Endless os security

ANANIAS · 9 February 2021 21:40

How secure is the endless number of hacker or virus invasions?
I recently hired an internet network, what is the chance of them discovering my data through their internet supply, or of hackers breaking into my computer through the IP that the internet provides?

ramcq · 10 February 2021 09:44

Hi @ANANIAS - nothing is perfect when it comes to computer security, but Endless OS tries to be cautious. The OS is based on Debian which has a pro-active and well-respected security team, and we have an automatic process to import their security updates, making these releases roughly monthly or quicker when there are high impact issues detected and fixed by the open source community. OS updates are signed by Endless and verified before installation.

The most important parts of the OS regarding security are where the OS makes or accepts connections to the internet - by default there are no services open to the network on an Endless machine apart from a service called Avahi for local name resolution, and scanning your local network for available printers. The browser is of course the most complex and risky part of connecting out to the internet, and the key here is to keep it up to date as any issues are discovered and fixed.

We’ve recently separated Chromium out from the OS so that it can be updated more quickly on Flathub without waiting for an OS release.

Long story short - if you keep on top of OS and app updates, I would be relatively comfortable with the security of the default setup of Endless OS on the internet.

Cheers,
Rob

egrath · 10 February 2021 16:28

Two more things worth to mention which contribute to the overall security of Endless OS:

Most of the applications in Endless OS are running in a Sandbox with the bare minimum permissions needed to run, so even if you run a malicous application by accident (like when the upstream flatpak got compromised), chances are good that the sandbox will prevent much damage
The entire Operating System is stored on a Read-Only mounted filesystem, so no malicious application can easily manifest itself into the system, even with root-privileges.

Having used and developed for many different Systems over the past decades, i personally would rate EOS as the (out of the Box) most secure Operating System for doing regular stuff (Browsing, Writing, …)

system · 10 March 2021 11:03

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.