I have written a PDF Guide: "Security, Privacy and Anonymity in Linux Mint".
Revision 26, dated from 2024-03-21, is online (160 pages, 5.3 MB)
You can download it and use it for free.
It is distributed under Creative Commons license, Attribution-NonCommercial 4.0 International (CC BY-NC 4.0), see: https://creativecommons.org/licenses/by-nc/4.0/.
List of changes:
Revision 26 changes: added to 4.7 "Safe Browsing" protection against JavaScript and CSS attacks; added a NB after DNS over TLS in 4.11; typos and minor corrections.
Revision 25 changes: updated 4.14 (Install Language Tool Server) and Annex 5 (How to Enable Ubuntu Pro on Linux Mint)
Revision 24 changes: added secure file delete in 4.1; added a workaround for LanguageTool extensions 8.3.0 bug in 4.14; added "Just Verify It" extension for Thunderbird in 5.1; small corrections and typos.
Revision 23 changes: added a new distant security attack and its prevention "Protect your LAN against wireless intrusions"; minor changes in Annex 10, updated Table of Contents and correspondence matrix.
Revision 22 changes: take into account of Proton VPN GUI 4.1.0.
Revision 21 changes: take into account of Proton VPN GUI 4.0.0 and add of its flatpak version, in Annex 10; minor additions in §5.2.
Revision 20 changes: minor corrections and additions in 4.11, 4.12, 5.1; typos.
Revision 19 changes: updated "5.1 Malware and viruses detection", some more blue internal links, minor corrections, typos.
Revision 18 changes: in Annex 10, added troubleshooting; some minor changes in 5.1; internal links are now blue and underscored; typos.
Revision 17 changes: in Annex 10, added tests results (DNS check, DNS leak, WebRTC leak).
Revision 16 changes: in Annex 10, completed uninstallation procedure.
Revision 15 changes: added Annex 10: Install and Set Up Free Proton VPN.
Revision 14 changes: added installation and documentation links for I2P and Freenet in "Stay anonymous".
Revision 13 changes: added LanguageTool extension for browsers and Thunderbird settings in "Install LanguageTool local server"; completed ClamAV unofficial signatures in "Malware and viruses detection"; typos, grammar.
Revision 12 changes: added a new local security threat and the corresponding prevention mean; completed "Malware and viruses detection" with Clamav detection rate increase, using unofficial signatures.
Revision 11 changes: in "Reduce what your ISP can know", added Proton VPN; in "Protect yourself from spam", added disposable e-mail addresses; in " Stay anonymous", added Anonymous mail; in "Proposed minimum backup and restore strategy", added comments about Timeshift.
Revision 10 changes: in "Safe Browsing", added Fingerprinting protection, Web RTC Leak and Testing.
Revision 9 changes: complements about Timeshift in "Proposed minimum backup and restore strategy", typos, small corrections.
Revision 8 changes: text formatting, added a "Threats / Prevention means correspondence matrix".
Revision 7 changes: completely rewritten "DNS over TLS" in "Reduce what your ISP can know", better and simpler method.
Revision 6 changes: in "Reduce what your ISP can know", added DNS over TLS, and complements in DNS over HTTPS; complements in "Annex 8: Mullvad Browser Flatpak on Tor Network, a Secure Alternative to Tor Browser"; improved text formatting; typos and small corrections.
Revision 5 changes: in "Use a firewall", added a comment about peer-to-peer software; in "Firejail", added tests of VMware Workstation Player and Firefox, and added recommendations; in "Don't use Wine or Mono to run Windows programs", added recommendations about virtual machine securing; typos and small corrections.
Revision 4 changes: in "Safe Browsing" changed the hosts update script to let ownership to root; in "Annex 8: Mullvad Browser Flatpak on Tor Network, a Secure Alternative to Tor Browser", added a paragraph on tor security; typos and small corrections.
Revision 3 changes: added "Avoid to have your personal data stolen", AppArmor complements and corrections.
Revision 2 changes: added AppArmor and Systemd sandboxing; small corrections, typos, and English grammar polishing.
Download link from my Google Drive:
https://drive.google.com/uc?export=down ... ZwlvnvXgMW.
Download link from my personal website:
[hosted by IONOS, servers in Germany, no ad, no malware, possible logging of your IP address by the service provider]
https://nallino.net/stockage/security/L ... curity.pdf.
It is also available from archive.org:
[new revisions may appear a bit later on archive.org]
https://archive.org/details/linux-mint-security
Privacy:
Privacy protection is addressed in the guide. But, before to download it, you can't apply the guide recommendations...
