The best linux in security and privacy

The best Linux distributions for security and privacy

In the midst of so much news about personal data hacks, and espionage, we have to look for other alternatives and tools that really provide us with safe browsing without putting our privacy at risk.

Furthermore, with discussions that major market operating systems like Windows are not secure, Linux- based systems are gaining more and more space in the operating system market.

One of the main characteristics of Linux distributions is the protection and concern for the privacy of its users. As it is an open source system, it is easier for experts to modify the system according to the needs of each user, with which it is also possible to make a series of improvements in system security.

If you are looking to surf safely and with 100% anonymity on the internet, you need to know our list of the best Linux distributions to browse safely and privately.

Tails

This Linux distribution became very famous in the world of technology, after being recommended by the former NSA security adviser and today a fugitive from the US government, Edward Snowden. Tails is a live distribution that aims to preserve your anonymity and privacy.

It helps to use the internet with anonymity and avoid being censored almost anywhere and from any computer, leaving no trace, unless you explicitly ask me to do so.

We recommend you read the best Linux distributions

This operating system is intended to be used from a USB memory, DVD or SD card, and works independently of the PC operating system. It is based on Debian GNU / Linux and is free software.

Tails comes with several preconfigured applications with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, and much more.

Tails forces all system connections to pass through the TOR anonymity network, thus it is practically impossible for them to discover your IP on the network.

Whonix

Whonix is a Debian- based GNU / Linux distribution with a focus on security and privacy. Its main objective is to guarantee privacy, security and anonymity in Internet access.

Booting an operating system in live mode can be a hassle, since it is necessary to restart the machine, but in turn, the installation on a hard disk means that there is always the risk that the machine will be compromised. However, Whonix offers clever and clever protection by being designed to work as a virtual machine within VirtualBox.

Its use occurs through the execution of virtual machines, of two heavily reconfigured Debian GNU / Linux operating systems.

The first, called "Gateway", is responsible for the secure and anonymous connection to the Internet exclusively through the Tor network.

It is in the second virtual machine, called “Workstation”, where the user carries out his normal work, having available all the program packages offered by the Debian GNU / Linux distribution.

All communications of "Workstation" with the internet are forced through the second virtual machine, "Gateway", in order to avoid the leakage of the user's true IP address.

According to the project website, with the use of Whonix DNS leaks are impossible, and even malware with superuser privileges is not able to find the user's real IP address. Whonix is available in versions for Qubes, KVM (Linux) and VirtualBox (Linux, Windows and Mac OS).

Linux Kodachi

The Kodachi Linux operating system is based on Debian 8.5, and provides an anonymous and secure operating system, taking into account all the resources that a user who cares about privacy needs.

Kodachi is an operating system that allows you to start on any computer from a DVD, USB stick or SD card. It is intended to preserve your anonymity and privacy.

Tens

Trusted End Node Security (TENS) is a Linux-based live CD with the aim of allowing users to work on a computer without the risk of exposing their credentials and private data to malwares, keyloggers and other internet problems.

It includes a minimal set of applications and utilities, such as the Firefox browser and an encryption assistant to encrypt and decrypt personal files. The live CD is a product produced by the United States Department of Defense, and is part of that organization's Software Protection Initiative.

There is also a "Deluxe" version for the general public, which contains Adobe Reader and LibreOffice and all versions include a customizable firewall. The system can also create records through a smart card.

IprediaOS

IprediaOS is a fast, powerful and stable operating system based on the Fedora Linux distribution, which provides an anonymous environment on the internet (e-mail, chat, file sharing). All network traffic is automatic and transparent, encrypted and anonymous. Many applications are available in IprediaOS, such as email, peer-peer, bittorrent, IRC and others.

Qubes OS

Although not necessarily for a novice user, Qubes OS is one of the best distributions in terms of privacy. The graphical installer is the only option to install the operating system on the hard disk, which will then be encrypted.

The system uses the Xen Hypervisor to perform a series of virtual machines, organizing your life in "personal", "work" and "Internet" for your security. As a result, if you are infected with malware on your work computer, your personal files will not be compromised.

The Desktop uses colored windows to show the different virtual machines, facilitating their identification.

Discreete Linux

This distro is the successor to the magnificent Ubuntu Privacy Remix. The operating system does not support network hardware or internal hard drives, therefore all data is stored offline in RAM memory or a USB card. The distro can be run in live mode, but when booting from a CD, some Cryptobox encryption settings can also be stored.

Another nifty feature is that the kernel modules can only be installed if they are digitally signed by the Discreete Linux team. Thus, making it difficult for hackers to try to hide in malware.

Discreete Linux provides an isolated, local work environment that Trojans and spyware cannot access. Discreete allows you to process, encrypt and store confidential or private data. Discreete is still in beta but nevertheless provides a very useful product to protect your privacy and provide security.

