http://lifehacker.com/linux-security-distros-compared-tails-vs-kali-vs-qub-1658139404
Expand
Expand
If
you're interested in security, you've probably already heard of
security-focused Linux distros like Tails, Kali, and Qubes. They're
really useful for browsing anonymously, penetration testing, and
tightening down your system so it's secure from would-be hackers. Here
are the strengths and weaknesses of all three.
It seems
like every other day we hear about another hack, browser exploit, or
nasty bit of malware. If you do a lot of your browsing on public Wi-Fi
networks, you're a lot more susceptible to these types of hacks. A security-focused distribution of Linux can help. For most of us, the use cases here are pretty simple.
If you need
to use a public Wi-Fi network at a coffee shop or the library, then one
of these distributions can hide your traffic from someone trying to
peek in. Likewise, if you're worried about someone tracking down your
location—whether it's a creepy stalker or something even
worse—randomizing and anonyming your traffic keeps you safe. Obviously
you don't need this all the time, but if you're checking bank
statements, uploading documents onto a work server, or even just doing
some shopping, it's better to be safe than sorry.
All of
these distributions can run in a virtual machine or from a Live CD/USB.
That means you can carry them around in your pocket and boot into them
when you need to without causing yourself too much trouble.
Tails Provides Security Through Anonymity
Tails is a live operating system built on Debian that uses Tor for all its internet traffic. Its main goal is to give you security through anonymity. With it, you can browse the web anonymously through encrypted connections.
Tails
protects you in a number of ways. First, since all your traffic is
routed through Tor, it's incredibly difficult to track your physical
location or see which sites you visit. Tails doesn't use a computer's
hard disk, so nothing you do is saved to the computer you're running it
on. Instead, everything you're working on is stored in RAM and erased
when you shut down. This means any sensitive documents you're working on
are never stored permanently. Because of that, Tails is a really good
operating system to use when you're on a public computer or network.
Tails is also packed with a bunch of basic cryptographic tools. If you're running Tails off a USB drive, it's encrypted with LUKS. All your internet traffic is encrypted with HTTPS Everywhere, your IM conversations are encrypted with OTR, and your emails and documents are encrypted with OpenPGP.
The crux of
Tails is anonymity. While it has cryptographic tools in place, its main
purpose is to anonymize everything you're during online. This is great
for most people, but it doesn't give you the freedom to do stupid
things. If you log into your Facebook account under your real name, it's still going to be obvious who you are and remaining anonymous on an online community is a lot harder than it seems.
Pros: Routes all your traffic through Tor, comes with a ton of open-source software, has a "Windows Camouflage" mode to make it look more like Windows 8.
Cons: Can't save files locally, slow, loading web sites through Tor takes forever.
Who It's Best For: Tails
is best suited for on-the-go security. If you find yourself at coffee
shops or public libraries using the internet a lot, then Tails is
perfect for you. Anonymity is the game, so if you're sick of everyone
tracking what you're doing, Tails is great, but keep in mind that it's
also pretty useless unless you use pseudonyms everywhere online.
Kali Is All About Offensive Security
Where Tails is about anonymity, Kali is mostly geared toward security testing.
Kali is built on Debian and maintained by Offensive Security Ltd. You
can run Kali off a Live CD, USB drive, or in a virtual machine.
Kali's main
focus is on pen testing, which means it's great for poking around for
security holds in your own network, but isn't built for general use.
That said, it does have a few basic packages, including Iceweasel
for browsing the web and everything you need to run a secure server
with SSH, FTP, and more. Likewise, Kali is packed with tools to hide your location and set up VPNs, so it's perfectly capable of keeping you anonymous.
Kali has
around 300 tools for testing the security of a network, so it's hard to
really keep track of what's included, but the most popular thing to do
with Kali is crack a Wi-Fi password.
Kali's motto adheres to "a best defense is a good offense" so it's
meant to help you test the security of your network as a whole, rather
than just making you secure on one machine. Still, if you use Kali
Linux, it won't leave anything behind on the system you're running it
on, so it's pretty secure itself.
Besides a Live CD, Kali can also run on a ton of ARM devices, including the Raspberry Pi, BeagleBone, several Chromebooks, and even the Galaxy Note 10.1.
