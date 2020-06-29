7 Best Linux Distros for Security and Privacy in 2020 Privacy and security are pressing concerns for all of us these days – not a day goes by that we aren’t bombarded with security news headlines about hacks, breaches and the increased storing and monitoring of sensitive personal information by governments and corporations. Luckily, when it comes to security, Linux users are faring better than their Windows- or Mac- using counterparts. Linux offers inherent security advantages over proprietary operating systems due to the transparency of its open-source code and the constant, thorough review that this code undergoes by a vibrant global community. While transparent source code may at first seem like a privacy nightmare, it is actually the complete opposite. As a result of the “many eyes” that Linux has on its code at all times, security vulnerabilities are identified and remedied very rapidly. In contrast, with proprietary OSes like Windows or MacOS, source code is hidden from outsiders - in other words, users are dependent upon Microsoft or Apple to find, fix and disclose vulnerabilities. Linux is also a relatively unpopular target for malicious hackers due to its small user base. While all Linux “distros” - or distributed versions of Linux software - are secure by design, certain distros go above and beyond when it comes to protecting users’ privacy and security. We’ve put together a list of our favorite exceptionally-secure Linux distros and spoken with some of their lead developers to find out first-hand what makes these distros so great. This article aims to help you evaluate your options and select the distro that best meets your individual needs. Also: Security updates for Tuesday

Mozilla: New in Firefox 78, Brazil's Laws and Rust New in Firefox 78: DevTools improvements, new regex engine, and abundant web platform updates A new stable Firefox version rolls out today, providing new features for web developers. A new regex engine, updates to the ECMAScript Intl API, new CSS selectors, enhanced support for WebAssembly, and many improvements to the Firefox Developer Tools await you.

Mozilla’s analysis: Brazil’s fake news law harms privacy, security, and free expression Breaking end-to-end encryption: According to the latest informal congressional report, the law would mandate all communication providers to retain records of forwards and other forms of bulk communications, including origination, for a period of three months. As companies are required to report much of this information to the government, in essence, this provision would create a perpetually updating, centralized log of digital interactions of nearly every user within Brazil. Apart from the privacy and security risks such a vast data retention mandate entails, the law seems to be infeasible to implement in end-to-end encrypted services such as Signal and WhatsApp. This bill would force companies to leave the country or weaken the technical protections that Brazilians rely on to keep their messages, health records, banking details, and other private information secure.

Brazil’s fake news law will harm users The “fake news” law being rushed through Brazil’s Senate will massively harm privacy and freedom of expression online. Among other dangerous provisions, this bill would force traceability of forwarded messages, which will require breaking end-to-end encryption. This legislation will substantially harm online security, while entrenching state surveillance. Brazil currently enjoys some of the most comprehensive digital protections in the world, via its Internet Bill of Rights and the upcoming data protection law is poised to add even more protections. In order to preserve these rights, the ‘fake news’ law should be immediately withdrawn from consideration and be subject to rigorous congressional review with input from all affected parties.

5 Serious Flaws in the New Brazilian “Fake News” Bill that Will Undermine Human Rights The Brazilian Senate is scheduled to make its vote this week on the most recent version of “PLS 2630/2020” the so-called “Fake News” bill. This new version, supposedly aimed at safety and curbing “malicious coordinated actions'' by users of social networks and private messaging apps, will allow the government to identify and track countless innocent users who haven't committed any wrongdoing in order to catch a few malicious actors. The bill creates a clumsy regulatory regime to intervene in the technology and policy decisions of both public and private messaging services in Brazil, requiring them to institute new takedown procedures, enforce various kinds of identification of all their users, and greatly increase the amount of information that they gather and store from and about their users. They also have to ensure that all of that information can be directly accessed by staff in Brasil, so it is directly and immediately available to their government—bypassing the strong safeguards for users’ rights of existing international mechanisms such as Mutual Legal Assistance Treaties.

Missing structure in technical discussions People are amazing creatures. When discussing a complex issue, they are able to keep multiple independent arguments in their heads, the pieces of supporting and disproving evidence, and can collapse this system into a concrete solution. We can spend hours navigating through the issue comments on Github, reconstructing the points of view, and making sense of the discussion. Problem is: we don’t actually want to apply this superpower and waste time nearly as often. [...] I’m excited to have this new way of preserving and growing the structure of a technical debate. We can keep using the code hosting platforms, and arguing on the issues and PR, while solidifying the core points in these .argdown files. I hope to see it applied more widely to the workflows of technical working groups.