<div class="sections-wrapper">

<div class="sections-wrapper">




<div class="section-banner">
<div class="inner-wrapper">
<h2 class="slogan">Rock Solid Security</h2>
<p class="sub-slogan">Kicksecure is a secure by default OS always based on the latest security research.</p>
<a href="/wiki/ISO" class="call-to-action">Download Now</a>
<a class="overview-image" href="/wiki/About" title="Kicksecure Desktop">
<img class="overview-image-preview" fetchpriority="high" decoding="sync" loading="eager" alt="Kicksecure Overview Preview" width="934" height="525" src="/w/images/6/69/Hero-image-kick-preview.svg" />
<img fetchpriority="high" decoding="sync" loading="eager" width="934" height="525" alt="Kicksecure Overview" src="/w/images/thumb/0/0d/Kicksecure-image-hero-image.jpeg/934px-Kicksecure-image-hero-image.jpeg" srcset="
/w/images/thumb/0/0d/Kicksecure-image-hero-image.jpeg/934px-Kicksecure-image-hero-image.jpeg 934w,
/w/images/thumb/0/0d/Kicksecure-image-hero-image.jpeg/800px-Kicksecure-image-hero-image.jpeg 800w,
/w/images/thumb/0/0d/Kicksecure-image-hero-image.jpeg/768px-Kicksecure-image-hero-image.jpeg 768w,
/w/images/thumb/0/0d/Kicksecure-image-hero-image.jpeg/640px-Kicksecure-image-hero-image.jpeg 640w,
/w/images/thumb/0/0d/Kicksecure-image-hero-image.jpeg/512px-Kicksecure-image-hero-image.jpeg 512w,
/w/images/thumb/0/0d/Kicksecure-image-hero-image.jpeg/320px-Kicksecure-image-hero-image.jpeg 320w,
" sizes="(max-width: 1000px) 85vw, 934px" />
</a>
<h2 class="learn">Learn
<a href="/wiki/About">What Is Kicksecure?</a>
</h2>
</div>
</div>




<div id="download" class="section-download dark-section">
<div class="inner-wrapper">
<h2>
<a href="/wiki/Download">FREE Download</a>
<span class="share-tooltip" data-anchor="download"></span>
</h2>

<div class="tab-content-controller">
<div class="mininav mn-switcher"></div>
<div class="tcc-content">

<div class="vspacer-30"></div>

<div class="tcc-section active">
<div class="tcc-image"><i class="fa-solid fa-laptop"></i></div>
<div class="tcc-title"><h3><span class="mw-headline" id="download-options-hardware">Hardware</span></h3></div>
<div class="tcc-content">
<div class="col-container-wrapper">
<div class="col-container">
<div>
<a href="/wiki/ISO">
<span class="label cs-blue-dark">Hardware</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/d/d6/Computer-laptop.svg/128px-Computer-laptop.svg.png" alt="Kicksecure ISO" decoding="async" loading="lazy" />
</span>
<span>On Computer</span>
</a>
</div>
<div>
<a href="/wiki/USB_Installation">
<span class="label cs-blue-dark">Hardware</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/5/5c/Logo-usb-500x500.png/128px-Logo-usb-500x500.png" alt="Kicksecure on USB" decoding="async" loading="lazy" />
</span>
<span>On USB</span>
</a>
</div>
</div>
</div>
</div>
</div>

