Security Research by Kicksecure
< Dev
Donate
Design
Design
Dev/compiler hardening
Previous page: Design
Index page: Design
Next page: Dev/compiler hardening
Security Research by Kicksecure
This page tracks security research and vulnerability reports contributed by Kicksecure, including links to upstream bug reports and internal research notes.
Security Vulnerability Bug Reports
[edit]Security issue reports filed at other projects.
Public
[edit]
Pending publication
[edit]- upstream A
- bug A
- initial report date: 2026-02-01
- intended publication date: 2026-05-03
- no patch yet
- bug A
- upstream B
- bug A
- initial report date: 2026-01-30
- intended publication date: 2026-05-01
- public patch available, pending security advisory
- bug A
- upstream C
- bug A
- initial report date: 2025-12-23
- intended publication date: 2026-03-24
- no patch yet
- upstream notified of disclosure date
- bug A
- upstream D
- bug A
- initial report date: 2026-02-25
- intended publication date: 2026-05-27
- no patch yet
- bug A
Security Research
[edit]Practical defensive security research: hardening work, threat modeling, and attack surface analysis. Synthesis of Linux distribution maintainer oriented decision making, security engineering, and maintainability considerations.
| Page | Short summary | Type |
|---|---|---|
| Strong Linux User Account Isolation | Overview of Linux user and root separation, attack vectors, and default and optional hardening measures.
|
Research |
| Verified Boot | Explains verified boot and chain of trust goals, advantages, limitations, and implementation considerations. | Research |
| ram-wipe / Dev/RAM Wipe | Research and implementation of a dracut module that wipes RAM on shutdown. | Research |
| Entropy | Technical discussion of entropy sources and randomness topics. | Research |
| remount-secure | Hardening proposal for secure mount options and a maintainable way for a distribution to apply them. | Research |
| Compiler Hardening | Overview of compiler hardening flags and link time options for GCC and Clang, focusing on exploit mitigation and diagnostics. | Notepad |
| About Computer (In)Security | Broad background notes and examples about computer insecurity and related concepts. | Essay |
| Trusting Kicksecure | Trust model discussion (backdoors, signatures, image verification) and how to place trust in the supply chain. | Essay |
| Secure Boot | Critical discussion of Secure Boot design tradeoffs, threat model, and limitations for user controlled trust currently on Intel/AMD64. | Summary |
| Factory Reset, Stateless Systems, Anti-Hysteresis | Discussion of stateless and anti-hysteresis systems, upgrades and rollback risks, and links to related immutable approaches. | Notepad |
| apt-revoker | Proposal for tooling to revoke compromised APT signing keys. | Design |
| Stable vs Rolling Distributions - Security Analysis | Security analysis of stable and rolling release models. | Analysis |
| Permanent Takedown Attack Defender | Proposal to keep project metadata and update communication resilient against takedown, rollback, and freeze attacks, with Tor and signature considerations. | Design |
| Confidential Computing | Survey and threat model notes around encrypted RAM and remote attestation technologies for cloud and hardware trust. | Survey |
| vm-app-manager | Proposal for a virtualization based application sandbox with reduced VM escape surface and user controllable isolation features. | Notepad |
Pages marked "Notepad" are security relevant working notes or drafts that likely need more structure or completion before being presented as finished security research. Pages marked "Essay" are mostly conceptual discussion.
Privacy and Anonymity Research
[edit]See Whonix research
.
Kicksecure
A secure by default operating system with the latest security research in place.
A secure by default operating system with the latest security research in place.
Follow us on social media
Supported by Power Up Privacy
Kicksecure is proudly supported until 2026 by
Power Up Privacy,
a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place.
(Strictly subject to our sponsorship policy.)
At
Kicksecure we value freedom and trust, supporting Open Source and Freedom Software
By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements:
Terms of Service,
Privacy Policy,
Cookie Policy,
E-Sign Consent,
DMCA,
Imprint
2012-
2026 ENCRYPTED SUPPORT LLC
2012-
2026 ENCRYPTED SUPPORT LLC
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 14 year success story and maybe DONATE!