Would you agree with this! How secure is linux

In almost every way I would agree ?
In windows we are asked to make sure we secure yet in linux we do not need too ?
Yet we do?
So what is the best way to secure linux


To make sure you don’t also have WinDOSE installed. :rofl: :rofl: :rofl:


I agree so whats the best way to secure linux?

1 Like

Disconnect it from the network.

But seriously, there is no universal answer here. You have to start by analyzing what risks you are concerned about. Then determine how to mitigate those risks.

There are a few things I would say almost everyone should do:

  • Don’t run services or applications you don’t need/use
  • Ensure you have a local firewall installed and configured(It is a myth that you don’t need a local firewall if you have a network firewall. They serve different purposes)
  • Be careful with your actions when using your machine. i.e. What you click on, what you allow elevated privs to, etc

Would there be a post install quick user guide on check/enhance one's security?
Like ensuring that a firewall is installed/configured properly etc?

1 Like

There are some points I agree with and some that I disagree. He says that he would pick mac and windows over archlinux any day of his life for he finds them more secure. I don't know about mac but windows for sure contains pre-installed bloat that is malware in itself like mcafee and then the list goes on with hardcoded telemetry, privacy hacks, built in ads (who doesn't want ads while computing :smile: ) and stuff like that. Like cmon we have an actual project dedicated to provide an working windows ISO with all that stuff removed and the guy thinks that windows is more secure than any linux distro. :saluting_face:

I would have agreed with him if he had said that no distro is completely secure and that you need to take steps to secure it. But the guy was just for some reason against arch. As if ubuntu comes with firewall pre-enabled. Or windows even needs a password to run any software on it's system.

Well for the things I do to make my distro more secure, just follow the garuda wiki. :smile:

  • Set up DNS service as cloudflare
  • hblock enabled
  • firewall setup to block everything except ssh ports with even those ports have limited incoming

Just he paranoid that the government is up your behind like every Linux user and you’ll work out what security you need even if it borders on irrational paranoia.


I feel like we are mixing privacy and security here. While there is overlap, they aren't the same thing.


I see. I guess I need to learn more. :smile: thanks for telling me.


I think this person’s attempt to sound knowledgeable about Arch has backfired somewhat.

“I would take Mac or Windows over a stock Arch implementation any day of the week. Arch is extremely insecure by default. Most times they don’t even have App Armor installed.”

“Most times they don’t even have App Armor installed”?! :face_with_raised_eyebrow: While this is technically true, the stock Arch installation includes almost nothing by default. Not even a basic text editor is installed by default. Out of the box, it is not a ready-to-use system like MacOS or Windows.

Arch is meant to be built up by the user with whatever applications and configurations are needed or desired. Being critical of the applications that are not installed by default is missing the point somewhat. Ultimately it is up to user choice how secure or insecure an Arch installation will be.


Another attempt to generate more clicks. Clickbait. Which he succeeded in doing.

The clueless face he displays seems to fit his knowledge perfectly. :grimacing:

That alone keeps me from watching it.


I mean he has a point with arch stock not having a firewall or anything security related installed, but that's the point, isn't it?

I think fedora, unbunt and others are bonkers when it comes to security

1 Like

He does? What is the point? A stock Arch installation does not even have a bootloader installed.

In the case of Arch, the absence of software installed by default is representative of user choice. If someone wants to use a firewall then they can install it along with the other packages they will need.


I’m sorry but anyone finding WinBLOWS more secure has no clue what they are doing on any OS.


Actually they are cause they go hand in hand.

Windows and macOS are closed source code so anyone who says "this or that" about them are full of shit since it's from a place of ignorance. Since I know for a fact that very evil people at the top of these mega corporations, etc run them then I assume the worst (spyware, backdoors, etc).

Me? I choose the light standing outside of ignorance, I choose FOSS.


Arch Linux--and Windows, MacOS--virtually all operating systems, are only as security-minded as the user. Leave it at that. The tools are there to be used.


If you run everything as root and open all your ports, you'll achieve maximum security :slight_smile: :+1:

Jokes aside, +1 to Bro :smiley:
The general Linux user is also more likely to be more cautious with what they do compared to the Windows guy running everything as admin because lol why not. Windows doesn't even prompt for a password unless it's an enterprise system or something, which makes it that bit easier to get something bad. Having a password prompt at the very least makes you reconsider, even for a millisecond, whether it's a good thing to do.

It's also a bit of a "Do you know what you're doing?" situation, because the newer to the scene a user is, the more likely they'll go for something like Fedora that will have better security out of the box.
Speaking of which, does Manjaro do good security out of the box? It's arch-based after all.
Maybe that's a question for another day :thinking:


Stock Arch is, next to LFS and Gentoo, at the same time the most secure and least secure system there is.

Somewhat of a Schrödinger's Operating System, if you will.


There were some unfortunate comments made in that video that are not exactly accurate or understood.

However, the core message of the video though is an important one. Linux isn't magically secure by default like some people think. It isn't even more secure that other OSes for the most part. Basically, it is as secure as you(and the distro you are using) makes it.