privacyguides/privacyguides.org
1
1
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2026-05-25 12:51:25 +00:00
Code Issues Activity

feat!: Separate full list of tools into new page

Browse Source
This commit is contained in:
Jonah Aragon
2026-05-08 22:44:19 -05:00
parent 6057ce2121
commit 2a2aabe9dc
67 changed files with 401 additions and 703 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/tools/os/_index.md
+4
View File
@@ -0,0 +1,4 @@
---
title: Operating Systems
weight: 60
---
content/tools/os/android/_index.md
+69
View File
@@ -0,0 +1,69 @@
---
title: "Android"
description: Our advice for replacing privacy-invasive default Android features with private and secure alternatives.
icon: 'simple/android'
cover: android.webp
schema:
-
"@context": http://schema.org
"@type": WebPage
name: Android Recommendations
url: "./"
-
"@context": http://schema.org
"@type": CreativeWork
name: Android
image: /assets/img/android/android.svg
url: https://source.android.com/
sameAs: https://en.wikipedia.org/wiki/Android_(operating_system)
---
![Android logo](../assets/img/android/android.svg){ align=right }
The **Android Open Source Project** (AOSP) is an open-source mobile operating system led by Google which powers the majority of the world's mobile devices. Most phones sold with Android are modified to include invasive integrations and apps such as Google Play Services, so you can significantly improve your privacy on your mobile device by replacing your phone's default installation with a version of Android without these invasive features.
[General Android Overview :material-arrow-right-drop-circle:](../os/android-overview.md){ .md-button .md-button--primary }
## Our Advice
### Replace Google Services
There are many methods of obtaining apps on Android while avoiding Google Play. Whenever possible, try using one of these methods before getting your apps from non-private sources:
[Obtaining Applications :material-arrow-right-drop-circle:](obtaining-apps.md){ .md-button }
There are also many private alternatives to the apps that come pre-installed on your phone, such as the camera app. Besides the Android apps we recommend throughout this site in general, we've created a list of system utilities specific to Android which you might find useful.
[General App Recommendations :material-arrow-right-drop-circle:](general-apps.md){ .md-button }
### Install a Custom Distribution
When you buy an Android phone, the default operating system comes bundled with apps and functionality that are not part of the Android Open Source Project. Many of these apps—even apps like the dialer which provide basic system functionality—require invasive integrations with Google Play Services, which in turn asks for privileges to access your files, contacts storage, call logs, SMS messages, location, camera, microphone, and numerous other things on your device in order for those basic system apps and many other apps to function in the first place. Frameworks like Google Play Services increase the attack surface of your device and are the source of various privacy concerns with Android.
This problem could be solved by using an alternative Android distribution, commonly known as a *custom ROM*, that does not come with such invasive integration. Unfortunately, many custom Android distributions often violate the Android security model by not supporting critical security features such as AVB, rollback protection, firmware updates, and so on. Some distributions also ship [`userdebug`](https://source.android.com/setup/build/building#choose-a-target) builds which expose root via [ADB](https://developer.android.com/studio/command-line/adb) and require [more permissive](https://github.com/LineageOS/android_system_sepolicy/search?q=userdebug&type=code) SELinux policies to accommodate debugging features, resulting in a further increased attack surface and weakened security model.
Ideally, when choosing a custom Android distribution, you should make sure that it upholds the Android security model. At the very least, the distribution should have production builds, support for AVB, rollback protection, timely firmware and operating system updates, and SELinux in [enforcing mode](https://source.android.com/security/selinux/concepts#enforcement_levels). All of our recommended Android distributions satisfy these criteria:
[Recommended Distributions :material-arrow-right-drop-circle:](distributions.md){ .md-button }
### Avoid Root
[Rooting](https://en.wikipedia.org/wiki/Rooting_(Android)) Android phones can decrease security significantly as it weakens the complete [Android security model](https://en.wikipedia.org/wiki/Android_(operating_system)#Security_and_privacy). This can decrease privacy should there be an exploit that is assisted by the decreased security. Common rooting methods involve directly tampering with the boot partition, making it impossible to perform successful Verified Boot. Apps that require root will also modify the system partition, meaning that Verified Boot would have to remain disabled. Having root exposed directly in the user interface also increases the attack surface of your device and may assist in [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) vulnerabilities and SELinux policy bypasses.
Content blockers which modify the [hosts file](https://en.wikipedia.org/wiki/Hosts_(file)) (like AdAway) and firewalls which require root access persistently (like AFWall+) are dangerous and should not be used. They are also not the correct way to solve their intended purposes. For content blocking, we suggest encrypted [DNS](../dns.md) or content blocking functionality provided by a VPN instead. TrackerControl and AdAway in non-root mode will take up the VPN slot (by using a local loopback VPN), preventing you from using privacy-enhancing services such as [Orbot](../alternative-networks.md#orbot) or a [real VPN provider](../vpn.md).
AFWall+ works based on the [packet filtering](https://en.wikipedia.org/wiki/Firewall_(computing)#Packet_filter) approach and may be bypassable in some situations.
We do not believe that the security sacrifices made by rooting a phone are worth the questionable privacy benefits of those apps.
### Install Updates Regularly
It's important to not use an [end-of-life](https://endoflife.date/android) version of Android. Newer versions of Android receive not only security updates for the operating system but also important privacy enhancing updates too.
For example, [prior to Android 10](https://developer.android.com/about/versions/10/privacy/changes) any apps with the [`READ_PHONE_STATE`](https://developer.android.com/reference/android/Manifest.permission#READ_PHONE_STATE) permission could access sensitive and unique serial numbers of your phone such as [IMEI](https://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity), [MEID](https://en.wikipedia.org/wiki/Mobile_equipment_identifier), or your SIM card's [IMSI](https://en.wikipedia.org/wiki/International_mobile_subscriber_identity); whereas now they must be system apps to do so. System apps are only provided by the OEM or Android distribution.
### Use Built-in Sharing Features
You can avoid giving many apps permission to access your media with Android's built-in sharing features. Many applications allow you to "share" a file with them for media upload.
For example, if you want to post a picture to Discord you can open your file manager or gallery and share that picture with the Discord app, instead of granting Discord full access to your media and photos.
content/tools/os/android/android.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="-147 -70 294 345"><g fill="#a4c639"><use stroke="#FFF" stroke-width="14.4" xlink:href="#b"/><use transform="scale(-1,1)" xlink:href="#a"/><g id="a" stroke="#FFF" stroke-width="7.2"><rect width="13" height="86" x="14" y="-86" rx="6.5" transform="rotate(29)"/><rect id="c" width="48" height="133" x="-143" y="41" rx="24"/><use x="85" y="97" xlink:href="#c"/></g><g id="b"><ellipse cy="41" rx="91" ry="84"/><rect width="182" height="182" x="-91" y="20" rx="22"/></g></g><g fill="#FFF" stroke="#FFF" stroke-width="7.2"><path d="m-95 44.5h190"/><circle cx="-42" r="4"/><circle cx="42" r="4"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 689 B

content/tools/os/android/aurora-store.webp
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 17 KiB

content/tools/os/android/distributions.md
+79
View File
@@ -0,0 +1,79 @@
---
meta_title: "The Best Android Operating Systems - Privacy Guides"
title: Alternative Distributions
description: You can replace the operating system on your Android phone with these secure and privacy-respecting alternatives.
schema:
-
"@context": http://schema.org
"@type": WebPage
name: Private Android Operating Systems
url: "./"
-
"@context": http://schema.org
"@type": CreativeWork
name: GrapheneOS
image: /assets/img/android/grapheneos.svg
url: https://grapheneos.org/
sameAs: https://en.wikipedia.org/wiki/GrapheneOS
subjectOf:
"@context": http://schema.org
"@type": WebPage
url: "./"
robots: nofollow, max-snippet:-1, max-image-preview:large
---
<small>Protects against the following threat(s):</small>
- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
A **custom Android-based operating system** (sometimes referred to as a **custom ROM**) can be a way to achieve a higher level of privacy and security on your device. This is in contrast to the "stock" version of Android which comes with your phone from the factory, and is often deeply integrated with Google Play Services as well as other vendor software.
We recommend installing GrapheneOS if you have a Google Pixel as it provides improved security hardening and additional privacy features. The reasons we don't list other operating systems or devices are as follows:
- They often have [weaker security](index.md#install-a-custom-distribution).
- Support is frequently dropped when the maintainer loses interest or upgrades their device, which is in contrast to the predictable [support cycle](https://grapheneos.org/faq#device-lifetime) that GrapheneOS follows.
- They generally have few or no notable privacy or security improvements that make installing them worthwhile.
## GrapheneOS
<div class="admonition recommendation" markdown>
![GrapheneOS logo](../assets/img/android/grapheneos.svg#only-light){ align=right }
![GrapheneOS logo](../assets/img/android/grapheneos-dark.svg#only-dark){ align=right }
**GrapheneOS** is the best choice when it comes to privacy and security.
GrapheneOS provides additional [security hardening](https://en.wikipedia.org/wiki/Hardening_(computing)) and privacy improvements. It has a [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc), network and sensor permissions, and various other [security features](https://grapheneos.org/features). GrapheneOS also comes with full firmware updates and signed builds, so verified boot is fully supported.
[:octicons-home-16: Homepage](https://grapheneos.org){ .md-button .md-button--primary }
[:octicons-eye-16:](https://grapheneos.org/faq#privacy-policy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://grapheneos.org/faq){ .card-link title="Documentation" }
[:octicons-code-16:](https://grapheneos.org/source){ .card-link title="Source Code" }
[:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title="Contribute" }
</div>
GrapheneOS supports [sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs Google Play Services fully sandboxed like any other regular app. This means you can take advantage of most Google Play Services, such as push notifications, while giving you full control over their permissions and access, and while containing them to a specific [work profile](../os/android-overview.md#work-profile) or [user profile](../os/android-overview.md#user-profiles) of your choice.
[Google Pixel phones](../mobile-phones.md#google-pixel) are the only devices that currently meet GrapheneOS's [hardware security requirements](https://grapheneos.org/faq#future-devices). The Pixel 8 and later support ARM's Memory Tagging Extension (MTE), a hardware security enhancement that drastically lowers the probability of exploits occurring through memory corruption bugs. GrapheneOS greatly expands the coverage of MTE on supported devices. Whereas the stock OS only allows you to opt in to a limited implementation of MTE via a developer option or Google's Advanced Protection Program, GrapheneOS features a more robust implementation of MTE by default in the system kernel, default system components, and their Vanadium web browser and its WebView.
GrapheneOS also provides a global toggle for enabling MTE on all user-installed apps at :gear: **Settings****Security & privacy****Exploit protection****Memory tagging****Enable by default**. The OS also features per-app toggles to opt out of MTE for apps which may crash due to compatibility issues.
### Connectivity Checks
By default, Android makes many network connections to Google to perform DNS connectivity checks, to sync with current network time, to check your network connectivity, and for many other background tasks. GrapheneOS replaces these with connections to servers operated by GrapheneOS and subject to their privacy policy. This hides information like your IP address [from Google](../basics/common-threats.md#privacy-from-service-providers), but means it is trivial for an admin on your network or ISP to see you are making connections to `grapheneos.network`, `grapheneos.org`, etc. and deduce what operating system you are using.
If you want to hide information like this from an adversary on your network or ISP, you **must** use a [trusted VPN](../vpn.md) in addition to changing the connectivity check setting to **Standard (Google)**. It can be found in :gear: **Settings****Network & internet****Internet connectivity checks**. This option allows you to connect to Google's servers for connectivity checks, which, alongside the usage of a VPN, helps you blend in with a larger pool of Android devices.
## Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](../about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
- Must be open-source software.
- Must support bootloader locking with custom AVB key support.
- Must receive major Android updates within 0-1 months of release.
- Must receive Android feature updates (minor version) within 0-14 days of release.
- Must receive regular security patches within 0-5 days of release.
- Must **not** be "rooted" out of the box.
- Must **not** enable Google Play Services by default.
- Must **not** require system modification to support Google Play Services.
content/tools/os/android/f-droid.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

