So, a while back I installed Xfce with Chicago95, but was disappointed. Xfce just doesn’t vibe with me, and a strict emulation of Windows95 is not really what I wanted, I just wanted something that “felt” that classic.

So I was gonna give up and just use KDE, until I saw TDE. I think TDE is probably what I’m looking for but I’m concerned about using anything so minor because security.

It TDE secure (for personal use)?

Can a DE even be insecure, or are they all generally as secure as each-other as long as you follow the rules (trustworthy software, closed firewall, install patches fast, and disaster recovery plans)?

What vulnerabilities can a desktop environment even have (edit)?

  • nyan@sh.itjust.works
    link
    fedilink
    arrow-up
    9
    ·
    19 hours ago

    There are no open security bugs against TDE that I’m aware of—if there were, I’d expect them to be fixed in the next release. In my experience, the development team, while not huge, is active and competent.

    I’ve been using TDE since a little while after Gentoo sunsetted KDE3, and I’ve had no issues. Just make sure your X server is secure—-nolisten and all that stuff—and don’t try to use Konqueror as a web browser (it remains an excellent file manager), and you should be fine.

    Wayland is “more secure” than X in that it makes less LAN contact by default and tries to sandbox programs from one another to an extent, just in case some future browser exploit that can copy random swathes of your screen tries to screenshot your password manager or something. There are no active exploits against a correctly-configured X server at this time that will magically vanish if you switch to Wayland, as far as I’m aware—it’s more future-proofing stuff.

    • Tenderizer78@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      19 hours ago

      Thanks, that’s a very clear response. I guess I basically can use it until X11 stops getting security updates. I wonder whether an X11 vulnerability can trigger a serious vulnerability even if it doesn’t get security updates.

      No idea what that -nolisten stuff is about. Is that to do with the firewall?

      • nyan@sh.itjust.works
        link
        fedilink
        arrow-up
        4
        ·
        18 hours ago

        -nolisten is an actual option passed to the X server—your distro may do so by default—to work around a known security issue in some versions. I admit I’d have to look up the details, as it’s been a couple of years since that issue was reported. Recent X versions almost certainly have a patch.

        • Tenderizer78@lemmy.mlOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          18 hours ago

          I’d be kinda shocked if in, in 2025, any download of a DE opened X org up to remote connections by default. But I will double check.