secure-os wrote
Jun 28, 2026 in grapheneos, calyxos, android — GrapheneOS vs CalyxOS compared honestly: security hardening vs microG compatibility, supported Pixel devices, the Google-services model, ease of use, and which de-Googled Android fits your threat model.
Read more…secure-os wrote
Jun 28, 2026 in encryption, data-sanitization, opsec — Why shred and dd do not work on solid-state drives, and the methods that do: ATA Secure Erase, NVMe Format and Sanitize, and crypto-erase by destroying the key.
Read more…secure-os wrote
Jun 26, 2026 in linux, antivirus, malware — Does Linux need antivirus? The honest answer, when it actually matters (servers, mail gateways, mixed Windows networks), the real tools — ClamAV, rkhunter, chkrootkit — and the layered defenses that protect a desktop better than a virus scanner.
Read more…secure-os wrote
Jun 25, 2026 in linux, sandboxing, firejail — A practical guide to Firejail, the SUID sandbox that confines Linux applications using namespaces and seccomp. Covers installation, profiles, common commands, real limitations, and how it compares to Flatpak and Bubblewrap.
Read more…secure-os wrote
Jun 24, 2026 in linux, hardening, apparmor — AppArmor vs SELinux compared by design, real-world maintenance and threat model. A practical guide to choosing the right Mandatory Access Control system for your Linux machine.
Read more…secure-os wrote
Jun 23, 2026 in keylogger, malware, passwords — A keylogger records every key you press to steal passwords and private data. What a keylogger is, the software and hardware types, how to detect one, and how to protect yourself.
Read more…secure-os wrote
Jun 23, 2026 in botnet, malware, ddos — A botnet is a network of devices secretly controlled by an attacker. What a botnet is, how it works, what it is used for (DDoS, spam, fraud), and how to keep your devices out of one.
Read more…secure-os wrote
Jun 23, 2026 in social-engineering, phishing, security — Social engineering tricks people into giving up access or information instead of breaking the tech. What it is, the main tactics (phishing, pretexting, baiting), real examples, and how to defend against it.
Read more…secure-os wrote
Jun 22, 2026 in threat-model, opsec, privacy — A threat model is a simple plan that answers four questions: what you protect, who you protect it from, how likely the risk is, and what it costs to defend. Build one in minutes, without paranoia, so your security effort matches your real risks.
Read more…secure-os wrote
Jun 22, 2026 in linux, sandboxing, security — Linux sandboxing confines an application so that, if it is compromised, the damage stays contained. What sandboxing is, how Flatpak, Firejail, bubblewrap and containers do it, and how it fits a real defense-in-depth setup.
Read more…secure-os wrote
Jun 22, 2026 in malware, rootkit, security — A rootkit is malware that hides deep in your system to keep control while staying invisible. What a rootkit is, the types, the warning signs, how to detect one, and why a clean reinstall is often the only sure fix.
Read more…secure-os wrote
Jun 21, 2026 in phishing, ai, security — AI-generated phishing surged roughly 14× in 2026, and the FBI logged more phishing complaints than any other crime category in 2025. Here's how to spot a modern phishing attempt and the practical steps that actually prevent it.
Read more…Operating systems
Which secure OS fits which threat model — compartmentalisation vs amnesic vs Tor-routed.
Read the guides →Encryption
LUKS, BitLocker, FileVault and VeraCrypt — what each protects, and what it does not.
Read the guide →Hardening
Practical hardening built around the adversary you actually face.
Read the guide →