If you're installing a fresh checksummed Linux download and formatting the entire drive during install you shouldn't have any worries. Go for it.
Privacy Guides
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
- We prefer posting about open-source software whenever possible.
- This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
- No soliciting engagement: Don't ask for upvotes, follows, etc.
- Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
- Be civil, no violence, hate speech. Assume people here are posting in good faith.
- Don't repost topics which have already been covered here.
- News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
- Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
- No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
- No misinformation: Extraordinary claims must be matched with evidence.
- Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
- General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
Additional Resources:
- EFF: Surveillance Self-Defense
- Consumer Reports Security Planner
- Jonah Aragon (YouTube)
- r/Privacy
- Big Ass Data Broker Opt-Out List
People do it all the time. The security concerns both with phones and computers is mostly the OS. So if the Linux is up to date, it's good.
The issues may be insecurity vulnerabilities in the firmware and hardware, such as malware in the hard drive fw, but those seem to be rare, and newer hardware isn't necessarily more secure anyway.
This depends on your threat model and circumstances:
Old versions of OS are generally a security risk.
Old hardware may lack some modern security features near the hardware level. However these usually protect against tampering with BIOS or bootloaders. In general threats like this need physical access to the machine. I don’t know much about TPM and keystorage in general, but those are what this might concern.
Other than that, old networking hardware might have vulnerabilities that are either not patched with software or are impossible to path. This extends to any device and all device-drivers, but network-devices to me sound the most exposed surface.
This risk however depends on not just the device but the usage as well. If you use it inside a local network, you lose a layer of defence. If you use it in an untrusted network, you are exposed directly.
I would usually not be concerned about old hardware as long as it can run a modern OS I trust. This means most laptops are fine, but phones not so much.
Especially phones with no access to patched applications become less and less secure as time goes by. Old hardware is a small risk; old OS is a concern; old browser on said old OS and you can bet there is at least one serious, well-known and already used vulnerability.
I’m personally tinkering with an old 4th-gen iPad, hoping to secure it or at least jailbreak it. However I am not expecting it to ever be a safe device after that, but a glorified IOT device.
You mention old hardware is generally exploited physically, but we've seen a number of critical bugs in CPUs in recent years such as Specter and Meltdown that can be exploited by just visiting a website. Yes these can be mitigated by the OS, but alluring that hardware bugs are not exploitable remotely isn't quite correct.
I didn’t know Specter or Meltdown can be exploited through a website, that’s good to know.
I should have been more specific on this issue: old hardware is much less common to exploit than old OS or software, so buying new hardware for the sake of hardware security might not be necessary for ones threat scenario. However if there is a risk of a malicious actor accessing or stealing the hardware, then the hardware is definitely relevant.
Similarly I do think one can do a lot with old hardware if they can find a usecase with less needed privileges.
I would usually not be concerned about old hardware as long as it can run a modern OS I trust. This means most laptops are fine, but phones not so much.
This is not a good suggestion because even with up to date and modern operating systems, hardware vulnerabilities can often be leveraged
2019 isn't terribly old. Just installing Linux serve as a panacea for all of your security woes.
You'll probably want to (or not want to, depending on who you ask) use UEFI. You'll want to harden and containerise and use firewalls and so on... Depends on your threat model.
But, the fundamental question is that you can install Linux and as long as you keep it up to date, a large number of vulnerabilities will be covered. Just not all.
Security is not guaranteed by simply using linux. It may even worsen it.
primary difference between a computer and a phone in this regard is that old comouters can perfectly well run modern Linux. with a phone, you're lucky to have root at all so good luck updating it yourself.
Age is only part of the equation. Older ones can be more secure but you have to go further back and think of more than just the hardware. The big thing is to try to get a laptop that is sold using a non stock BIOS or be comfortable doing the work yourself. Libreboot; Coreboot; or something like it. After that try to use as free as an OS as you can such as Trisquel; Guix; Hyperbola; etc. There are lots of stores that sell laptops that are more secure out of the gate:
https://puri.sm/products/librem-14/
https://configurelaptop.eu/nv40-series/
https://store.thonkpeasant.xyz/
https://store.vikings.net/en/?route=common%2Fhome
Basically a computer is only as secure as you are willing to make it. You are limited by the hardware but you choose the hardware so you're only really limited by yourself.
This article shows why your proposals are not secure at all:
Your article neither lists what it deems as good alternatives to Linux; nor does it specifically say that what advice I gave was bad. It also lists people at the end as credible views of which half work for Google. Overall I don't view your article as able to be trustworthy or really changes any views I have.
Older machines can be at risk from hardware flaws. But if your machine can run Windows 11, which most machines from 2019 can, you can safely use and install Linux on it. I recommend not buying a new machine that lacks official Windows 11 support even if you want to run Linux.