That's why I advise to use Tor Browser, https://www.torproject.org/download/, to download the guide from any of the three links with anonymity and good privacy, to avoid being tracked during this download.
Document hashes (using GtkHash):
Code: Select all
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRTzGp+mYMDnyzU4tr+LoXO6oGV4AUCZfxcvQAKCRD+LoXO6oGV
4EqQAP9ni7Kng/MC1aXLOnuA7JU6UnvyM1C5kcDxZvIKkqxXMgD/WnMdslAXmylR
MeCiwF3ykBUfb+VPQc9lezraY75fLQo=
=P3Rs
-----END PGP SIGNATURE-----
Code: Select all
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZGtgqhYJKwYBBAHaRw8BAQdAyGMXTq2v4VKXrzKhxKR/Tpq3f9LPnQ88uSai
hbcjqDW0I01pY2hlbCBOQUxMSU5PIDxtaWNoZWxAbmFsbGluby5uZXQ+iJkEExYK
AEEWIQRTzGp+mYMDnyzU4tr+LoXO6oGV4AUCZGtgqgIbAwUJA8OU9gULCQgHAgIi
AgYVCgkICwIEFgIDAQIeBwIXgAAKCRD+LoXO6oGV4JLEAQCYZPht3cFpSnhfJrfe
5Z1uP9E+3xq4kCnjgHRbbuFlfQEAt/9RZqXmkDFWIAlXAcn7YL9KUrsXswL1JQ5w
m8Hc+A+4OARka2CqEgorBgEEAZdVAQUBAQdAbOSfFPQiRLYmkI2gE+4X7ScoRe8w
nvdWcL8Klu+/NEADAQgHiH4EGBYKACYWIQRTzGp+mYMDnyzU4tr+LoXO6oGV4AUC
ZGtgqgIbDAUJA8OU9gAKCRD+LoXO6oGV4AlqAQCUeks96SnIRwa65GRE5E44zefK
o7P5A0YM9kJTMXKG7wD6AtzTLdYBWxonOENQZjR0MjANM6RfO4yUWBaB1F33Yww=
=4iOH
-----END PGP PUBLIC KEY BLOCK-----
https://www.virustotal.com/gui/file/897 ... ?nocache=1.
Use of this guide:
It contains a list of threats; if you feel concerned by a threat, you can find in the correspondence matrix, at the end of the guide, the corresponding prevention means.
[If you are a physician, a lawyer, a journalist, a small company, an activist, a whistleblower, or a cryptocurrencies owner you may feel concerned by all threats!]
Table of Contents:
Feel free to comment, to improve next revision.Table of Contents
1. Introduction
2. Ubuntu Main Security Features
3. Threats List
3.1 Local security attacks, needing physical access to computer
3.2 Distant security attacks
3.3 Various security threats
3.4 Privacy threats
3.5 Anonymity threat
4. Prevention
4.1 Protect the access to your computer
4.2 Update your system
4.3 Increase your system intrinsic security with Ubuntu Pro
4.4 Use trusted sources
4.5 Use a firewall
4.6 Sandbox your applications
Flatpak
Snap
Firejail
AppArmor
Systemd sandboxing
4.7 Safe browsing
4.8 Be careful with downloaded files or attachments
4.9 Don't use Wine or Mono to run Windows programs
4.10 Set your system security
4.11 Reduce what your ISP can know
4.12 Protect your mails
4.13 Protect yourself from spam
4.14 Install LanguageTool local server
4.15 Use local translation programs
4.16 Avoid to have your personal data stolen
4.17 Stay anonymous
4.18 Protect your LAN against wireless intrusions
5. Detection
5.1 Malware and viruses detection
5.2 Intrusion detection
6. Pre-Established Arrangements
6.1 Elaborate a recover strategy
6.2 Backup and restore strategy
6.3 Proposed minimum backup and restore strategy
Annex 1: Launching Commands and GUI Applications with Superuser Rights
Annex 2: Password Protect your GRUB Menu
Annex 3: Password Selection
Annex 4: Encryption
Annex 5: How to Enable Ubuntu Pro on Linux Mint
Annex 6: Flatpak Tutorial
Annex 7: Multiboot
Annex 8: Mullvad Browser Flatpak on Tor Network, a Secure Alternative to Tor Browser
Annex 9: Tripwire Tutorial
Annex 10: Install and Set Up Free Proton VPN
Threats / Prevention means correspondence matrix
Regards,
MN
PS: Please avoid to open side discussions, this is the Tutorials forum, not a chat one.
