Windows refugee here. I’m planning to move to Linux Mint but want to make sure I don’t do something stupid, as I’m unfamiliar with the Linux operating system.
I found this link with 10 tips to secure Mint.
Is this a good list? Anything else I should do to secure a Mint install?
Thanks for helping a noob!
The link definitely provides some good info. It’s better than nothing. However, it may or may not fall short based on how secure you’d like to make your system.
What is it you’re trying to protect and from whom? Whenever the topic of security comes up, one simply can’t engage meaningfully without mentioning a threat model.
In this case, I’ll assume you’re just your average Joe. And, depending on how you engage with your system, Linux Mint might be fit from the get-go. However, if you actively engage in downloading random jank from the internet and have ‘survived’ with the help of Microsoft Defender Antivirus, then you should know that a safety net as such doesn’t exist over on this side. Sure, security through obscurity might save your ass a couple of times. But it’s inevitably a losing battle.
So, without knowing your threat model, note the following important advice that the article somehow hasn’t touched upon:
Thanks for the reply. I’m fairy average Joe. I’ll mainly use this machine for downloading files and general browsing. I don’t have any personal files or accounts on that device.
I’m mainly concerned with neglecting to enable (or disabling) something critical or accidentally downloading something malicious (although this hasn’t happened for many many years).
Thanks for the clarification!
If you trust both the source and the file, then downloading by itself shouldn’t constitute a problem. Supply-chain attacks are still possible, but that’s a hard problem to solve anyways. I suppose I’d only trust Qubes OS to handle that gracefully.
For general browsing, GrapheneOS-folk would advice against Firefox(-based browsers). Instead, they’d recommend (something based on) Chromium. Personally, I do follow that advice. But I understand if you’d like to stick to Firefox(-based browsers).
Coming back to Linux Mint, I won’t go over my (personal) qualms with the security model of the distros it’s based on. But as Linux Mint offers one of the best onboarding experiences, it would be a disservice to lead you elsewhere. Become comfortable with Linux through it. And, perhaps one day, if you feel like venturing elsewhere, you can try out distros that offer better security. Thankfully, Linux Mint’s OOTB security should be sufficient until then.
As for the article, everything except for the fourth recommendation is a W. Utilizing ClamAV could be cool, but it’s based on a very naive understanding. You wouldn’t want an untrusted file on your system in the first place. Obviously, a lot more mileage[1] is possible. But one has to learn to walk before they can run 😉.
Thank you for your advice. I will take it. As a beginner, I’ll start with Mint.
Would your reccomend any other secure distro for the future?