content/tools/os/android/general-apps.md
+143
View File
@@ -0,0 +1,143 @@
---
title: "General Apps"
description: The apps listed here are Android-exclusive and specifically enhance or replace key system functionality.
schema:
-
"@context": http://schema.org
"@type": WebPage
name: General Android Apps
url: "./"
-
"@context": http://schema.org
"@type": MobileApplication
name: Shelter
applicationCategory: Utilities
operatingSystem: Android
-
"@context": http://schema.org
"@type": MobileApplication
name: Secure Camera
applicationCategory: Utilities
operatingSystem: Android
-
"@context": http://schema.org
"@type": MobileApplication
name: Secure PDF Viewer
applicationCategory: Utilities
operatingSystem: Android
robots: nofollow, max-snippet:-1, max-image-preview:large
---
<small>Protects against the following threat(s):</small>
- [:material-bug-outline: Passive Attacks](../basics/common-threats.md#security-and-privacy){ .pg-orange }
We recommend a wide variety of Android apps throughout this site. The apps listed here are Android-exclusive and specifically enhance or replace key system functionality.
### Shelter
If your device is on Android 15 or greater, we recommend using the native [Private Space](../os/android-overview.md#private-space) feature instead, which provides nearly the same functionality without needing to place trust in and grant powerful permissions to a third-party app.
<div class="admonition recommendation" markdown>
![Shelter logo](../assets/img/android/shelter.svg){ align=right }
**Shelter** is an app that helps you leverage Android's Work Profile functionality to isolate or duplicate apps on your device.
Shelter supports blocking contact search cross profiles and sharing files across profiles via the default file manager ([DocumentsUI](https://source.android.com/devices/architecture/modular-system/documentsui)).
[:octicons-repo-16: Repository](https://gitea.angry.im/PeterCxy/Shelter#shelter){ .md-button .md-button--primary }
[:octicons-code-16:](https://gitea.angry.im/PeterCxy/Shelter){ .card-link title="Source Code" }
[:octicons-heart-16:](https://patreon.com/PeterCxy){ .card-link title=Contribute }
</div>
<div class="admonition warning" markdown>
<p class="admonition-title">Warning</p>
When using Shelter, you are placing complete trust in its developer, as Shelter acts as a [Device Admin](https://developer.android.com/guide/topics/admin/device-admin) to create the Work Profile, and it has extensive access to the data stored within the Work Profile.
</div>
Shelter is recommended over [Insular](https://secure-system.gitlab.io/Insular) and [Island](https://github.com/oasisfeng/island) as it supports [contact search blocking](https://secure-system.gitlab.io/Insular/faq.html).
### Secure Camera
<small>Protects against the following threat(s):</small>
- [:material-account-search: Public Exposure](../basics/common-threats.md#limiting-public-information){ .pg-green }
<div class="admonition recommendation" markdown>
![Secure camera logo](../assets/img/android/secure_camera.svg#only-light){ align=right }
![Secure camera logo](../assets/img/android/secure_camera-dark.svg#only-dark){ align=right }
**Secure Camera** is a camera app focused on privacy and security which can capture images, videos, and QR codes. CameraX vendor extensions (Portrait, HDR, Night Sight, Face Retouch, and Auto) are also supported on available devices.
[:octicons-repo-16: Repository](https://github.com/GrapheneOS/Camera#readme){ .md-button .md-button--primary }
[:octicons-info-16:](https://grapheneos.org/usage#camera){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/GrapheneOS/Camera){ .card-link title="Source Code" }
[:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.grapheneos.camera.play)
- [:simple-github: GitHub](https://github.com/GrapheneOS/Camera/releases)
- [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
</details>
</div>
Main privacy features include:
- Auto removal of [Exif](https://en.wikipedia.org/wiki/Exif) metadata (enabled by default)
- Use of the new [Media](https://developer.android.com/training/data-storage/shared/media) API, therefore [storage permissions](https://developer.android.com/training/data-storage) are not required
- Microphone permission not required unless you want to record sound
<div class="admonition note" markdown>
<p class="admonition-title">Note</p>
Metadata is not currently deleted from video files, but that is planned.
The image orientation metadata is not deleted. If you enable location (in Secure Camera) that **won't** be deleted either. If you want to delete that later you will need to use an external app such as [ExifEraser](../data-redaction.md#exiferaser-android).
</div>
### Secure PDF Viewer
<small>Protects against the following threat(s):</small>
- [:material-target-account: Targeted Attacks](../basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }
<div class="admonition recommendation" markdown>
![Secure PDF Viewer logo](../assets/img/android/secure_pdf_viewer.svg#only-light){ align=right }
![Secure PDF Viewer logo](../assets/img/android/secure_pdf_viewer-dark.svg#only-dark){ align=right }
**Secure PDF Viewer** is a PDF viewer based on [pdf.js](https://en.wikipedia.org/wiki/PDF.js) that doesn't require any permissions. The PDF is fed into a [sandboxed](https://en.wikipedia.org/wiki/Sandbox_(software_development)) [WebView](https://developer.android.com/guide/webapps/webview). This means that it doesn't require permission directly to access content or files.
[Content-Security-Policy](https://en.wikipedia.org/wiki/Content_Security_Policy) is used to enforce that the JavaScript and styling properties within the WebView are entirely static content.
[:octicons-repo-16: Repository](https://github.com/GrapheneOS/PdfViewer#readme){ .md-button .md-button--primary }
[:octicons-code-16:](https://github.com/GrapheneOS/PdfViewer){ .card-link title="Source Code" }
[:octicons-heart-16:](https://grapheneos.org/donate){ .card-link title=Contribute }
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=app.grapheneos.pdfviewer.play)
- [:simple-github: GitHub](https://github.com/GrapheneOS/PdfViewer/releases)
- [:material-cube-outline: GrapheneOS App Store](https://github.com/GrapheneOS/Apps/releases)
</details>
</div>
## Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](../about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
- Applications on this page must not be applicable to any other software category on the site.
- General applications should extend or replace core system functionality.
- Applications should receive regular updates and maintenance.
content/tools/os/android/grapheneos-dark.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g><g><g fill="#fff" fill-rule="evenodd" clip-rule="evenodd" image-rendering="optimizeQuality" shape-rendering="geometricPrecision"><path fill="#fff" d="m605 798 381-217c-7-21-12-43-12-67 0-92 67-168 155-184v-330h64v330c88 16 155 92 155 184 0 24-5 46-13 67l382 217c14-16 31-30 50-42 80-46 180-26 237 42l286-165 32 56-286 165c31 84-2 180-82 226-18 10-36 17-55 21v442c19 4 37 11 55 21 80 46 113 142 82 226l286 165-32 56-286-165c-57 68-157 88-237 42-19-12-36-26-50-42-127 72-254 145-382 217 8 21 13 43 13 67 0 92-67 168-155 184v330h-64v-330c-88-16-155-92-155-184 0-24 5-46 12-67l-381-217c-14 16-31 30-50 42-80 46-180 26-237-42l-286 165-32-56 286-165c-31-84 2-180 82-226 18-10 36-17 55-21v-442c-19-4-37-11-55-21-80-46-113-142-82-226l-286-165 32-56 286 165c57-68 157-88 237-42 19 12 36 26 50 42zm1080 992c-18-50-15-108 14-157 30-52 81-84 136-92v-438c-55-8-106-40-136-92-29-49-32-107-14-157l-382-218c-35 40-85 65-142 65s-107-25-142-65l-382 218c18 50 15 108-14 157-30 52-81 84-136 92v438c55 8 106 40 136 92 29 49 32 107 14 157l382 218c35-40 85-65 142-65s107 25 142 65z" class="fil0" transform="translate(0 -263.13) matrix(.072143 0 0 .072143 -44.234 303.31) matrix(.17755 0 0 .17755 641.74 -556.97)"/></g></g></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

content/tools/os/android/grapheneos.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g><g><g fill="#1b1b1b" fill-rule="evenodd" clip-rule="evenodd" image-rendering="optimizeQuality" shape-rendering="geometricPrecision"><path fill="#1b1b1b" d="m605 798 381-217c-7-21-12-43-12-67 0-92 67-168 155-184v-330h64v330c88 16 155 92 155 184 0 24-5 46-13 67l382 217c14-16 31-30 50-42 80-46 180-26 237 42l286-165 32 56-286 165c31 84-2 180-82 226-18 10-36 17-55 21v442c19 4 37 11 55 21 80 46 113 142 82 226l286 165-32 56-286-165c-57 68-157 88-237 42-19-12-36-26-50-42-127 72-254 145-382 217 8 21 13 43 13 67 0 92-67 168-155 184v330h-64v-330c-88-16-155-92-155-184 0-24 5-46 12-67l-381-217c-14 16-31 30-50 42-80 46-180 26-237-42l-286 165-32-56 286-165c-31-84 2-180 82-226 18-10 36-17 55-21v-442c-19-4-37-11-55-21-80-46-113-142-82-226l-286-165 32-56 286 165c57-68 157-88 237-42 19 12 36 26 50 42zm1080 992c-18-50-15-108 14-157 30-52 81-84 136-92v-438c-55-8-106-40-136-92-29-49-32-107-14-157l-382-218c-35 40-85 65-142 65s-107-25-142-65l-382 218c18 50 15 108-14 157-30 52-81 84-136 92v438c55 8 106 40 136 92 29 49 32 107 14 157l382 218c35-40 85-65 142-65s107 25 142 65z" class="fil0" transform="translate(0 -263.13) matrix(.072143 0 0 .072143 -44.234 303.31) matrix(.17755 0 0 .17755 641.74 -556.97)"/></g></g></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

