{{Header}} {{#seo: |description=Host Operating System Selection, OS Threats to Privacy and Security |image=Software-871026-640.jpg }} [[File:Software-871026-640.jpg|thumb]] {{intro| Host Operating System Selection, OS Threats to Privacy and Security }} {{mbox | type = notice | addToClass = ib-for-thumb | image = [[File:Ambox_notice.png|40px|alt=Info]] | text = {{project_name_long}} is available for many host {{os}} (outside any {{VM}}). See [[Download]]. Which host OS is the most suitable or most secure? This is being addressed on this wiki page. }} {{Anchor|Recommended Linux Distribution}} = Recommended Host Operating Systems = The following Linux based To be more exact, Qubes OS is not primarily based on Linux. Qubes is based on Xen and Linux. operating systems are specifically recommended. '''Table:''' Recommended Host Operating Systems {| class="wikitable" ! OS ! Host ! Version ! Knowledge ! Hardware Support ! Installation ! {{Kicksecure_wiki |wikipage=Host_Live_Mode |text=Host Live Mode }} |- ! [[File:Logo-debian-500x500.png|30px]] | {{Archive_link |url=https://www.debian.org/ |onion=http://5ekxbftvqg26oir5wle3p27ax3wksbxcecnm6oemju7bjra2pn26s3qd.onion/ |text=Debian }} | {{Stable project version based on Debian version short}} ({{Stable project version based on Debian codename}}) | Beginner | Normal | {{Kicksecure_wiki |wikipage=Debian_Tips |text=Debian Tips }} | {{No}}, not installed by default. |- ! [[File:Kicksecure-icon-logo.png|30px]] | {{Kicksecure_link | |{{Kicksecure}} }} | {{VersionShort}} | Easy | Normal | {{Kicksecure_wiki |wikipage=Debian |text={{Kicksecure}} on top of Debian }} | {{Yes}}, installed by default. |- ! [[File:qubes-logo-blue.png|30px]] | {{Archive_link |url=https://www.qubes-os.org |onion=http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion |text=Qubes OS }} | See [[About#Qubes_Hosts|Qubes Hosts]]. | Advanced | {{Archive_link |url=https://www.qubes-os.org/doc/system-requirements/ |onion=http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/doc/system-requirements/ |text=Limited }} | {{Archive_link |url=https://www.qubes-os.org/doc/installation-guide/ |onion=http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/doc/installation-guide/ |text=Qubes OS Installation Guide }} | {{No}}, unavailable. |- |} These are recommended since these are used by the developers of {{project_name_short}}. The developer's familiarity with these operating systems makes it easier to provide maintenance and support. Users that have never used any Linux based operating system ever before, that are currently using Windows or macOS as their computer operating system, might find it difficult at first to migrate to a Linux based operating system. ({{Archive_link |url=https://www.kicksecure.com/wiki/Linux_User_Experience_versus_Commercial_Operating_Systems |onion=http://w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion/wiki/Linux_User_Experience_versus_Commercial_Operating_Systems |text=Linux User Experience versus Commercial Operating Systems }}) That is why {{project_name_short}} and {{Kicksecure}} are available on other operating systems such as Windows and macOS through use of virtualization. A familiar environment without the necessity of complex host operating system changes gives users a chance to experiment with their first Linux based operating system. This opportunity to learn more might become one day a user who mainly uses Linux as their host operating system. As long as no downloadable {{Kicksecure}} ISO is available, Linux beginners might find Debian easier to use than {{Kicksecure}}. Existing Debian, Ubuntu or other Debian derivatives users with essential knowledge about its usage however might find {{Kicksecure}} easy to use. = Other Operating Systems = {{mbox | type = notice | image = [[File:Ambox_notice.png|40px|alt=Info]] | text = Linux, Xen or BSD are the only serious options for a host operating system that respects privacy. Interested readers should review the rest of this page if they are interested to find out why. }} __TOC__ = Linux Hosts = A [https://www.fsf.org/about/what-is-free-software Free Software] OS that respects user freedom is the only practical choice when it comes to privacy and security. Use Linux on the host and prefer in-repository software that is automatically gpg-signed and installed from the distributor's repositories by the package manager. This is far safer than downloading programs from the Internet like Windows adherents are required to do. {{mbox | type = notice | image = [[File:Ambox_notice.png|40px|alt=Info]] | text = If it is infeasible to install [[Qubes]] as a high-security solution, then {{Archive_link |url=https://www.debian.org/ |onion=http://5ekxbftvqg26oir5wle3p27ax3wksbxcecnm6oemju7bjra2pn26s3qd.onion/ |text=Debian Linux }} version {{Stable project version based on Debian version short}} (codename: {{Stable project version based on Debian codename}}) is recommended since it provides a reasonable balance of usability, security and user freedom. }} Interested readers can find a complete list of reasons to use Debian {{Archive_link |url=https://www.debian.org/intro/why_debian |onion=http://5ekxbftvqg26oir5wle3p27ax3wksbxcecnm6oemju7bjra2pn26s3qd.onion/intro/why_debian |text=here}}. For download, verification and installation instructions, see {{Archive_link |url=https://www.kicksecure.com/wiki/Debian_Tips |onion=http://w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion/wiki/Debian_Tips |text=Debian Tips }}. In the past, virtually any Linux distribution could be recommended in order to protect privacy, however Ubuntu's history of [https://en.wikipedia.org/wiki/Unity_(user_interface)#Dash data-mining] makes it an unsuitable choice. https://web.archive.org/web/20170110080220/https://fixubuntu.com/ Ubuntu's February 2016 Privacy Policy allowed search terms entered into the dash to be sent to Ubuntu and selected third parties to "complement" search results, along with the IP address. Fortunately this text has now been removed in the [https://www.ubuntu.com/legal/dataprivacy latest iteration of the document].
