I wasnt going to say anything... lol. But I was leaning towards debian. But fedora. Thats Red Hat. They are the leading administrative suite as far as I know. Or were. They must have good security or whos going to throw up a server?
>In particular, Fedora's downfall is that its one of the very few distros >that don't sign/secure their overall software manifest; a MITM attacker >can prevent you from receiving specific bug fixes without you realizing The above statement reminded me that it says that in the docs. And that does seem like a make or break statement for template choices. Key signing is a fine implementation on qubes. ha, I did read that one too about the ugly kde. @Yuraeitha I havent quite tackled the security through compartmentalization part yet. I have put some thought into it though, and after dividing my attack surface between functions (keyring, passwords, misc files, etc) I realized that each function has only one app to go with it. So I may as well just have one app running in each VM. Or in the case of splitVMs, multiple apps for each program! I would love to hear how you divide your VMs up. I was looking for examples online, but I couldnt find any; aside from an (ITL?) essay I read last year. But starting easy and growing is good advice. >In particular, Fedora's downfall is that its one of the very few distros >that don't sign/secure their overall software manifest; a MITM attacker >can prevent you from receiving specific bug fixes without you realizing The above statement reminded me that it says that in the docs. And that does seem like a make or break statement for template choices. Key signing is a fine implementation on qubes. @Tim W >Correct. I have had both on and functioned fine. Thats good to know. I know I read somewhere that it was buggy with 3.2, I think? As far a attack surface goes, I like using konsole better than xterm or uxterm and when installing that on debian or fedora, it required many dependencies. I removed it, but Im going to take a second look. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/674efcc2-48b2-4956-ae64-6fdcddbc8365%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