content/tools/os/android/obtaining-apps.md
+126
View File
@@ -0,0 +1,126 @@
---
title: "Obtaining Applications"
description: We recommend these methods for obtaining applications on Android without interacting with Google Play Services.
---
There are many ways to obtain Android apps privately, even from the Play Store, without interacting with Google Play Services. We recommend the following methods of obtaining applications on Android, listed in order of preference.
## Obtainium
<div class="admonition recommendation" markdown>
![Obtainium logo](../assets/img/android/obtainium.svg){ align=right }
**Obtainium** is an app manager which allows you to install and update apps directly from the developer's own releases page (i.e. GitHub, GitLab, the developer's website, etc.), rather than a centralized app store/repository. It supports automatic background updates on Android 12 and higher.
[:octicons-repo-16: Repository](https://github.com/ImranR98/Obtainium#readme){ .md-button .md-button--primary }
[:octicons-info-16:](https://github.com/ImranR98/Obtainium/wiki){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/ImranR98/Obtainium){ .card-link title="Source Code" }
[:octicons-heart-16:](https://github.com/sponsors/ImranR98){ .card-link title=Contribute }
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-github: GitHub](https://github.com/ImranR98/Obtainium/releases)
</details>
</div>
Obtainium allows you to download APK installer files from a wide variety of sources, and it is up to you to ensure those sources and apps are legitimate. For example, using Obtainium to install Signal from [Signal's APK landing page](https://signal.org/android/apk) should be fine, but installing from third-party APK repositories like Aptoide or APKPure may pose additional risks. The risk of installing a malicious *update* is lower, because Android itself verifies that all app updates are signed by the same developer as the existing app on your phone before installing them.
## GrapheneOS App Store
GrapheneOS's app store is available on [GitHub](https://github.com/GrapheneOS/Apps/releases). It supports Android 12 and above and is capable of updating itself. The app store has standalone applications built by the GrapheneOS project such as the [Auditor](../device-integrity.md#auditor-android), [Camera](general-apps.md#secure-camera), and [PDF Viewer](general-apps.md#secure-pdf-viewer). If you are looking for these applications, we highly recommend that you get them from GrapheneOS's app store instead of the Play Store, as the apps on their store are signed by the GrapheneOS's project own signature that Google does not have access to.
## Aurora Store
The Google Play Store requires a Google account to log in, which is not great for privacy. You can get around this by using an alternative client, such as Aurora Store.
<div class="admonition recommendation" markdown>
![Aurora Store logo](../assets/img/android/aurora-store.webp){ align=right }
**Aurora Store** is a Google Play Store client which does not require a Google account, Google Play Services, or microG to download apps.
[:octicons-home-16: Homepage](https://auroraoss.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://gitlab.com/AuroraOSS/AuroraStore/-/blob/master/POLICY.md){ .card-link title="Privacy Policy" }
[:octicons-code-16:](https://gitlab.com/AuroraOSS/AuroraStore){ .card-link title="Source Code" }
<details class="downloads" markdown>
<summary>Downloads</summary>
- [:simple-gitlab: GitLab](https://gitlab.com/AuroraOSS/AuroraStore/-/releases)
</details>
</div>
Aurora Store does not allow you to download paid apps with their anonymous account feature. You can optionally log in with your Google account with Aurora Store to download apps you have purchased, which does give access to the list of apps you've installed to Google. However, you still benefit from not requiring the full Google Play client and Google Play Services or microG on your device.
## Manually with RSS Notifications
For apps that are released on platforms like GitHub and GitLab, you may be able to add an RSS feed to your [news aggregator](../news-aggregators.md) that will help you keep track of new releases.
![RSS APK](../assets/img/android/rss-apk-light.png#only-light) ![RSS APK](../assets/img/android/rss-apk-dark.png#only-dark) ![APK Changes](../assets/img/android/rss-changes-light.png#only-light) ![APK Changes](../assets/img/android/rss-changes-dark.png#only-dark)
### GitHub
On GitHub, using [Secure Camera](general-apps.md#secure-camera) as an example, you would navigate to its [releases page](https://github.com/GrapheneOS/Camera/releases) and append `.atom` to the URL:
`https://github.com/GrapheneOS/Camera/releases.atom`
### GitLab
On GitLab, using [Aurora Store](#aurora-store) as an example, you would navigate to its [project repository](https://gitlab.com/AuroraOSS/AuroraStore) and append `/-/tags?format=atom` to the URL:
`https://gitlab.com/AuroraOSS/AuroraStore/-/tags?format=atom`
### Verifying APK Fingerprints
If you download APK files to install manually, you can verify their signature with the [`apksigner`](https://developer.android.com/studio/command-line/apksigner) tool, which is a part of Android [build-tools](https://developer.android.com/studio/releases/build-tools).
1. Install [Java JDK](https://oracle.com/java/technologies/downloads).
2. Download the [Android Studio command line tools](https://developer.android.com/studio#command-tools).
3. Extract the downloaded archive:
```bash
unzip commandlinetools-*.zip
cd cmdline-tools
./bin/sdkmanager --sdk_root=./ "build-tools;29.0.3"
```
4. Run the signature verification command:
```bash
./build-tools/29.0.3/apksigner verify --print-certs ../Camera-37.apk
```
5. The resulting hashes can then be compared with another source. Some developers such as Signal [show the fingerprints](https://signal.org/android/apk) on their website.
```bash
Signer #1 certificate DN: CN=GrapheneOS
Signer #1 certificate SHA-256 digest: 6436b155b917c2f9a9ed1d15c4993a5968ffabc94947c13f2aeee14b7b27ed59
Signer #1 certificate SHA-1 digest: 23e108677a2e1b1d6e6b056f3bb951df7ad5570c
Signer #1 certificate MD5 digest: dbbcd0cac71bd6fa2102a0297c6e0dd3
```
## F-Droid
![F-Droid logo](../assets/img/android/f-droid.svg){ align=right width=120px }
==We only recommend F-Droid as a way to obtain apps which cannot be obtained via the means above.== F-Droid is often recommended as an alternative to Google Play, particularly within the privacy community. The option to add third-party repositories and not be confined to Google's walled garden has led to its popularity. F-Droid additionally has [reproducible builds](https://f-droid.org/en/docs/Reproducible_Builds) for some applications and is dedicated to free and open-source software. However, there are some security-related downsides to how F-Droid builds, signs, and delivers packages:
Due to their process of building apps, apps in the *official* F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust. Additionally, the requirements for an app to be included in the official F-Droid repo are less strict than other app stores like Google Play, meaning that F-Droid tends to host a lot more apps which are older, unmaintained, or otherwise no longer meet [modern security standards](https://developer.android.com/google/play/requirements/target-sdk).
Other popular third-party repositories for F-Droid such as [IzzyOnDroid](https://apt.izzysoft.de/fdroid) alleviate some of these concerns. The IzzyOnDroid repository pulls builds directly from code forges (GitHub, GitLab, etc.) and is the next best thing to the developers' own repositories. They also offer [reproducible builds](https://android.izzysoft.de/articles/named/iod-rbs-mirrors-clients) for hundreds of applications and have developers who verify the reproducibility of developer-signed APKs. Furthermore, the IzzyOnDroid team conducts [additional security scans](https://android.izzysoft.de/articles/named/iod-scan-apkchecks) of apps housed in the repo, which usually result in [deliberations](https://github.com/gouravkhunger/QuotesApp/issues/22) between them and app developers toward privacy improvements in their apps. Note that apps may be removed from the IzzyOnDroid repo in [certain circumstances](https://gitlab.com/IzzyOnDroid/repo#are-apps-removed-from-the-repo--and-when-does-that-happen).
The [F-Droid](https://f-droid.org/en/packages) and [IzzyOnDroid](https://apt.izzysoft.de/fdroid) repositories are home to countless apps, so they can be useful places to search for and discover open-source apps that you can then download through other means such as the Play Store, Aurora Store, or by getting the APK directly from the developer. You should use your best judgment when looking for new apps via this method, and keep an eye on how frequently the app is updated. Outdated apps may rely on unsupported libraries, among other things, posing a potential security risk.
<div class="admonition note" markdown>
<p class="admonition-title">F-Droid Basic</p>
In some rare cases, the developer of an app will only distribute it through F-Droid ([Gadgetbridge](../health-and-wellness.md#gadgetbridge) is one example of this). If you really need an app like that, we recommend using the newer [F-Droid Basic](https://f-droid.org/en/packages/org.fdroid.basic) client instead of the original F-Droid app to obtain it. F-Droid Basic supports automatic background updates without privileged extension or root, and has a reduced feature set (limiting attack surface).
</div>
content/tools/os/android/obtainium.svg
+1
View File
@@ -0,0 +1 @@
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><defs><linearGradient id="_Linear1" x2="1" gradientTransform="matrix(96.087 110.77 -110.77 96.087 217.55 321.52)" gradientUnits="userSpaceOnUse"><stop stop-color="#9b58dc" offset="0"/><stop stop-color="#321c92" offset="1"/></linearGradient></defs><g transform="matrix(.20642 0 0 .20642 -41.161 -57.382)" clip-rule="evenodd" fill-rule="evenodd"><path d="m311.47 434.34c-2.073-1.099-14.192-7.814-70.958-39.32-15.797-8.768-31.006-17.199-33.798-18.736-6.342-3.491-7.317-4.35-7.317-6.45 0-1.099 2.531-8.142 8.464-23.547 4.654-12.088 8.771-22.681 9.147-23.54 0.857-1.956 2.239-3.617 3.588-4.315 1.263-0.653 32.827-12.18 34.436-12.576 1.739-0.428 3.239 0.396 4.124 2.265 0.424 0.897 2.188 5.526 3.92 10.286 1.732 4.761 4.31 11.8 5.729 15.643 3.252 8.805 3.373 10.052 1.109 11.389-0.6 0.354-4.504 1.886-8.674 3.404-4.171 1.517-8.151 3.089-8.844 3.492-1.6 0.931-1.84 2.368-0.59 3.523 0.496 0.459 8.516 5.034 17.821 10.166 26.008 14.344 24.564 13.695 26.299 11.823 0.85-0.917 16.388-40.439 17.28-43.952 0.381-1.501 0.339-1.71-0.474-2.367-1.11-0.899-0.949-0.938-11.162 2.673-10.118 3.577-11.082 3.653-12.437 0.978-0.712-1.405-11.61-31.337-12.287-33.745-0.438-1.558 0.098-3.038 1.409-3.897 0.545-0.357 8.476-3.4 17.624-6.762 13.576-4.988 17.031-6.118 18.797-6.146 2.278-0.036 2.577 0.12 44.348 23.233 2.895 1.601 4.439 3.287 4.439 4.845 0 0.618-10.357 28.091-23.016 61.052-17.853 46.484-23.242 60.126-24.022 60.812-1.326 1.168-2.413 1.117-4.955-0.231z" fill="url(#_Linear1)" fill-rule="nonzero" stroke="url(#_Linear1)" stroke-width=".39px"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

content/tools/os/android/secure_camera-dark.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" fill="#fff" version="1.1" viewBox="0 0 128 128"><g transform="scale(5.3333)"><path fill="none" d="m0 0h24v24h-24z"/><circle cx="12" cy="12" r="3"/><path d="m20 4h-3.17l-1.24-1.35c-0.37-0.41-0.91-0.65-1.47-0.65h-4.24c-0.56 0-1.1 0.24-1.48 0.65l-1.23 1.35h-3.17c-1.1 0-2 0.9-2 2v12c0 1.1 0.9 2 2 2h16c1.1 0 2-0.9 2-2v-12c0-1.1-0.9-2-2-2zm-8 13c-2.76 0-5-2.24-5-5s2.24-5 5-5 5 2.24 5 5-2.24 5-5 5z"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 447 B

