We should consider adding Virtualbox to Kicksecure by default, maybe only for Kicksecure Live USB at least (virtualbox is there before installation, but not after, to reduce attack surface). This will make possible to run any virtual machines from a plausibly-deniable external drive without leaving a trace on the computer. This also helps to reduce attack surface for the host os (kicksecure live usb), as it is amnesic and it is harder for malware to persist, especially with physical write-protection switch enabled.
Kicksecure Live USB → Virtualbox/KVM → Whonix VM/other OS.
Something like this could be done if Kicksecure was installed on the usb drive and the virtualbox installed on it manually, and after that user must be careful to launch live-mode only every time. But this is not as plausibly-deniable as a plain Kicksecure installation media, and it is obvious that Virtualbox was installed there for a reason. If every Kicksecure installation out there contained Virtualbox by default, it would be impossible for an attacker to claim that someone installed virtualisation software for a purpose of hiding something.
Essentially I am talking about something like HiddenVM mod for TAILS but with proper hardened nature of Kicksecure.
If that is not possible, at least we should consider creating a wiki-guide with information on how to add Virtualbox in Kicksecure Live Installation USB manually.
How is that going to reduce the attack surface if vbox is there by default? actually it will increase it.
Also Kicksecure like any other iso based OS, has no direct relation to be used on VMs, main focus is to be used directly on the hardware not in a VM.
Not sure what you are saying, but bloating the OS with more xyz is a way of increasing the attack surface and size. So better to keep it as minimal as possible, only essential things should be there.
If you are talking about using live mode from the iso, you can install any package and it will be wiped up if you remove the usb/dvd. If you are talking about live mode while you already installed the system you can open the system administration mode install whatever you want then boot into the live mode again.
you can create encrypted iso of installed customized kicksecure with your settings and programs using “penguins’ eggs” or you can create iso with pre-installed packages using “cubic”