Linux Security

Linux Operating Systems for the Paranoid: What Are the Most Secure Options?

Christian Cawley 05-05-2017

Switching to Linux delivers many benefits for users. From a more stable system to a vast selection of good quality open source software, you’re onto a winner. And it won’t cost you a penny!


Another advantage of Linux is the increased degree of security. The Linux desktop is ignored by the majority of malware developers. So in most cases, you should be fine running any Linux operating system you choose.

But if you want an extra degree of security and privacy, you might consider a Linux OS that offers some enhanced features in these areas. Various options are available here, but which one should you choose?

Who Can Benefit from a Secure Operating System?

With many advantages to using a secure operating system, it might not be clear whether you should be using one. Perhaps it seems more suited to someone else. This is probably not the case.

Average computer users in an oppressive or censored environment (home country, city, place of employment or education, even a cyber café!) can certainly benefit. This may or may not mean you, but it probably does mean someone you know.

Do you know any political activists, or anyone else under targeted surveillance Avoiding Internet Surveillance: The Complete Guide Internet surveillance continues to be a hot topic so we've produced this comprehensive resource on why it's such a big deal, who's behind it, whether you can completely avoid it, and more. Read More ? Are you a journalist endangering your life (or your family) by reporting on organized criminal activity? Perhaps you’re an investigator, researcher, whistleblower… basically anyone whose internet activity and computer use is of interest to others.


Whatever the nature of your sensitive work, you’ll benefit from one of these five, secure Linux operating systems.


One of the problems with operating systems is that they remember. If anyone wants to find out what you’ve been up to, it’s a trivial matter to check your logs. Viruses and worms can be installed without your knowledge; they’ll still be there when you reboot.

Everything is stored.

But you can get around this with a live OS called Tails, which will run from a USB stick, SD card, or DVD.


Tails enables you to preserve your privacy and anonymity, which is vital for avoiding online censorship. As such, all internet connections while using Tails are routed via the Tor network. For further privacy and security, state-of-the-art cryptographic tools are employed to encrypt your vital files and communications (i.e., emails, instant messages, etc.).

All you need to do to run Tails is download the image, write it to your chosen media How to Create a Bootable Multiboot USB for Windows and Linux A single USB flash drive is all you need to boot, install, and troubleshoot multiple operating systems. We'll show you how to create a multiboot USB, including Windows and Linux installers and recovery tools. Read More , and boot from the disk. Better still, Tails will leave no trace on the computer you use it with.


This Linux-based operating system provides an anonymous environment on your PC, and encrypts all network traffic, anonymizing your activity.

Featuring the GNOME desktop, IprediaOS can be installed to HDD and features an anonymous BitTorrent client, email client, IRC client and anonymous browsing. Privacy is attained thanks to the Invisible Internet Project. This is the home of the I2P network, an “anonymous overlay network.” Although this sounds like a VPN, and the end result is similar, it’s actually closer to Tor (read more about the Tor network How the Tor Project Can Help You Protect Your Own Online Privacy Privacy has been a constant issue with virtually all major sites that you visit today, especially those that handle personal information on a regular basis. However, while most security efforts are currently directed towards the... Read More ). However, I2P affords access to the everyday web (as opposed to the Dark Web).


IprediaOS is available as a Live distribution, but can also be installed on your HDD, or in a Virtual Private Network (VPN) What Is The Definition Of A Virtual Private Network Virtual private networks are more important now than ever before. But do you know what they are? Here's what you need to know. Read More . Need an actual VPN? Try one of these free VPNs for Linux The 7 Best VPNs for Linux Using Linux and need a compatible VPN service? Many of the best VPN services offer a Linux client, for improved online privacy. Read More .


Built on Debian, Whonix employs a “fail-safe, automatic” and universal use of the Tor network, utilizing multiple virtual machines 7 Practical Reasons to Start Using a Virtual Machine What are virtual machines used for? Here are some practical benefits and uses for virtual machines that you can try right now. Read More (like Qubes OS, below) to provide protection against malware and IP leaks.