content/tools/os/android/secure_camera.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g stroke-width="1.411"><path fill="none" d="m0-1.13e-6h33.867v33.867h-33.867z"/><circle cx="16.933" cy="16.933" r="4.233"/><path d="m28.222 5.6444h-4.4732l-1.7498-1.905c-0.52213-0.57856-1.2841-0.91722-2.0743-0.91722h-5.9831c-0.79022 0-1.5522 0.33867-2.0884 0.91722l-1.7357 1.905h-4.4732c-1.5522 0-2.8222 1.27-2.8222 2.8222v16.933c0 1.5522 1.27 2.8222 2.8222 2.8222h22.578c1.5522 0 2.8222-1.27 2.8222-2.8222v-16.933c0-1.5522-1.27-2.8222-2.8222-2.8222zm-11.289 18.344c-3.8947 0-7.0556-3.1609-7.0556-7.0556s3.1609-7.0556 7.0556-7.0556c3.8947 0 7.0556 3.1609 7.0556 7.0556s-3.1609 7.0556-7.0556 7.0556z"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 719 B

content/tools/os/android/secure_pdf_viewer-dark.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" fill="#fff" version="1.1" viewBox="0 0 128 128"><path fill="none" d="m52 52h24v24h-24z"/><path stroke-width="8" d="m112 0h-96c-8.8 0-16 7.2-16 16v96c0 8.8 7.2 16 16 16h96c8.8 0 16-7.2 16-16v-96c0-8.8-7.2-16-16-16zm-68 60c0 6.64-5.36 12-12 12h-8v10c0 3.28-2.72 6-6 6s-6-2.72-6-6v-34c0-4.4 3.6-8 8-8h12c6.64 0 12 5.36 12 12zm40 16c0 6.64-5.36 12-12 12h-16c-2.24 0-4-1.76-4-4v-40c0-2.24 1.76-4 4-4h16c6.64 0 12 5.36 12 12zm32-30c0 3.28-2.72 6-6 6h-6v8h6c3.28 0 6 2.72 6 6s-2.72 6-6 6h-6v10c0 3.28-2.72 6-6 6s-6-2.72-6-6v-34c0-4.4 3.6-8 8-8h10c3.28 0 6 2.72 6 6zm-92 14h8v-8h-8zm40 16h8v-24h-8z"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 639 B

content/tools/os/android/secure_pdf_viewer.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><path stroke-width="2.117" d="m29.633 8.2833e-7h-25.4c-2.3283 0-4.2333 1.905-4.2333 4.2333v25.4c0 2.3283 1.905 4.2333 4.2333 4.2333h25.4c2.3283 0 4.2333-1.905 4.2333-4.2333v-25.4c0-2.3283-1.905-4.2333-4.2333-4.2333zm-17.992 15.875c0 1.7568-1.4182 3.175-3.175 3.175h-2.1167v2.6458c0 0.86783-0.71967 1.5875-1.5875 1.5875s-1.5875-0.71967-1.5875-1.5875v-8.9958c0-1.1642 0.9525-2.1167 2.1167-2.1167h3.175c1.7568 0 3.175 1.4182 3.175 3.175zm10.583 4.2333c0 1.7568-1.4182 3.175-3.175 3.175h-4.2333c-0.59267 0-1.0583-0.46567-1.0583-1.0583v-10.583c0-0.59267 0.46567-1.0583 1.0583-1.0583h4.2333c1.7568 0 3.175 1.4182 3.175 3.175zm8.4667-7.9375c0 0.86783-0.71967 1.5875-1.5875 1.5875h-1.5875v2.1167h1.5875c0.86784 0 1.5875 0.71967 1.5875 1.5875s-0.71967 1.5875-1.5875 1.5875h-1.5875v2.6458c0 0.86783-0.71967 1.5875-1.5875 1.5875-0.86783 0-1.5875-0.71967-1.5875-1.5875v-8.9958c0-1.1642 0.9525-2.1167 2.1167-2.1167h2.6458c0.86784 0 1.5875 0.71967 1.5875 1.5875zm-24.342 3.7042h2.1167v-2.1167h-2.1167zm10.583 4.2333h2.1167v-6.35h-2.1167z"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

content/tools/os/android/shelter.svg
+1
View File
@@ -0,0 +1 @@
<svg width="3061" height="3061" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><linearGradient x1="5.235%" y1=".497%" x2="95.214%" y2="100%" id="c"><stop stop-opacity=".8" offset="0%"/><stop stop-opacity=".2" offset="100%"/></linearGradient><circle id="a" cx="1532" cy="1530.5" r="1530.5"/></defs><g fill="none" fill-rule="evenodd"><mask id="b" fill="#fff"><use xlink:href="#a"/></mask><g mask="url(#b)" fill-rule="nonzero"><path fill="#008079" d="M0 1814.17h3061.42v1247.24H0z"/><path fill="#1F2603" d="M0 0h3061.42v1814.17H0z"/></g><path fill-opacity=".2" fill="url(#c)" mask="url(#b)" d="m1002 2317 970-1500 1414 1422-325 1085H1972l-138-158z"/><g mask="url(#b)"><g transform="translate(747 582)"><path d="M785 61C450.378 61 60 580.17 60 1080.813 60 1581.455 384.605 1874 785 1874s725-292.545 725-793.188C1510 580.17 1119.6 61 785 61Z" fill="#EFBC48" fill-rule="nonzero"/><path d="m1569.359 1030.758-119.241 117.898L1268.933 907l-181.185 241.656-120.84-120.817-120.839 120.817-120.86-181.151-120.84 126.87-120.968-66.536-60.43 60.398-60.43-181.152-241.68 181.152-118.985-61.954S0 1067.607 0 1088.237C0 1622.079 351.712 1934 785.51 1934c433.8 0 785.49-311.921 785.49-845.763a1064.319 1064.319 0 0 0-1.641-57.479Z" fill="#E2CDB3"/><path d="M785.41 0C550.47 0 290.16 232.145 136 540.856l45.07 62.85 181.214-181.03 60.44 181.03 60.44-60.38 120.86 60.38 120.86-120.737 60.44 120.737 120.86-60.38 120.86 60.38 120.88-120.737L1329.14 664 1440 551.676C1286.756 237.704 1023.1 0 785.41 0Z" fill="#FCF1E3" fill-rule="nonzero"/><ellipse fill="#1F190A" fill-rule="nonzero" cx="543.5" cy="814.5" rx="60.5" ry="90.5"/><ellipse fill="#1F190A" fill-rule="nonzero" cx="1026.5" cy="814.5" rx="60.5" ry="90.5"/><path d="M1008 732.064c-1.36.012-2.718.111-4.065.296-10.374 6.16-19.33 16.514-25.935 29.64 0 16.569 13.431 30 30 30 16.569 0 30-13.431 30-30 0-16.569-13.431-30-30-30v.064ZM525 732.064c-1.36.012-2.718.111-4.065.296-10.374 6.16-19.35 16.514-25.935 29.64 0 16.569 13.431 30 30 30 16.569 0 30-13.431 30-30 0-16.569-13.431-30-30-30v.064Z" fill="#F9F8F4" fill-rule="nonzero"/><path d="M787.41 62C552.47 62 292.16 273.92 138 555.564l45.07 57.347 181.214-165.288 60.44 165.288 60.44-55.089 120.86 55.089 120.86-110.178 60.44 110.178 120.86-55.089 120.86 55.089 120.88-110.178L1331.14 668 1442 565.512C1288.756 278.926 1025.1 62 787.41 62Z" fill="#F8E4C3" fill-rule="nonzero"/><path d="m1569.401 1023.424-119.24 110.885L1268.975 907l-181.185 227.31-120.84-113.655-120.84 113.654-120.86-170.397-120.84 119.278-120.967-62.493-60.43 56.827-60.431-170.396-241.68 170.396-119.027-58.36S0 1058.035 0 1077.439C0 1579.577 351.712 1873 785.51 1873c433.8 0 785.49-293.423 785.49-795.56 0-17.935-.533-35.94-1.599-54.016Z" fill="#F9E4C4" fill-rule="nonzero"/></g></g></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.7 KiB