<div class="tcc-section">
<div class="tcc-image"><i class="fa-solid fa-qube"></i></div>
<div class="tcc-title"><h3><span class="mw-headline" id="download-options-vm">Virtual Machine</span></h3></div>
<div class="tcc-content">
<div class="col-container-wrapper">
<div class="col-container">
<div>
<a href="/wiki/Windows">
<span class="label cs-green-dark">VM</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/e/ee/Windows_logo_-_2012.svg.png/128px-Windows_logo_-_2012.svg.png" alt="Download for Windows 10" decoding="async" loading="lazy" />
</span>
<span>Windows</span>
</a>
</div>
<div>
<a href="/wiki/MacOS">
<span class="label cs-green-dark">VM</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/9/9e/Logo-apple-500x500.png/128px-Logo-apple-500x500.png" alt="Download for Mac" decoding="async" loading="lazy" />
</span>
<span>MacOS</span>
</a>
</div>
<div>
<a href="/wiki/Linux">
<span class="label cs-green-dark">VM</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/0/0f/Logo-linux-500x500.png/128px-Logo-linux-500x500.png" alt="Download for Linux" decoding="async" loading="lazy" />
</span>
<span>VirtualBox Linux installer</span>
</a>
</div>
<div>
<a href="/wiki/VirtualBox">
<span class="label cs-green-dark">VM</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/d/d5/Virtualbox_logo.png/128px-Virtualbox_logo.png" alt="Download for VirtualBox" decoding="async" loading="lazy" />
</span>
<span>VirtualBox</span>
</a>
</div>
<div>
<a href="/wiki/Qubes">
<span class="label cs-green-dark">VM</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/9/94/Qubes-logo-blue.png/128px-Qubes-logo-blue.png" alt="Download for Qubes" decoding="async" loading="lazy" />
</span>
<span>Qubes</span>
</a>
</div>
<div>
<a href="/wiki/KVM">
<span class="label cs-green-dark">VM</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/0/0f/Kvm-new-logo.png/128px-Kvm-new-logo.png" alt="Download for KVM" decoding="async" loading="lazy" />
</span>
<span>KVM</span>
</a>
</div>
</div>
</div>
</div>
</div>

<div class="tcc-section">
<div class="tcc-image"><i class="fa-solid fa-star"></i></div>
<div class="tcc-title"><h3><span class="mw-headline" id="download-options-other">Other</span></h3></div>
<div class="tcc-content">
<div class="col-container-wrapper">
<div class="col-container">
<div>
<a href="/wiki/Debian">
<span class="label cs-yellow">Special</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/f/fa/Logo-debian-500x500.png/128px-Logo-debian-500x500.png" alt="Download for Debian" decoding="async" loading="lazy" />
</span>
<span>Debian+</span>
</a>
</div>
<div>
<a href="/wiki/Chroot">
<span class="label cs-yellow">Special</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/9/9e/Logo-chroot-500x500.png/128px-Logo-chroot-500x500.png" alt="Kicksecure on chroot" decoding="async" loading="lazy" />
</span>
<span>chroot</span>
</a>
</div>
<div>
<a href="/wiki/Dev/Build_Documentation">
<span class="label cs-yellow">Special</span>
<span class="image-wrapper">
<img class="image" src="/w/images/thumb/b/bb/Source-code-icon.png/128px-Source-code-icon.png" alt="Kicksecure on chroot" decoding="async" loading="lazy" />
</span>
<span>Source Code</span>
</a>
</div>
</div>
<div class="col-container">
<div>
<a href="/wiki/ARM64">
<span class="image-wrapper">
<img class="image" src="/w/images/9/95/Arm64-logo.svg" alt="Kicksecure on ARM64" decoding="async" loading="lazy" />
</span>
<span>ARM64</span>
</a>
</div>
<div>
<a href="/wiki/Raspberry_Pi">
<span class="image-wrapper">
<img class="image" src="/w/images/1/11/Raspberry-pi-logo.svg" alt="Kicksecure on Raspberry Pi" decoding="async" loading="lazy" />
</span>
<span>Raspberry Pi (RPi)</span>
</a>
</div>
<div>
<a href="/wiki/PPC64">
<span class="image-wrapper">
<img class="image" src="/w/images/b/bf/Ppc64-logo.svg" alt="Kicksecure on PPC64EL" decoding="async" loading="lazy" />
</span>
<span>ppc64el (POWER9/10)</span>
</a>
</div>
<div>
<a href="/wiki/RISCV64">
<span class="image-wrapper">
<img class="image" src="/w/images/d/d6/Riscv64-logo.svg" alt="Kicksecure on RISCV64" decoding="async" loading="lazy" />
</span>
<span>RISCV64</span>
</a>
</div>
</div>
</div>
</div>
</div>