Currently the only operating system in ongoing development that is run within a VM with Tor, Whonix isn’t just available for Linux. It’s also available for macOS and Windows!

Additionally, Whonix can be run as a virtual machine in VirtualBox. Whichever installation method you choose, you’ll end up with an anonymous operating system protected against DNS leaks and malware. In short, your online activity cannot be accurately observed, and the sites you use will not recognize you as a repeat visitor (unless you’re in the habit of signing up and logging into websites!)


It’s important to note that Whonix is not available as a typical Linux OS that you can download and install. It can be installed as an application on Windows, macOS and Linux, or deployed as a virtual appliance in VirtualBox.

Discreete Linux

Offering protection against Trojan-based surveillance, Discreete Linux provides you with an isolated working environment that spyware cannot access. As such, your data is protected against surveillance, and it can be stored securely.

Note that “Discreete” is not a typo. Rather, it is a cross of the two spellings and meanings of “discrete” and “discreet”. As befits such a name, it might not surprise you to learn that Discreete Linux began life as Ubuntu Privacy Remix back in 2008.

In a theoretical sense, Discreete Linux secures your system by preventing access, and blocking malware from spreading. Once running, various conditions are set; for instance, ATA hard disk drives will be blocked from running (data can be accessed via the cloud).

While Discreete Linux currently offers a good deal of security, the BadUSB attack Your USB Devices Aren't Safe Anymore, Thanks To BadUSB Read More  is a concern. Fortunately, this will be addressed in a future release, Beta2, in which USB keyboards will only be accepted after manual confirmation by the user. Currently, Discreete Linux is in beta, but there’s plenty to look forward to in the finished product!

Qubes OS

Describing itself as “a reasonably secure operating system”, Qubes OS has a wealth of strong reviews and endorsements, which we’ll come to in a moment.

Qubes OS offers a secure computing environment not by simply diverting web traffic via a dedicated proxy, but by using virtualization. Running on the Xen bare metal hypervisor (essentially virtual machine software that runs without a full operating system), Qubes OS provides you with multiple virtual machines that run seamlessly as a desktop.

The result is that programs of different types are grouped by virtual machine (Qubes), with window border colors giving an indication of the trust level of that VM. For example, an app with no requirement for internet connectivity would be more trustworthy than, say, your web browser. Qubes OS even isolates vulnerable components like network cards in their own hardware Qubes.

Qubes OS also supports copy and paste between the discrete VMs, with data carried via a secure file transfer system.

Still not convinced? Well, Edward Snowden himself tweets:

What’s Your Secure Linux Distro?

Other secure Linux operating systems are available, but we reckon those listed here are the best. Of course, we could be wrong, so tell us in the comments. Also, we’d love to hear from you to find out which secure Linux OS you’re currently running!

Image Credit: Lorelyn Medina via

Related topics: Computer Privacy, Computer Security, Linux Distro, Online Privacy.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Scott Rott
    September 29, 2017 at 6:09 am

    I rely on my personal built upon Tails, while hiding from Russian-connected private spy services. But believe me, please - because you are the most Westerns and you have not a clue to even imagine, what is A Real Evil in the face of the Today's Private, Fully Functional and Alive Structures of KGB and GRU in EVERY post-communist country like mine, in order to handle finally that simple fact, that's written below especially for the new, but brilliantly professional Editorials, and for every average+ intelligent human reading it:

    If NSA has it's PRISM program for mass-surveillance - information that had blasted over the globe from the "once upon a time" KGB Officer Vladimir Putin's CURRENT pet and asset (don't be stupid!), Eduard Snowden - who, believe me, had been fully aware of the Russian Federation's criminal cyber mass-terrorism, which brings to the Private, Alive KGB Elite Billions in stolen money by the so called "Organized Cyber Crime" mainly from U.S. citizens (on at least %80+) - and U.S. Banks! You should have no doubt that Eduard has been absolutely for sure informed of these - believe me - decades old Russian Federation's mass-criminal robbery activities, targeted mainly over USA, seriously - enough far before they have been decided to initiated him in their PRISM program!...
    And what this greedy moral invalid actually did? ? Knowing about the Russian immense wealth of stolen Trillions - the most from all post-communist satellites of USSR - he did what? From a paycheck relying NSA lower-ranked agent, waking up at 5am to serve the Nation from 6am every day, this moral invalid now is living better than undoubtedly the most of aqathe "set-up" by KGB Russian Fasade Oligarchs - but with all the privileges that the para-official-power of KGB over Russia and Putin could give him, in his status of the most productive influential Russian PR and Antiamricansm's psychological weapon, that still gives influential Desiformation interviews with already old-school KGB trained angel face of an calm honest hero against the evil American National Security Agency, that don't care neither for the drugs in Dark Markets - I just know - neither even for the AK-47 trade in there!!!

    NSA, at the times of the sh*t's cash out to Russia treason, hadn't interest than other, accept for Islamic terrorism stuff, that could be dealing in the Dark Nets. PRISM even weren't interested in child pornography, you victims of the Russian Disinformation Global Machine. PRISM is still about National and all the Western Civilization's NATO aliases Security Agency. DEA and FBI's job are the drug-dealing through the Multileveal "Dark" Webs through Tor, where you could order even an AK-47, but overall it's all for kids and small rats, not for real criminals...

    OK, Qubes OS is worthy, even that it's hardly to be blind for these thousands of spy bridges and relays today in the Tor. It'll become the same with I2P.
    Anonymity for the end-user through the Net is a myth! And if there are still Dark Markets, that is because they all are selling less than in a single Amsterdam's Neibourhood through the Summertime?

    • Hicks
      December 4, 2017 at 1:28 pm

      lol what a load of BS

      • kip
        February 24, 2018 at 9:52 pm

        I dunno. I'm surmising author is not native English speaker and that country of residence is former Soviet Union probably now Russia. Whereas I may not agree on all elements as written, I certainly believe the perspective of people once, perhaps still, caught in that former Soviet labrynth of Orwellian intent, may be somewhat appropriately portrayed in his harbinger of cyber survellience and misuse.

  2. Jim
    June 16, 2017 at 12:48 pm

    I appreciate your article. Don't understand some people having continuous problems with Linux. I found after looking at various distributions that Linux Mint with Mate suited the way my brain works. My wife and I both use it our computers without problems. Have used Tails while travelling and other computers.

  3. Jane
    May 14, 2017 at 4:30 am

    In the age of gag order, ceaseless hacks of hard-and software, of everything...what are the proofs that mentioned OSs are not corrupted, coming from agencies, etc.??

    • Paul Girardin
      May 14, 2017 at 9:00 pm

      The open source community would very quickly find that an operating system was compromised because in open source software all code is available to be scrutinised,unlike closed source software such as Microsoft and Apple.

      • Jane
        May 15, 2017 at 8:54 am

        That is a mere assertion, not a proof. Name exactly when, where and who revealed problems and patched them, please. That would be interesting, how many of this "open source community" are checking millions lines of code of a few hunreds distros and software, too. Open source software is not patched for years. Linux Mint offers security updates for the kernel, but defines it as 5 in the update manager, í. e. you might kill your OS. As you know a lot about the "open source community" I assume you are are part-how are you examining mentioned codes, if at all? Linux is by far not so secure, as it is everywhere advertised.

        • Paul Girardin
          May 15, 2017 at 6:41 pm

          You can ask the same question about Windows patches:"exactly when, where and who revealed problems and patched them".
          I guess you can contact The Linux Foundation or Linus Torvalds if you really need to know.
          Or you could peruse the official Linux git repository.