For additional reasons to avoid Ubuntu or Ubuntu-derived distributions, expand this section.
Ubuntu's paltry contributions to the upstream Libre projects they heavily rely upon is a policy decision and not a coincidence. Canonical founder Mark Shuttleworth has stated: "It is absolutely true we have no interest in the core fundamentals of the Linux kernel, none whatsoever." https://web.archive.org/web/20191219195949/https://www.theinquirer.net/inquirer/news/2168086/canonical-linux-kernel Canonical only bothers to majorly contribute in any way when forking significant projects; for example, Wayland into Mir, GNOME into Unity https://web.archive.org/web/20150912223445/https://ask.fedoraproject.org/en/question/25127/how-to-build-unity-in-fedora/ , and .deb packages incompatible with Debian because of zstd compression. https://www.phoronix.com/news/Ubuntu-Zstd-Deb-Packages This appears to be a consistent attempt to fragment the software stack to lock in users and put pressure on competing distributions and vendors. https://mjg59.dreamwidth.org/25376.html https://www.linux-magazine.com/Online/Blogs/Off-the-Beat-Bruce-Byfield-s-Blog/Mir-vs.-Wayland-show-why-upstream-projects-matter The Ubuntu Contributor License Agreement gives them complete power over patents that cover contributed code. Essentially they are granted the right to re-license this code under any license of their choice, including a proprietary one. Ubuntu also has a history of treating staff in a hostile fashion. For example, the Kubuntu spin project lead was unilaterally removed without warning and contrary to wishes of his team members. https://kver.wordpress.com/2015/05/27/making-sense-of-the-kubuntucanonical-leadership-spat/ Canonical also pilfered donation funds originally meant for desktop spin projects (Kubuntu, Lubuntu and others). In Kubuntu's case, after funding was abruptly dropped, Blue Systems had to step in to save the popular project. https://www.pcworld.com/article/424171/kubuntus-founder-resigns-accuses-canonical-of-defrauding-donors-and-violating-copyright.html https://lists.ubuntu.com/archives/kubuntu-devel/2012-February/005782.html Canonical has also been applying an absurd intellectual property (IP) policy over packages in its repositories for years. This resulted in claims that Canonical owns the copyright over any binaries compiled by their servers. After the FSF stepped in and arranged a resolution over a period of two years, the policy was amended to state that Canonical’s IP policy cannot override packages with GPL licenses. However, this now means that any package with a permissive license is now copyrighted by Canonical. https://www.fsf.org/news/canonical-updated-licensing-terms https://mjg59.dreamwidth.org/37113.html Unfortunately, downstream forks based on Ubuntu cannot be relied upon either. For example, the popular Linux Mint distribution was threatened with being cut off from access to Ubuntu infrastructure unless they caved in to Canonical's binary licensing terms. https://forums.linuxmint.com/viewtopic.php?t=152450 Since then, Linux Mint has developed a version based on Debian instead. Canonical's vague trademark and IP policy has become toxic for downstream distributions. Many have made the smart choice to re-base on Debian instead of Ubuntu over the years including Kali, {{project_name_short}} [[Dev/Operating_System#Switch_from_Ubuntu_to_Debian]] and others. https://mjg59.dreamwidth.org/45939.html A final major concern is Canonical's friendly relationship with Microsoft. This should make all Linux users uncomfortable, given Microsoft's strategy of "Embrace, Extend, Extinguish" with respect to Free Software. https://www.zdnet.com/article/microsoft-and-canonical-partner-to-bring-ubuntu-to-windows-10/
