You are not logged in.

#1 2020-08-08 21:00

john_asparagus
Member
Registered: 2020-08-08
Posts: 1

How is Q4OS on the security front?

Hi all,

I'm considering installing Linux on my rig, but I want something that's secure, where I wouldn't have to worry about doing online banking or buying things on Amazon or Steam for instance.
At the moment I'm torn between Ubuntu MATE or Q4OS.
I like Q4OS because it runs lighter from what I've tried, however I don't know what it's like on the security end.
I remember reading that TDE is inherently non-secure because it uses an outdated network stack.
Has anyone ever had an issue with security using Q4OS?

Thanks.

Offline

#2 2020-12-05 19:34

Cheker
Member
From: Portugal
Registered: 2020-12-05
Posts: 16

Re: How is Q4OS on the security front?

Bumping for interest. Upon investigation, I found a reddit post from a year ago saying TDE's network stack hasn't been updated in a decade. It would be cool if someone more knowledgeable could drop by and enlighten us further.

Offline

#3 2020-12-05 22:47

wove
Member
From: Minnesota
Registered: 2019-12-31
Posts: 67

Re: How is Q4OS on the security front?

There are seven layers in networking. These seven layers are defined by standards organizations and referred to as network protocols. The network stack on a computer system is the software implementation of these protocols. A system's network stack only implements the protocols necessary for use by the system and it is rare for any system to have a full implementation of protocols.

The defined protocols rarely change and even more rarely change in a way that would break anything. A system's network stack would only need to be changed, if the protocols change. A more efficient network stack is written, but that would be a drop in replacement and using the older stack would still work. Also changes in system architecture could require a new software stack. And of course a network stack would need to be updated if vulnerabilities are uncovered.

The network stack is a very low level abstraction. Changing your wireless card from using "g" to using "n" would require a new driver for the new card to communicate with the network stack, but does not require a change in the network stack. An email provider starting to use "tsl" encryption will require an update to the email client to work with "tsl". The network stack simply passes data and does not care if it is encrypted or not.

So if the network stack is audited for security, compiles with no error against your current system and works with robust reliability there is no reason it needs to be updated.

bill

Offline

Board footer

Powered by FluxBB