So, I’m currently on Kubuntu and I’m not really a fan. I want to take the opportunity to switch to a better distro. Ideally I’d use secureblue but I’m hoping for advice on how practical it is as a daily driver from the people who’ve used it.
My priorities are:
- Using Linux.
- Using Firefox.
- Security, within reason.
- Using software which treats security with the importance it warrants (If desktop Linux should improve in one area in 2026, it’s security).
My options are:
- Fedora Kinoite
- Fedora KDE with some hardening
- Secureblue
My needs are:
- Browsers: Firefox, Mullvad Browser, a Blink-based browser (backup).
- Extensions: Ublock Origin (Lite or otherwise), Noscript, Proton Pass
- Apps: Freetube, Anki, Discord, Threema, Libreoffice, Mullvad VPN, Kwrite, Kolourpaint
- Sound: Bluetooth headphones, Sound, Printing (Optional)
I’ve stopped using themes, partly because of the security issues and partly because I just don’t really like them anymore. I’ve replaced them with the Plastic window decorations that come default on Kubuntu and a custom colour scheme.
On Firefox:
- I need Firefox because it allows me to create duplicate bookmarks with ease. I manage a lot of things via bookmarks and sometimes they overlap.
- Secureblue has been incompatible with Firefox in the past, but IIRC Firefox recently added support for hardened_malloc. I can’t find where I read this though.
- In terms of the security issues with Firefox, I’ve installed Noscript to prevent untrusted sites from running javascript (especially Wasm). I can swap to a blink-based browser where it requires trusting too many sites.
- Proton Pass … I don’t log directly into it on my computer (only on GrapheneOS) and I don’t have my 2FA keys stored on it. I need it for a Passkey because neither Linux nor GrapheneOS support them natively and my government services’ 2FA codes requires it’s own app which requires the Play Integrity API (bloody Australia). My government services are a very high value target (because Australia).
- I wonder if I really need hardened_malloc in the first place, since with the state of Linux security I’m not sure there’s a reason someone would use a memory vulnerability unless I’m being targeted personally (and nobody’s gonna do that for me).
Security goals:
- I want to make sure the software I install to not have access to anything it doesn’t need to.
- I want to make sure that any website I visit won’t be able to access my file system.
- I want to make sure that my browser extensions won’t be able to access my file system.
- I want to use a distro that’s somewhat resilient against supply chain attacks.
- Proximity to upstream for timely security patches.
These also are valuable. Less valuable than browser escapes IMO though.
A keylogger is more likely, and it’s just as possible with sudo as it is with run0. They would replace sudo, run0, doas, etc with a fake command (since that only require access to the user), that either keylogs, or inserts a backdoor while it does the other sudo things.
Please ignore the entire cybersecurity hype news cycle about images being used to spread malware. They often like to intentionally muddy the waters, and not clearly explain the difference between a malformed file being used as a vulnerability to exploit a code execution exploit, and an image file being used as a container for a payload (steganography). The former is a big deal, the latter is a non issue because the image is not the issue, whatever means the malware actually used to get onto the systems is.
Here’s a recent example of me calling this BS out. The clickbait title implies that users got pwned by viewing a malicious image, when in actually it was a malicious extension that did the bad things.
Unless you are using windows media player, the microsoft office suite, or adobe acrobat, code execution from loading a media file is a really big deal and fixed extremely quickly. Just stay updated to dodge these kind of issues.
As for zero days, unknown and unpatched vulnerabilities, again, that’s a different threat model because those exploits cost money to execute. Using an existing known (but fixed in updated versions of apps) is free.
I’ve heard of thumbnails being used to deliver malware. Specifically the idea that “thumbnailers” are javascript code included in the file that will run in order to generate a thumbnail and they have the potential to deliver malware. After an arduous search I found this article https://thehackernews.com/2017/07/linux-gnome-vulnerability.html suggesting a vulnerability in the thumbnail generator for windows executables on GNOME allowed it to be used to deliver malware because the file name contained code that was executed by the thumbnailer. I’m still entirely unclear about what a thumbnailer even is (whether it’s local or remote code) or what my original source was. For now I’ll just turn off thumbnails for all but images and hope that counts as adequate security.
You’ve heard of critical vulnerabilities in media processing applications that mean that thumbnails can theoretically be used to be spread malware. That is not the same as “this issue was being actively exploited in the wild and used to spread malware before it was found and patched”.
These vulnerabilities, (again, cost money), and are fixed rapidly when found. Yes, disabling thumbnails is more secure. But I am of the belief that average users should not worry about any form of costly zero day in their threat model, because they don’t have sensitive information on their computers that makes them a target.
That seems to be the case. Since I can’t find my original source. I remembered them saying something along the lines of “KDE doesn’t have a thumbnailer sandbox, GNOME has one albeit weak, so you should use GNOME” but I can’t find that source anywhere so maybe I imagined the entire thing.
Either way I’ll disable the thumbnails on everything but images just because I don’t really need them and if anything having PDF’s generate thumbnails like images do just makes my downloads folder more confusing to navigate.