Has anyone here used this? I've only just heard about it. Am downloading the alpha ISO now and will take a look.
https://subgraph.com/index.en.html
https://distrowatch.com/table.php?distribution=subgraph
Subgraph - Tails-like Debian-based OS
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Subgraph - Tails-like Debian-based OS
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Subgraph - Tails-like Debian-based OS
I'd try it in a VM first if I were you. A couple of thoughts though ...
I had a look and there's no support forum I can find. I don't kinow of any of these 'hardened' distros that are even remotely noob friendly. They'll need a very good forum.
Though knowledgeable users are not likely to want to install a distro that only comes in an alpha release. No one I know who knows Linux/unix would install a beta release (let alone alpha) unless they were forced to.
And from their site: "By default policy, Subgraph OS will restrict the communication of applications so that they use the Tor network exclusively, obfuscating the endpoint's physical origin.". Well, guess what. Tor is quite hacked. So big frakkin' deal there.
If you want security it's best to use tools you understand.
I had a look and there's no support forum I can find. I don't kinow of any of these 'hardened' distros that are even remotely noob friendly. They'll need a very good forum.
Though knowledgeable users are not likely to want to install a distro that only comes in an alpha release. No one I know who knows Linux/unix would install a beta release (let alone alpha) unless they were forced to.
And from their site: "By default policy, Subgraph OS will restrict the communication of applications so that they use the Tor network exclusively, obfuscating the endpoint's physical origin.". Well, guess what. Tor is quite hacked. So big frakkin' deal there.
If you want security it's best to use tools you understand.
For every complex problem there is an answer that is clear, simple, and wrong - H. L. Mencken
- Fred Barclay
- Level 12
- Posts: 4185
- Joined: Sat Sep 13, 2014 11:12 am
- Location: USA primarily
Re: Subgraph - Tails-like Debian-based OS
Do we know that for sure?Hoser Rob wrote:Well, guess what. Tor is quite hacked.
(In other words... references, please. )
Re: Subgraph - Tails-like Debian-based OS
Really ?Hoser Rob wrote: No one I know who knows Linux/unix would install a beta release (let alone alpha) unless they were forced to.
I know a lot of friends who can try alpha releases, or install Beta. Or use Debian Sid or...
Other than this, I know this distro since a few months, and it looks promising.
Re: Subgraph - Tails-like Debian-based OS
https://arstechnica.com/tech-policy/201 ... -fbi-hack/Fred Barclay wrote:...
(In other words... references, please. )
https://www.lawfareblog.com/judicial-fr ... techniques
could be some?
- Fred Barclay
- Level 12
- Posts: 4185
- Joined: Sat Sep 13, 2014 11:12 am
- Location: USA primarily
Re: Subgraph - Tails-like Debian-based OS
Ah, yes. To the best of my knowledge, the malware used in this case was a Adobe Flash exploit. That's not a Tor hack, it's a vulnerability of a closed-source, bug-infested technology.aes2011 wrote: https://arstechnica.com/tech-policy/201 ... -fbi-hack/
https://www.lawfareblog.com/judicial-fr ... techniques
could be some?
(And may I just say, "Good riddance!" that those criminals were caught. Disgusting isn't a strong enough word for what they were doing.)
Re: Subgraph - Tails-like Debian-based OS
Speaking of TOR: http://www.phoronix.com/scan.php?page=n ... ry-Bogatov
OP, what's your experience so far?
I wish they didn't include LibreOffice.
OP, what's your experience so far?
I wish they didn't include LibreOffice.
Re: Subgraph - Tails-like Debian-based OS
Re Tor
Yes , a small number of exit nodes have been compromised , and there is probably no real way to prevent that ,
but it doesn't mean that Tor as a whole is useless.
The main problem I see with Tor is not the implementation so much as the very bad press it has got .
Sensationalist journalism and click-bait headlines are now automatically connecting it's use with terrorists ,
Silk Road clones , pedophiles and cyber-criminals .
So I think it is a bad idea to have your ISP seeing Tor being used , and they WILL see it , unless it is through a VPN.
Re Subgraph
I've been running it in Virtual Box / Mint17.3 for a year or so , and I'm impressed with it .... so far as it goes .
Progress has been slow , which is disappointing because the model shows much promise .
I've done my best to break it , compromise it , find leaks etc , but I'm not going to trust it for something
as sensitive as banking . There is a lot more work needed .
BTW - I'm also running Whonix and Qubes for long term testing , and both of those also run Tor by default ,
and they are mighty secure systems !
But the same rules apply for me .... I just don't want them visible to my ISP .
Yes , a small number of exit nodes have been compromised , and there is probably no real way to prevent that ,
but it doesn't mean that Tor as a whole is useless.
The main problem I see with Tor is not the implementation so much as the very bad press it has got .
Sensationalist journalism and click-bait headlines are now automatically connecting it's use with terrorists ,
Silk Road clones , pedophiles and cyber-criminals .
So I think it is a bad idea to have your ISP seeing Tor being used , and they WILL see it , unless it is through a VPN.
Re Subgraph
I've been running it in Virtual Box / Mint17.3 for a year or so , and I'm impressed with it .... so far as it goes .
Progress has been slow , which is disappointing because the model shows much promise .
I've done my best to break it , compromise it , find leaks etc , but I'm not going to trust it for something
as sensitive as banking . There is a lot more work needed .
BTW - I'm also running Whonix and Qubes for long term testing , and both of those also run Tor by default ,
and they are mighty secure systems !
But the same rules apply for me .... I just don't want them visible to my ISP .
Re: Subgraph - Tails-like Debian-based OS
Reading this thread got me looking for more up-to-date info on Tor security issues , and this is the most recent thing I could findFred Barclay wrote:Do we know that for sure?Hoser Rob wrote:Well, guess what. Tor is quite hacked.
(In other words... references, please. )
https://www.theregister.co.uk/2016/11/3 ... _in_works/
and it's not much of an issue for your "average " Tor user .... whatever that is