I am not sure the author of that tweet is seeking a productive conversation. This is what I get from the [Whonix X account](x.com account):
Why can’t you reply to this?
This author has blocked you, so you can’t perform this action
Got it
Generally, I am also not sure Twitter / X is a suitable place for a productive conversation.
If I had to guess, I would say that this is in retaliation for:
- Mobile Operating System Comparison chapter GrapheneOS, which is factual, backed with sources/references, but unwelcome criticism. (Discussion here: Overview of Mobile Projects - That focus on either/and/or security, privacy, anonymity, source-available, Freedom Software. - #48 by TommyTran732 - News - Whonix Forum) And maybe,
- Verified Boot - Kicksecure chapters, Rooted Security versus Non-Rooted Security and Ideological Considerations.
That tweet might have been in context of Choosing Your Desktop Linux Distribution | PrivSec - A practical approach to Privacy and Security because another commenter has posted it in that thread (https://xcancel.com/iAnonymous3000/status/1861464122405110098#m) and then the author referring to “encrypted swap”.
Kicksecure/Whonix doesn’t do any significant hardening
I can imagine how one could come to such a mistaken conclusion, if not having reviewed:
- Kicksecure homepage, security,
- Kicksecure - A Security Hardened Linux Distribution
- Strong Linux User Account Isolation,
- GitHub - Kicksecure/security-misc: Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc
- etc.
They sabotaged security efforts
They’re entitled to their opinion but I would suggest when critizing others, making grandiose accusations, it should always be backed up with actual evidence.
Better:
They sabotaged security efforts [1]
[1] exact link/reference + exact quotation
Otherwise, one first need to ask for clarification what this is even about.
and the efforts to do that were stalled and then rolled back when the person responsible for most of it left the project.
If this is about madaidan · GitHub, then it can be seen that madaidan’s github activity completely ceased in 2022, not only related to Kicksecure/Whonix.
So this can hardly be blamed on Kicksecure/Whonix.
And I am glad to see, that secureblue was inspired by Kicksecure, forked some of Kicksecure’s configuration files. For example, documented here, quote Comparison of secureblue with Kicksecure and Development Notes
secureblue
/etc/sysctl.d/hardening.conffile as of commit a6b58f042b0e9e9036a6d68a5b202eed96a1a892was inspired by, more or less copied and pasted from Kicksecure as can be seen from the following comment found in that file.
## Prevent kernel info leaks in console during boot. ## https://phabricator.whonix.org/T950 kernel.printk = 3 3 3 3
Can be discussed here:
So I hope this would extend to, “Kicksecure is doing useful work”.