With over 200 distros to choose from, which one actually offers the most privacy-oriented experience?
Here’s a quick overview of some of the best Linux distros that can help you secure your traffic and data:
The main way Tails protects your privacy is by always running off a Live CD (a CD-ROM or other storage devices that boots an OS). Besides that, Tails only loads on your device’s RAM memory, making sure it leaves no trace of activity once your stop using it.
Of course, that means you should only use Tails if you need a single secure session since you can’t actually install Tails to a directory and save things to the hard drive.
Another cool thing about Tails is that it routes all your connections through Tor, automatically hiding your geo-location. The distro also offers carefully curated applications that enhance your privacy (like the KeePassX password manager).
“Okay, so what’s the catch?”
Well, the main issue with Tails is that it isn’t very user-friendly – at all. You need to have a lot of experience with Linux to take full advantage of it. Not only is it very complicated to set up and configure (plus it only runs on specific computers), you can easily mess up Tails’ security settings if you don’t know what you’re doing.
Also, Tails can’t protect you from exploit and root exploit-based cyber attacks like Qubes and Whonix can.
The Fedora-based Qubes OS goes hand in hand with Linux privacy and security.
Because it uses Xen Hypervisor to set up and compartmentalize your data into various Virtual Machines. For example, the distro will store any work-related data into one VM, and your personal files in a different one.
That way, if you ever accidentally download malicious software on the VM with personal data, your work files won’t be in danger.
Plus, Qubes offers a nice layer of protection from hackers by running the network stack and WiFi drivers in a dedicated network VM (called “NetVM”) that has no privileges.
What’s more, Qubes comes with a ready-to-go firewall, and it lets you set up disposable VMs, where you can safely open risky applications, links, and attachments.
Also, the distro uses full disk encryption by default, and it enforces hardware threat minimization by making sure VMs don’t get microphone support by default.
But like Tails, Qubes isn’t extremely user-friendly. If you don’t have a lot of Linux experience, it can be a bit difficult to set up.
On the plus side, Qubes uses color-coded windows to help you keep track of VMs.
A bit more user-friendly than Tails and Qubes, Whonix is a Debian-based OS whose configuration allows it to run inside a VM.
Any connection going to the web from the Whonix VM will use the Tor protocol. So, you get to automatically use top-notch encryption to secure your traffic and data. Not to mention you mask your geo-location, and won’t be at risk of suffering IP and DNS leaks.
One thing you’ll like about Whonix (besides that it’s easy to use) is that it can run inside other operating systems like Windows, macOS, and even Linux. In fact, you can actually run Whonix inside Qubes if you want.
The only problems you might have with Whonix are its system requirements, which can be a bit high.
Discrete Linux (Previously Ubuntu Privacy Remix)
Discrete Linux is a Debian-based distro that you can use in Live Mode with a CD, DVD, USB stick, or any other storage device.
Since Discrete Linux is read-only, your system will reset after every reboot. That means nobody can track what you do on the distro – not even if they somehow install surveillance software on your device.
And one of the best things about Discrete Linux is how user-friendly it is. You don’t need tons of tech skills to be able to use it.
Ipredia is a Fedora-based distro which you can either install to your hard drive, or just run in live mode. Also, it handles anonymity a bit differently.
Well, instead of using the Tor network to secure connections, it relies on the I2P network.
In theory, the I2P’s network way of securing data with a one-directional encryption tunnel should make traffic less likely to fall pretty to government surveillance than if the distro were to use Tor.
However, the main drawback is how inconvenient the distro is when it comes to web access. IprediaOS can only securely access eepsites (basically, websites that use the .i2p extension). You can’t use the distro to safely connect to normal websites.
On the other hand, if you do use eepsites, you’ll really enjoy anonymous browsing since nobody will be able to trace your connections. After all, eepsites are hosted anonymously, and you can’t normally see their IP addresses.
So, IprediaOS can be a good choice if you want to torrent files, send emails, or access I2P websites without anyone knowing.
Other Tips for Boosting Linux Privacy
It goes without saying you should always keep the distro you use up-to-date to make sure you won’t be caught off guard by potential security vulnerabilities.
You should also turn on Linux’s firewall. It’s called “iptables,” and it’s an efficient way to keep malicious network traffic at bay. Installing a reliable antivirus/anti-malware program would be a good idea too.
Also, you should use full disk encryption, avoid using the admin account for day-to-day activities, secure your browser with extensions like uBlock Origin and uMatrix, and turn off any listening services you don’t need.
Lastly, Linux users who are dedicated to privacy should really invest in a VPN. Follow that link to find out what the best VPNs for Linux are.