I’m new to the cyber-security/privacy space. I am interested in teaching myself about it, as well as dabbling in OSINT and general linux-type-stuff too. ATM this is all a hobby so while it is not crucial to have everything air-tight, I would like to do my best to follow best practices.

That being said, I am currently using a Mac M1 so my VM capabilities are (AFAIK) limited to the OS’s provided by the UTM virtual machine software. For those who are unaware, the OS’s they provide can be found here:

https://mac.getutm.app/gallery/

From a security/privacy perspective, which of these OS’s would you consider to be the most secure or, able to be the most secure with configuration? At first glance and with my limited knowledge, I want to say Kali, but I feel this may be cliché as it’s what your stereotypical-hacker-type would use.

Any guidance would be appreciated.

N.B., ease of use/convenience is not a top priority for me, as I’m using this as a learning experience and I’m open to trying different things and making mistakes along the way.

Thanks!

***EDIT: Thank you to all who provided information. I learned a lot. I’ve decided to try a few different distros that work with UTM namely, Parrot OS (both home and security editions for different purposes), as well as Kali and Debian.

  • KISSmyOSFeddit@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    6 months ago

    Kali is the least secure of all distros, it runs everything as root and is meant as a tool to boot from an USB stick for pentesting, not for installation on your machine.

  • Autonomous User@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    6 months ago

    From a security/privacy perspective, which of these OS’s would you consider to be the most secure

    Kali and Parrot are for attack, not more secure.

    For security/privacy, remove anti-libre software. They ban us from removing malicious source code. Use Parabola or other libre software here.

    An operating system controls its apps, so controls guests in these apps, so a guest is never safe when its host is anti-libre software (macOS).

  • twinnie@feddit.uk
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    6 months ago

    If you just want to dabble and learn about OS stuff then Kali is probably the best bet. I’ve heard a lot of stuff saying that Parrot is better but Kali is the industry standard, and I’m pretty sure both of them cover the basics just as well. If you’re looking for a secure distro to use a bit and just learn about Linux then choose something else. Pen-testing (OS) distros are inherently insecure simply because they’re loaded with the kind of software you don’t want on your own machine. Part of the battle in (ethical) hacking is getting the malware onto a machine, and these are absolutely loaded with it.

    That being said, I think Parrot have a distro flavour that’s simply supposed to be a secure system rather than a pen-testing tool. I haven’t tried it myself.

    However, if you’re new to Linux and simply want to learn start with something easier and well supported. Kali and Parrot are both based on Debian so maybe something similar would help you. Debian or a fork, like Ubuntu or Linux Mint.

  • tedu@azorius.net
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    UTM may be somewhat shinier, but you can run anything you like in qemu on a mac.

  • OnePhoenix@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 months ago

    Is SELinux enabled by default in Fedora? I’ve tried researching it but everyone seems to be wanting to do the opposite and disable SELinux (presumably because it restricts ease-of-use)?

    • OnePhoenix@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      Thank you. Again, excuse my ignorance but, I don’t see Parrot on the UTM list… Can Parrot be loaded on top of one of those OS’s? Or are you suggesting Parrot in general, regardless of UTM’s capabilities?

      • land@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        6 months ago

        In general. I think you can still load up Parrot OS on UTM. I haven’t done that myself. I was recommended Parrot OS by Hack the box (that’s where I’m learning cybersecurity).

        You can still use Kali.

    • OnePhoenix@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      After your post I did some digging and indeed it does appear as though Parrot OS can be installed through UTM. Thanks for the heads up!