Subgraph (operating system)


Subgraph OS is a Linux distribution designed to be resistant to surveillance and interference by sophisticated adversaries over the Internet. It is based upon Debian Linux. The operating system has been mentioned by Edward Snowden as showing future potential.
Subgraph OS is designed to be locked down and with features which aim to reduce the attack surface of the operating system, and increase the difficulty required to carry out certain classes of attack. This is accomplished through system hardening and a proactive, ongoing focus on security and attack resistance. Subgraph OS also places emphasis on ensuring the integrity of installed software packages through deterministic compilation.

Features

Some of Subgraph OS's notable features include:
The security of Subgraph OS has been questioned in comparison to Qubes, another security focused operating system. An attacker can trick a Subgraph user to run a malicious unsandboxed script via the OS's default Nautilus file manager or in the terminal. It is also possible to run malicious code containing.desktop files. Malware can also bypass Subgraph OS's application firewall. Also, by design, Subgraph cannot isolate the network stack like Qubes OS or prevent bad USB exploits.