I’m new to the cyber-security/privacy space. I am interested in teaching myself about it, as well as dabbling in OSINT and general linux-type-stuff too. ATM this is all a hobby so while it is not crucial to have everything air-tight, I would like to do my best to follow best practices.
That being said, I am currently using a Mac M1 so my VM capabilities are (AFAIK) limited to the OS’s provided by the UTM virtual machine software. For those who are unaware, the OS’s they provide can be found here:
https://mac.getutm.app/gallery/
From a security/privacy perspective, which of these OS’s would you consider to be the most secure or, able to be the most secure with configuration? At first glance and with my limited knowledge, I want to say Kali, but I feel this may be cliché as it’s what your stereotypical-hacker-type would use.
Any guidance would be appreciated.
N.B., ease of use/convenience is not a top priority for me, as I’m using this as a learning experience and I’m open to trying different things and making mistakes along the way.
Thanks!
***EDIT: Thank you to all who provided information. I learned a lot. I’ve decided to try a few different distros that work with UTM namely, Parrot OS (both home and security editions for different purposes), as well as Kali and Debian.
I’ve looked at this and would love to but as is my (limited) understanding, Qubes is next to (if not entirely) impossible to implement on Mac M1
Yes, so Debian Stable
I second Debian as an intro. Ubuntu is a little newer and it has a huge userbase, but your customization options are limited by their desktop environment (which is a tweaked version of Gnome, iirc). You’ll get more of a typical Linux experience from Debian. Most of the Ubuntu help articles and posts will work for Debian, too.
When you’re ready to try something new, explore immutable/atomic distros like Fedora Kinoite, blendOS, and NixOS. Layering and containerization are a different way to secure your system and offer new ways to think about how processes interact with the kernel and OS.
I know you’re limited by the UTM right now, but by the time you’re ready for that, you may have other ways or hardware to look into it.