|
|
|
|
|
|
by LinuxBender
1096 days ago
|
|
|
Do you mean trustworthy in terms of the developers not being compromized by state actors, or do you mean in terms of security model and design? In terms of security model it uses Xen to virtualize VM's and the default network isolation is decent enough for most people wanting network segmentation. The system administrator can either open up or further lock down the networking and firewall(s) to change how restricted VM's are from one another or the internet or the local networks. Their default implementation assumes that one may want to use a ram-only stateless or ephemeral OS to access Tor and another VM that can only talk to the Tor VM to a specific IP/port to prevent leakage. For other security scenarios people would have to create their own firewall rules and networking so that learning exercise would be on each person. In terms of state actors there is really no way to answer that for any distribution as developers can be compelled into silence through assorted fear inducing tactics and lawful intercept can be a series of subtle design weaknesses that would not be spotted by the best external developers. These subtle design weaknesses can be a combination of OS libraries, combinations of hidden CPU registers and known x86 works as designed flaws. |
|
|
There are products like encrypted phones. They are advertised as secure locked down devices designed for people who have high security requirements. They attract crooks and thus law enforcement that compromise their servers. This can go unnoticed for decades.
Of course this risk is there for any distribution, but we can compare one distribution with another.