It won’t be a security risk once it’s in use, IT across Germany will know within days of deployment. It will almost definitely be a modified version of some probably well known Linux.
I don’t think it really matters whether a potential adversary has a ‘head start’ all that much, security through obscurity doesn’t work super well when it’s going to be deployed to thousands of easily accessible devices anyway. It’d only just be a defense in depth, but even then meh. But it’s neither here nor there, they’ll do it whatever way they feel is best.
Social engineering is to gain access circumventing downcode, not really “get a head start”…
Most attacks are entirely social engineering. You’re not breaking into secure databases by pulling ridiculous zero day backdoors when it’s much easier to convince an intern to download a file or give you access directly. These super involved attacks are state actors, and no amount of trying to hide what Linux version is being modified will do anything for you there.
State actors of course also use social engineering
Ultimately the point is hacking really doesn’t involve the kind of subterfuge you’re describing here in a way where " what Linux is it " matters at all. I mean, windows is used for secure systems across the world, it’s hardly secretive.
deleted by creator
And my houshold 😁
Ther is for sure a 2.5k line powershell script from someone totally trustworthy which fixes this issue though
The French National Police also use Linux machines with its modified Ubuntu distro Gendbuntu.
Plus, Russia uses Astra, based on vanilla Debian.
Not like Russia can legally nor want to be dependant on MS/american software.
Which distro are the Germans switching to?
deleted by creator
It won’t be a security risk once it’s in use, IT across Germany will know within days of deployment. It will almost definitely be a modified version of some probably well known Linux.
deleted by creator
I don’t think it really matters whether a potential adversary has a ‘head start’ all that much, security through obscurity doesn’t work super well when it’s going to be deployed to thousands of easily accessible devices anyway. It’d only just be a defense in depth, but even then meh. But it’s neither here nor there, they’ll do it whatever way they feel is best.
deleted by creator
Social engineering is to gain access circumventing downcode, not really “get a head start”…
Most attacks are entirely social engineering. You’re not breaking into secure databases by pulling ridiculous zero day backdoors when it’s much easier to convince an intern to download a file or give you access directly. These super involved attacks are state actors, and no amount of trying to hide what Linux version is being modified will do anything for you there.
State actors of course also use social engineering
Ultimately the point is hacking really doesn’t involve the kind of subterfuge you’re describing here in a way where " what Linux is it " matters at all. I mean, windows is used for secure systems across the world, it’s hardly secretive.
deleted by creator