So, a while back I installed Xfce with Chicago95, but was disappointed. Xfce just doesn’t vibe with me, and a strict emulation of Windows95 is not really what I wanted, I just wanted something that “felt” that classic.
So I was gonna give up and just use KDE, until I saw TDE. I think TDE is probably what I’m looking for but I’m concerned about using anything so minor because security.
It TDE secure (for personal use)?
Can a DE even be insecure, or are they all generally as secure as each-other as long as you follow the rules (trustworthy software, closed firewall, install patches fast, and disaster recovery plans)?
What vulnerabilities can a desktop environment even have (edit)?
You must log in or # to comment.
My issue would be the old version of Qt it runs on, which is not maintained anymore. That itself is a bit of a problem security-wise.
Looking at the FAQ, they do “maintain” their version of TQt3. Whether they maintain it to the extent that it’s secure is anyone’s guess. There’s always the question of what kinds of exploits can even exist in a desktop environment (which I should add to my original post).
You don’t need Trinity for that, you can theme up KDE Plasma 6 to look and feel old school too.
That might be a better fit for me. I know KDE has a polish and security I want, I imagine I could make it how I want.
Apparently TDE has lower resource usage, so I wonder if for that reason TDE might be a better fit. Clearly I should get both more experience with KDE and a better idea of what I’m actually looking for.
Modern KDE isn’t bad on resource usage either. You just want the old school look, but you’re not actually on obsolete hardware :)
Sorry for the triple post, refreshed a couple times too much when it didn’t respond
As far as the TDE devs know, there haven’t been any issues resulting in a user getting hacked, they’ve modernized the underlying code, and actively patch any reported vulnerabilities: https://redlib.tiekoetter.com/r/linuxquestions/comments/1f81hz4/is_q4ostrinity_desktop_environment_inherently/
That said, it is still a niche codebase with a small team, so they might not have the resources to be so proactive against theoretical vulnerabilities as a project like KDE or GNOME with Wayland. If you’re being targeted, TDE would certainly be a shiny attack surface, but otherwise, I don’t really see why a hacking group would go for something as niche as TDE. There’s a tradeoff, like the one I take with X11 because I refuse to give up my XFCE+Chicago95 setup for an arguably more secure Wayland setup.
Most of the issues of a desktop environment just come down to there being more code and therefore a larger attack surface. Lots of widgets, obscure processes, and nooks and crannies to hide malicious stuff too. And legacy code with expansive privileges from the days before security was as much of a concern. While not Linux, it is analogous with security being a big part of why Microsoft released Server Core, which stripped out much of the GUI.
An extreme case, I also know of a someone who used Windows XP to do rather important work on the internet until around 2020. Only thing that stopped them were websites getting too bloated to load on their computer. But they did follow the basic rules as you mentioned and seemed to be just fine.
I guess it all comes down to the security of X11, and also whether X11 could even be exploited without arbitrary code execution though Anki or Firefox or Steam Chat or something. At which point no sane hacker would waste such an exploit on X11 that’s rapidly becoming defunct.
An extreme case, I also know of a someone who used Windows XP to do rather important work on the internet until around 2020… But they did follow the basic rules as you mentioned and seemed to be just fine.
I think they skipped the third rule, install patches fast.
deleted by creator