</div>
</div>

</div>
</div>




<div class="section-navi">
<div class="inner-wrapper">
<div class="col-container cc-3">
<div><a href="/wiki/Documentation">Wiki</a></div>
<div><a href="/wiki/FAQ">FAQ</a></div>
<div><a href="#security">Features</a></div>
<div><a href="https://forums.kicksecure.com/">Forum</a></div>
<div><a href="https://forums.kicksecure.com/c/news">News</a></div>
<div><a href="/wiki/Donate">Donate</a></div>
</div>
</div>
</div>




<div class="section-apps dark-section">
<div class="inner-wrapper">
<h2>
Pre-installed applications are reviewed and configured for security
</h2>

<div class="col-container cc-5 justify">

<a href="/wiki/E-Mail" target="_blank" rel="noopener">
<img decoding="async" loading="lazy" width="64" height="64" src="/w/images/thumb/b/b1/Thunderbird256.png/64px-Thunderbird256.png" alt="Encrypted Email Symbol" />
<span>Thunderbird</span>
</a>
<a href="/wiki/Passwords" target="_blank" rel="noopener">
<img decoding="async" loading="lazy" width="64" height="64" src="/w/images/thumb/c/c1/KeePassXC.svg/64px-KeePassXC.svg.png" alt="KeePassXC Symbol" />
<span>KeePassXC</span>
</a>

<a href="/wiki/Software#Media_Player" target="_blank" rel="noopener">
<img decoding="async" loading="lazy" width="64" height="71" src="/w/images/thumb/c/cd/2000px-VLC_Icon.svg.png/64px-2000px-VLC_Icon.svg.png" alt="VLC Symbol" />
<span>VLC</span>
</a>
<a href="/wiki/Software#Terminal" target="_blank" rel="noopener">
<img decoding="async" loading="lazy" width="64" height="64" src="/w/images/thumb/c/c2/Utilities-terminal.png/64px-Utilities-terminal.png" alt="Terminal Symbol" />
<span>Terminal</span>
</a>
<a href="/wiki/Electrum" target="_blank" rel="noopener">
<img decoding="async" loading="lazy" width="64" height="64" src="/w/images/thumb/6/63/Electrum-appimage.png/64px-Electrum-appimage.png" alt="Electrum Symbol" />
<span>Electrum</span>
</a>
<a href="/wiki/Bitcoin" target="_blank" rel="noopener">
<img decoding="async" loading="lazy" width="64" height="64" src="/w/images/thumb/2/29/BC_Logo_.png/64px-BC_Logo_.png" alt="Bitcoin Symbol" />
<span>Bitcoin</span>
</a>
<a href="/wiki/Monero" target="_blank" rel="noopener">
<img decoding="async" loading="lazy" width="64" height="64" src="/w/images/thumb/0/05/Monero-symbol-1280.png/64px-Monero-symbol-1280.png" alt="Monero Symbol" />
<span>Monero</span>
</a>

</div>
</div>
</div>




<div id="security" class="section-features">
<div class="inner-wrapper">
<h2>
Fully Featured with Advanced Security Components
<span class="share-tooltip" data-anchor="security"></span>
</h2>

<div class="col-container cc-3 justify">

<a href="/wiki/Operating_System_Software_and_Updates" class="card-wrapper" draggable="false" id="explain-protectedupdates">
<span class="image-wrapper">
<img class="image image-cover" alt="Protection from Targeted Malicious Updates" src="/w/images/thumb/1/16/Malware-updates-promo.jpg/450px-Malware-updates-promo.jpg" decoding="async" loading="lazy" />
</span>
<h3>Protection from Targeted Malicious Updates</h3>
<p>
Kicksecure update servers know neither the identity nor IP address of the user because
all upgrades are downloaded over Tor.
</p>
</a>

<a href="https://github.com/Kicksecure/security-misc" target="_blank" class="card-wrapper" draggable="false" id="explain-kernel">
<span class="image-wrapper">
<img class="image image-cover" alt="Kernel Self Protection" src="/w/images/thumb/8/8d/Tux-halo-promo.jpg/300px-Tux-halo-promo.jpg" decoding="async" loading="lazy" />
</span>
<h3>Kernel Self Protection Settings</h3>
<p>
Kicksecure uses strong Kernel Hardening Settings as recommended by the Kernel Self Protection Project
(KSPP).
</p>
</a>