content/tools/os/desktop/_index.md
+274
View File
@@ -0,0 +1,274 @@
---
title: "Desktop/PC"
icon: simple/linux
description: Linux distributions are commonly recommended for privacy protection and software freedom.
cover: desktop.webp
---
<small>Protects against the following threat(s):</small>
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
Linux distributions are commonly recommended for privacy protection and software freedom. If you don't already use Linux, below are some distributions we suggest trying out, as well as some general privacy and security improvement tips that are applicable to many Linux distributions.
- [General Linux Overview :material-arrow-right-drop-circle:](os/linux-overview.md)
## Traditional Distributions
### Fedora Linux
<div class="admonition recommendation" markdown>
![Fedora logo](assets/img/linux-desktop/fedora.svg){ align=right }
**Fedora Linux** is our recommended desktop distribution for people new to Linux. Fedora generally adopts newer technologies (e.g., [Wayland](https://wayland.freedesktop.org) and [PipeWire](https://pipewire.org)) before other distributions. These new technologies often come with improvements in security, privacy, and usability in general.
[:octicons-home-16: Homepage](https://fedoraproject.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://docs.fedoraproject.org/en-US/docs){ .card-link title="Documentation" }
[:octicons-heart-16:](https://whatcanidoforfedora.org){ .card-link title="Contribute" }
</details>
</div>
Fedora comes in two primary desktop editions, [Fedora Workstation](https://fedoraproject.org/workstation), which uses the GNOME desktop environment, and [Fedora KDE Plasma Desktop](https://fedoraproject.org/kde), which uses KDE. Historically, Fedora Workstation has been more popular and widely recommended, but KDE has been gaining in popularity and provides an experience more similar to Windows, which may make transitioning to Linux easier for some. The security and privacy benefits of both editions are very similar, so it mostly comes down to personal preference.
Fedora has a semi-rolling release cycle. While some packages like the desktop environment are frozen until the next Fedora release, most packages (including the kernel) are updated frequently throughout the lifespan of the release. Each Fedora release is supported for one year, with a new version released every 6 months.
### openSUSE Tumbleweed
<div class="admonition recommendation" markdown>
![openSUSE Tumbleweed logo](assets/img/linux-desktop/opensuse-tumbleweed.svg){ align=right }
**openSUSE Tumbleweed** is a stable rolling release distribution.
openSUSE Tumbleweed uses [Btrfs](https://en.wikipedia.org/wiki/Btrfs) and [Snapper](https://en.opensuse.org/openSUSE:Snapper_Tutorial) to ensure that snapshots can be rolled back should there be a problem.
[:octicons-home-16: Homepage](https://get.opensuse.org/tumbleweed){ .md-button .md-button--primary }
[:octicons-info-16:](https://doc.opensuse.org){ .card-link title="Documentation" }
[:octicons-heart-16:](https://shop.opensuse.org){ .card-link title="Contribute" }
</details>
</div>
Tumbleweed follows a rolling release model where each update is released as a snapshot of the distribution. When you upgrade your system, a new snapshot is downloaded. Each snapshot is run through a series of automated tests by [openQA](https://openqa.opensuse.org) to ensure its quality.
### Arch Linux
<div class="admonition recommendation" markdown>
![Arch logo](assets/img/linux-desktop/archlinux.svg){ align=right }
**Arch Linux** is a lightweight, do-it-yourself (DIY) distribution, meaning that you only get what you install. For more information see their [FAQ](https://wiki.archlinux.org/title/Frequently_asked_questions).
[:octicons-home-16: Homepage](https://archlinux.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://wiki.archlinux.org){ .card-link title="Documentation" }
[:octicons-heart-16:](https://archlinux.org/donate){ .card-link title="Contribute" }
</details>
</div>
Arch Linux has a rolling release cycle. There is no fixed release schedule and packages are updated very frequently.
Being a DIY distribution, you are [expected to set up and maintain](os/linux-overview.md#arch-based-distributions) your system on your own. Arch has an [official installer](https://wiki.archlinux.org/title/Archinstall) to make the installation process a little easier.
A large portion of [Arch Linuxs packages](https://reproducible.archlinux.org) are [reproducible](https://reproducible-builds.org)[^1].
## Atomic Distributions
**Atomic distributions** (sometimes also referred to as **immutable distributions**) are operating systems which handle package installation and updates by layering changes atop your core system image, rather than by directly modifying the system. Advantages of atomic distros include increased stability and the ability to easily roll back updates. See [*Traditional vs. Atomic Updates*](os/linux-overview.md#traditional-vs-atomic-updates) for more info.
### Fedora Atomic Desktops
<div class="admonition recommendation" markdown>
![Fedora logo](assets/img/linux-desktop/fedora.svg){ align=right }
**Fedora Atomic Desktops** are variants of Fedora which use the `rpm-ostree` package manager and have a strong focus on containerized workflows and Flatpak for desktop applications. All of these variants follow the same release schedule as Fedora Workstation, benefiting from the same fast updates and staying very close to upstream.
[:octicons-home-16: Homepage](https://fedoraproject.org/atomic-desktops){ .md-button .md-button--primary }
[:octicons-info-16:](https://docs.fedoraproject.org/en-US/emerging){ .card-link title="Documentation" }
[:octicons-heart-16:](https://whatcanidoforfedora.org){ .card-link title="Contribute" }
</details>
</div>
[Fedora Atomic Desktops](https://fedoramagazine.org/introducing-fedora-atomic-desktops) come in a variety of flavors depending on the desktop environment you prefer. As with the recommendation to avoid X11 in our [criteria](#criteria) for Linux distributions, we recommend avoiding flavors that support only the legacy X11 window system.
These operating systems differ from Fedora Workstation as they replace the [DNF](https://docs.fedoraproject.org/en-US/quick-docs/dnf) package manager with a much more advanced alternative called [`rpm-ostree`](https://coreos.github.io/rpm-ostree). The `rpm-ostree` package manager works by downloading a base image for the system, then overlaying packages over it in a [git](https://en.wikipedia.org/wiki/Git)-like commit tree. When the system is updated, a new base image is downloaded and the overlays will be applied to that new image.
After the update is complete, you will reboot the system into the new deployment. `rpm-ostree` keeps two deployments of the system so that you can easily roll back if something breaks in the new deployment. There is also the option to pin more deployments as needed.
[Flatpak](https://flatpak.org) is the primary package installation method on these distributions, as `rpm-ostree` is only meant to overlay packages that cannot stay inside a container on top of the base image.
As an alternative to Flatpaks, there is the option of [Toolbx](https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox) to create [Podman](https://podman.io) containers which mimic a traditional Fedora environment, a [useful feature](https://containertoolbx.org) for the discerning developer. These containers share a home directory with the host operating system.
### NixOS
<div class="admonition recommendation" markdown>
![NixOS logo](assets/img/linux-desktop/nixos.svg){ align=right }
NixOS is an independent distribution based on the Nix package manager with a focus on reproducibility and reliability.
[:octicons-home-16: Homepage](https://nixos.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://nixos.org/learn.html){ .card-link title="Documentation" }
[:octicons-heart-16:](https://nixos.org/donate.html){ .card-link title="Contribute" }
</details>
</div>
NixOSs package manager keeps every version of every package in a different folder in the **Nix store**. Due to this you can have different versions of the same package installed on your system. After the package contents have been written to the folder, the folder is made read-only.
NixOS also provides atomic updates. It first downloads (or builds) the packages and files for the new system generation and then switches to it. There are different ways to switch to a new generation: you can tell NixOS to activate it after reboot, or you can switch to it at runtime. You can also *test* the new generation by switching to it at runtime, but not setting it as the current system generation. If something in the update process breaks, you can just reboot and automatically and return to a working version of your system.
The Nix package manager uses a purely functional language—which is also called Nix—to define packages.
[Nixpkgs](https://github.com/nixos/nixpkgs) (the main source of packages) are contained in a single GitHub repository. You can also define your own packages in the same language and then easily include them in your config.
Nix is a source-based package manager; if theres no pre-built available in the binary cache, Nix will just build the package from source using its definition. It builds each package in a sandboxed *pure* environment, which is as independent of the host system as possible. Binaries built with this method are reproducible[^1].
## Anonymity-Focused Distributions
### Whonix
<div class="admonition recommendation" markdown>
![Whonix logo](assets/img/linux-desktop/whonix.svg){ align=right }
**Whonix** is based on [Kicksecure](#kicksecure), a security-focused fork of Debian. It aims to provide privacy, security, and [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } on the internet. Whonix is best used in conjunction with [Qubes OS](#qubes-os).
[:octicons-home-16: Homepage](https://whonix.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion){ .card-link title="Onion Service" }
[:octicons-info-16:](https://whonix.org/wiki/Documentation){ .card-link title="Documentation" }
[:octicons-heart-16:](https://whonix.org/wiki/Donate){ .card-link title="Contribute" }
</details>
</div>
Whonix is meant to run as two virtual machines: a “Workstation” and a Tor “Gateway.” All communications from the Workstation must go through the Tor gateway. This means that even if the Workstation is compromised by malware of some kind, the true IP address remains hidden.
Some of its features include Tor Stream Isolation, [keystroke anonymization](https://whonix.org/wiki/Keystroke_Deanonymization#Kloak), [encrypted swap](https://github.com/Whonix/swap-file-creator), and a hardened memory allocator. Future versions of Whonix will likely include [full system AppArmor policies](https://github.com/roddhjav/apparmor.d) and a [sandboxed app launcher](https://whonix.org/wiki/Sandbox-app-launcher) to fully confine all processes on the system.
Whonix is best used [in conjunction with Qubes](https://whonix.org/wiki/Qubes/Why_use_Qubes_over_other_Virtualizers). We have a [recommended guide](os/qubes-overview.md#connecting-to-tor-via-a-vpn) on configuring Whonix in conjunction with a VPN ProxyVM in Qubes to hide your Tor activities from your ISP.
### Tails
<div class="admonition recommendation" markdown>
![Tails logo](assets/img/linux-desktop/tails.svg){ align=right }
**Tails** is a live operating system based on Debian that routes all communications through Tor, which can boot on on almost any computer from a DVD, USB stick, or SD card installation. It uses [Tor](tor.md) to preserve privacy and [:material-incognito: Anonymity](basics/common-threats.md#anonymity-vs-privacy){ .pg-purple } while circumventing censorship, and it leaves no trace of itself on the computer it is used on after it is powered off.
[:octicons-home-16: Homepage](https://tails.net){ .md-button .md-button--primary }
[:octicons-info-16:](https://tails.net/doc/index.en.html){ .card-link title="Documentation" }
[:octicons-heart-16:](https://tails.net/donate){ .card-link title="Contribute" }
</details>
</div>
<div class="admonition warning" markdown>
<p class="admonition-title">Warning</p>
Tails [doesn't erase](https://gitlab.tails.boum.org/tails/tails/-/issues/5356) the [video memory](https://en.wikipedia.org/wiki/Dual-ported_video_RAM) when shutting down. When you restart your computer after using Tails, it might briefly display the last screen that was displayed in Tails. If you shut down your computer instead of restarting it, the video memory will erase itself automatically after being unpowered for some time.
</div>
Tails is great for counter forensics due to amnesia (meaning nothing is written to the disk); however, it is not a hardened distribution like Whonix. It lacks many anonymity and security features that Whonix has and gets updated much less often (only once every six weeks). A Tails system that is compromised by malware may potentially bypass the transparent proxy, allowing for the user to be deanonymized.
Tails includes [uBlock Origin](browser-extensions.md#ublock-origin) in Tor Browser by default, which may potentially make it easier for adversaries to fingerprint Tails users. [Whonix](desktop.md#whonix) virtual machines may be more leak-proof, however they are not amnesic, meaning data may be recovered from your storage device.
By design, Tails is meant to completely reset itself after each reboot. Encrypted [persistent storage](https://tails.net/doc/persistent_storage/index.en.html) can be configured to store some data between reboots.
## Security-focused Distributions
<small>Protects against the following threat(s):</small>
- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
### Qubes OS
<div class="admonition recommendation" markdown>
![Qubes OS logo](assets/img/qubes/qubes_os.svg){ align=right }
**Qubes OS** is an open-source operating system designed to provide strong security for desktop computing through secure virtual machines (or "qubes"). Qubes is based on Xen, the X Window System, and Linux. It can run most Linux applications and use most of the Linux drivers.
[:octicons-home-16: Homepage](https://qubes-os.org){ .md-button .md-button--primary }
[:simple-torbrowser:](http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion){ .card-link title="Onion Service" }
[:octicons-eye-16:](https://qubes-os.org/privacy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://qubes-os.org/doc){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/QubesOS){ .card-link title="Source Code" }
[:octicons-heart-16:](https://qubes-os.org/donate){ .card-link title="Contribute" }
</details>
</div>
Qubes OS secures the computer by isolating subsystems (e.g., networking, USB, etc.) and applications in separate *qubes*. Should one part of the system be compromised via an exploit in a [:material-target-account: Targeted Attack](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red }, the extra isolation is likely to protect the rest of the *qubes* and the core system.
For further information about how Qubes works, read our full [Qubes OS overview](os/qubes-overview.md) page.
### Secureblue
<div class="admonition recommendation" markdown>
![Secureblue logo](assets/img/linux-desktop/secureblue.svg){ align=right }
**Secureblue** is a security-focused operating system based on [Fedora Atomic Desktops](#fedora-atomic-desktops). It includes a number of [security features](https://secureblue.dev/features) intended to proactively defend against the exploitation of both known and unknown vulnerabilities, and ships with [Trivalent](https://github.com/secureblue/Trivalent), their hardened, Chromium-based web browser.
[:octicons-home-16: Homepage](https://secureblue.dev){ .md-button .md-button--primary }
[:octicons-info-16:](https://secureblue.dev/install){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/secureblue/secureblue){ .card-link title="Source Code" }
[:octicons-heart-16:](https://secureblue.dev/donate){ .card-link title="Contribute" }
</div>
**Trivalent** is Secureblue's hardened Chromium for desktop Linux inspired by [GrapheneOS](android/distributions.md#grapheneos)'s Vanadium browser.
Secureblue also provides GrapheneOS's [hardened memory allocator](https://github.com/GrapheneOS/hardened_malloc) and enables it globally (including for Flatpaks).
### Kicksecure
While we [recommend against](os/linux-overview.md#release-cycle) "perpetually outdated" distributions like Debian for desktop use in most cases, Kicksecure is a Debian-based operating system which has been hardened to be much more than a typical Linux install.
<div class="admonition recommendation" markdown>
![Kicksecure logo](assets/img/linux-desktop/kicksecure.svg){ align=right }
**Kicksecure**—in oversimplified terms—is a set of scripts, configurations, and packages that substantially reduce the attack surface of Debian. It covers a lot of privacy and hardening recommendations by default. It also serves as the base OS for [Whonix](#whonix).
[:octicons-home-16: Homepage](https://kicksecure.com){ .md-button .md-button--primary }
[:octicons-eye-16:](https://kicksecure.com/wiki/Privacy_Policy){ .card-link title="Privacy Policy" }
[:octicons-info-16:](https://kicksecure.com/wiki/Documentation){ .card-link title="Documentation" }
[:octicons-code-16:](https://github.com/Kicksecure){ .card-link title="Source Code" }
[:octicons-heart-16:](https://kicksecure.com/wiki/Donate){ .card-link title="Contribute" }
</details>
</div>
## Criteria
Choosing a Linux distro that is right for you will come down to a huge variety of personal preferences, and this page is **not** meant to be an exhaustive list of every viable distribution. Our Linux overview page has some advice on [choosing a distro](os/linux-overview.md#choosing-your-distribution) in more detail. The distros on *this* page do all generally follow the guidelines we covered there, and all meet these standards:
- Free and open source.
- Receives regular software and kernel updates.
- Avoids X11, as its last major release was [more than a decade](https://x.org/wiki/Releases) ago.
- The notable exception here is Qubes, but the [isolation issues](https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation) which X11 typically has are avoided by virtualization. This isolation only applies to apps *running in different qubes* (virtual machines); apps running in the *same* qube are not protected from each other.
- Supports full-disk encryption during installation.
- Doesn't freeze regular releases for more than 1 year.
- We [recommend against](os/linux-overview.md#release-cycle) "Long Term Support" or "stable" distro releases for desktop usage.
- Supports a wide variety of hardware.
- Preference towards larger projects.
- Maintaining an operating system is a major challenge, and smaller projects have a tendency to make more avoidable mistakes, or delay critical updates (or worse, disappear entirely). We lean towards projects which will likely be around 10 years from now (whether that's due to corporate backing or very significant community support), and away from projects which are hand-built or have a small number of maintainers.
In addition, [our standard criteria](about/criteria.md) for recommended projects still applies. **Please note we are not affiliated with any of the projects we recommend.**
[^1]: Reproducibility entails the ability to verify that packages and binaries made available to the end user match the source code, which can be useful against potential [:material-package-variant-closed-remove: Supply Chain Attacks](basics/common-threats.md#attacks-against-certain-organizations){ .pg-viridian }.
content/tools/os/desktop/archlinux.svg
+1
View File
@@ -0,0 +1 @@
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(.73138 0 0 .73138 10.776 17.764)" fill="#1793d1"><path d="m7.2435-23.121c-1.9571 4.7983-3.1375 7.9369-5.3165 12.593 1.336 1.4161 2.9758 3.0653 5.6389 4.9279-2.8631-1.1781-4.8161-2.361-6.2756-3.5884-2.7887 5.819-7.1577 14.108-16.024 30.038 6.9685-4.023 12.37-6.5033 17.405-7.4497-0.21617-0.92976-0.33908-1.9355-0.33073-2.9848l0.0083-0.22324c0.11057-4.4645 2.433-7.8978 5.1842-7.6646 2.7512 0.23311 4.8896 4.0435 4.779 8.508-0.0208 0.84008-0.11556 1.6482-0.28112 2.3978 4.9796 0.9741 10.324 3.448 17.198 7.4166-1.3555-2.4955-2.5653-4.745-3.7207-6.8874-1.8199-1.4106-3.7182-3.2464-7.5902-5.2338 2.6614 0.69155 4.567 1.4894 6.0523 2.3812-11.747-21.871-12.698-24.777-16.727-34.23z" fill-rule="evenodd"/><g transform="matrix(.23141 0 0 .23141 -26.057 -55.67)"><path d="m239.84 313.7v-5.2094h-1.946v-0.697h4.6816v0.697h-1.954v5.2094h-0.78162"/><path d="m243.39 313.7v-5.9064h1.1765l1.398 4.182c0.12892 0.38947 0.22293 0.6809 0.28202 0.87429 0.0671-0.21488 0.1719-0.53048 0.31426-0.94681l1.4142-4.1095h1.0516v5.9064h-0.75341v-4.9435l-1.7163 4.9435h-0.70506l-1.7083-5.0281v5.0281h-0.75342"/></g></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

