1

Topic: A Linux hardening guide

Lately, I came across this extensive guide on hardening your Linux distro.
Since then, I've followed it to harden my daily driver MX Linux as much as possible.

I thought I might mention this and talk about it, particularly how
HyperbolaBSD may implement some ideas in the guide.

https://madaidans-insecurities.github.i … ening.html

2

Re: A Linux hardening guide

There are for sure some interesting notes, but that article again recommends wrong perspectives:

A myriad of common Linux distributions, including Debian, Ubuntu, RHEL/CentOS, among numerous others use what's known as a "stable" software release model. This involves freezing packages for a very long time and only ever backporting security fixes that have received a CVE. However, this approach misses the vast majority of security fixes. Most security fixes do not receive CVEs because either the developer simply doesn’t care or because it’s not obvious whether or not a bug is exploitable at first.

This ẃill nevertheless go for the complete opposite as it is not possible to upgrade different packages just because there could be some attack-surfaces. This would result in a complete mess and unstable system as this is the character of "rolling-release". And besides that: Ever on-going changes on the system without having stable configurations? Impossible at all. So that guide is not the best option. There is again to read besides the lines that too many distributions and resulting systems are not "the best idea". Especially from that idea common and big frameworks like systemd were created: To build some kind of so-called "standards". But those "standards" only enforces people instead bringing emancipation at all.

Human being in favor with clear principles and so also for freedom in soft- and hardware!

Certainly anyone who has the power to make you believe absurdities has the power to make you commit injustices: For a life of every being full with peace and kindness, including diversity and freedom. Capitalism is destroying our minds, the planet itself and the universe in the end!

3 (edited by zapper 2022-05-27 05:03:37)

Re: A Linux hardening guide

burhen42 wrote:

Lately, I came across this extensive guide on hardening your Linux distro.
Since then, I've followed it to harden my daily driver MX Linux as much as possible.

I thought I might mention this and talk about it, particularly how
HyperbolaBSD may implement some ideas in the guide.

https://madaidans-insecurities.github.i … ening.html


Yeah... I really recommend you IGNORE MOST of what these people say...

If you want to check to see if they say anything true, I highly recommend you do a huge amount of research before you take anything these trolls say SERIOUSLY...

https://madaidans-insecurities.github.io/index.html

I recommend you read the above link and check each link attached within it...

It seems big business is funding these people...

DO NOT TRUST THEM!

I actually trolled them on their github page a while back...

They recommend mobile devices and windows devices and other proprietary software/hardware...

That should tell you everything you need to know about them...

Aka, its very preposterous

Security by obscurity does not work!

Btw, quite a bunch of people on reddit, make fun of these people...

https://www.reddit.com/r/degoogle/comme … e_so_much/

https://www.reddit.com/r/linux/comments … ies_linux/
https://madaidans-insecurities.github.i … omium.html

https://www.reddit.com/r/degoogle/comme … e_so_much/

wink

To sum it up, as a general rule of thumb, ignore people who believe proprietary software is more secure and especially ignore people who believe libre software is the least secure...

Also, while I don't agree with the open source model regarding certain aspects, OpenBSD is considered such, so...

Yeah

Such mindless lies, are definitely meant to manipulate...

Bottom line:

OpenBSD is the most secure and BSD in general is pretty darn secure, as long as the user doesn't install crap that has many issues proprietary or otherwise, even then though, it usually takes a lot to crush a BSD server, even if its not OpenBSD...

Long rant over...

smile

HyperbolaBSD: The Future of Secure Libre Lightweight Operating Systems!