this post was submitted on 17 Dec 2024
104 points (96.4% liked)

Linux

48665 readers
995 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
AgreeableLandscape@lemmy.ml
nooter692@lemmy.ml
MarcellusDrum@lemmy.ml
cypherpunks@lemmy.ml
cyclohexane@lemmy.ml
d3Xt3r@lemmy.nz
104
Kali Linux 2024.4 released (www.kali.org)
submitted 4 days ago* (last edited 4 days ago) by petsoi@discuss.tchncs.de to c/linux@lemmy.ml
19 comments fedilink hide all child comments
 

Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.

you are viewing a single comment's thread
view the rest of the comments
[–] Neptr@lemmy.blahaj.zone 3 points 4 days ago (1 children)

What do you mean secure by design? What part of it is secure. Compare it to actually security focused Linux operating systems like QubesOS, Kicksecure, or Secureblue. Literally any OS that supports the Brace tool (made by the creator of DivestOS) is much more secure than Kali Linux. Kali is purpose built for red team work, not being secure (aka reducing attack surface or designing around a threat model).

[–] Manifish_Destiny@lemmy.world 2 points 3 days ago* (last edited 3 days ago) (1 children)

Kali is secure as in once it's configured, it cannot be accessed without creds, keys etc. That meets the definition of 'secure'. It's just Linux with a bunch of pre installed packages.

Of course something can always be more secure. But saying Kali isn't secure is like me saying your PC isn't secure because it isn't air gapped like my most secure PC.

[–] Neptr@lemmy.blahaj.zone 1 points 2 days ago* (last edited 2 days ago) (1 children)

PCs aren't secure. Linux default isnt secure. Kali has so many apps/tools installed by default that it isnt comparable to default Linux. It has massive attack surface and no security design, therefore calling it secure isn't accurate.

If no effort was put into the security design of an OS, why call it secure?

[–] Manifish_Destiny@lemmy.world 1 points 19 hours ago* (last edited 19 hours ago) (1 children)

Okay if I turned off password auth, just used keys, disabled the Kali user and root login, how are you breaking in? Where's the vulnerability? Which cve or cwe are you able to exploit?

A large attack surface doesn't mean insecure. It just means less secure.

Source: I literally pentest for a living. No, I don't even use Kali on a regular basis.

[–] Neptr@lemmy.blahaj.zone 1 points 14 hours ago (1 children)

My point exactly. A large attack surface means less secure. My point was that Kali isn't focused on being a secure OS. It is all about the tools. Even without a vulnerability, a secure OS should protect against unknowns.

[–] Manifish_Destiny@lemmy.world 1 points 2 hours ago

You failed to answer my question. You're clearly missing the point intentionally. You're either a troll or retarded.