What is the most secure operating system?

What is the most secure operating system?

Other urls found in this thread:

schneier.com/
twitter.com/NSFWRedditImage

Depends who is using it.

Windows 10 could be the most secure operating system if the person running it was somehow able to de-botnet it and was able to manipulate the code while on the other hand Qubes OS could be shit if the person running it taped a piece of paper with the passwords under his screen.

I'm very knowledgeable about security, but I'm not sure which OS I should use to be hard to trace and such.

Qubes or some other hypervisor isolating processes.

Qubes, would it be possible to run pentesting tools on here?

Woah, that's deep.
This is what Winfags actually believe is possible.

Hard to trace?
Oh_my.jpg
A few things to consider:
Browser (or any other net-facing application) fingerprint.
Encrypted = Private. But is your encryption good?
Proxied = Anonymous. But is your proxy good?

I don't think security means what you think it means.
Read some Schnier FFS.
schneier.com/

poasting in a nsa fred

The one without an internet connection.

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

macos sierra

TempleOS.

It's like you didn't even read his post or understand what he was getting at. Go back to cuckchan, nigger.

Well yes, that's the whole point. He's a fucking retard going

I would guess something like Minix.

Well, when dogshit decomposed (turn white) it really doesn't that bad and it's a good fertilizer.

Dogshit is based.

first post ALWAYS a shill

How the fuck am I a shill if I said that windows would be fine IF you could de-botnet it to specifically make it not steal your shit?

Tails?

Well no shit, but that doesn't prove anything, we're not discussing hypothetical fantasies.

I thought I read somewhere that someone was successful at fully de-botnetting windows 7, but with windows 10 being unable to work if it cant communicate with a specific IP (I think it was 8.8.8...) may be something that would stop it from being de-botted.

Linux distros are at the bottom of the list.

Worthless, fuck off.

...

If you do not have access to the source code to verify what your system is doing, it is by definition not a secure system.

Just because you have access to the sourcecode doesn't make it secure either. And 99% of users don't have the technical expertise to properly audit the source code. That includes you.

If you have access to the source code, and you use it, it is more secure. You wouldn't use a non secure software that you know is non secure.

No it isn't. Why do you say that? You've audited over 21 million lines of code and can say with confidence that the linux kernel is secure? You have the expertise to do that? Of course we all know you don't. Nobody who has ever used this board has that expertise. Not one user.
What?

Do you take the time to actually go into the source and look for possible problems, or do you simply see "open source" and instantly assume that it is going to be good? People on the internet can claim that the program has been audited, but unless you have proof or actual diagnostics from the audit, it cannot be trusted.

Micro$hills please leave

Open source is rife with catastrophic security failures like heartbleed. Google discovered it too.

You don't have a rebuttal. Just a hurt butt.

If by secure you mean nobody except every government agency and whoever else has enough money to pay google gets access to your information, then sure.

You could say all the people here pushing Qubes, Tails, etc. are shills because they claim that it is safe yet they have never looked into the source code and probably never will, but no, the people claiming that open source is not safe like all the people on here say it has got to be a shill, amirite?

Here's a thought. Why don't you learn whatever language Qubes is made in and take time out of your life to actually audit it yourself and prove that it is safe and not made with backdoors in mind, and don't link articles claiming that it has been audited unless they have actual proof of the audit and the results of said audit.

...

Can you not read? Google discovered the vulnerability in OpenSSL.

Learn the definition of a shill.
You can absolutely shill for free software.

Has it ever occurred to you that that free software could could be the NSA's next take at identifying possible threats?

Notice how in every thread that talks about security, Qubes is brought up with no other information other that you should install it and it has sandboxing for individual programs.

Wangblows will always be complete trash.


Would you rather be part of the botnet where they have complete access to all of your information or have a secure system that only makes the FBI put you on their list because they can't access all of your data?

Thats a vague question. Its most likely some obscure RTOS or embedded firmware

General purpose Operating Systems (Windows, GNU, BSD and OSX) are not very secure at all. Security usually has to compromise usability. iOS is arguably more secure than the big 3 but its very unusable from a general-purpose standpoint.

I do NOT consider Linux secure from a general purpose standpoint, because of its highly modular design, you need a very specific setup for any level of hardening. Android, for example, is not very secure on a userland-level, just on a kernel level (and even then its not very secure) BSD, comparatively, is much more secure than Linux do to the "All-in-one" nature of its default setup. Windows CAN be more secure than Linux but its also a high-profile target.

Linux kernel could be the same thing. Your distro could include the same thing. You'll never be able to verify. You're no more informed than if it was closed source.