  4. Dc
    January 27, 2017 at 1:38 pm

    Now is the time for more True American Youth to be supported by the feds instead of foreigners in
    High tech education and develop the best, " MADE IN AMERICA" tamper proof and new skilled language
    outside of the IBM Microsoft apple monopolies! It is a new Trumponian era!

  5. dinesh
    December 19, 2016 at 1:22 pm

    I had shifted to Linux because i felt that windows is not secure but i had a lot of problems with linux. i tried Linux mint and had problems, it was difficult to use network printer, sorted it out but still could not scan documents on my scanner,printer and copier. then one day my gard disk crashed. got a new hard disk and installed ubuntu. now i am not able to use neither my printer nor my scanner, the bluetooth does not recognise any nearby device. a recent problem is that the laptop battery wont charge when in use. i am an average user who is paranoid about security and i do not have time to endlessly trying to configure my system so i am going back to windows but i am still not very comfortable with its porous privacy and security. can i use TAILS or LPS on a windows laptop. really appreciate your article and will be thankful if you could give some tips.

    • duschaan
      May 5, 2017 at 7:56 pm

      Obviously, the problem is not Linux it's you.

    • konnemam
      November 12, 2017 at 6:44 pm

      use Qubes, its the best and easiest to understand with millions of tutorials. Useing wondows with a Vm Virtualbox is not safe at all as it is super easy for any federal corporation to see exacly wjat ur dping on the screen even if u use a linux based VM on it.

  6. Rufflez
    July 29, 2016 at 4:15 am

    If your worried about playing WoW or Diablo on linux don't.

    See the video below for a step by step guide.

    Down with windows :) long live open source.

    April 17, 2015 at 1:57 am

    Maybe it's just my system in particular but almost EVERY DAY I have to go and re-install what ever Linux distro I'm using.
    Makes me sick
    I have had good luck with running LIVE distros on a stick but when I install it to hard drive within 24 hours its time to re-install.
    The scumbags are EVERYWHERE and that's no joke.
    And it does NOT help that the router I log into is run by a paying computer illiterate that could care less about being secure.
    Truth of the matter is there are two types of people in the world. The smart and the stupid. And the stupid are making stupidity reproduce CONSTANTLY like its life and death or something. STUPID PEOPLE ARE WINNING THE WAR ON IGNORANCE and are bringing about the doom of human life. Next time you want to go out and get laid think about responsible fatherhood and the potential to have an IDIOT FUNBOY TOOL running around. Great thing to sacrifice your bachelorhood and freedom for ---AIN'T IT ?

  8. Frank
    February 11, 2015 at 3:44 am

    Ok, nice discussion but i can confirm Sagar Gorijala i have the last 6 years much more linux distro tested such as Ubuntu, Fedora, openSUSE, Debian, CENTOS and many more but openSUSE was the only one that i accepted, its stable, have a good performance and in combination with SELinux secure, i use openSUSE Linux ( and the SLE Server 12 ) in a highperformance Supercomputing Environment, no viruses, no malware nothing. I like it.

  9. ed gillham
    January 25, 2015 at 4:59 am

    I just want to say that I have indeed been hit in Ubuntu, three virus's found by clam, and several attacks on my external hard drive. I was in microwave countermeasure systems which is highly classified but am long since retired. It's not always paranoia.

  10. Sagar Gorijala
    December 11, 2014 at 2:00 pm

    I believe Sparkylinux is the best linux distro for an average user who owns a low spec computer. Can you please make a review on the amazing Sparkylinux. I used more than 15 linux distributions and found only OpenSUSE and Sparkylinux to be error free. And, Sparkylinux is faster and more responsive than OpenSUSE. Though it's true that both of them are very stable linux distros. OpenSUSE needs more RAM and Sparkylinux comes with various minimal RAM usage distro versions and LXDE in Sparkylinux is error free and LXDE in Sparkylinux is far better than LXDE in other Linux distros. Sparkylinux is worth a mention and it's also worth your valuable time. So please make a detailed review on Sparkylinux. Unfortunately Sparkylinux is unknown to ignorant masses and I was one of them and, it's true that failure caused by other distros make Sparkylinux more beautiful. If other distros didn't fail for an ignorant average user like me, I would have never realized how beautiful Sparkylinux is and how amazing Sparkylinux tiny specialized apps are. Thanks.

