this post was submitted on 04 Jul 2024
636 points (95.7% liked)
Technology
59285 readers
4671 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Keep in mind it's still a drastic reduction in security by default.
What are you talking about? Windows isn't very secure to begin with. Bazzite in particular is one of the more secure Linux desktop distros as it's immutable and comes with SELinux enabled by default. It's secure enough to actually cause me problems lol.
It's a real challenge to get a fully encrypted system with secure boot (easier now but still hit or miss with Linux) and tpm.
What you're describing is the user never security model which is as you said restrictive enough to be annoying, and more controlled than windows.
I don't use or particularly believe in secure boot.
I have a fully encrypted root partition, with automatic unlocking using the TPM. Wasn't even that hard to setup either. Bazzite makes it fairly easy to enroll a secure boot key if you really want that, as do some other distros. Nothing you are describing is that difficult.
A lot of systems use AppArmour instead of SELinux, as this is easier to work with while still providing enhanced security.