Kicksecure is a free and open-source Linux distribution that aims to provide a highly secure computing environment. It has been developed from the ground up according to a formidable -- and time proven -- defense in-depth security design. In the default configuration, Kicksecure provides superior layered defenses of protection from many types of Malware.
Kicksecure is a complete computer operating system. Numerous applications come pre-installed with safe defaults which can be used immediately upon installation with minimal user input.
Kicksecure uses an extensively security reconfigured of the Debian base (Hardened) which can be run either on bare metal or inside multiple virtual machines (VMs) on top of the host OS. Its architecture provides a substantial layer of protection from malware. Applications are pre-installed and configured with safe defaults to make them ready for use with minimal user input.
The security and privacy of default software management (installing and upgrading software) are much better, making it harder for anyone to send you targeted, malicious software updates. This only applies to system updates over Tor, not all your internet traffic. Learn more
In Kicksecure no unnecessary software is installed by default such as exim, samba, cups etc. At the same time security enhancing software like AppArmor, sdwdate and tirdad are preinstalled. Learn more.
Kicksecure enhances all kinds of security settings, including: kernel hardening, Strong Linux User Account Isolation, disabling legacy login methods, higher quality randomness (entropy), network hardening, root access restrictions, application-specific hardening and much more. Learn more.
Kicksecure is a hardened operating system designed to be resistant to viruses and various attacks. It is based on Debian in accordance with an advanced multi-layer defense model, thereby providing in-depth security. Kicksecure provides protection from many types of malware in its default configuration with no customization required.
Table: Kicksecure Hardening Features
| Feature | Description |
|---|---|
| Default Package Selection | No unnecessary software is installed by default such as exim, samba, cups that otherwise gets installed by some flavors of Debian. [1] |
|
Secure and privacy-protected operating system (  |
 This helps protect against targeted, malicious software upgrades. By default, when using APT (Advanced Package Tool) to upgrade the system or install new software, Kicksecure uses torified operating system upgrades. This means all default APT package manager source files are set to only update over the Tor anonymity network. This makes sure that update servers cannot know who the user is or their IP address. As a result, this mitigates targeted malicious software attacks. This protection is not only much stronger than what iPhones or Android devices offer, but it's also better than what most Linux distributions provide.
This only applies to system updates. This does not mean that all of your internet traffic is automatically torified (protected by Tor). See also: Privacy Goals and Non-Goals of Kicksecure |
| Secure Package Sources Configuration | HTTPS (TLS) is enabled by default in APT. [5] |
| TCP ISN CPU Information Leak Protection |
tirdad (TCP Initial Sequence Numbers Randomization)  prevents TCP ISN-based CPU Information Leaks; see footnote. [6]
|
security-misc
|
security-misc enhances miscellaneous security settings related to:
|
Secure network time synchronization using sdwdate
|
Secure Distributed Web Date (sdwdate) mitigates threats from time based attacks by not relying upon unauthenticated NTP. |
| Default security software installations |
Software like AppArmor
|
| Open Link Confirmation
|
This is enabled by default and prevents links from being unintentionally opened in supported browsers. |
| No open ports by default. | Kicksecure provides a much lower attack surface since there are no open server ports by default unlike other Linux distributions (such as Debian). All unsolicited incoming connections are rejected.
|
While many valuable security guides exist, better security and privacy for the masses necessitates software that applies a majority of hardening instructions by default.
This is the reason the Free and Open Source Kicksecure project exist; to offer a system that provides a reasonable security-hardened baseline, with the in-built flexibility to apply additional hardening dependent upon the user's threat model, hardware capabilities, motivation and knowledge. [8] The table below provides a further rationale for this position.