Stop projecting, wangblows retard. Not everyone is dependent on daddy gates to give them computer like you.

You don't even know what psychological projection is.

...

That's because Qubes is the right answer for most people. If they are interested, they can look into it further since it's open source.
Microsoft is not the right answer, it's the problem.

Go back to /g/.

What I was saying in my original post was that the NSA could be in control of all of the "security" operating systems and they could be placebos offering to keep your information safe.

If you would look at the picture to the left, you would see that Qubes is being pushed by many large sites and even Snowden who is a shady person that is trusted, because he exposed an NSA program that might have been made with the purpose of being shown to the world so people would trust Snowden and download "security" software pushed by him.

But whatever, until you show me a full audit of one of your "security" operating systems none of them can be trusted.

Fuck forgot picture.

I guess you've given up.

How so?
99% won't. Nobody here could if they wanted to.

So by your retarded logic, there aren't any secure systems and you can't trust any of them*.

*Except windows 10, because it's made by a big company who would always put your security first, and with that many people who use it, they can't all be wrong!

Qubes OS could be an NSA honeypot in disguise and you would never know because you have never looked into the source.

...

You have no way to prove it isn't.

You seem to have managed to find their website. Now all you have to do is start reading instead of shitposting.

Why are you still here?

...

Pushed by many big people and webistes


Muh fallacies

...

Windows 10 without network access, no external software installed and no ports.

Any OS witht those requisites is almost unpwnable.

Might as well use gnu/linux without network access instead, it would still be better, because microsoft is shit at coding and creating a good os for usage in the first place

Solution right here.

Have a desktop with windows on it and another with linux and download all your programs on the one with linux and move them to the windows machine via USB's.

Better solution

To be fair to shill user, there is absolutely no way you know there isn't a backdoor in any software that hasn't had a public audit unless you, yourself, look it over and we all know no one does. Of course, never settle, just be informed.

This is indeed theoretically possible.
But it's extremely hard, because there's no source code, and in the worst case one has to rewrite everything from scratch while being compliant to the API of Windoze so that applications will work with this version. Something similar to what ReactOS devs try to do.

So, it's not at all practical, but if someone is a fucking genius, then of course (s)he can do it.

And also, in this case Windoze Update won't work (unless this genius reverse-engineers what these changes do and selectively applies these changes to their rewritten version)

OS doesn't matter if the machine is read only.
It cannot leak information if all channels where it can send data are nonexistent. (in that case it has only input devices and also you can allow monitor (if you cover it together with your head with a opaque box) and headphones (if they don't leak sound and you only turn them on when wearing).

This can be tricky though, because one has to think also about non-obvious side channels like radio emanations, fan sound modulation, etc.

It's called C you fucking faggot retard

How secure would something like Puppy Linux be?

It's bretty gud but you might as well use Tails if you're going portable.

Typical Jewess.

tails comes to mind
lul at all the microshaft ITT

I prefer puppy because it's smaller and more lightweight, and it can be entirely on RAM if you want to set it up for that

this

But how come nobody has yet mentioned OpenBSD?
I'm not claiming that it is indeed the most secure system, but it makes a good attempt.
On the other hand, security relies mostly on the user. And you can never be sure how secure you are, even if you stack security features and controls, there might always be a zero day or a hardware backdoor in your system.

Because OpenBSD is designed for servers and most people on here are only concerned about hiding their loli folder from "muh evil gubbermint".

I use OpenBSD on both my laptops.

That's true but shillanon just comes here to argue/shitpost so I'm not going to play along. Why else would he be pushing as secure an OS that exfiltrates your data by default.

If you have a formal proof of correctness of the compiled binary (one exists for SeL4) then you can know it's secure even without the source code or the freedom to modify and redistribute it.

The one with smartest user.

If it were closed source, how would you know it's secure even with a formal proof of correctness? There could be a portion of the code that uploads your entire hard drive contents somewhere, but as long as it was bug free and performed that function exactly as required at the binary level wouldn't it pass the proof? Not saying SeL4 does this, just in general.

You can hide those lolis with openbsd too.


I used it too. The only thing i liked is the default date syntax. Everything else gave me a dumbed down experience compared to linux.

Because a proper proof would include the program's specification, and show that its input and output (including system calls and such) exactly matches that specification.

SeL4 is not even proprietary, by the way. It's just an example of a useful non-trivial program with a formal proof.

Thanks user, that was the part I was missing. I did see SeL4 was open source and actually could be interesting. Guess I'll always be more comfortable with something like that that anybody can audit versus a "trust me, it's audited" approach but can see how that might work in some cases.

puppy linux precise