content/tools/os/desktop/fedora.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><g><path fill="#51a2da" d="m16.934 5.2318e-4c-9.3485 0-16.927 7.5743-16.933 16.921h-0.0010517v13.104h0.0010517c0.0042067 2.1219 1.7257 3.8404 3.8486 3.8404h0.018817 13.071c9.3496-0.0053 16.927-7.5836 16.927-16.932 0-9.3528-7.5807-16.933-16.933-16.933z"/><path fill="#fafafa" d="m20.366 6.9672c-2.6408 0-4.9731 1.9886-5.2961 4.5973-0.02173 0.21836-0.03207 0.37657-0.03313 0.57453-0.0114 3.5235 0.02279 7.2698 0.0011 10.662 0 2.0456-1.5277 3.4379-3.4408 3.4379-1.9162 0-3.4607-1.5301-3.4607-3.4411 0.032068-2.0972 1.7061-3.4254 3.6645-3.4832h0.01776l1.9822-0.01668v-2.8188l-1.9833 0.01352c-3.5632-0.03313-6.3975 2.7568-6.5008 6.3052 0 3.4493 2.8385 6.2639 6.2793 6.2639 3.2463 0 5.948-2.5393 6.243-5.7132 0.04267-1.0807 0.02279-2.503 0.02279-2.503 0.0053-0.58698-0.0114-0.37472-5e-3 -1.5402l2.4637-0.01668c1.9078 0.01457 1.8892-2.8612-0.01882-2.8218l-2.4449 0.01645c0-1.4461 0.02279-2.8862 0-4.3352 0.0032-1.2527 1.1925-2.3583 2.5093-2.3583 1.3176 0 2.7099 0.65854 2.7099 2.3612 0 0.24327-0.0061 0.38426-0.01961 0.47436-0.14708 0.78971 0.39327 1.5423 1.1883 1.6563 0.79501 0.11263 1.5238-0.45978 1.6025-1.2588 0.04558-0.31588 0.0477-0.59334 0.0477-0.87186 0-3.003-2.6853-5.184-5.5288-5.184z"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

content/tools/os/desktop/kicksecure.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 6.9 KiB

content/tools/os/desktop/nixos.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><defs><linearGradient id="linearGradient4328" x1="200.6" x2="290.09" y1="351.41" y2="506.19" gradientTransform="translate(70.65 -1055.2)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#699ad7"/><stop offset=".243" stop-color="#7eb1dd"/><stop offset="1" stop-color="#7ebae4"/></linearGradient><linearGradient id="linearGradient4330" x1="-584.2" x2="-496.3" y1="782.34" y2="937.71" gradientTransform="translate(864.7 -1491.3)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#415e9a"/><stop offset=".232" stop-color="#4a6baf"/><stop offset="1" stop-color="#5277c3"/></linearGradient></defs><g transform="matrix(.067518 0 0 .067518 -10.566 65.26)"><path id="path3336-6" fill="url(#linearGradient4328)" fill-rule="evenodd" d="m309.55-710.39 122.2 211.68-56.157 0.5268-32.624-56.869-32.856 56.565-27.902-0.011-14.291-24.69 46.81-80.49-33.229-57.826z"/><use width="100%" height="100%" transform="rotate(60 407.11 -715.79)" xlink:href="#path3336-6"/><use width="100%" height="100%" transform="rotate(-60 407.31 -715.7)" xlink:href="#path3336-6"/><use width="100%" height="100%" transform="rotate(180 407.42 -715.76)" xlink:href="#path3336-6"/><path id="path4260-0" fill="url(#linearGradient4330)" fill-rule="evenodd" d="m309.55-710.39 122.2 211.68-56.157 0.5268-32.624-56.869-32.856 56.565-27.902-0.011-14.291-24.69 46.81-80.49-33.229-57.826z" color="#000" color-rendering="auto" image-rendering="auto" shape-rendering="auto" solid-color="#000000" style="isolation:auto;mix-blend-mode:normal"/><use width="100%" height="100%" transform="rotate(120 407.34 -716.08)" xlink:href="#path4260-0"/><use width="100%" height="100%" transform="rotate(240 407.29 -715.87)" xlink:href="#path4260-0"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

content/tools/os/desktop/opensuse-tumbleweed.svg
+5
View File
@@ -0,0 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg width="128" height="128" version="1.1" viewBox="0 0 128 128" xmlns="http://www.w3.org/2000/svg">
<path transform="matrix(-.87465 0 0 .87465 120.75 8.0741)" d="m94.992-0.066849c18.715-0.044873 33.956 15.196 33.911 33.911-0.04486 18.715-15.321 33.989-34.036 34.034l-8.4141 0.020097 0.017864-0.002233c-6e-3 1.4e-5 -0.007498-1.3e-5 -0.013398 0h-0.002233c-7.6468 0.017388-14.32 0.032773-17.572 0.040195-0.009725 4.4623-0.040839 18.807-0.058059 25.984-0.044878 18.715-15.319 33.991-34.034 34.036-18.715 0.04487-33.956-15.196-33.911-33.911 0.044867-18.715 15.321-33.989 34.036-34.034 2.1936-0.00527 4.5166-0.010064 7.9407-0.017864 7.7782-0.017708 14.744-0.032937 18.041-0.040195 0.009726-4.4623 0.040848-18.807 0.058059-25.984 0.04487-18.715 15.321-33.991 34.036-34.036zm0.020097 8.0055c-1.103 0.0026456-2.187 0.081744-3.2535 0.2166v28.826h28.936c0.12707-1.0356 0.20064-2.0878 0.20321-3.1575 0.0345-14.39-11.496-25.92-25.885-25.885zm-11.259 2.5702c-8.739 4.2031-14.767 13.124-14.792 23.478-0.01718 7.1648-0.048059 21.454-0.058059 25.946 4.4917-0.0099 18.779-0.040849 25.943-0.058059 10.391-0.024925 19.338-6.0976 23.523-14.888h-34.617v-34.478zm-22.873 57.447c-4.4931 0.00995-18.781 0.040851-25.946 0.058059-10.529 0.025256-19.571 6.2614-23.681 15.241h34.474v34.264c8.9016-4.1421 15.07-13.146 15.095-23.619 0.01719-7.1648 0.048059-21.452 0.058059-25.943zm-23.157 23.3h-28.679c-0.10066 0.92285-0.15627 1.8597-0.15855 2.8092-0.034516 14.39 11.496 25.92 25.885 25.885 0.99889-0.00239 1.9828-0.06749 2.9521-0.17864v-28.516z" color="#000000" fill="#35b9ab" fill-rule="evenodd" stroke-linecap="square" style="-inkscape-stroke:none"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

