure options for desktop are Qubes OS (Qubes OS is not a Linux distro) or (even better) GrapheneOS used in Desktop Mode. secureblue is about as secure as Linux can get, but the most secure option for desktop itself.
Things also get weird when you consider running secureblue inside of Qubes OS. See my post for more thoughts about that.
Most Lemmy instances already work without JavaScript, but if you want a more friendly experience without JavaScript, you can browse using https://old.lemmy.world/
Madaidan's Insecurities hasn't been updated in a few years, so some of the information is a bit out of date. It is still decent information, but don't follow it granularly. What you may be looking for instead is secureblue, which essentially does what you are describing but for Fedora Atomic desktops.
Thank you!