Pinterest Stumbleupon Whatsapp

most secure linux distributionIf you’re a Linux user, security was probably one of the benefits that made you switch from whatever operating system you were using before. Linux has a great reputation for being one tough nut to crack, and it lives up to that reputation daily.

Users don’t have to worry about viruses or other malware to the point where anti-virus tools made for Linux actually sniff out Windows viruses to help fight their spread. None of those viruses can affect Linux, and barely any are actually made for Linux. Even then, they will have a very tough time doing any damage.

However, when “secure” isn’t good enough, you will want the best of the best. With so many distributions out there in the world to choose from, there are plenty that focus specifically on hardcore security. But which are the most secure Linux distribution?


most secure linux distribution

One distribution I can immediately recommend is Tails. Short for The Amnesic Incognito Live System, Tails is great because it remains extremely usable despite its focus on security. It also doesn’t just focus on a secure operating system, but it makes sure that everything you do on it is as secure as reasonably possible.

The distribution is based on Debian‘s stable branch, which is known for its great stability and security (although somewhat old software). It shouldn’t matter though if the software is older, as it should still do what you need it to do, safely. Tails only runs in a live environment, which is another good security feature because it completely wipes any traces on the computer you used once you shut down or restart.


Tails comes with a load of software to cater to every need you may have. This includes a customized Firefox browser (branded as Iceweasel because Tails is Debian-based) which uses the Tor network How the Tor Project Can Help You Protect Your Own Online Privacy How the Tor Project Can Help You Protect Your Own Online Privacy Privacy has been a constant issue with virtually all major sites that you visit today, especially those that handle personal information on a regular basis. However, while most security efforts are currently directed towards the... Read More out-of-the-box. Firefox in Tails also includes other extensions to make browsing as secure as possible with HTTPS Everywhere Encrypt Your Web Browsing With HTTPS Everywhere [Firefox] Encrypt Your Web Browsing With HTTPS Everywhere [Firefox] HTTPS Everywhere is one of those extensions that only Firefox makes possible. Developed by the Electronic Frontier Foundation, HTTPS Everywhere automatically redirects you to the encrypted version of websites. It works on Google, Wikipedia and... Read More and NoScript Three Firefox Security & Privacy Add-ons that can Co-exist Three Firefox Security & Privacy Add-ons that can Co-exist Read More . Tails also comes with Claws Mail with OpenPGP support, Pidgin with OTR encryption support, and editing tools like GIMP and OpenOffice.


secure linux

Another good distribution is Lightweight Portable Security, or LPS for short. This distribution is maintained by the US Air Force, and is as far as I know the only distribution coming from the American government (or in this case, military). It’s not uncommon for countries to produce their own Linux distributions, as China has Red Flag Linux and Turkey has Pardus.

This distribution is special because it takes a more minimalistic approach. Aside from the usual hardened code, it uses a lightweight desktop environment that resembles Windows XP, and only includes Firefox and a few additional tools. It also has an easy to use “Encryption Wizard” which can aid you in your quest for privacy and security.

Since this is a brainchild of the US Air Force, I would trust using it. Like Tails, it runs only in a live environment, and disappears along with any traces as soon as you shut down or reboot.


most secure linux distribution

Last but not least, your common run-of-the-mill distribution is also among the most secure. Surprised? You shouldn’t be. Although Ubuntu, Fedora, and the like aren’t equipped out-of-the-box to give you a secure experience like Tails is, the operating system itself is secure enough to satisfy most people’s needs. All you really need to do is keep it updated with available patches via the distribution’s Update Manager, and add some programs like Tor or OpenPGP that will make your usage a little more secure.

However, in terms of systems being compromised through attacks, your favorite distribution will do the job just fine. In fact, in a hacking competition, Windows and Mac OS X machines were defeated while an Ubuntu machine was still chugging away.


