Is Linux less invasive than Windows 10

Privacy manual

There are a variety of Linux distributions, so that potential users are initially spoiled for choice: Debian and derivatives, OpenSuSE, OpenMandriva, Fedora, Gentoo for hobbyists, mini distributions such as Puppy or Fortress Linux as a particularly hardened variant ... I don't know all distributions by a long way, so just a few thoughts.

Everyday distributions with Debian descent:
  • Debian is a robust workhorse among Linux distributions with a huge selection of software. The maintainers mainly strive for the stability of the many software packages and less for the latest features. In combination with the long release cycles, the result is a system that often has problems with brand new software and hardware (laptops), but which runs stably for a long time after installation.

  • Ubuntu started to be the better Debian and to support the newest hardware with current software. At times the project went its own way with the Unity desktop and the transfer of all search queries on the desktop to commercial third parties such as & hairsp; B. Amazon was a privacy fiasco.

    There are also other privacy-invasive tools in Ubuntu that constantly contact some Ubuntu server. Some can be easily uninstalled, such as the Crash Reporter "apport" and the Report Submission Tool "whoopsie"who run the server daily contacted.

  • Ubuntu LTS (Long Term Support): In addition to the distribution, which is updated every six months, there is an LTS version of Ubuntu that should be completely updated every two years. Long Term Support only applies to the 9,000 packages in the main repository. The rest of the 45,000 packages are often insufficiently supplied with security updates.

  • Xubuntu or Kubuntu are well suited for Linux beginners. The good hardware support for new technology combined with a simple standard installation of extensive software including multimedia, a clear operating concept of the desktop without any cloud connections or transmission of data to third parties as well as full-disc encryption during installation make getting started easier.

    Ubuntu's privacy-invasive crash reporter and report submission tool "whoopsie" can easily be removed with the preferred package manager after installation. This is done in the terminal with the following command:

    Uninstalling unnecessary software is a security feature. A bug in the crash reporter "apport" could, for example, be used for years to remotely compromise the computer. If you are playing with the package manager, you could also install the following package to make attacks via TMP files more difficult:

  • Mint Linux would like to be the better Ubuntu and above all offers a different desktop that is elegant and fast and is particularly suitable for Windows users.

    With the Mint Debian Edition there is also a variant based on Debian.
Distributions suitable for everyday use with RHEL ancestry:
  • RHEL (RedHat Enterprise Linux) is a commercial Linux distribution for which you only get updates if you buy a license. RedHat focuses on security in the commercial environment and therefore offers SELinux integration and only a significantly smaller selection of software than Debian (especially in the multimedia area).

    The difference between Debian and RedHat in terms of software equipment can be seen in small system tools such as "Top" . RedHat only offers by default "Top", while Debian also uses derivatives such as "htop" or "atop" brings along. These derivatives can only be installed in RedHat if you also have ext. Integrates repositories.

  • Fedora is the community version of RedHat, for which you can get updates without a license. In terms of distribution, Fedora ranks second behind Ubuntu and its derivatives.

    In order to get a good multimedia support comparable to Ubuntu, you can integrate the RPMfusion repository and install the desired multimedia packages (which can also have disadvantages in terms of security if you install "bad" or "ugly" codecs). For example, you could install the VLC player: New Fedora versions appear every six months. Updates are provided for a year + a couple of weeks. There are no Long Term Support (LTS) versions as with Ubuntu derivatives, so you have to update your system completely on a regular basis. In return, you get a system that is always innovative and up-to-date.
Distributions based on Arch Linux
  • Arch Linux offers the rolling release cycle as a special feature. Once installed and always up to date with small updates, the philosophy is there. Big leaps with full system upgrades are not necessary.
  • Manjaro is the upgraded version of Arch Linux, which is aimed especially at Windows users with an elegant desktop.

To avoid problems with updates, rolling release distributions should be updated regularly so that the changes to the overall system remain small.

Immutable distributions:
  • Silverblue is an immutable (unchangeable) desktop system based on Fedora. With Toolbox, containers can be created for different working and test environments.
    • A container is not a closed environment like a VM. A new container initially provides the same environment as the host. You can read data in $ HOME from the host system, but changes are only available within the container.
    • In a container, software can be carried along as normal "dnf" install, compile, test, etc. This additional software is only available in this container.

Immutable (unchangeable) distributions are a basis for software developers and other hobbyists who like to play with the device and are annoyed when the installation breaks.

The host system cannot be changed and is therefore stable. All modifications and installation of software are carried out in so-called containers that can be easily created, used and thrown away.

A Linux distribution for special security requirements:
  • Qubes OS is a special Linux distribution. All applications run in several separate virtual machines with a minimal Xen-based hypervisor that monitors the guest systems and gives them only limited access to the hardware. Qubes OS offers:
    • Protection through strong isolation of the individual applications
    • separate network access for each of the VMs
    • Protection against BadUSB devices through a proxy VM for USB devices, with which you can control which USB devices are available in the work VMs
    • extensive graphic integration of the virtual machines including colors for the visual delimitation of the VMs from one another
    • Files from unsafe sources can be viewed in Disposable VMs, edited or converted into "trusted PDFs" (this protection is only effective if you switch off the generation of thumbnails in the file manager!)
    QubesOS is based on Fedora, but also contains a template for Debian VMs and Whonix (Tor Onion Router). The use of the RPMfusion repositories is already prepared in the Fedora templates from QubesOS; they only have to be activated: The disadvantage is the significantly higher memory requirement than other distributions and a "slowdown" when working with the computer.
With all Linux distributions, after a simple installation process, which can also be carried out by laypeople, you get an executable system with much more extensive software than with Windows or MacOS. At the same time, the system is extensively adaptable and under the control of the user, who can be "root". A switch from Windows will search in vain for the well-known programs, there is no Photoshop, no Windows Explorer or MS Office, there are numerous alternatives. I've never missed anything.