  11. Vishal Srivastava
    December 6, 2012 at 1:09 pm

    Will try out Tails. Just finished downloading it after reading your review. Thanks!!

  12. mmm
    October 15, 2012 at 5:36 am

    Tor = privacy. Encryption ~ privacy (less or more)
    Browser fingerprinting ~ privacy is not possible (almost)
    Security is something else.

  13. Gordo Viajão
    July 16, 2012 at 9:00 pm

    Really interesting, been using Ubuntu since 8.04 and had no security flaws on the client side... Only problems I had were brute force attacks on my GMail last year, but nothing of so great harm

    • Danny Stieben
      July 19, 2012 at 8:44 pm

      Great to hear! Plus those attacks on your Gmail means that people just tried to get into your Google account, which doesn't have anything to do with your Ubuntu desktop itself.

      • Mike
        May 11, 2017 at 5:22 pm

        Don't your get it, he have no clue if he was breached before or not!

  14. Mayur Godhani
    July 10, 2012 at 5:20 pm

    Well, i always use Ubuntu on my lappy :)

  15. renii
    July 7, 2012 at 8:12 am

    NSA sez New SELinux code is no longer released on this site. SELinux is included in a number of Linux distributions. You can also find the SELinux source code at the following external links.
    SELinux kernel code is included in the mainline Linux 2.6 kernel,
    available from
    NSA seems to be saying it's already out there and included in present day releases.

    And isn't the kernel core code in all late windows versions straight from linux w/microsoft tweaks added on?
    Hafta agree with John on data saves

    • Danny Stieben
      July 7, 2012 at 10:43 pm

      Yes, some distributions (like Fedora) use SELinux features.

      Windows absolutely does *not* use Linux (with or without "Microsoft tweaks") whatsoever. The Windows kernel is a completely different closed-source project which is about as far away from Linux as possible. Sorry, but you're incorrect.

      • dragonmouth
        October 27, 2012 at 9:41 pm

        "Windows absolutely does *not* use Linux (with or without “Microsoft tweaks”) whatsoever. The Windows kernel is a completely different closed-source project which is about as far away from Linux as possible."
        Since Windows is proprietary and closed-source, very few people really know what is contained in the source. So the source can contain a lot of code "borrowed" from other O/Ss, especially the open-source ones like Linux and BSD. All we know for sure is that Windows does not contain any Linux/BSD security code.

  16. Danny Stieben
    July 7, 2012 at 7:59 am

    As I've already discussed in earlier comments, SELinux as a distribution doesn't seem to be available anymore from the NSA. Just try to actually download it and you'll see what I mean.

    • Danny Stieben
      July 7, 2012 at 10:40 pm

      I suppose one could use the last version, but it's pretty dated.

      Most distributions make use of it. I know Fedora is a heavy, active user of SELinux, which has sometimes given it some harsh criticism (which I find ridiculous).

  17. YourCaringPal
    July 6, 2012 at 7:07 am

    Thanks for this wonderful Open Source article. :)

    • Danny Stieben
      July 7, 2012 at 7:09 am

      No problem! I'm glad that I'm able to write these for people to read. :)

  18. henry cofa
    July 6, 2012 at 2:16 am

    Interesting article, congrats buddy

    • Danny Stieben
      July 7, 2012 at 7:08 am

      Thanks Henry!

  19. vineedcool
    July 4, 2012 at 5:57 pm

    ohhkkk but i like ubuntu best!!!