Of course there are plenty of other distributions that are worthy of a mention, but there are simply too many to name specifically. I might have also forgotten a few that definitely should be mentioned, but I’m sure you can remind me in the comments below. Just be aware that there is a difference between security distributions and secure distributions. Backtrack Linux is an example of a security distribution while the ones I mentioned above are secure distributions.

Do you regularly use secure distributions or software such as Tor? What have you been using so far? Let us know in the comments!

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Dc
    January 27, 2017 at 1:38 pm

    Now is the time for more True American Youth to be supported by the feds instead of foreigners in
    High tech education and develop the best, " MADE IN AMERICA" tamper proof and new skilled language
    outside of the IBM Microsoft apple monopolies! It is a new Trumponian era!

  2. dinesh
    December 19, 2016 at 1:22 pm

    I had shifted to Linux because i felt that windows is not secure but i had a lot of problems with linux. i tried Linux mint and had problems, it was difficult to use network printer, sorted it out but still could not scan documents on my scanner,printer and copier. then one day my gard disk crashed. got a new hard disk and installed ubuntu. now i am not able to use neither my printer nor my scanner, the bluetooth does not recognise any nearby device. a recent problem is that the laptop battery wont charge when in use. i am an average user who is paranoid about security and i do not have time to endlessly trying to configure my system so i am going back to windows but i am still not very comfortable with its porous privacy and security. can i use TAILS or LPS on a windows laptop. really appreciate your article and will be thankful if you could give some tips.

  3. Rufflez
    July 29, 2016 at 4:15 am

    If your worried about playing WoW or Diablo on linux don't.

    See the video below for a step by step guide.

    Down with windows :) long live open source.

    April 17, 2015 at 1:57 am

    Maybe it's just my system in particular but almost EVERY DAY I have to go and re-install what ever Linux distro I'm using.
    Makes me sick
    I have had good luck with running LIVE distros on a stick but when I install it to hard drive within 24 hours its time to re-install.
    The scumbags are EVERYWHERE and that's no joke.
    And it does NOT help that the router I log into is run by a paying computer illiterate that could care less about being secure.
    Truth of the matter is there are two types of people in the world. The smart and the stupid. And the stupid are making stupidity reproduce CONSTANTLY like its life and death or something. STUPID PEOPLE ARE WINNING THE WAR ON IGNORANCE and are bringing about the doom of human life. Next time you want to go out and get laid think about responsible fatherhood and the potential to have an IDIOT FUNBOY TOOL running around. Great thing to sacrifice your bachelorhood and freedom for ---AIN'T IT ?

  5. Frank
    February 11, 2015 at 3:44 am

    Ok, nice discussion but i can confirm Sagar Gorijala i have the last 6 years much more linux distro tested such as Ubuntu, Fedora, openSUSE, Debian, CENTOS and many more but openSUSE was the only one that i accepted, its stable, have a good performance and in combination with SELinux secure, i use openSUSE Linux ( and the SLE Server 12 ) in a highperformance Supercomputing Environment, no viruses, no malware nothing. I like it.

  6. ed gillham
    January 25, 2015 at 4:59 am

    I just want to say that I have indeed been hit in Ubuntu, three virus's found by clam, and several attacks on my external hard drive. I was in microwave countermeasure systems which is highly classified but am long since retired. It's not always paranoia.

  7. Sagar Gorijala
    December 11, 2014 at 2:00 pm

    I believe Sparkylinux is the best linux distro for an average user who owns a low spec computer. Can you please make a review on the amazing Sparkylinux. I used more than 15 linux distributions and found only OpenSUSE and Sparkylinux to be error free. And, Sparkylinux is faster and more responsive than OpenSUSE. Though it's true that both of them are very stable linux distros. OpenSUSE needs more RAM and Sparkylinux comes with various minimal RAM usage distro versions and LXDE in Sparkylinux is error free and LXDE in Sparkylinux is far better than LXDE in other Linux distros. Sparkylinux is worth a mention and it's also worth your valuable time. So please make a detailed review on Sparkylinux. Unfortunately Sparkylinux is unknown to ignorant masses and I was one of them and, it's true that failure caused by other distros make Sparkylinux more beautiful. If other distros didn't fail for an ignorant average user like me, I would have never realized how beautiful Sparkylinux is and how amazing Sparkylinux tiny specialized apps are. Thanks.