There are of course other options. See [[Dev/Operating_System#Why_don't_you_use__for_{{project_name_short}}? | "Why don't you use for {{project_name_short}}?"]] for analysis of alternatives. = Introduction = A lot contention is derived from the different word definitions of the word "security" by advocates of proprietary software versus Freedom Software. An attempt to explain the different positions can be found in chapter {{Archive_link |url=https://www.kicksecure.com/wiki/Miscellaneous_Threats_to_User_Freedom#Freedom_vs_Tyrant_Security |onion=http://w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion/wiki/Miscellaneous_Threats_to_User_Freedom#Freedom_vs_Tyrant_Security |text=Freedom vs Tyrant Security }}. = Windows Hosts = {{Windows_Hosts}} = macOS Hosts = {{mbox | type = notice | image = [[File:Ambox_notice.png|40px|alt=Info]] | text = This macOS Hosts chapter might need some improvements. [https://phabricator.whonix.org/T993 ticket] }} In a fashion similar to Windows platforms, Apple operating systems also pose many security and privacy threats. '''Table:''' ''macOS Threats'' https://www.gnu.org/proprietary/malware-apple.en.html {| class="wikitable" |- ! scope="col"| '''Category''' ! scope="col"| '''Description''' |- ! scope="row"| Backdoors | * Files on devices can be deleted if they were downloaded from sources competing with Apple companies.
* Intentional backdoors allow remote root privileges, wipes and deletion of applications. |- ! scope="row"| Design Flaws | * An insecure design allows execution of malicious code by applications and the extraction of messaging history. |- ! scope="row"| Device Bricking | * Devices are bricked if fixed by an "unauthorized" repair shop.
* Devices are bricked that were unlocked without permission. |- ! scope="row"| Personal Information | * Biometric markers like fingerprints are used for device authorization.
* Extensive personal information is sent to Apple servers, such as:
** Automatic uploads of photos and videos used by certain applications; and
** Unsaved documents and program files (without permission).
* Search terms and location information are sent to Apple.
* System files are scanned. * OSX phones home with info about the Date, Time, Computer, ISP, City, State and Application Hash when any program is executed, by default. https://sneak.berlin/20201112/your-computer-isnt-yours/ https://web.archive.org/web/20201101051821/https://appleterm.com/2020/10/20/macos-big-sur-firewalls-and-vpns/ |- ! scope="row"| User Control and Freedoms | * Allowable programs like media, political, bitcoin and health-focused applications, and games are censored.
* Arbitrary limits are imposed on the use of software.
* Digital restrictions mechanisms are imposed.
* System upgrades are forced without consent.
* Older versions of operating systems cannot be installed.
* It is impossible to manually fix system security bugs that Apple have not addressed.
* User interfaces are designed to make specific options hard to find and enable/disable. |} See [https://www.gnu.org/proprietary/malware-apple.en.html this write-up] by the FSF for further detailed information. https://web.archive.org/web/20180817061520/https://fix-macosx.com/ In public talks, ex-Tor developer Jacob Appelbaum who had access to the Snowden files, hinted that Apple devices in particular were easy to infiltrate by the Intelligence Community. = Recommendation = Based on the preceding sections and analysis, it is strongly recommended to learn more about Linux and install a suitable distribution that safeguards rights to secure and private computing. Otherwise, significant effort is required to play "whack-a-mole" with Windows and [[Malware and Firmware Trojans|malware]], which routinely subjects users to surveillance, limits choice, purposefully undermines security, and harasses via advertisements, forced updates, remote removal of applications without consent, and so on. = See Also = * [[Essential_Host_Security|Essential Host Security]] * {{kicksecure_wiki |wikipage=Advanced_Host_Security |text=Advanced Host Security }} * [[Miscellaneous Threats to User Freedom]] * [[Avoid_nonfreedom_software|Avoid Non-Freedom Software]] * [[Miscellaneous_Threats_to_User_Freedom#Freedom_vs_Tyrant_Security|Tyrant Security vs Freedom Security]] * [[Reasons for Freedom Software|Why {{project_name_short}} is Freedom Software]] * [[Warning#Unsubstantiated_Conclusions|Unsubstantiated Conclusions]] * [[Policy On Nonfreedom Software|{{project_name_short}} Policy on Non-Freedom Software]] = References = {{reflist|close=1}} {{Footer}} [[Category:Documentation]]