Table: Security Guide Limitations
| Factor | Description |
|---|---|
| Initial vulnerability | When a base system is first installed, various security customizations are not yet applied. All users are vulnerable during this period. |
| Recipient insecurity | Security principles do not exist in a vacuum:
|
| Reliance on human memory | Adequate hardening often depends on discovering and remembering to apply all necessary steps from favorite security guides. |
| Error risks | Manually applying security guide steps can lead to mistakes that render the whole procedure ineffective. |
| Time requirements | Security guide steps are often lengthy and cover many different facets of computing. |
| Secure guide discovery | There are countless security/hardening guides available on the Internet. It is impossible to follow them all and serious research is required to find valuable new resources. |
| Incompleteness | Logically there is not one definitive, all-encompassing security guide. This means some users harden the kernel and install CPU microcode updates, while others rely on sandboxing and implement better random number generators, and so on. Most users miss critical elements because they are simply not aware they exist. |
| Currency | Even the best security guides often contain outdated material. This is especially true for technically detailed or lengthy guides that canvass many topics. |
| Publication form | The form of security guides can effect their utility. For example, those published in blogs and which do not allow comments have grave disadvantages compared to systems relying on collaborative version control software (like git) or collaborative websites (such as a wiki). The reason is contributors can easily fix issues or update contents. |
| Popularity | Security guides which have low popularity cannot effect change and improve security practices if most people are unaware they exist. |
For these reasons Kicksecure will remain focused on enabling the majority of (reasonable) hardening settings by default, and allowing additional settings to be easily enforced via installable packages. For further information on this topic, see: The Problem with Security Guides and How We Can Fix It.
The Kicksecure project has been studying the Securing Debian Manual, is applying operating system hardening by default as much as reasonably possible, and documents its knowledge with updated contents. Unfortunately, the Securing Debian Manual has not been updated in a while [9] and is already somewhat dated.
For attribution, the wiki Template:Sdebian is added to all wiki pages where the Securing Debian Manual has been considered. A list of these pages can be found on Special:WhatLinksHere/Template:Sdebian.
Kicksecure is an Implementation of the Securing Debian Manual. This chapter has been inspired by:
Securing Debian Manual
The Kicksecure development roadmap includes various security improvements:
. [11] See also DNS Security.Kicksecure is a security-hardened Linux Distribution. (Mobile version not planned yet.)
This section details potential future security enhancements for Kicksecure.
(The wiki source for the following text can be found in Template:Kicksecure_Android.)
| Most iPhone / Android devices [2] | "Libre Android" [12] | Linux Desktop Distributions | Kicksecure Development Goals | |
|---|---|---|---|---|
| Upgrades do not require vendor | No | Yes | Yes | Yes |
| User freedom to replace operating system | No | Yes | Yes | Yes |
| Administrator capabilities (root) not refused | No | Yes | Yes | Yes |
| Custom operating system (bootloader unlock) not refused | No | Yes | Yes | Yes |
| No trouble or void device warranty from software changes (rooting or bootloader unlock) | No [13] | No [14] | Yes | Yes |
| No user freedom restrictions | No [15] | Yes | Yes | Yes |
| No backdoors included | No [16] | Yes | Yes | Yes |
| No spyware included in operating system | No [17] | Yes | Yes | Yes |
| No culture of freemium applications that spy on users in appstores | No [18] | Yes | Yes | Yes |
| Culture of Freedom Software in appstores | No | Yes | Yes | Yes |
| Freedom Software | No [19] | Yes | Yes | Yes |
| Compromised application cannot access data of other applications | Yes [20] | Yes [20] | No | Yes |
| Malware on a compromised system cannot easily gain root | Yes [21] | Yes [21] | No [22] | Yes |
| Reasonable resistance against system wide rootkit | Yes [23] | Yes [23] | No | Yes |
| Verified Boot | Yes | Yes | No | Yes |
| Hardened Kernel
|
Yes | Yes | some | Yes |
| Full System MAC Policy
|
Yes | Yes | No | Yes |
| Internal storage can reasonably easily be removed and mounted elsewhere for the purpose of data recovery or hunting malware / rootkits. | No [24] | No [14] | Yes [25] | Yes [26] |
| Internal storage can reasonably easily be decrypted once transferred to a different device if password is known. | No [27] | No [28] | Yes | Yes [29] |
| Can reasonably easily boot from external hard drive, ignoring internal harddrive for purpose of data recovery or hunting malware / rootkits. | No | No [14] | Yes | Yes [26] |
| Can reasonably easily create full data backup. | No [30] | Yes | Yes | Yes [26] |
| Can reasonably easily create full data backup of any app when device is rooted with Titanium Backup or similar | No [31] | Yes | Yes | Yes [26] |
| Applications cannot refuse data backup (for purpose of malware, spyware analysis or backup and restore). | No [32] | Yes | Yes [33] | Yes [26] |
| No culture of users can ask device (code) for permission and device (code) will decide to grant or refuse the request. | No | Yes | Yes [33] | Yes [26] |
| No culture of applications refusing to run if device is rooted. | No [34] | Yes | Yes | Yes [26] |
| No culture of applications refusing to run if using a custom operating system (custom ROM). | No [35] | Yes | Yes | Yes [26] |
| User (privacy) settings are respected. | No [36] | Yes | Yes | Yes [26] |
| WiFi off indicator means that WiFi is really off. | No [37] | Yes | Yes | Yes [26] |
| Bluetooth off indicator means that Bluetooth is really off. | No [38] | Yes | Yes | Yes [26] |
| Prevention of targeted malicious upgrades. [39] | No [3] | ? [40] | ? [41] | Yes [42] |
| Vendors do not sometimes introduce mitigations that introduce attack surface. | No [43] | Yes | Yes | Yes [26] |
| The GNU Project does not state: "Apple's Operating Systems Are Malware" and "Google's Software is Malware".