Subgraph OS

Subgraf is a Debian based distro and is designed for perfect security. The core has been strengthened with many security improvements. In addition, Subgraf makes virtual “sandboxes” around risky applications, such as web browsers. Thus, any attack against individual applications will not compromise the entire system.

The custom firewall also routes all outgoing connections through the Tor network of all applications that require user approval.

The distro is designed to be installed on a hard drive. Encryption of the entire file system is mandatory, preventing plain text data from being compromised.

JonDo Live-CD / DVD

JonDo is another good Debian based distro that specializes in anonymizing your browsing. Like Tails, JonDo also uses the Tor network to make sure you remain anonymous on the web.

All the software that comes with this distribution is preconfigured anonymously, including the Tor browser, Tor browser, Torchat, and the Pidgin chat client. JonDO offers a much better user experience compared to Tails, but it comes at a cost for commercial use.

UPR (Ubuntu Privacy Remix)

UPR is another security-centric distribution system that is particularly easy to use and aims to provide an isolated work environment in which sensitive data can be treated securely.

It uses encrypted USB drives to store all your data to effectively protect it from unsolicited access. And it comes pre-installed with cryptographic tools like TrueCrypt and GnuPG for encryption needs.

However, it is worth noting that UPR is not necessarily designed for anonymous internet use, but it is the second closest thing to a secure operating system if you are looking to install it on your PC instead of using a live system. And of course, you can install Tor or subscribe to a VPN service after you have configured it.

Mofo Linux

Mofo is a privacy focused Linux distribution to help you escape electronic surveillance. It is based on Ubuntu and uses the Unity desktop environment.

Mofo Linux is basically Ubuntu with a lot of privacy tool installed and configured by default. If you already use Ubuntu, Mofo may be a family choice.

Arch Linux

Arch Linux, in the words of its creators, is a light and flexible Linux distribution that tries to make everything easy.

It is a Linux distro for computers based on IA-32, x86-64 and ARM architectures. Most of the time, it is based on binary packages, which can facilitate the performance of current hardware.

To speed up frequent package changes, Arch Linux uses pacman (an abbreviation for “package manager”), developed by Judd Vinet. Some of the cool packages you can find in the “package search” (on the main website) include Accerciser, an interactive Python accessibility explorer for the GNOME desktop; Wireshark CLI, a free network protocol analyzer for Unix and Windows; and AbiWord, a full-featured word processor.

But you may be wondering: what are its security features?

Arch Linux has quite a few defensive features, including:

A system of file attributes and permissions Disk encryption Mandatory access control Sandboxing applications

One of the reasons that strong passphrases are so integral to Arch Linux is that they are used to protect many of its features, such as user accounts, encrypted file systems, and SSH / GPG keys.

Cyborg Linux

Cyborg Linux consists of a wide variety of tools aimed at network research and vulnerability assessment. Among them are:

Angry IP Scanner - A very fast IP address and port scanner that can scan both in any range Nmap - A free open source scanner compatible with Windows and Unix systems Ghost Phisher - A computer security application that includes a fake DNS server, fake DHCP server, fake HTTP server and other valuable weapons WebScarab: a framework to analyze applications that communicate through HTTP and HTTPS protocols.

It is also completely free, which is very practical, especially for those users on a tight budget. Also, it has full support for virtual machines.

Security Onion

Like Cyborg Hawk and Arch Linux, it is a Linux distribution designed for security testing.

Also like its Linux contemporaries, Security Onion is armed with a comprehensive repository of tools, including:

Snort: an open source network intrusion prevention system Suricata: a free open source network threat detection engine.Bro: a framework for network analysis.

- OSSEC (Open Source HIDS SECurity): a Unix system security monitor that monitors all aspects of activity.

The main advantage of Security Onion is that it easily combines three main functions: complete packet capture; network and host based intrusion detection systems (NIDS and HIDS, respectively); and a variety of powerful systems analysis tools.

Pentoo

Pentoo is a Gentoo based security focused live CD operating system. The big difference is that it includes many custom tools, such as:

A hardened kernel with AuFS patches Slax-style module load support Cuda / OpenCL support with development tools

If you're not familiar with Gentoo, it might be nice to get to know that operating system before diving into Pentoo, that's your choice of course.

conclusion

When it comes to your security or privacy, it's better to play it safe rather than regret it later. Every two days there is news of a new exploit, hack or loose malware. There are also hackers on the web constantly looking to steal your private data or financial details. Tails is the most popular and probably the safest option, but you can always protect yourself with any other distro.

Most of the aforementioned operating systems will take time and concerted efforts to learn how to handle them, but all of this will be worth it.