Pros: Everything
you need to test a network is included in the distribution, it's
relatively easy to use, and can be run on both a Live CD and in a
virtual machine.
Cons: Doesn't include too many tools for everyday use, doesn't include the cryptographic tools that Tails does.
Who It's Best For: Kali
is best suited for IT administrators and hobbyists looking to test
their network for security holes. While it's secure itself, it doesn't
have the basic daily use stuff most of us need from an operating system.
Qubes Offers Security Through Isolation
Qubes is
desktop environment based on Fedora that's all about security through
isolation. Qubes assumes that there can't be a truly secure operating
system, so instead it runs everything inside of virtual machines. This
ensures that if you are victim to a malicious attack, it doesn't spread
to the operating system as a whole.
With Qubes,
you create virtual machines for each of your environments. For example,
you could create a "Work" virtual machine that includes Firefox and
Thunderbird, a "Shopping" virtual machine that includes just Firefox,
and then whatever else you need. This way, when you're messing around in
the "Shopping" virtual machine, it's isolated from your "Work" virtual
machine in case something goes wrong. You can create virtual machines
of Windows and Linux. You can also create disposable virtual machines
for one time actions. Whatever happens within these virtual machines is
isolated, but its not secured. If you run a buggy web browser, Qubes
doesn't do much to stop the exploit.
The
architecture itself is set up to protect you as well. Your network
connection automatically gets its own virtual machine and you can set up
a proxy server for more security. Likewise, storage gets its own
virtual machine as well, and everything on your hard drive is
automatically encrypted.
The major
downfall with Qubes is the fact that you need to do everything manually.
Setting up virtual machines secures your system as a whole, but you
have to be proactive in actually using them. If you want your data to
remain secure, you have to separate it from everything else.
Pros: The isolation technique ensures that if you do download malware, your entire system isn't infected. Qubes works on a wide variety of hardware, and it's easy to securely share clipboard data between VMs.
Cons: Qubes
requires that you take action to create the VMs, so none of the
security measures are foolproof. It's still totally susceptible to
malware or other attacks too, but there's less of a chance that it'll
infect your whole system.
Who It's Best For: Qubes
is best for proactive types who don't mind doing a bit of work to set
up a secure environment. If you're working on something you don't want
in other people's hands, writing out a bunch of personal information, or
you're just handing over your computer to a friend who love clicking on
malicious-looking sites, then a virtual machine's an easy way to keep
things secure. Where something like Tails does everything for you out of
the box, Qubes takes a bit of time to set up and get working. Qubes user manual is pretty giant so you have to be willing to spend some time learning it.
The Rest: Ubuntu Privacy Remix, JonDo, and IprediaOS
Tails,
Kali, and Qubes certainly aren't the only security-focused operating
systems around. Let's take a quick look at a few other popular options.
- Ubuntu Privacy Remix: As the name suggests, Ubuntu Privacy Remix is a privacy focused distribution built on Ubuntu. It's offline-only, so it's basically impossible for anyone to hack into it. The operating system is read-only so it can't be changed and you can only store data on encrypted removable media. It has a few other tricks up its sleeve, including a system to block third parties from activating your network connection and TrueCrypt encryption.
- JonDO: JonDo is a Live DVD based on Debian that contains proxy clients, a preconfigured browser for anonymous surfing, and a number of basic level security tools. It's similar to Tails, but is a bit more simplified and unfamiliar.
- IprediaOS: Like Tails, IprediaOS is all about anonymity. Instead of routing traffic through Tor, IprediaOS routes through I2P.
Of course,
none of these operating systems are particularly ideal for day-to-day
use. When you're anonymizing your traffic, hiding it away, or isolating
it from the rest of your operating system you tend to take away from
system resources to slow things down. Likewise, the bandwidth costs
means most of your web browsing is pretty terrible. All that said, these
browsers are great when you're on public Wi-Fi, using a public
computer, or when you just need to use a friend's computer that you
don't want to leave your private data on.
They're
all secure enough to protect most of us with our general behavior, so
pick whichever one is best suited for your particular needs.
No comments:
Post a Comment