>France's NSA Built their own OS, use and maintain it; only released to the public a few months ago. >Based on Gentoo Hardened. >Pretty much comparable to Qubes except it's probably more secure in many ways, you probably don't have to solve a minefield puzzle to figure out whether or not it's going to work on your computer, and it probably works on nearly all computers and not just 1/100. >English version is available as of release 5 (the latest). >Isn't offered as an official ISO, so I won't be able to download it and use it since I am tech-illiterate and hate CLI stuff and know I would fuck it up even with the build/installation guide. >Hope they, or someone, releases it as an ISO in the future.
Can someone who is familiar with security and Qubes point out why or why not this is good or better or worse than Qubes, etc.? Does it have potential to be Jow Forums's official distro or security distro?
Thirteen noob questions I have:
1. It says on the site that the distributions that have been tested to work with and that are "compatible with the CLIP OS toolkit" are: Arch Linux, Debian testing (buster), and Debian unstable, Fedora 28, and Ubuntu 18.04. What does this mean? Is it not it's own distribution/OS, but a "toolkit"? It has to be combined with a Linux distro? I'm not quite understanding, as a person ignorant to Linux.
2. So, in the scenario where you have it paired with Debian or some other distro, and Debian or that distro gets an update, or CLIP OS itself gets and update, or Gentoo Hardened (which CLIP OS is built on) gets an update, or the Linux kernel gets an update--how are you notified, how do you install the particular update (of the four parties available), and how likely is it that your system will break?
3. Say you are running CLIP OS, and a new Spectre exploit is discovered. Who patches that Meltdown vulnerability? How would you know about the update? How would you get the update?
4. Can you use a VM in CLIP OS? For example, Debian+CLIP OS using a VM of Ubuntu? How would that be different from just Debian using a VM of Ubuntu, since CLIP OS is apparently not its own distro? (Forgive the ignorance.)
5. Qubes v. CLIP OS: which would you feel more secure with (also considering the teams maintaining each)?
6. What is the difference between CLIP OS and something like Fedora+SELinux+a VM, assuming you were only browsing the internet? Isn't the Fedora+SELinux+VM option just as safe in all ways?
7. What defenses, if any, does CLIP OS have against malware on a USB drive being plugged into the computer it's on? Or, say, a deliberate malware infection launched via USB?
8. How likely is it that someone eventually packages this into an ISO for download/installation for noobs like me who just know that they are going to screw up compiling/installing/whatevering it as it is now, and just want it to be available in ISO format? I'm not asking if someone here will do it, just the odds of it happening, which I assume are low.
9. Can it be used with xfce, KDE, Cinnamon, or GNOME, and have the desktop customized and "riced" and all that silly stuff?
10. Does CLIP OS have any kind of integrity checker or Intrusion Detection System built into it like OpenBSD has?
11. Let's say part of it, however virtualized, does get infected with malware. That malware stays there forever, unless it's somehow detected by the user, an AV system (next to zero chance), the malware author removes it, or your computer breaks or stops being used, correct?
12. Are all updates to it both signed and downloaded over TLS? What about updates to whatever distro you have with it, the Linux kernel, or Gentoo Hardened?
13. Should KVM, Audacity, Firefox, a VPN company's VPN client, Tor, etc. download and work on it just fine, as if you were downloading them on, say, Ubuntu or Debian? What package manager does it use?
Landon Butler
>Trusting anything from any kind of intel agency.
Elijah Morgan
Apparently, the French are full of integrity with regards to internet privacy, etc.
Jeremiah Nelson
>Decide to browse the ANSII website >See "ISIS" >Click >It's actually the name of the secure intranet to share highly classified documents Topkek
Cooper Murphy
>intel buy AMD, fag
Isaiah Jackson
>downloading anything from a someone that spies on you
Leo Green
>someone that spies on you Retard, the ANSSI isn't an intelligence agency. It's a state service working for the government to secure highly sensitive systems and operations.
Carson Howard
Can't tell if retarded or just trolling, but I got a kek.
David Cox
So where's the audit.
Brody Lopez
Can anyone answer OP's questions? Curious myself.
Jackson Gutierrez
You shouldn't have described it as "France's NSA", then. Closest would be the DGSE.
Cooper Brooks
There's more info available but you'd need to understand French
they clearly wrote it in frog-language to obscure the jewish spy software
Oliver Sanchez
>You shouldn't have described it as "France's NSA" Not OP >Closest would be the DGSE Nope, DGSE IS an intelligence agency focused on foreign operations (intelligence gathering, espionage, secret ops). DGSI being its national counterpart focused on domestic operations.
Jordan Lopez
OP here. That wasn't me who you were replying to, but understood nonetheless. I am ignorant.
Michael Robinson
>only released to the public a few months ago. So where is the download link?
Luke Martinez
The Github link in the post and on their site, m8. Problem is, you have to compile it yourself and all that shit, something I can't fathom. I even hate and screw up basic CLI. I wish someone would release an ISO for it. Although, I wonder how you would verify it as not being fucked with unless the actual ANSSI people released it in ISO format.