|
No | Yes | Yes | Yes [26] |
Quote More than a billion hopelessly vulnerable Android gizmos in the wild that no longer receive security updates – research. The operating system of these devices:
Ability to upgrade (security fixes) devices; replace operating system; bootloader freedom vs bootloader non-freedom:
In conclusion, when using iPhone/Android devices that still receive security updates, the iPhone/Android approach provides strong protection against malware, meaning those platforms are impacted much less than Windows or Linux desktops. [20] Despite the many downsides (Mobile Devices Backdoors in Most Phones Tablets Etc, Data Harvesting by Most Phones, ...), the security model of popular mobile operating systems often affords better protection when attempting to prevent any malicious and unapproved party from establishing a foothold in their ecosystem. In the process, the user's and the security community's ability to audit and control what their devices are actually doing is severely diminished. Due to a Conflict of Interest this comes at the expense of transferring power from the user to the developers, user freedom restrictions, Tyrant Security, War on General Purpose Computing.
Kicksecure will not implement these kinds of user freedom restrictions since it is not required nor desirable. The capability to replace the operating system or gain administrator access will remain fully supported. Many popular device operating systems utilize security technologies which restrict user freedoms. In contrast, Kicksecure aims to utilize the same security concepts for the goal of empowering the user and increasing protection from malware.
It is theoretically possible to provide some of the same iPhone / Android security concepts on a Linux computer too. Steps have already been made to apply mobile device security concepts to Linux distributions such as security-misc and apparmor.d. Security technologies like hardened kernels or verified boot used by popular mobile operating systems could also be ported to Linux distributions. Community contributions are gladly welcomed! Here is a list of potential security enhancements for Kicksecure:
While developed with security-focused design goals, Kicksecure remains highly flexible. The layered approach to security allows applications to retain usability. Kicksecure can be used for everyday "general-purpose computing" or for more risky activities that require a highly advanced security-centric platform. Since Kicksecure is Freedom Software users may install any application of their choosing -- no restrictions are placed on how Kicksecure can be used, customized or modified.
Kicksecure aims to maximize usability by default so it can be utilized as an everyday, multipurpose operating system by users of all skill levels.
Table: Kicksecure Usability Features
| Feature | Description |
|---|---|
| Debian Usability Fixes |
|
| Simplicity and flexibility |
|
| Popular applications | Popular applications come pre-installed and configured with safe defaults to make them ready for use right out of the box. |
| Data protection | Sensitive user data is protected by state-of-the-art cryptographic tools:
|
Tip: Since Ubuntu is a Debian derivative, online help for Ubuntu most often works for Kicksecure.
In oversimplified terms, Kicksecure is just a collection of configuration files and scripts. Kicksecure is not a stripped down version of Debian; anything possible in "vanilla" Debian GNU/Linux can be replicated in Kicksecure.
Likewise, most problems and questions can be solved in the same way. For example: "How do I install VLC Media Player on Kicksecure?" -- "The same way as in Debian apt install vlc."
Kicksecure does not break anything, limit functionality, or prevent installation of compatible software.