  8. Vishal Srivastava
    December 6, 2012 at 1:09 pm

    Will try out Tails. Just finished downloading it after reading your review. Thanks!!

  9. mmm
    October 15, 2012 at 5:36 am

    Tor = privacy. Encryption ~ privacy (less or more)
    Browser fingerprinting ~ privacy is not possible (almost)
    Security is something else.

  10. Gordo Viajão
    July 16, 2012 at 9:00 pm

    Really interesting, been using Ubuntu since 8.04 and had no security flaws on the client side... Only problems I had were brute force attacks on my GMail last year, but nothing of so great harm

    • Danny Stieben
      July 19, 2012 at 8:44 pm

      Great to hear! Plus those attacks on your Gmail means that people just tried to get into your Google account, which doesn't have anything to do with your Ubuntu desktop itself.

  11. Mayur Godhani
    July 10, 2012 at 5:20 pm

    Well, i always use Ubuntu on my lappy :)

  12. renii
    July 7, 2012 at 8:12 am

    NSA sez New SELinux code is no longer released on this site. SELinux is included in a number of Linux distributions. You can also find the SELinux source code at the following external links.
    SELinux kernel code is included in the mainline Linux 2.6 kernel,
    available from
    NSA seems to be saying it's already out there and included in present day releases.

    And isn't the kernel core code in all late windows versions straight from linux w/microsoft tweaks added on?
    Hafta agree with John on data saves

    • Danny Stieben
      July 7, 2012 at 10:43 pm

      Yes, some distributions (like Fedora) use SELinux features.

      Windows absolutely does *not* use Linux (with or without "Microsoft tweaks") whatsoever. The Windows kernel is a completely different closed-source project which is about as far away from Linux as possible. Sorry, but you're incorrect.

      • dragonmouth
        October 27, 2012 at 9:41 pm

        "Windows absolutely does *not* use Linux (with or without “Microsoft tweaks”) whatsoever. The Windows kernel is a completely different closed-source project which is about as far away from Linux as possible."
        Since Windows is proprietary and closed-source, very few people really know what is contained in the source. So the source can contain a lot of code "borrowed" from other O/Ss, especially the open-source ones like Linux and BSD. All we know for sure is that Windows does not contain any Linux/BSD security code.

  13. Richard
    July 7, 2012 at 4:30 am

    ---> This distribution is maintained by the US Air Force, and is as far as I know the only distribution coming from the American government.

    Not so. It is not the only Linux distribution available from the U.S. government and is not even the most secure. That title belongs to NSA Linux, available from NSA (the No Such Agency) at

    • Danny Stieben
      July 7, 2012 at 7:59 am

      As I've already discussed in earlier comments, SELinux as a distribution doesn't seem to be available anymore from the NSA. Just try to actually download it and you'll see what I mean.

      • Logan Kemp
        July 7, 2012 at 2:41 pm

        "SELinux is included in a number of Linux distributions."
        You should be able to get the last version from their archive here.
        Even though it's no longer maintained, you can still download it. It's probably been added to the Linux kernel, though, since it's so secure.

        • Danny Stieben
          July 7, 2012 at 10:40 pm

          I suppose one could use the last version, but it's pretty dated.

          Most distributions make use of it. I know Fedora is a heavy, active user of SELinux, which has sometimes given it some harsh criticism (which I find ridiculous).

