On Wednesday, December 28, 2016 at 12:01:57 AM UTC-5, Vít Šesták wrote:
> While I agree Debian is a fair choice in terms of security, I disagree with 
> your reasoning. The “encryption bypass” is rather a minor vulnerability (i.e. 
> if attacker has all prerequisities to abuse it, she probably could also 
> perform another attacks) and I don't believe that this is statistically 
> significant. On the other hand, there are also some Debian-specific 
> vulnerabilities. For example, recent APT vulnerability or not-so-recent 
> vulnerable SSH keys due to some Debian-specific tuning. This does not suggest 
> that Debian is less secure, this suggests it is not so clear.
> 
> Regards,
> Vít Šesták 'v6ak'

There are alot of reasons why I feel Fedora and Debian are the two most secure 
mainstream linux distros. But thats not saying much at all,  its why we use 
Qubes.  Linux sucks imo and is no better then windows.  Especially when using 
popular distros.  These are just my personal opinions I might be living in a 
bubble.

Yes, I was also trying to point out the choice of security between the two is 
not so clear..  But when it comes to the things that puts fedora up there like 
a default firewall or selinux , They don't matter for a Qubes dom0.   But I 
think if hardware support is priority,  fedora always optimized for a newer 
kernel and newer driver support and having newer software would be more ideal.  
 If stability,  then debian.

Things like holding enter button down to bypass luks, or holding backspace down 
to bypass grub, or using siri and hitting pad a couple times to bypass ios 
phone lock(ion every single version).  whether needing physical access or not,  
sure does make me wonder if they are not there on purpose. Like for police 
purposes.   I've always felt the people behind ubuntu or fedora are not as 
trustworthy when it comes to privacy if not security then a distro like debian. 
 I'm sure everyone knows all the common reasons why, so no need to list them 
all,  but things like NSA,  Search redirections, corporate greed, unknown 
network connections, services phoning home,   etc always come up...  When using 
a baremetal system I prefer debian system because I feel by default it gives 
more protection from itself then fedora will protect you from fedora.  That 
includes both backdoors and stability.

And if you want a conspiracy theory I think Russia has been undermining fedora 
especially starting with fedora 20.  I have also felt every hardened fedora box 
I have ever owned has been hacked or maliciously destroyed. Every single one.  
Its never happened with a hardened debian, or even with a hardened windows 7.  
But again in this case for a Qubes dom0 I don't think it really matters.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/876ac1cb-9f9e-4aaa-b746-d0a464d3f280%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to