So, a while back I installed Xfce with Chicago95, but was disappointed. Xfce just doesn’t vibe with me, and a strict emulation of Windows95 is not really what I wanted, I just wanted something that “felt” that classic.
So I was gonna give up and just use KDE, until I saw TDE. I think TDE is probably what I’m looking for but I’m concerned about using anything so minor because security.
It TDE secure (for personal use)?
Can a DE even be insecure, or are they all generally as secure as each-other as long as you follow the rules (trustworthy software, closed firewall, install patches fast, and disaster recovery plans)?
What vulnerabilities can a desktop environment even have (edit)?
There are no open security bugs against TDE that I’m aware of—if there were, I’d expect them to be fixed in the next release. In my experience, the development team, while not huge, is active and competent.
I’ve been using TDE since a little while after Gentoo sunsetted KDE3, and I’ve had no issues. Just make sure your X server is secure—
-nolistenand all that stuff—and don’t try to use Konqueror as a web browser (it remains an excellent file manager), and you should be fine.Wayland is “more secure” than X in that it makes less LAN contact by default and tries to sandbox programs from one another to an extent, just in case some future browser exploit that can copy random swathes of your screen tries to screenshot your password manager or something. There are no active exploits against a correctly-configured X server at this time that will magically vanish if you switch to Wayland, as far as I’m aware—it’s more future-proofing stuff.
Thanks, that’s a very clear response. I guess I basically can use it until X11 stops getting security updates. I wonder whether an X11 vulnerability can trigger a serious vulnerability even if it doesn’t get security updates.
No idea what that
-nolistenstuff is about. Is that to do with the firewall?-nolistenis an actual option passed to the X server—your distro may do so by default—to work around a known security issue in some versions. I admit I’d have to look up the details, as it’s been a couple of years since that issue was reported. Recent X versions almost certainly have a patch.I’d be kinda shocked if in, in 2025, any download of a DE opened X org up to remote connections by default. But I will double check.