  20. ferdinan Sitohang
    July 4, 2012 at 8:57 am

    This far, i use ubuntu for my personal computer, and the security is good. As i know debian is one of the most popular distro for security.

  21. Joe P
    July 4, 2012 at 12:19 am

    I use Mint but have added noscript, adblock, flashblock, and HTTPS Everywhere to my Firefox. Also, I set it's temp directory to be in RAM and made that folder noexecute. I added PGP support to Thunderbird and I added Clam AV. I have TOR too. In 20 years of computing and 19 on the Internet, I have never had a virus or any malware. Only the paranoid survive!

    • Danny Stieben
      July 4, 2012 at 3:16 pm

      That's a nice collection of tools, Joe! Putting the temp folder in RAM is a neat trick, thanks for sharing!

    • mukhis
      July 5, 2012 at 3:25 pm

      @Joe P
      would you please mind to write a short tuto about those tricks? i am getting inclined to linux day by day, would love to know how to do those steps. just running a bunch of commands in the terminal, i guess. but i need the commands!

      • Pawpaw Joe
        July 9, 2012 at 4:36 pm

        I agree... those are some good tricks, especially putting temp in RAM, which I would love to know the trick to doing. I just started using Mint and like it more than Ubuntu. If you don't mind sharing... you will have my prayers and gratitude.

  22. John
    July 3, 2012 at 11:26 am

    Check out SELinux. It is also a U.S. Government OS created platform. It was developed by the National Security Agency for research purposes. I read somewhere that to date, that OS has never had a virus, or being hacked into. Probably because the OS is so rare as opposed to it being uncrackable.

    • Danny Stieben
      July 3, 2012 at 11:50 am

      I looked around for SELinux, but there wasn't a way to download it anymore. Take a look for yourself. Let me know if you do find something, however. :)

      • John
        July 3, 2012 at 12:09 pm

        Hm... That is interesting! I downloaded this several months ago and have a copy on CD. But I had a look again after your comment and couldn't find it anywhere. It doesn't appear to be on its home page, the NSA has stopped distributing it and mirror websites such as SourceForge don't have it anymore. Well... All I can say is that it has to be available from somewhere. Once on the internet, it stays as they say. I'd assume it would be available as a torrent. But it is hard to tell which ones are legit and what ones are loaded with viruses.

        • Danny Stieben
          July 7, 2012 at 2:14 am

          I haven't really found any other places yet where it could be downloaded...usually I wouldn't trust any other locations but if I find something credible I'll post it here.

      • Danny Stieben
        July 7, 2012 at 2:13 am

        Thanks for the links, Swabbie, but if you click on any of those, you'll land on a page which lets you know it's no longer available. :(

    • RedScourge
      July 10, 2012 at 4:28 pm

      Most mainstream Linux distros now have a SELinux component included by default now, such as Ubuntu LTS, RedHat Enterprise, Fedora, etc. For most people, downloading this stuff is unnecessary.

  23. gattolino
    July 3, 2012 at 7:10 am

    i love fully personalizzable! people who like source code also can love debian :D

  24. John
    July 2, 2012 at 10:43 pm

    I like running running various Linux distros in Live Mode. There's a comfort in knowing that when you boot up the next day, your system is completely clean - except for concerns re: Flashable BIOS:

    I would love to see a laptop, for example, shipped with the OS on an microSD or SD card with a non-writable tab (flip tab = no write functions possible). You would flip tab to tweak system, install new apps, etc... Once done, write-protect and reboot. OS runs in RAM (with read access to SD card) and the hard drive is used only as a data drive (no boot sector) for your docs, media, etc... (accessible by other micro/SD cards holding alternative OSes). I might be the only one who likes this idea:-)

    Another paranoid option is running OSes in a Virtual Environment. While an OS might be particularly susceptible to intrusion, recovery is often easier because of the sandboxing aspect. Data access between the Virtual OS and the Real OS can sometimes be a problem though.

