I think the whole concept of numeric security "levels" is wrong. Instead there should be a list of threats:
- physical (address by using LUKS, disabling USB ports, locking screen after N minutes inactivity, etc)
- bad apps (address by enabling AppArmor or SELinux etc, using Snaps or Flatpaks, using fewer PPAs, doing updates, etc)
- OS vulns (address by doing updates)
- network attacks (address by enabling firewall on computer, enabling firewall in router, turning off unused services, blockers in browser, etc)
- user mistakes (address by not running as root, using immutable OS, etc)
And I would lump in some partially-security things too:
- data loss due to hardware failure or user error (backups: suggest TimeShift etc)
- network security/privacy attacks (suggest VPN)
I think the whole concept of numeric security "levels" is wrong. Instead there should be a list of threats:
- physical (address by using LUKS, disabling USB ports, locking screen after N minutes inactivity, etc)
- bad apps (address by enabling AppArmor or SELinux etc, using Snaps or Flatpaks, using fewer PPAs, doing updates, etc)
- OS vulns (address by doing updates)
- network attacks (address by enabling firewall on computer, enabling firewall in router, turning off unused services, blockers in browser, etc)
- user mistakes (address by not running as root, using immutable OS, etc)
And I would lump in some partially-security things too:
- data loss due to hardware failure or user error (backups: suggest TimeShift etc)
- network security/privacy attacks (suggest VPN)