  14. YourCaringPal
    July 6, 2012 at 7:07 am

    Thanks for this wonderful Open Source article. :)

    • Danny Stieben
      July 7, 2012 at 7:09 am

      No problem! I'm glad that I'm able to write these for people to read. :)

  15. henry cofa
    July 6, 2012 at 2:16 am

    Interesting article, congrats buddy

    • Danny Stieben
      July 7, 2012 at 7:08 am

      Thanks Henry!

  16. vineedcool
    July 4, 2012 at 5:57 pm

    ohhkkk but i like ubuntu best!!!

  17. ferdinan Sitohang
    July 4, 2012 at 8:57 am

    This far, i use ubuntu for my personal computer, and the security is good. As i know debian is one of the most popular distro for security.

  18. Joe P
    July 4, 2012 at 12:19 am

    I use Mint but have added noscript, adblock, flashblock, and HTTPS Everywhere to my Firefox. Also, I set it's temp directory to be in RAM and made that folder noexecute. I added PGP support to Thunderbird and I added Clam AV. I have TOR too. In 20 years of computing and 19 on the Internet, I have never had a virus or any malware. Only the paranoid survive!

    • Danny Stieben
      July 4, 2012 at 3:16 pm

      That's a nice collection of tools, Joe! Putting the temp folder in RAM is a neat trick, thanks for sharing!

    • mukhis
      July 5, 2012 at 3:25 pm

      @Joe P
      would you please mind to write a short tuto about those tricks? i am getting inclined to linux day by day, would love to know how to do those steps. just running a bunch of commands in the terminal, i guess. but i need the commands!

      • Pawpaw Joe
        July 9, 2012 at 4:36 pm

        I agree... those are some good tricks, especially putting temp in RAM, which I would love to know the trick to doing. I just started using Mint and like it more than Ubuntu. If you don't mind sharing... you will have my prayers and gratitude.

  19. John
    July 3, 2012 at 11:26 am

    Check out SELinux. It is also a U.S. Government OS created platform. It was developed by the National Security Agency for research purposes. I read somewhere that to date, that OS has never had a virus, or being hacked into. Probably because the OS is so rare as opposed to it being uncrackable.

    • Danny Stieben
      July 3, 2012 at 11:50 am

      I looked around for SELinux, but there wasn't a way to download it anymore. Take a look for yourself. Let me know if you do find something, however. :)

      • John
        July 3, 2012 at 12:09 pm

        Hm... That is interesting! I downloaded this several months ago and have a copy on CD. But I had a look again after your comment and couldn't find it anywhere. It doesn't appear to be on its home page, the NSA has stopped distributing it and mirror websites such as SourceForge don't have it anymore. Well... All I can say is that it has to be available from somewhere. Once on the internet, it stays as they say. I'd assume it would be available as a torrent. But it is hard to tell which ones are legit and what ones are loaded with viruses.

        • Danny Stieben
          July 7, 2012 at 2:14 am

          I haven't really found any other places yet where it could be downloaded...usually I wouldn't trust any other locations but if I find something credible I'll post it here.

      • Swabbie
        July 6, 2012 at 6:11 pm

        Here is a link to the NSA page with the download.

        • Danny Stieben
          July 7, 2012 at 2:13 am

          Thanks for the links, Swabbie, but if you click on any of those, you'll land on a page which lets you know it's no longer available. :(

    • RedScourge
      July 10, 2012 at 4:28 pm

      Most mainstream Linux distros now have a SELinux component included by default now, such as Ubuntu LTS, RedHat Enterprise, Fedora, etc. For most people, downloading this stuff is unnecessary.

