Hi Mateusz,
I'm not a security expert. And also I'm not an English expert ;-)
On 27/10/2015 12:29, Mateusz Kozłowski wrote:
Could You tell me which debian desktop environment is the most security
and the best privacy and which You recommned for debian users? (KDE, XFCE,
GNOME etc.)?
I think that your question is not correct or it is a nonsense.
Today the most security DE can be XYZ, but tomorrow it can be another one.
The worst security DE can be the best one for your DE usage.
Note: I think that nobody can say what is the most security DE
...
You must define what is "security" for you. So what is mandatory to you
and what it isn't. Also you must define a maximum "cost" for your
security (probably you won't spend 1B$ or spend 23 hours/day in your
life to take your browser history secret) and...
Note: I think security is subjective and can have a different definition
in different time, situation, ...
...
and so on...
First you can start installing some interesting packages (Note: I'm
using Stretch and I don't know which Debian version are you using, so I
don't know if you can install all the following packages) that can be
used for monitoring and improving security in your system:
1) debian-security-support
with this you can have:
- during package installation/upgrading a warning for each package
without or limited security support
- invoking the command
$ check-support-status
you can have a list of installed packages without or limited security
support
Note: in Stretch you can see that there are some KDE important packages
without security support
2) apt-listbugs
with this you can have, during package installation/upgrade, a list of
severe bugs or security bugs
3) apt-listchanges
with this you can have a list of important changes (or also lesser
important changes, if you configure it properly) in packages
4) apt-show-versions
whit this you can search for packages that are not in the sources.list
repositories or are not anymore, with a command like that:
$ apt-show-versions | grep availab
If a package is not in the Debian repository... so it can be a security risk
Also you can search other package related to security, for example:
$ axi-cache search check security
if you don't have the axi-cache package you can install it with
# apt-get install apt-xapian-index
You can also read some security books, you can find someone in the
Debian site.
Ciao
Davide
