I try out different Linux distros for my personal computers quite often. (Right now I'm running Manjaro on my laptop and Ubuntu on my personal workstation.) While hopping through various Linux distros per year, I observed that some distros have a better security posture by default than others. Good default security settings are important because a lot of users won't bother to improve security of their desktop OS by fiddling with settings or installing extra software.

So I decided to do some research and document the results within blog posts here. I will choose the distros based on their distrowatch ranking, starting with MX Linux. In this post I will define all the tests I run through, when reviewing the default settings of a vanilla install of the distros.


Cyber blue team leader by day, tinkerer/hacker at night. Designing secure systems and traveling the world is what I like. Unfair, harsh, inconsiderate behavior is what I don't like.

Twitter: @iocseb | Mastodon:

I work in #infosec, have a history with #opensource, and am passionate about #decentralization (the one without the crypto).

I recently gave a public talk at NolaCon in New Orleans, the slides are available here.

One of my hobbies is to play soccer, another one is trying out Linux distros. As a way of giving back to the FOSS community, I run two Mastodon instances: and

I also run and sometimes add content to a Cybersecurity Wiki:

And I have a Gemini capsule at gemini:// (via https gateway)

I especially dislike business models that rely on the sales of personal information. When I was studying the impact of computer science and the Internet on human societies in college back in the early 2000's, I was doubting that anyone will ever want to give away their info in return for free services. History has taught me otherwise.