Comment 16 for bug 1987162
Revision history for this message
| William Dietrich (billdietrich444) wrote | #16 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I think the whole concept of numeric security "levels" is wrong. Instead there should be a list of threats:
- physical (address by using LUKS, disabling USB ports, locking screen after N minutes inactivity, etc)
- bad apps (address by enabling AppArmor or SELinux etc, using Snaps or Flatpaks, using fewer PPAs, doing updates, etc)
- OS vulns (address by doing updates)
- network attacks (address by enabling firewall on computer, enabling firewall in router, turning off unused services, blockers in browser, etc)
- user mistakes (address by not running as root, using immutable OS, etc)
And I would lump in some partially-security things too:
- data loss due to hardware failure or user error (backups: suggest TimeShift etc)
- network security/privacy attacks (suggest VPN)