Caleb Richardson
>"The first stable version will be released once the project is considered mature enough for production and end-user handling." Not before CLIP OS 5. You can play with this in the meantime: github.com/clipos-archive
Easton Barnes
damn. is there anything on when the stable will be released? will it be ISO/easier like said? i'm at work so connection is too slow to even load the site.
Robert Reed
Would it be the equivalent to America's DHS, or the cyber defense/whatever division of DHS?
Parker Rivera
>"For now, there are no pre-packaged version of CLIP OS 5 made available. " >for now Guess they'll release one eventually
>French >Government agency >implying France and their agencies are not filled with niggers and sandniggers >Wanting to make people fix their os for free
Jace Green
Go back to Jow Forums NSA
Nathaniel Walker
Never been there and I don't want to. But I wouldn't trust nothing from a country that let another nation raid and rape there land without putting any fight.
Henry Phillips
What country is "raping" France right now Jow Forumstard? Or is that what you bootlicking faggots think of the yellow jacket protests.
Luis Cox
How do we know there are no french backdoors in this thing?
Jaxson Sanders
honeypot desu
Jaxon Butler
What do you think about them?
Jace Jenkins
>Niggers and sandniggers have somehow passed the selection process and managed to infiltrate a government service tasked with securing the most sensitive operations
Elijah Bell
Don't believe this. We're a dictatorship.
Landon Cooper
This. Don't trust this shit.
Julian Gomez
The code is here. Audit it.
Angel Gray
>>Pretty much comparable to Qubes except it's probably more secure in many ways, >probably >probably more secure probably full of backdoors only accessible to them.
Colton Clark
>Apparently, the French are full of integrity this is retarded. the French were famous for their espionage way before and longer than the americans or russian
Nolan Wright
It's not the French NSA, it's literally the "Informative systems' security national agency". They audit FLOSS and military solutions for the government (Thales, Matrix, etc.).
They also contribute to the FLOSS ecosystem, as you can see.
Eli Phillips
Weird. I consulted their website and the repositories. Got some weird activity on my network half an hour ago. Looked like some probing. It stopped but that's really scaring me up.
Jonathan Cox
Can someone keep this thread alive? I have to go for the next three hours. I'm hoping someone will answer all of my questions. I'm intrigued with how many distros are "involved" together in this OS.
Jaxon Reed
Woah. Discuss further. How did you see/detect it? What IP? Other Anons should test.
Yeah, I trust more Windows or Red Hat/Fedora than an agency contributing to the open-source ecosystem and doing public reviews for infosec professionals!
Same as England and Germany You can do all the audits you want, it just needs one specific update from one infected repository and job's done.
Joseph Russell
Yeah, our government is hypocrite and larp as "lawful good" when it's a nest of vipers. I'm French, and I visited OP's link with TOR+VPN in a VM to be sure I'm not put in forced internment in a psychiatry ward or something. That's the new thing they do, it can be decided without a judge, and the prefet (department non elected superviser) can just sign a paper and you're considered insane and put in a psychiatric ward. Of course, you're probably safe, but you never know if they exchange info with other countries.
I'm not joking or anything, careful with this.
Would you install NSA stuff even if they're open source ? Think about it.
Dominic Walker
wew lad well at least you're learning..
Joshua Young
>unless the actual ANSSI people released it in ISO format And why would you trust anssi's compiled ISO?
Logan Rodriguez
Can confirm. I'm French and was sent into reeducation therapy in a psychic ward after asking too many questions. I feel better now.
1) the ANSSI isn't the French NSA 2) you still need a psychiatrist's review to be considered as insane (I'm not defending this law in any way) 3) it's not surprising you've been sent to a psychiatric ward because you're really weird, and I know someone like you to whom it happened too. Also, here in France, the freudo-lacanian psychoanalysis school has some power in courts, which sucks 4) the NSA has really close ties with Red Hat yet Lavabit runs on CentOS 5) if you want a secure operating system, run OpenBSD and compile the packages from source, period
William Williams
How is he weird?
Jeremiah Cruz
Je confirme. est manifestement paranoïaque. Pas étonnant qu'il ait été envoyé à l'asile.
Nathaniel Gonzalez
I didn't mean to harm this person, who's probably doing self-harm because of your comment.
Jeremiah Morris
>french careful not being on a watchlist >hon hon hon tu belong to a mental institution The fuck.
Jaxon Williams
>He uses TOR. >He uses a VPN. >He browses this place. >He probably uses Linux. >He criticizes the government He's most likely already on a watchlist
Brody King
Btw: I'm pretty smart and I know what I'm talking about. You don't. This person deserves to be happy like anyone else and you're cruel for no reason.
It's not surprising since a lot of people talk on the Internet because no one wants to talk to them AFK, for various reasons. It's not very hard to guess why no one wants to talk with you.
Jason Perry
>What country is "raping" France right now Jow Forumstard? African countries?