Talk:Security-focused operating system

This article is rated List-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computer Security: Computing Mid‑importance This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by WikiProject Computing (assessed as Mid-importance). Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here. Software: Computing Low‑importance This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.SoftwareWikipedia:WikiProject SoftwareTemplate:WikiProject Softwaresoftware articles Low This article has been rated as Low-importance on the project's importance scale. This article is supported by WikiProject Computing.

Archives

Index Archive 1

This page has archives. Sections older than 90 days may be automatically archived by ClueBot III when more than 5 sections are present.

Ubuntu is more user-friendliness oriented than security oriented. I'm not implying they have poor security but the "focus" isn't there to the degree of the other listed operating systems. It should probably be removed. — Preceding unsigned comment added by 199.120.25.205 (talk) 00:14, 22 June 2012 (UTC)[reply]

I STRONGLY second this motion. I propose that Ubuntu (despite the fact that I'm posting from it) be removed from this list. I work in information assurance, and I can tell you straight up that this looks like shameless advertisement to me. Ubuntu is not nearly as secure as distro as (some might call rival, but in reality not at all rival although the parent company are certainly rivals to some extent) Fedora. If the previous line was a bit confusing; I'm saying that Ubuntu is not nearly as secure as Fedora out of the box despite Fedora being even more bloated then even Ubuntu. It doesn't make any sense to me why Ubuntu should be on this list and therefor I will try to remove them after this post. NewGuy1001 (talk) <span style="font-size: smaller;" comment added 16:50, 29 November 2012 (UTC)[reply]

Also, if you want to think of this way or as justification, just consider the recent SERIOUS security issues and flaws in the newest release, 12.10 as proof and justification of this decision. Again, I really do not feel like Ubuntu should be included here and it's presence really does seem more like plug then actually adding to the usefulness of the content henceforth. NewGuy1001 (talk) 16:57, 29 November 2012 (UTC)[reply]

It would seem some other general purpose distros have snuck in:

• OpenSuSe
• Debian
• Fedora
• RHEL

Something like OpenBSD might be viewed as grey area, since the project top to bottom has such a strong focus on security. Either way, I don't think that run of the mill Linux distros should be included on this list just because they have a firewall or a few basic security features (as seems to be the justification included in the article).

I'd also remove Windows "Core mode" many (most?) Linux distros offer minimal installs not including GUIs -- that in and of itself does not make it a security oriented operating system. 99.110.77.236 (talk) 05:01, 24 November 2017 (UTC)[reply]

I'll add that removal from this list is not a slight at all against any of the aforementioned Operating Systems -- I use RHEL daily. I just don't think they fit on this list. 99.110.77.236 (talk) 05:03, 24 November 2017 (UTC)[reply]

In my opinion, Windows server core[1] should stay on the list. It is Microsoft's attempt to ship a more secure OS. The fact that the method they chose is something that every version of UNIX already has is irrelevant. As for general purpose Linux distributions, I say if it has a way of hardening it, leave it in, otherwise, nuke it. The fact that Debian with the changes from the Securing Debian Manual wasn't given a separate name doesn't make it any less of a security-focused OS than, say, HardenedBSD or Trusted Solaris.

OpenBSD, Fedora, and Red Hat Enterprise Linux, on the other hand, are clearly not security-focused operating systems. They are general-purpose operating systems that are believed by some to be more secure than some other alternatives. They should be removed. --Guy Macon (talk) 23:50, 24 November 2017 (UTC)[reply]

Saying that OpenBSD is not a security-focused operating system just tells us all that you have no idea what you're talking about. Removing it was ridiculous, and the fact that it only has a super-quick blurb that calls it a, "research," OS also makes no sense whatsoever.

I really suggest adding this back form before you ruined the article:

"OpenBSD is an open source BSD operating system that is known to be concerned heavily with security. The project has completed rigorous manual reviews of the code and addressed issues most systems have not. OpenBSD also supplies an executable space protection scheme known as W^X (memory is writable xor executable), as well as a ProPolice compiled executable base. OpenBSD became the first mainstream operating system to support partial ASLR and to activate it by default; ASLR support was completed in 2008 when it added support for position-independent executable (PIE) binaries."

There are dozens of places you can find that show that OpenBSD is one of the most (if not THE most) security-focused operating systems, but how about straight from the horse's mouth?:

https://www.openbsd.org/security.html

For crying-out-loud, "Secure by Default," was their slogan for almost 2 decades!

If you need external validation of their claims, you can start by checking out the various 3rd-party links available here:

https://www.openbsd.org/events.html

But really, a simple Google search should provide you with literally THOUSANDS of experts referring to OpenBSD as a/the security-focused OS.

I know many people hate the founder of OpenBSD, and that's fine, but since when do we remove stuff just because it was made by someone we hate? 174.116.84.211 (talk) 15:08, 22 September 2023 (UTC)[reply]

I noticed this edit[2] with the edit summary black box is a pentesting OS like kali linux, not a hardened system, Are security-focused operating systems limited to hardened systems? Should this list exclude pentesting operating systems? --Guy Macon (talk) 09:59, 24 March 2019 (UTC)[reply]

I have tried to remove both Replicant and BSD, because both are merely General-Purpose OSes. With Replicant, replacing proprietary components with open ones does not make it "security-focused", also I've found the attack at Samsung in the repicant entry to be somewhat dubious. BSD is just an general-purpose OS. I've also found the inclusion of Windows Server in headless mode to be questionable. Sure, there might be less security issues in this mode, but this is highly speculative. Plus, headless mode is very common in almost any server software... --2003:CD:7F0F:A00:58D:F513:E257:D60F (talk) 10:39, 29 November 2019 (UTC)[reply]

CalyxOS it is not a secure operating system. It falls behind Security updates and does not offer any additional hardening upon AOSP despite the misleading marketing.

The article does not differentiate between offensive penetration testing operating systems and hardened, truly security-focused operating systems. All of these pentesting operating systems have no improvement in security.

Furthermore, it mentions systems that absolutely cannot be described as "security-focused" (e.g. CalyxOS or Silverblue).

The following OSes should be removed:

• CalyxOS (doesn't improve security of the AOSP)
• Kali NetHunter
• Black Arch (and the whole Arch-based section)
• Kali Linux
• Parrot OS
• Pentoo (and the whole Gentoo-based section)
• Alpine Linux
• Fedora Silverblue (Silverblue is not security focused)

Operating Systems that should be added in this article:

• Kicksecure - hardened Debian (https://www.kicksecure.com/#security & https://www.privacyguides.org/en/desktop/#kicksecure)
• Secureblue - hardened Fedora Silverblue

And we should add a paragraph that mentions the security flaws of Linux operation systems such as no verfied boot, no exploit mitigations, kernel with large attack surface, ...(https://madaidans-insecurities.github.io/linux.html) 62.218.181.138 (talk) 07:20, 3 September 2024 (UTC)[reply]

I removed most of the listed distros and CalyxOS (Special:Diff/1246718073). I left Alpine Linux since its about page (https://alpinelinux.org/about/) seems to imply a security focus.

I didn't add your suggestions, since i don't know much about them. 2601:19E:8380:B570:DA75:FB27:64E6:E4F7 (talk) 17:16, 20 September 2024 (UTC)[reply]