this post was submitted on 22 Oct 2024
25 points (96.3% liked)

Linux

48012 readers
588 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I went with GNOME just because I'm used to it and want stability as my main focus but I was wondering if using one DE over another can affect security or privacy at all? Or is that all dependant on the distro you are using?

top 9 comments
sorted by: hot top controversial new old
[–] nous@programming.dev 24 points 2 weeks ago

TLDR; yes it does affect security. But quite likely not by any meaningful amount to be worth worrying about.

Any extra package you install is extra code on your system that has a chance to include vulnerabilities and thus could be an extra attack vector on your system. But the chances that they will affect you are minuscule at best. Unless you have some from of higher threat model then I would not worry about it. There are far more things you would want to tackle first to increase your security that have far larger effects than a second desktop environment being installed.

[–] helpimnotdrowning@lemmy.sdf.org 12 points 2 weeks ago

What do you mean by privacy? If you mean like other people you may live with/come across having access to your data, the best solution is having an encrypted drive/partition. No DE or standard login is going to stop a determined threat actor from just pulling out your storage device and reading off what's on there.

[–] savvywolf@pawb.social 11 points 2 weeks ago

As far as I know, none of the major DEs have Windows-style telemetry turned on by default. So ignoring security issues and apps themselves, DEs should roughly be the same on the privacy front.

[–] OsrsNeedsF2P@lemmy.ml 9 points 2 weeks ago

Don't miss the forest for the trees.

Do whatever makes you most comfortable so you don't go back to Windows or MacOS.

[–] flashgnash@lemm.ee 7 points 2 weeks ago

I don't think DE really means much for security, your biggest concern is always going to be the software you run having the same privelages as you (IE filesystem access)

[–] cmgvd3lw@discuss.tchncs.de 5 points 2 weeks ago

Major DEs are almost safe.

[–] Whom@beehaw.org 2 points 2 weeks ago* (last edited 2 weeks ago)

Wayland has security benefits over X11 so choosing one with a Wayland session is a good idea but other than that I'm not really aware of any breakdowns of security between DEs. My gut says the major options are pretty similar on that front, most hardening guides only mention DEs to tell you which ones support Wayland. The choices you can make to harden your system are changing things at a lower level that is entirely unrelated to your DE. That said I'm just a privacy/security interested layperson and security is a topic where you can always split more hairs if you want (or need) to.

[–] boredsquirrel@slrpnk.net 2 points 2 weeks ago* (last edited 2 weeks ago)

That question is very broad.

Yes, double the DEs installed will mean double the possibilities for vulnerabilities.

Also, I know no Linux Desktop that is actually secure. Like having a real password manager or not sharing the clipboard.

Privacy? No? But just look at what data they collecty it is harmless.

[–] pastermil@sh.itjust.works 2 points 2 weeks ago

Perhaps if you're just trying out and experimenting, you shouldn't use your main system. Try it in a VM, or even better, a spare computer. Then whatever stuff that you like, you trickle down to your main system.

In the case of DEs, I don't like having multiple ones in my system, but only because I like my systen lean. So if I want to try out a DE, I'd just set it up on a test system, usually from scratch.

So far, I'm liking KDE the most, but for something more lightweight, I'd go with XFCE or MATE.

To answer your original question: Theoretically, it could affect your security as each piece of software could have vulnerabilities. In practice, however, it's negligible, and if there's anything major, it would usually get addressed quickly.

Last but not least: When you're just starting out, you wouldn't want to be focusing too much on security. Following the general guidelines should suffice for most case. Just focus first on getting all the functionalities you need. Security usually means restricting access, including to yourself, that means doing it too much could make things not function properly. Securing things prematurely (i.e. before you get things working) could only frustrate you, speaking from experience.