    For common users, the most important thing is their data. It isn't the OS, the applications (especially if you're using non-proprietary data formats) or even a manufacturer of hardware - it's making sure your data is backed up so that you can access it with any OS or device.

    • Danny Stieben
      July 3, 2012 at 7:56 am

      Thanks for that bit of information, John. Really helpful with some good ideas. :)

    • Sietze van de Burgt
      November 2, 2016 at 9:15 pm

      I like your plan for the laptop, I would personally use one computer for private offline use for keeping my files and my data and doing things like writing or using cad for instance that do not require internet. And another one for online internet use. I thought up that booting from a readonly DVD live os in a bleuray readonly drive ( no burner) is best and fastest since a blueray drive is faster in transferring data than a DVD drive. Also why readonly ? Because although you cannot really add data once a disk is finalized, but you can if you really want to, force a disk to turn on the burn laser and destroy a disk. And indeed let the system run in ram with maybe 32 Gb ram as minimum, and occasionally put in a cd or DVD in a burner readonly no rw, that is safest. Sad to say that I have to use a USB hard drive sometimes to transfer large files or many small ones. I think I am going to use this setup. Maybe I can use Windows again in my offline computer. Although I might have to desolder my mike and speaker from the motherboards since there seems to be the possibility of an ultrasound data connection between the motherboard of the online and offline computer. NSA is always a bit to curious about what people do with offline computers. Well once on this road you might as well install a power grid filter on the offline computer power supply to make sure no data escapes through a built in power grid network thingy, these are for sale as separate devices but can surely be build in. Oh and maybe also a separate groundpin that goes toward groundlevel in the backyard to make sure the whole computer cabinet ain't acting like a transmitter. Think I am paranoid ? I am way not paranoid enough to work for a computer security dept.

      Kind regards from,
      Sietze van de Burgt.

    • seekertom
      May 14, 2017 at 3:28 am

      Have always wondered why now the os HD isn't electrically write pretectable. Back in Tandy days, external HDS had write protect switch on front panel which controlled the wp line on HD interface connector.

      Wp, load ram, do whatever. Any changes were made to os image in ram, and power off wipes ram clean.

      Maybe a lot like fresh install from CD every time you boot, only lightning fast, and never a hack, never maleware in your os.

    July 2, 2012 at 10:24 pm

    A US Air Force Linux Distro is NOT for paranoid people. Is like trusting your privacy to the government.

    • Danny Stieben
      July 3, 2012 at 7:55 am

      I suppose you could say that, but if it's not secure, why would the Air Force use it?

      • michel
        July 3, 2012 at 12:42 pm

        boy, you're really innocent. They would use it to track people who use it.

        • Trevor L
          July 3, 2012 at 4:44 pm

          That is exactly what they are doing! It's not like they can't pull your IP at anytime they want or something far easier than convincing people to install a custom Linux distro. But just to be safe stay away from this, they'll be watching...

        • Danny Stieben
          July 4, 2012 at 3:15 pm

          Hahaha, if you guys insist...

    • Bruce Epper
      July 7, 2012 at 2:34 am

      You also need to remember that this was created for the Air Force road warriors usage as well. Do you really think they would compromise the system they want their laptop users to utilize while on the road? Really, think about it.

      • Danny Stieben
        July 7, 2012 at 7:07 am

        Thanks, Bruce! That was my reasoning for including it.

      • RedScourge
        July 10, 2012 at 4:25 pm

        They probably have a secret memo they give to all the Air Force personnel who have high security clearance which tells them how to disable the built in spyware in their OS which tracks what the users are doing. I can't prove they infact include spyware, but it wouldn't surprise me. The advantages of including their own spyware in their OS is they can track their citizens or even their enemies if they think the same way you guys do "its US Army, it must be secure!", but also they can spy on their own soldiers to ensure none of them are spies or planning to leak sensitive internal information they may or may not be cleared to access.

