- cross-posted to:
- linux@lemmy.ml
- cross-posted to:
- linux@lemmy.ml
cross-posted from: https://lemmy.ml/post/26453685
Not many people have heard about secureblue, and I want to spread the word about it. secureblue provides hardened images for Fedora Atomic and CoreOS. It’s an operating system “for those whose first priority is using linux, and second priority is security.”
secureblue provides exploit mitigations and fixes for multiple security holes. This includes the addition of GrapheneOS’s hardened_malloc, their own hardened Chromium-based browser called Trivalent, USBGuard to protect against USB peripheral attacks, and plenty more.
secureblue has definitely matured a lot since I first started using it. Since then, it has become something that could reasonably be used as a daily driver. secureblue recognizes the need for usability alongside security.
If you already have Fedora Atomic (e.g. Secureblue, Kinoite, Sericea, etc.) or CoreOS installed on your system, you can easily rebase to secureblue. The install instructions are really easy to follow, and I had no issues installing it on any of my devices.
I’d love more people to know about secureblue, because it is fantastic if you want a secure desktop OS!
You must log in or register to comment.
my daily drive distro
This is great ❤️ I’ve just switched to Silverblue and really cool that I can rebase to this!
How does it compare to qubes os
They do not claim to be most secure linux distro on the market but do not say which is. Lol
I believe your confusion comes from the following line: “secureblue does not claim to be the most secure option available on the desktop.”
Which is simply their acknowledgement that more secure options like Qubes OS exist. Note, however, that Qubes OS is not based on Linux, but instead on Xen.
So it’s like not using linux commands and such?
secureblue absolutely does.
Qubes OS does too. But that’s becomes dom0 and most of the qubes you’d interact with are just Linux. But the qube can be based on BSD instead. Heck, you could have it based on Windows even. These qubes are VMs; so you can basically do whatever you want with them. The heavy use of virtualization is exactly what makes Qubes OS as secure as it is.
Probably Qubes OS
I am literally halfway installing qubes os. I had linux mint before.
Going from Linux Mint to Qubes OS could be rough. You’re warned ;) .
Lol good luck but I wouldn’t recommend it as your daily os. Qubes is for those who have got a nation state on their back or something like that. For most people, default fedora is more than enough.
(see https://www.privacyguides.org/en/os/qubes-overview/ and https://www.privacyguides.org/en/desktop/)
can this be stacked on bazzite?
To add onto what N.E.P.T.R said, it is technically possible to make a custom amalgamation of Bazzite with secureblue’s hardening. However, it would be neither here or there. Some discussion of it can be found here. IIRC, it was ultimately deemed counter-intuitive as a gaming-distro inherently conflicts with a hardened one.
Finally, we shouldn’t disregard the technical part of this; it’s IIRC one of the reasons why the Bluefin-variants of secureblue were eventually disbanded. It frequently had a lot of interesting bugs that were simply not present on other secureblue-images. This isn’t on Bluefin either, as the non-hardened edition worked as you’d expect.
You could rebase to Secureblue, but that would replace Bazzite.
Anyone use this for a server? How is it?
deleted by creator