Many people wonder why developers would spend countless hours of their own time to build an operating system and then give it away. Kicksecure developers believe it is immoral to benefit from those Free / Freedom Software components and give back nothing to the community. We stand on the shoulders of giants. Kicksecure and many other Libre software projects are only made possible because people invested time in writing code and kept it accessible for the public's benefit. Of course, a lot of us just find it great fun.
https://www.wilderssecurity.com/threads/hardened-debian-in-development-feedback-wanted.408245/
Each Kicksecure release is based on a particular version of Debian:
| Kicksecure version | Debian Version | Debian Codename |
|---|---|---|
Kicksecure 17.2.8.5 |
12 |
bookworm
|
Users can manually check the Kicksecure version at any time by following this step.
Kicksecure does not have a fixed release schedule. A new stable release only becomes available when it is deemed ready.
Table: Kicksecure Support Schedule
| Release | Description |
|---|---|
| New Debian Release | One month after a new stable version of Debian is released, Kicksecure VMs may no longer be supported on any older version of Debian. All users must upgrade the Debian platform promptly after the deprecation notice in order to use Kicksecure safely. |
| New Kicksecure Release | One month after a new stable version of Kicksecure is released, older versions will no longer be supported. All users must upgrade the Kicksecure platform promptly in order to remain safe. |
| Deprecation Notices | The deprecation notice is provided at least one month in advance and posted in the kicksecure.com news forum. Stay Tuned! All users must upgrade the respective platform promptly in order to remain safe.
|
Learning more about Kicksecure is the best way to determine whether it is a suitable solution in your personal circumstances. The following chapters are recommended:
.
Donate
/etc/apt/sources.list file using http:// (unencrypted) instead of the more secure https:// (TLS) by default.
The Linux kernel has a side-channel information leak bug. It is leaked in any outgoing traffic. This can allow side-channel attacks because sensitive information about a system's CPU activity is leaked. It may prove very dangerous for long-running cryptographic operations. Research has demonstrated that it can be used for de-anonymization of location-hidden services.
sysvinit and not mentioning systemdinitrd and not mentioning dracut
. Replicant allows root access, but no references were found that Replicant makes use of verified boot yet. It's not relevant to pick any specific Android distribution for the sake of making the point "iPhone and Android Level Security for Linux Desktop Distributions" no specific Android distribution was chosen for this compassion. A "perfect" Android distribution checking all "green yes" is possible in theory. It doesn't exist due to policy decisions. (GrapheneOS vs root in default builds vs device selection / features.) There are no technical reasons for non-existence. See also this Overview of Mobile Projects, that focus on either/and/or security, privacy, anonymity, source-available, Freedom Software..
user has full access to all information which that user has access to, including all files, keystrokes and so on. The exception is when mandatory access control (MAC) is in use and successfully confines that application.
and indicators of compromise are rare.
is such an example. People expected Titanium Backup to be able to backup the Signal app data but lost data. Extra steps are required for a Signal backup. (Instructions untested by author of this wiki page.)
android:allowBackup
Whether to allow the application to participate in the backup and restore infrastructure. If this attribute is set to false, no backup or restore of the application will ever be performed, even by a full-system backup that would otherwise cause all application data to be saved via adb. The default value of this attribute is true.
Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to.
An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if you’ve used a privacy setting that says it will prevent Google from doing so.
Computer-science researchers at Princeton confirmed these findings at the AP’s request.
How it works, according to Google, is that the Android Location Services periodically checks on your location using GPS, Cell-ID, and Wi-Fi to locate your device. When it does this, your Android phone will send back publicly broadcast Wi-Fi access points' Service set identifier (SSID) and Media Access Control (MAC) data. Again, this isn't just how Google does it; it's how everyone does it. It's Industry practice for location database vendors.
.
/etc/apt/sources.list file by default.
/etc/apt/sources.list comes with a broken deb cd-rom: line./etc/apt/sources.list comes with http instead of https by default./etc/apt/sources.list has only the debian-security repository enabled by default but not the debian repository. As a result, no packages are installable until the user figures out how to add that line to APT sources./etc/apt/sources.list comes empty except fora broken deb cd-rom: line.
su followed by /usr/bin/adduser user sudo and reboot (or re-login) to be able to user sudo.
A secure by default operating system with the latest security research in place.
At
Kicksecure we value freedom and trust, supporting Open Source and Freedom Software
2012-
2025 ENCRYPTED SUPPORT LLC
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 13 year success story and maybe DONATE!