Privacy

34334 readers

942 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

secureblue: Hardened Fedora Atomic and Fedora CoreOS images (secureblue.dev)

submitted 3 days ago by [email protected] to c/[email protected]

18 comments fedilink hide all child comments

cross-posted from: https://lemmy.ml/post/26453685

Not many people have heard about secureblue, and I want to spread the word about it. secureblue provides hardened images for Fedora Atomic and CoreOS. It's an operating system "for those whose first priority is using linux, and second priority is security."

secureblue provides exploit mitigations and fixes for multiple security holes. This includes the addition of GrapheneOS's hardened_malloc, their own hardened Chromium-based browser called Trivalent, USBGuard to protect against USB peripheral attacks, and plenty more.

secureblue has definitely matured a lot since I first started using it. Since then, it has become something that could reasonably be used as a daily driver. secureblue recognizes the need for usability alongside security.

If you already have Fedora Atomic (e.g. Secureblue, Kinoite, Sericea, etc.) or CoreOS installed on your system, you can easily rebase to secureblue. The install instructions are really easy to follow, and I had no issues installing it on any of my devices.

I'd love more people to know about secureblue, because it is fantastic if you want a secure desktop OS!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 3 days ago

To add onto what N.E.P.T.R said, it is technically possible to make a custom amalgamation of Bazzite with secureblue's hardening. However, it would be neither here or there. Some discussion of it can be found here. IIRC, it was ultimately deemed counter-intuitive as a gaming-distro inherently conflicts with a hardened one.

Finally, we shouldn't disregard the technical part of this; it's IIRC one of the reasons why the Bluefin-variants of secureblue were eventually disbanded. It frequently had a lot of interesting bugs that were simply not present on other secureblue-images. This isn't on Bluefin either, as the non-hardened edition worked as you'd expect.