  20. gattolino
    July 3, 2012 at 7:10 am

    i love fully personalizzable! people who like source code also can love debian :D

  21. John
    July 2, 2012 at 10:43 pm

    I like running running various Linux distros in Live Mode. There's a comfort in knowing that when you boot up the next day, your system is completely clean - except for concerns re: Flashable BIOS:

    I would love to see a laptop, for example, shipped with the OS on an microSD or SD card with a non-writable tab (flip tab = no write functions possible). You would flip tab to tweak system, install new apps, etc... Once done, write-protect and reboot. OS runs in RAM (with read access to SD card) and the hard drive is used only as a data drive (no boot sector) for your docs, media, etc... (accessible by other micro/SD cards holding alternative OSes). I might be the only one who likes this idea:-)

    Another paranoid option is running OSes in a Virtual Environment. While an OS might be particularly susceptible to intrusion, recovery is often easier because of the sandboxing aspect. Data access between the Virtual OS and the Real OS can sometimes be a problem though.

    For common users, the most important thing is their data. It isn't the OS, the applications (especially if you're using non-proprietary data formats) or even a manufacturer of hardware - it's making sure your data is backed up so that you can access it with any OS or device.

    • Danny Stieben
      July 3, 2012 at 7:56 am

      Thanks for that bit of information, John. Really helpful with some good ideas. :)

    • Sietze van de Burgt
      November 2, 2016 at 9:15 pm

      I like your plan for the laptop, I would personally use one computer for private offline use for keeping my files and my data and doing things like writing or using cad for instance that do not require internet. And another one for online internet use. I thought up that booting from a readonly DVD live os in a bleuray readonly drive ( no burner) is best and fastest since a blueray drive is faster in transferring data than a DVD drive. Also why readonly ? Because although you cannot really add data once a disk is finalized, but you can if you really want to, force a disk to turn on the burn laser and destroy a disk. And indeed let the system run in ram with maybe 32 Gb ram as minimum, and occasionally put in a cd or DVD in a burner readonly no rw, that is safest. Sad to say that I have to use a USB hard drive sometimes to transfer large files or many small ones. I think I am going to use this setup. Maybe I can use Windows again in my offline computer. Although I might have to desolder my mike and speaker from the motherboards since there seems to be the possibility of an ultrasound data connection between the motherboard of the online and offline computer. NSA is always a bit to curious about what people do with offline computers. Well once on this road you might as well install a power grid filter on the offline computer power supply to make sure no data escapes through a built in power grid network thingy, these are for sale as separate devices but can surely be build in. Oh and maybe also a separate groundpin that goes toward groundlevel in the backyard to make sure the whole computer cabinet ain't acting like a transmitter. Think I am paranoid ? I am way not paranoid enough to work for a computer security dept.

      Kind regards from,
      Sietze van de Burgt.

    July 2, 2012 at 10:24 pm

    A US Air Force Linux Distro is NOT for paranoid people. Is like trusting your privacy to the government.

    • Danny Stieben
      July 3, 2012 at 7:55 am

      I suppose you could say that, but if it's not secure, why would the Air Force use it?

      • michel
        July 3, 2012 at 12:42 pm

        boy, you're really innocent. They would use it to track people who use it.

        • Trevor L
          July 3, 2012 at 4:44 pm

          That is exactly what they are doing! It's not like they can't pull your IP at anytime they want or something far easier than convincing people to install a custom Linux distro. But just to be safe stay away from this, they'll be watching...

        • Danny Stieben
          July 4, 2012 at 3:15 pm

          Hahaha, if you guys insist...

    • Bruce Epper
      July 7, 2012 at 2:34 am

      You also need to remember that this was created for the Air Force road warriors usage as well. Do you really think they would compromise the system they want their laptop users to utilize while on the road? Really, think about it.

      • Danny Stieben
        July 7, 2012 at 7:07 am

        Thanks, Bruce! That was my reasoning for including it.

      • RedScourge
        July 10, 2012 at 4:25 pm

        They probably have a secret memo they give to all the Air Force personnel who have high security clearance which tells them how to disable the built in spyware in their OS which tracks what the users are doing. I can't prove they infact include spyware, but it wouldn't surprise me. The advantages of including their own spyware in their OS is they can track their citizens or even their enemies if they think the same way you guys do "its US Army, it must be secure!", but also they can spy on their own soldiers to ensure none of them are spies or planning to leak sensitive internal information they may or may not be cleared to access.