content/tools/os/desktop/qubes_os.svg
+1
View File
@@ -0,0 +1 @@
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(.52917 0 0 .52917 .0016651 -523.01)"><g transform="matrix(.40296 0 0 .40296 360.66 978.2)"><path d="m-816.29 25.214a15.882 15.918 0 0 0-8.3171 2.135l-53.648 31.034a15.882 15.918 0 0 0-7.9452 13.784v62.1a15.882 15.918 0 0 0 7.9452 13.768l53.648 31.058a15.882 15.918 0 0 0 15.882 0l53.656-31.058a15.882 15.918 0 0 0 7.9371-13.768v-62.1a15.882 15.918 0 0 0-7.9371-13.784l-53.656-31.034a15.882 15.918 0 0 0-7.5652-2.135zm-0.17228 35.101a8.7349 8.755 0 0 1 4.1636 1.169l29.512 17.071a8.7349 8.755 0 0 1 4.3663 7.582v34.159a8.7349 8.755 0 0 1-4.3663 7.5656l-29.512 17.088a8.7349 8.755 0 0 1-8.7305 0l-29.513-17.088a8.7349 8.755 0 0 1-4.3653-7.5656v-34.159a8.7349 8.755 0 0 1 4.3653-7.582l29.513-17.071a8.7349 8.755 0 0 1 4.5669-1.169z" fill="#63a0ff"/><path d="m-749.26 64.233-30.34 17.551a8.7349 8.755 0 0 1 1.1738 4.375v34.15a8.7349 8.755 0 0 1-4.3652 7.5742l-29.504 17.08a8.7349 8.755 0 0 1-4.3496 1.1602v35.102a15.882 15.918 0 0 0 7.9219-2.1191l11.936-6.9082 15.23 8.8633c6.8122 3.9643 17.78 3.9643 24.592 0l6.8106-3.9629c6.8122-3.9643 6.8122-10.348 0-14.312l-15.146-8.8144 10.234-5.9238a15.882 15.918 0 0 0 7.9375-13.768v-62.092a15.882 15.918 0 0 0-2.1309-7.9551z" fill="#3874d8"/><path d="m-884.06 64.207 30.334 17.56a8.7349 8.755 0 0 1 3.1929-3.2071l29.508-17.075a8.7349 8.755 0 0 1 8.7265 3e-3l29.51 17.071a8.7349 8.755 0 0 1 3.1777 3.1948l30.328-17.55a15.882 15.918 0 0 0-5.791-5.8162l-53.664-31.045a15.882 15.918 0 0 0-15.864-5e-3l-53.649 31.046a15.882 15.918 0 0 0-5.8092 5.8265z" fill="#99bfff"/></g></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.6 KiB

content/tools/os/desktop/secureblue.svg
+97
View File
@@ -0,0 +1,97 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="448"
height="448"
viewBox="0 0 448 448"
version="1.1"
id="svg1"
xml:space="preserve"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"><defs
id="defs1"><linearGradient
id="linearGradient10"
x1="119.00664"
y1="9.9706745"
x2="9.8707094"
y2="118.384"
gradientUnits="userSpaceOnUse"
gradientTransform="matrix(1.1666666,0,0,1.1666666,-10.666666,-10.666666)"
spreadMethod="pad"><stop
stop-color="#76C9F6"
id="stop6"
offset="0"
style="stop-color:#3dc7f5;stop-opacity:1;" /><stop
stop-color="#76C9F6"
id="stop7"
offset="0.25"
style="stop-color:#0da6f2;stop-opacity:1;" /><stop
stop-color="#76C9F6"
id="stop8"
offset="0.5"
style="stop-color:#5f82c9;stop-opacity:1;" /><stop
stop-color="#76C9F6"
id="stop9"
offset="0.75"
style="stop-color:#7259a6;stop-opacity:1;" /><stop
offset="1"
stop-color="#715680"
id="stop10"
style="stop-color:#744e74;stop-opacity:1;" /></linearGradient><linearGradient
xlink:href="#linearGradient10"
id="linearGradient6"
x1="367.99997"
y1="62.010296"
x2="143.99998"
y2="449.98965"
gradientUnits="userSpaceOnUse"
gradientTransform="matrix(1,0,0,0.97816594,-32,-31.30131)" /><filter
style="color-interpolation-filters:sRGB"
id="filter40"
x="-0.024489796"
y="-0.01875"
width="1.0693878"
height="1.0609375"><feFlood
result="flood"
in="SourceGraphic"
flood-opacity="0.75"
flood-color="rgb(64,0,128)"
id="feFlood39" /><feGaussianBlur
result="blur"
in="SourceGraphic"
stdDeviation="2.000000"
id="feGaussianBlur39" /><feOffset
result="offset"
in="blur"
dx="4.000000"
dy="6.000000"
id="feOffset39" /><feComposite
result="comp1"
operator="in"
in="flood"
in2="offset"
id="feComposite39" /><feComposite
result="comp2"
operator="over"
in="SourceGraphic"
in2="comp1"
id="feComposite40" /></filter></defs><path
id="rect32-2"
style="display:inline;fill:#7a4f7b;fill-opacity:1;stroke-width:1.33345"
d="M 10.226928,212.286 C 10.164833,214.49216 0,220.55304 0,222.77506 0,347.54967 98.566,448 221,448 h 6 c 122.434,0 221,-100.45033 221,-225.22494 0,-2.22202 -16.24004,-3.47394 -16.30213,-5.6801 C 428.27178,340.46667 345.91556,421.48738 224,421.48738 102.08444,421.48738 13.653019,335.65771 10.226928,212.286 Z" /><rect
style="opacity:1;fill:url(#linearGradient6);fill-opacity:1;stroke-width:1.1203;stroke-linecap:round;stroke-linejoin:round"
id="rect4"
width="448"
height="438.21835"
x="0"
y="0"
ry="219.10918" /><g
id="g10"
style="filter:url(#filter40)"
transform="matrix(1,0,0,0.97816594,-32,-31.30131)"><path
d="m 184.50002,383.99994 c -6.73728,0 -12.50712,-2.38932 -17.30912,-7.168 -4.802,-4.77864 -7.19881,-10.51631 -7.19088,-17.21292 V 237.71429 c 0,-6.70501 2.40101,-12.44637 7.203,-17.22505 4.802,-4.77865 10.56768,-7.16426 17.297,-7.15592 h 12.25001 V 188.9524 c 0,-16.86372 5.97379,-31.24014 17.92183,-43.1297 11.9476,-11.89 26.39048,-17.83059 43.32816,-17.82269 16.94556,0 31.39264,5.94478 43.34023,17.83478 11.94808,11.88954 17.9177,26.26222 17.90972,43.11761 v 24.38092 h 12.25001 c 6.73727,0 12.50712,2.38935 17.30912,7.16798 4.802,4.77869 7.19881,10.51635 7.19088,17.21299 v 121.90473 c 0,6.70451 -2.40101,12.44636 -7.20301,17.22503 -4.802,4.77864 -10.56768,7.16378 -17.29699,7.15593 z m 73.5,-60.95235 c 6.73724,0 12.50711,-2.38932 17.30911,-7.168 4.80201,-4.77869 7.19881,-10.51631 7.19086,-17.21297 0,-6.70498 -2.40101,-12.44632 -7.20301,-17.22499 -4.802,-4.77869 -10.56765,-7.1643 -17.29696,-7.15593 -6.73777,0 -12.50715,2.38933 -17.30916,7.16801 -4.802,4.77867 -7.1988,10.5163 -7.19085,17.21291 0,6.70454 2.40101,12.44636 7.20301,17.22505 4.802,4.77867 10.56763,7.1638 17.297,7.15592 z m -36.75,-109.71427 h 73.49995 V 188.9524 c 0,-10.15874 -3.57279,-18.79377 -10.71883,-25.90466 -7.1456,-7.11136 -15.8228,-10.66679 -26.03112,-10.66679 -10.20836,0 -18.88556,3.55543 -26.03117,10.66679 -7.14603,7.11089 -10.71883,15.74592 -10.71883,25.90466 z"
fill="#f4f5ff"
id="path2"
style="display:inline;fill:#e5e5ff;fill-opacity:1;stroke-width:4.65526" /></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.6 KiB

