Kicksecure ™

Download

On Computer USB Installation Intel / AMD64 ARM64 Raspberry Pi PPC64 Windows (VM) Mac Linux (VM) VirtualBox (VM) Qubes (VM) KVM (VM) Debian morph to Kicksecure More options Source Code

About

Overview Features Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Forum Best Practices Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Verifying the system is configured as intended

The issues discussed on this page are the same for any operating system and are unspecific to Kicksecure.

Performing system audits is beyond the reach of non-technical users. It requires a deep understanding of source code, the ability to utilize specialized analysis tools, and the expertise to interpret complex outputs. This level of proficiency is typically found in sysadmins or individuals with similar technical backgrounds.

Much like how a non-specialist cannot perform heart surgery, even a doctor outside of that field lacks the skills to do so. There’s no shame in this limitation. It simply reflects the specialized knowledge required for such a task. Similarly, expecting a non-technical user to conduct a system audit is unrealistic.

There are no automated tools for end users with sufficient usability to be truly informative. Rather than providing insights, existing tools often lead to more questions and cause confusion. In general, this is related to the current state of development for security-focused operating systems. See:

• The Problem with Security Guides and How We Can Fix It
• Fixing the Desktop Linux Security Model
• Linux User Experience versus Commercial Operating Systems

For system checks, systemcheck is available on the Kicksecure platform.

Even when system check tools exist, the thoroughness of checks performed by the software is a relevant question. An all-encompassing, automated testing suite for all functionality and security features remains a distant implementation goal.

Some certification/audit tools exist, but they have poor usability. See: Certification and Audits.

Related: Security Reviews and Feedback

Non-technical users lack foundations. They cannot inspect architecture, threat models, or source code.

Realistically, users can only Trust that software works as described and intended, develop skills to undertake audits, and/or pay someone to perform that task.

The problem is, if you are a non-technical person, all of us can tell you our solution is the best. At the end of the day, you have no means of judging yourself because you don't understand the technology, architecture. You just only judge whether I speak more fluently, or maybe David speaks more fluently, maybe he is a nicer guy because he does more jokes, or maybe I have bad looks or maybe, you are somehow, I don't know, I am feeling, what I'm trying to say is just sorry, you don't have means if you don't understand technology to judge.Security researcher and Qubes founder, Joanna Rutkowska - LoganCIJ16: Future of OS at 58:34 (at 58 minutes and 34 seconds)

34% of the posts provided by highly reputable so-called trusted users were insecure.How Reliable is the Crowdsourced Knowledge of Security Implementation?

3. Managing devs generally requires understanding what's going on. Unless you're ready to hire a CTO with a track record, a non-technical person can't do that.I have a very high level of scepticism towards non-technical founders without deep pockets

We found that technical participants had more complete mental models of hacking and security than non-technical end users.Replication: Effects of Media on the Mental Models of Technical Users

Fulton’s study confirms that non-technical end users often turn to fictional media and its tropes to fill gaps in their technical knowledge. Participants often did not have enough technical knowledge to accurately evaluate a scene and would turn to existing tropes to justify realism;

for example, many found technical jargon to be a sign of realism.

Detectability: non-technical end users believed that they would be able to recognize if a system was being hacked or if they encountered an unsafe situation online; the attack would be apparent to the user who could then take steps to mitigate the issue. Technical users believed that malware could cause pop-ups on the screen, but many believed that this was distinct from hacking. Hackers, they believed, would want to be stealthy so that they remain undetected.

No Code Review Skills: They can't assess code quality, security vulnerabilities, or maintainability because they've never learned to read code properly.How AI Vibe Coding Is Destroying Junior Developers' Careers

See also Finding Vulnerabilities and Valid Compromise Indicators versus Invalid Compromise Indicators.

• systemcheck
• Security Reviews and Feedback
• Certification and Audits

SUID Disabler and Permission Hardener Documentation systemcheck Hardening Previous page: SUID Disabler and Permission Hardener Index page: Documentation Next page: systemcheck Hardening

Kicksecure A secure by default operating system with the latest security research in place.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Kicksecure is proudly supported until 2026 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 13 year success story and maybe DONATE!