        • Bruce Epper
          July 13, 2012 at 7:08 am

          And since it is used on laptops, any spyware on it could prove to be of use to anyone who manages to steal it. Would you set up something like this for your use or for your family members?

          the "its US Army, it must be secure!" comment is way off the mark as well. I never made that claim at all. No system will ever be completely secure unless it is never used. And we were referring to an Air Force product anyway, not Army.

          Then all they need is someone who forgets to disable your alleged spyware while accessing classified systems remotely (needed document for briefing POTUS).

          Your comments just bring up even more doubts that they would bastardize a system in such a manner.

        • RedScourge
          July 15, 2012 at 6:53 am

          "And since it is used on laptops, any spyware on it could prove to be of use to anyone who manages to steal it."

          True of all spyware, but immaterial.

          "I never made that claim at all."

          No, you didn't, but many do and I just wanted to point it out so people don't fall into that trap. Sorry also for interchanging Air Force for Army.

          "Then all they need is someone who forgets to disable your alleged spyware"

          For that to be true, both this and your claim that someone else could hijack it would have to BOTH be the case simultaneously, which is exceedingly unlikely. They'd be using the spyware for its intended purpose, notice that too high level of documents were accessed on a computer with the spyware installed, and I specifically had mentioned that sort of thing earlier. It's a possible downfall but everything is risk management.

          The other thing to consider is that even if I'm wrong and this is a stupid thing to do, the government is pretty stupid quite often, so they might just do it anyway.

    • Yo yoyo
      April 5, 2015 at 3:41 pm

      Like letting the sheep watch he lettuce. Is secure for them. But they have the codes just in case there is a snowden present.

  23. Jason Maggard
    July 2, 2012 at 8:48 pm

    So, it's an article to tell us that "Linux" is secure?

    And to be clear, it's security by obscurity... 1.9% of users are on linux, hardly worth writing viruses for. They said the Mac didn't get viruses... Until a month ago.

    It's not like there's never been a Linux virus...

    • John
      July 2, 2012 at 10:21 pm

      You're right about security by obscurity. Systems become even more susceptible with additional programs running. There was even the hack into Google's Systems because at least a one person was running IE6.

      Not sure what you meant about Mac virus and a month ago. Here's a timeline of Mac OS viruses as early as 2004:

    • Danny Stieben
      July 3, 2012 at 7:54 am

      Yes, I do say it's secure. Not only through obscurity, but because all of the Linux viruses that have been made have done virtually no damage, as it's extremely hard for them to run.

      • Trevor L
        July 3, 2012 at 11:54 am

        Totally agree with you Danny. Root access is key to compromising a Linux system unlike the swiss cheese like security of a Windows system. Jason, who said Mac doesn't get viruses? Apple thats who, why would they say that? Because they just want to sell computers. Anything can be cracked or hacked given enough knowledge and time.

        • Danny Stieben
          July 4, 2012 at 3:15 pm

          Exactly. Mac OS X is still better (IMO) than Windows, but Linux is overall the best.

        • Bruce Epper
          July 7, 2012 at 2:33 am

          OpenBSD is probably still the best option for a secure OS.

  24. Dominic
    July 2, 2012 at 6:59 pm

    He did. "Just be aware that there is a difference between security distributions and secure distributions. Backtrack Linux is an example of a security distribution while the ones I mentioned above are secure distributions."

    This article was about secure distributions not security distributions.

  25. Coffeeman
    July 2, 2012 at 6:10 pm

    Well, IMHO I guess that you should have said something about Backtrack linux, which also can be run as a live environment.

    • Danny Stieben
      July 3, 2012 at 7:52 am

      Yes, Dominic is right.

      If I did cover Backtrack, it would simply merge into the same category as my last point, as Backtrack then wouldn't have any extra advantages over say Ubuntu because it's a security distro and not a specifically secure distro.