content/tools/os/desktop/tails.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.866 33.866"><path fill="#56347c" stroke-width=".227" d="m-5.6458e-7 -5.6458e-7h33.866v33.866h-33.866z"/><g fill="#fff" transform="matrix(.28966 0 0 .28966 2.6903 -.51532)"><path d="m88.342 56.73v16.663c0 0.51029-0.34108 0.64398-0.76069 0.29659l-8.5041-7.0404c-0.41921-0.34706-0.76028-1.0401-0.76028-1.5504v-2.0977l-2.6577-2.1608c-2.8502-2.3173-5.1324-7.0217-5.1324-10.465 0-3.4423 2.2978-4.3394 5.1324-2.0027l2.6577 2.1608v-2.0977c0-0.51005 0.34107-0.64374 0.76028-0.29668l8.5039 7.0402c0.42055 0.34644 0.76089 1.0406 0.76089 1.5507zm-12.531-5.2978c-1.5002-1.2367-2.7163-0.76168-2.7163 1.0602 0 1.8224 1.2161 4.3019 2.7163 5.5386l2.5057 2.0355v-6.599l-2.5057-2.0355z"/><g><path fill="#fff" d="m97.976 37.8c-4e-3 -0.021-8e-3 -0.042-0.013-0.063-0.016-0.068-0.036-0.135-0.062-0.199-3e-3 -8e-3 -5e-3 -0.016-8e-3 -0.023-0.03-0.069-0.067-0.135-0.107-0.198-0.011-0.018-0.024-0.034-0.036-0.051-0.035-0.05-0.074-0.097-0.116-0.141-0.011-0.012-0.021-0.024-0.033-0.036-0.053-0.052-0.111-0.1-0.173-0.143-0.015-0.011-0.032-0.019-0.048-0.029-0.031-0.019-0.06-0.04-0.092-0.057l-0.545-0.284-24.906 11.12-46.585-23.427-0.666 0.33c-6e-3 3e-3 -0.01 7e-3 -0.016 0.01-0.047 0.024-0.09 0.055-0.134 0.084-0.029 0.019-0.06 0.036-0.087 0.057-0.034 0.027-0.063 0.059-0.094 0.09-0.031 0.03-0.065 0.059-0.093 0.092-0.022 0.026-0.039 0.056-0.06 0.084-0.031 0.043-0.063 0.086-0.088 0.132-3e-3 5e-3 -7e-3 0.01-0.01 0.015-0.015 0.028-0.022 0.057-0.035 0.085-0.02 0.046-0.041 0.09-0.056 0.138-0.013 0.041-0.02 0.082-0.029 0.123-9e-3 0.043-0.019 0.085-0.024 0.128s-4e-3 0.085-5e-3 0.127c-1e-3 0.044-3e-3 0.087 1e-3 0.13 2e-3 0.023 5e-3 0.046 9e-3 0.069-6e-3 0.051-0.015 0.1-0.015 0.152l4e-3 15.559 3.3631-1.5666 36.405 18.104-25.084 11.136-18.939-9.469-16.99-8.4933c-0.012-6e-3 -0.025-9e-3 -0.038-0.014-0.042-0.02-0.086-0.035-0.131-0.05-0.04-0.014-0.08-0.028-0.121-0.038-0.038-9e-3 -0.078-0.014-0.117-0.019-0.049-7e-3 -0.098-0.014-0.148-0.015-0.013 0-0.024-4e-3 -0.037-4e-3 -0.025 0-0.049 6e-3 -0.074 7e-3 -0.05 4e-3 -0.099 7e-3 -0.148 0.016-0.04 7e-3 -0.079 0.017-0.118 0.027-0.043 0.011-0.085 0.024-0.127 0.039-0.039 0.015-0.077 0.032-0.114 0.051-0.039 0.019-0.077 0.039-0.115 0.062-0.035 0.022-0.068 0.045-0.1 0.07-0.035 0.027-0.07 0.054-0.103 0.085-0.031 0.029-0.059 0.059-0.087 0.09-0.028 0.032-0.056 0.064-0.082 0.099-0.028 0.038-0.052 0.079-0.076 0.12-0.013 0.023-0.03 0.042-0.042 0.066-6e-3 0.012-8e-3 0.025-0.014 0.037-0.02 0.043-0.036 0.089-0.051 0.135-0.013 0.039-0.027 0.078-0.036 0.117-9e-3 0.04-0.014 0.081-0.02 0.122-7e-3 0.048-0.013 0.095-0.014 0.142 1e-3 0.014-3e-3 0.026-3e-3 0.039v19.531c0 0.026 6e-3 0.051 8e-3 0.077 3e-3 0.048 6e-3 0.096 0.014 0.143 7e-3 0.042 0.017 0.082 0.028 0.122 0.011 0.042 0.023 0.083 0.038 0.123s0.033 0.079 0.052 0.117 0.038 0.076 0.061 0.112c0.022 0.035 0.046 0.069 0.071 0.102 0.027 0.035 0.054 0.069 0.084 0.102 0.028 0.031 0.059 0.059 0.09 0.087 0.032 0.029 0.064 0.056 0.1 0.082 0.038 0.027 0.077 0.051 0.118 0.075 0.023 0.014 0.043 0.031 0.068 0.043l36.521 18.258c7e-3 4e-3 0.015 4e-3 0.022 8e-3 0.017 8e-3 0.032 0.017 0.049 0.025 0.01 4e-3 0.02 7e-3 0.03 0.011 0.056 0.022 0.113 0.041 0.171 0.055l0.036 9e-3c0.016 3e-3 0.032 5e-3 0.048 8e-3 0.077 0.014 0.154 0.024 0.232 0.024h8e-3c0.078 0 0.156-0.01 0.232-0.024 0.016-3e-3 0.032-5e-3 0.048-8e-3l0.036-9e-3c0.058-0.014 0.115-0.033 0.17-0.055 0.01-4e-3 0.021-7e-3 0.031-0.011 0.017-7e-3 0.032-0.017 0.049-0.024 7e-3 -3e-3 0.015-4e-3 0.022-8e-3l22.616-9.902 9.462 5.221c0.018 0.01 0.037 0.017 0.056 0.026 0.019 0.01 0.038 0.02 0.058 0.029 8e-3 3e-3 0.016 7e-3 0.024 0.01 0.031 0.013 0.063 0.023 0.095 0.033 0.019 6e-3 0.038 0.013 0.058 0.019 0.021 6e-3 0.043 0.011 0.064 0.015 0.015 3e-3 0.029 6e-3 0.044 8e-3 7e-3 1e-3 0.015 3e-3 0.022 4e-3 0.014 2e-3 0.028 6e-3 0.042 8e-3 0.059 8e-3 0.117 0.013 0.176 0.013h5e-3c0.078 0 0.155-0.01 0.232-0.024 0.013-2e-3 0.026-3e-3 0.039-6e-3 0.01-2e-3 0.019-6e-3 0.029-8e-3 0.07-0.017 0.14-0.037 0.207-0.065 7e-3 -3e-3 0.014-7e-3 0.021-0.01l0.012-6e-3c6e-3 -3e-3 0.012-3e-3 0.018-6e-3l24.828-11.586c0.465-0.219 0.762-0.686 0.762-1.2v-36.083c0-6e-3 -2e-3 -0.011-2e-3 -0.017-1e-3 -0.074-9e-3 -0.146-0.022-0.217zm-60.762 40.617-7.614 3.666 3.972 1.986 3.641-1.986v6.29l-33.872-16.935v-9.829l8.6776 4.2413-7.257 3.35 3.972 1.986 7.269-3.378 4.313 2.051-7.487 3.456 3.972 1.986 7.503-3.482 4.621 2.344-7.381 3.407 3.972 1.986 7.395-3.434 4.303 2.111zm28.014-1.478-25.366 11.277v-16.57l25.366-11.276zm-61.887-18.411v-3.31l33.873 16.603v3.31z" transform="matrix(.4641 .92679 -.92679 .4641 77.258 -14.893)"/></g><polygon points="33.117 56.241 39.407 53.262 45.366 56.241 39.076 59.22" transform="rotate(63.4,48.431,48.893)"/><polygon points="28.814 53.593 22.855 50.613 29.145 47.634 35.103 50.613" transform="rotate(63.4,48.415,48.413)"/><path d="m45.058 34.348c2.1244 2.7041 4.2952 7.9854 4.2952 12.866 0 4.8782-2.1708 6.542-4.2952 5.7039v-18.57z"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.8 KiB

content/tools/os/desktop/whonix.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867"><defs><radialGradient id="a" cx="250.34" cy="1008" r="26.421" gradientTransform="matrix(.41116 -.0047432 .0056477 .48958 -91.645 -470.93)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#7ecff3" stop-opacity=".98"/><stop offset=".669" stop-color="#87d0ef" stop-opacity=".988"/><stop offset="1" stop-color="#0c84ce"/></radialGradient></defs><path fill="url(#a)" stroke="#000" stroke-width=".961" d="m16.607 0.48083c-4.4582 0-8.193 3.5554-8.193 8.0147v3.9246a12.214 12.214 0 0 0-3.6957 8.7517 12.214 12.214 0 0 0 12.215 12.214 12.214 12.214 0 0 0 12.214-12.214 12.214 12.214 0 0 0-3.8655-8.8946v-3.782c0-4.459-3.543-8.0147-8.0011-8.0147zm-0.052549 2.883h0.22523c2.745 0 4.8987 2.2475 4.8987 4.9926v1.5616a12.214 12.214 0 0 0-4.7449-0.96004 12.214 12.214 0 0 0-5.3473 1.2425v-1.8441c0-2.745 2.2232-4.9926 4.9682-4.9926z"/><path fill-rule="evenodd" stroke-width=".068" d="m11.235 19.445c0.06956-3.6517 1.2172-6.26 2.1214-6.26 1.1129 0 2.7126 1.5302 3.8255 1.5302 0.69551 0 2.2605-1.1128 3.4778-1.1128 0.62599 0 1.6315 1.9827 1.6662 5.3215-4.3885 0.25147-7.3042 1.9609-11.091 0.5212z"/><path fill-rule="evenodd" stroke-width=".068" d="m15.553 23.209c0.67434-0.41309 1.7756-0.38573 2.3726-0.04708l0.0098 0.49172c-0.62789-0.34413-1.7282-0.32225-2.3726 0.04708z"/><path fill="none" stroke="#000" stroke-linecap="round" stroke-linejoin="round" stroke-width=".961" d="m18.867 27.687s-0.20215 0.75907-1.895 0.81876c-1.8786 0.08812-2.1123-0.633-2.1123-0.633"/><g fill-rule="evenodd" stroke-width=".068"><path d="m7.9223 19.924c0.033252-1.3309 5.5358 1.0118 7.2348 0.79065 2.6487-0.19148 9.9331-2.4542 10.299-0.75737 0.26618 1.4973-2.0458 0.32123-6.3475 0.97582 0 0-11.187 1.2202-11.187-1.0091z"/><path d="m10.975 23.298c0.54965-0.79882 3.0422-1.045 4.8514-0.25243 0 0 0.27153 0.80753-0.07045 1.3239-0.28129 0.8521-2.8723 1.724-4.3748 0.74771-0.57042-0.47474-0.65288-1.1139-0.40604-1.8192z"/><path d="m22.473 22.743c-0.64467-0.7243-3.1485-0.6588-4.8451 0.35243 0 0-0.16906 0.83502 0.23443 1.3049 0.38502 0.81059 3.0643 1.3537 4.4338 0.19828 0.507-0.54198 0.50939-1.1865 0.17682-1.8556z"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.2 KiB

content/tools/os/router-firmware/_index.md
+59
View File
@@ -0,0 +1,59 @@
---
title: "Router Firmware"
icon: material/router-wireless
description: Alternative operating systems for securing your router or Wi-Fi access point.
cover: router.webp
---
<small>Protects against the following threat(s):</small>
- [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
- [:material-bug-outline: Passive Attacks](basics/common-threats.md#security-and-privacy){ .pg-orange }
Below are a few alternative operating systems that can be used on routers, Wi-Fi access points, etc.
## OpenWrt
<div class="admonition recommendation" markdown>
![OpenWrt logo](assets/img/router/openwrt.svg#only-light){ align=right }
![OpenWrt logo](assets/img/router/openwrt-dark.svg#only-dark){ align=right }
**OpenWrt** is a Linux-based operating system; it's primarily used on embedded devices to route network traffic. It includes util-linux, uClibc, and BusyBox. All the components have been optimized for home routers.
[:octicons-home-16: Homepage](https://openwrt.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://openwrt.org/docs/start){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/openwrt/openwrt){ .card-link title="Source Code" }
[:octicons-heart-16:](https://openwrt.org/donate){ .card-link title=Contribute }
</details>
</div>
You can consult OpenWrt's [table of hardware](https://openwrt.org/toh/start) to check if your device is supported.
## OPNsense
<div class="admonition recommendation" markdown>
![OPNsense logo](assets/img/router/opnsense.svg){ align=right }
**OPNsense** is an open-source, FreeBSD-based firewall and routing platform which incorporates many advanced features such as traffic shaping, load balancing, and VPN capabilities, with many more features available in the form of plugins. OPNsense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and VPN endpoint.
[:octicons-home-16: Homepage](https://opnsense.org){ .md-button .md-button--primary }
[:octicons-info-16:](https://docs.opnsense.org/index.html){ .card-link title=Documentation}
[:octicons-code-16:](https://github.com/opnsense){ .card-link title="Source Code" }
[:octicons-heart-16:](https://opnsense.org/donate){ .card-link title=Contribute }
</details>
</div>
OPNsense was originally developed as a fork of [pfSense](https://en.wikipedia.org/wiki/PfSense), and both projects are noted for being free and reliable firewall distributions which offer features often only found in expensive commercial firewalls. Launched in 2015, the developers of OPNsense [cited](https://docs.opnsense.org/history/thefork.html) a number of security and code-quality issues with pfSense which they felt necessitated a fork of the project, as well as concerns about Netgate's majority acquisition of pfSense and the future direction of the pfSense project.
## Criteria
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
- Must be open source.
- Must receive regular updates.
- Must support a wide variety of hardware.
content/tools/os/router-firmware/openwrt-dark.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 8.7 KiB

content/tools/os/router-firmware/openwrt.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 8.6 KiB

content/tools/os/router-firmware/opnsense.svg
+1
View File
@@ -0,0 +1 @@
<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg"><g transform="scale(.39843)" fill="#de3c07"><polygon class="st0" points="85 26.6 58.5 0 18.6 0 18.6 18.6 66.4 18.6 66.4 66.4 85 66.4"/><polygon class="st0" points="0 58.5 26.6 85 66.4 85 66.4 66.4 18.6 66.4 18.6 18.6 0 18.6"/></g></svg>
Side by Side

After

Width:  |  Height:  |  Size: 344 B