        • Bruce Epper
          July 13, 2012 at 7:08 am

          And since it is used on laptops, any spyware on it could prove to be of use to anyone who manages to steal it. Would you set up something like this for your use or for your family members?

          the "its US Army, it must be secure!" comment is way off the mark as well. I never made that claim at all. No system will ever be completely secure unless it is never used. And we were referring to an Air Force product anyway, not Army.

          Then all they need is someone who forgets to disable your alleged spyware while accessing classified systems remotely (needed document for briefing POTUS).

          Your comments just bring up even more doubts that they would bastardize a system in such a manner.

        • RedScourge
          July 15, 2012 at 6:53 am

          "And since it is used on laptops, any spyware on it could prove to be of use to anyone who manages to steal it."

          True of all spyware, but immaterial.

          "I never made that claim at all."

          No, you didn't, but many do and I just wanted to point it out so people don't fall into that trap. Sorry also for interchanging Air Force for Army.

          "Then all they need is someone who forgets to disable your alleged spyware"

          For that to be true, both this and your claim that someone else could hijack it would have to BOTH be the case simultaneously, which is exceedingly unlikely. They'd be using the spyware for its intended purpose, notice that too high level of documents were accessed on a computer with the spyware installed, and I specifically had mentioned that sort of thing earlier. It's a possible downfall but everything is risk management.

          The other thing to consider is that even if I'm wrong and this is a stupid thing to do, the government is pretty stupid quite often, so they might just do it anyway.

    • Yo yoyo
      April 5, 2015 at 3:41 pm

      Like letting the sheep watch he lettuce. Is secure for them. But they have the codes just in case there is a snowden present.

  26. Jason Maggard
    July 2, 2012 at 8:48 pm

    So, it's an article to tell us that "Linux" is secure?

    And to be clear, it's security by obscurity... 1.9% of users are on linux, hardly worth writing viruses for. They said the Mac didn't get viruses... Until a month ago.

    It's not like there's never been a Linux virus...

    • John
      July 2, 2012 at 10:21 pm

      You're right about security by obscurity. Systems become even more susceptible with additional programs running. There was even the hack into Google's Systems because at least a one person was running IE6.

      Not sure what you meant about Mac virus and a month ago. Here's a timeline of Mac OS viruses as early as 2004:

    • Danny Stieben
      July 3, 2012 at 7:54 am

      Yes, I do say it's secure. Not only through obscurity, but because all of the Linux viruses that have been made have done virtually no damage, as it's extremely hard for them to run.

      • Trevor L
        July 3, 2012 at 11:54 am

        Totally agree with you Danny. Root access is key to compromising a Linux system unlike the swiss cheese like security of a Windows system. Jason, who said Mac doesn't get viruses? Apple thats who, why would they say that? Because they just want to sell computers. Anything can be cracked or hacked given enough knowledge and time.

        • Danny Stieben
          July 4, 2012 at 3:15 pm

          Exactly. Mac OS X is still better (IMO) than Windows, but Linux is overall the best.

        • Bruce Epper
          July 7, 2012 at 2:33 am

          OpenBSD is probably still the best option for a secure OS.

  27. Dominic
    July 2, 2012 at 6:59 pm

    He did. "Just be aware that there is a difference between security distributions and secure distributions. Backtrack Linux is an example of a security distribution while the ones I mentioned above are secure distributions."

    This article was about secure distributions not security distributions.

  28. Coffeeman
    July 2, 2012 at 6:10 pm

    Well, IMHO I guess that you should have said something about Backtrack linux, which also can be run as a live environment.

    • Danny Stieben
      July 3, 2012 at 7:52 am

      Yes, Dominic is right.

      If I did cover Backtrack, it would simply merge into the same category as my last point, as Backtrack then wouldn't have any extra advantages over say Ubuntu because it's a security distro and not a specifically secure distro.