Kali is designed as a pentest tool, not as a daily secure OS for the average user.
It just switched from "everything running as root" to at least have a dedicated user account recently (year or two, don't remember exact). But still, it's designed to get stuff done during a pentest.
It's an awesome distro, don't get me wrong. It's just that it is not designed to be a secure OS for a regular user.
I agree on home computers not being that much more safe using a non-admin account. Especially since that non-admin account being an admin account. UAC is trivial to bypass most of the time.
However, running most of your system as non-root is NOT a security theatre. It might seem so, but security needs layers. There is a reason privesc is it's own step in compromising a system. On a well configured system it is not trivial to do. It also makes some noise and generates an audit trail that can be detected (n
"Because he's a character who's looking for his own identity, [He-Man is]
an interesting role for an actor."
-- Dolph Lundgren, "actor"
Kali is not designed to be Secure (Score:5, Informative)
It just switched from "everything running as root" to at least have a dedicated user account recently (year or two, don't remember exact).
But still, it's designed to get stuff done during a pentest.
It's an awesome distro, don't get me wrong. It's just that it is not designed to be a secure OS for a regular user.
Re: Kali is not designed to be Secure (Score:0)
That is security theater though.
Securing off the OS but not all the actually important files of the user.
It only makes sense on a multi-user system used by people that might not be trustworthy.
On a home PC, if somebody got into your user account... you're already fucked.
I actually like Android's system. Where every programmer, and even every app, gets its own user. And they are all separate from your data.
Re: (Score:2)
However, running most of your system as non-root is NOT a security theatre. It might seem so, but security needs layers. There is a reason privesc is it's own step in compromising a system. On a well configured system it is not trivial to do. It also makes some noise and generates an audit trail that can be detected (n