Affiliate Disclosure: By buying the products we recommend, you help keep the lights on at MakeUseOf. Read more.
Switching to Linux delivers many benefits for users. From a more stable system to a vast selection of good quality open source software, you’re onto a winner. And it won’t cost you a penny!
Another advantage of Linux is the increased degree of security. The Linux desktop is ignored by the majority of malware developers. So in most cases, you should be fine running any Linux operating system you choose.
But if you want an extra degree of security and privacy, you might consider a Linux OS that offers some enhanced features in these areas. Various options are available here, but which one should you choose?
Who Can Benefit from a Secure Operating System?
With many advantages to using a secure operating system, it might not be clear whether you should be using one. Perhaps it seems more suited to someone else. This is probably not the case.
Average computer users in an oppressive or censored environment (home country, city, place of employment or education, even a cyber café!) can certainly benefit. This may or may not mean you, but it probably does mean someone you know.
Do you know any political activists, or anyone else under targeted surveillance? Are you a journalist endangering your life (or your family) by reporting on organized criminal activity? Perhaps you’re an investigator, researcher, whistleblower… basically anyone whose internet activity and computer use is of interest to others.
Whatever the nature of your sensitive work, you’ll benefit from one of these five, secure Linux operating systems.
One of the problems with operating systems is that they remember. If anyone wants to find out what you’ve been up to, it’s a trivial matter to check your logs. Viruses and worms can be installed without your knowledge; they’ll still be there when you reboot.
Everything is stored.
But you can get around this with a live OS called Tails, which will run from a USB stick, SD card, or DVD.
Tails enables you to preserve your privacy and anonymity, which is vital for avoiding online censorship. As such, all internet connections while using Tails are routed via the Tor network. For further privacy and security, state-of-the-art cryptographic tools are employed to encrypt your vital files and communications (i.e., emails, instant messages, etc.).
All you need to do to run Tails is download the image, write it to your chosen media, and boot from the disk. Better still, Tails will leave no trace on the computer you use it with.
This Linux-based operating system provides an anonymous environment on your PC, and encrypts all network traffic, anonymizing your activity.
Featuring the GNOME desktop, IprediaOS can be installed to HDD and features an anonymous BitTorrent client, email client, IRC client and anonymous browsing. Privacy is attained thanks to the Invisible Internet Project. This is the home of the I2P network, an “anonymous overlay network.” Although this sounds like a VPN, and the end result is similar, it’s actually closer to Tor (read more about the Tor network). However, I2P affords access to the everyday web (as opposed to the Dark Web).
IprediaOS is available as a Live distribution, but can also be installed on your HDD, or in a Virtual Private Network (VPN).
Built on Debian, Whonix employs a “fail-safe, automatic” and universal use of the Tor network, utilizing multiple virtual machines (like Qubes OS, below) to provide protection against malware and IP leaks.
Currently the only operating system in ongoing development that is run within a VM with Tor, Whonix isn’t just available for Linux. It’s also available for macOS and Windows!
Additionally, Whonix can be run as a virtual machine in VirtualBox. Whichever installation method you choose, you’ll end up with an anonymous operating system protected against DNS leaks and malware. In short, your online activity cannot be accurately observed, and the sites you use will not recognize you as a repeat visitor (unless you’re in the habit of signing up and logging into websites!)
It’s important to note that Whonix is not available as a typical Linux OS that you can download and install. It can be installed as an application on Windows, macOS and Linux, or deployed as a virtual appliance in VirtualBox.
Offering protection against Trojan-based surveillance, Discreete Linux provides you with an isolated working environment that spyware cannot access. As such, your data is protected against surveillance, and it can be stored securely.
Note that “Discreete” is not a typo. Rather, it is a cross of the two spellings and meanings of “discrete” and “discreet”. As befits such a name, it might not surprise you to learn that Discreete Linux began life as Ubuntu Privacy Remix back in 2008.
In a theoretical sense, Discreete Linux secures your system by preventing access, and blocking malware from spreading. Once running, various conditions are set; for instance, ATA hard disk drives will be blocked from running (data can be accessed via the cloud).
While Discreete Linux currently offers a good deal of security, the BadUSB attack is a concern. Fortunately, this will be addressed in a future release, Beta2, in which USB keyboards will only be accepted after manual confirmation by the user. Currently, Discreete Linux is in beta, but there’s plenty to look forward to in the finished product!
Describing itself as “a reasonably secure operating system”, Qubes OS has a wealth of strong reviews and endorsements, which we’ll come to in a moment.
Qubes OS offers a secure computing environment not by simply diverting web traffic via a dedicated proxy, but by using virtualization. Running on the Xen bare metal hypervisor (essentially virtual machine software that runs without a full operating system), Qubes OS provides you with multiple virtual machines that run seamlessly as a desktop.
The result is that programs of different types are grouped by virtual machine (Qubes), with window border colors giving an indication of the trust level of that VM. For example, an app with no requirement for internet connectivity would be more trustworthy than, say, your web browser. Qubes OS even isolates vulnerable components like network cards in their own hardware Qubes.
Qubes OS also supports copy and paste between the discrete VMs, with data carried via a secure file transfer system.
Still not convinced? Well, Edward Snowden himself tweets:
— Edward Snowden (@Snowden) September 29, 2016
What’s Your Secure Linux Distro?
Other secure Linux operating systems are available, but we reckon those listed here are the best. Of course, we could be wrong, so tell us in the comments. Also, we’d love to hear from you to find out which secure Linux OS you’re currently running!
Image Credit: Lorelyn Medina via Shutterstock.com