<a href="/wiki/sdwdate" class="card-wrapper" draggable="false" id="explain-time">
<span class="image-wrapper"><img class="image image-cover" alt="Time Attack Defense" src="/w/images/thumb/6/6d/Stopwatch.jpg/300px-Stopwatch.jpg" decoding="async" loading="lazy" /></span>
<h3>Time Attack Protection</h3>
<p>
Kicksecure protects its users from time attacks by implementing
Boot Clock Randomization and secure network time synchronization using sdwdate.
</p>
</a>

<a href="/wiki/Debian_Tips#Open_Ports" class="card-wrapper" draggable="false" id="explain-ports">
<span class="image-wrapper"><img class="image image-cover" alt="No Open Ports" src="/w/images/thumb/2/29/Closed-ports-promo.jpg/300px-Closed-ports-promo.jpg" decoding="async" loading="lazy" /></span>
<h3>No Open Ports by Default</h3>
<p>
Kicksecure provides a much lower attack surface since
there are no open server ports by default unlike in some other Linux distributions.
</p>
</a>

<a href="https://github.com/Kicksecure/tirdad" target="_blank" class="card-wrapper" draggable="false" id="explain-tirdad">
<span class="image-wrapper"><img class="image image-cover" alt="TCP ISN Leak Protection" src="/w/images/thumb/a/a9/Data-leak.jpg/300px-Data-leak.jpg" decoding="async" loading="lazy" /></span>
<h3>CPU Information Leak Protection (TCP ISN Randomization)</h3>
<p>
Without TCP ISN randomization, sensitive information about a system’s CPU activity can leak through outgoing traffic,
exposing the system to side-channel attacks. Tirdad protects against this vulnerability.
</p>
</a>

<a href="/wiki/Download" target="_blank" class="card-wrapper" draggable="false" id="explain-virtualizercompatible">
<span class="image-wrapper"><img class="image image-cover" alt="Available for many virtualizers" src="/w/images/thumb/8/8e/Virtualizer-compatible.jpg/300px-Virtualizer-compatible.jpg" decoding="async" loading="lazy" /></span>
<h3>Available for many virtualizers</h3>
<p>
With support for multiple virtualization options, trying out Kicksecure is easy. VMs also help contain and
prevent the spread of malware.
</p>
</a>

</div>

<div class="mw-collapsible mw-collapsed no-item slider-list-if-js" data-expandtext="Learn More" data-collapsetext="Show Less">
<h3>15 more amazing features →</h3>
<div class="mw-collapsible-content">

<div class="col-container cc-3 justify">

<a href="https://github.com/Kicksecure/security-misc" target="_blank" class="card-wrapper" draggable="false" id="explain-brute">
<span class="image-wrapper">
<img class="image image-cover" alt="Brute Force Defense" src="/w/images/thumb/d/d7/Franck-v-_E1PQXKUkMw-unsplash.jpg/300px-Franck-v-_E1PQXKUkMw-unsplash.jpg" decoding="async" loading="lazy" />
</span>
<h3>Brute Force Defense</h3>
<p>
Kicksecure protects Linux user accounts against brute force attacks by using pam faillock.
</p>
</a>

<a href="/wiki/Dev/Entropy" class="card-wrapper" draggable="false" id="explain-entropy">
<span class="image-wrapper"><img class="image image-cover" alt="Entropy Enhancements" src="/w/images/thumb/e/ec/Entropy-promo.jpg/300px-Entropy-promo.jpg" decoding="async" loading="lazy" /></span>
<h3>Entropy Enhancements</h3>
<p>
Strong entropy is required for computer security to ensure the unpredictability and randomness of
cryptographic keys and other security-related processes.
Kicksecure makes encryption more secure thanks to preinstalled random number generators.
</p>
</a>

<a href="/wiki/Live_Mode" class="card-wrapper" draggable="false" id="explain-livemode">
<span class="image-wrapper"><img class="image image-cover image-left" src="/w/images/thumb/7/7e/Live-mode-promo.jpg/300px-Live-mode-promo.jpg" alt="Live Mode" decoding="async" loading="lazy" /></span>
<h3>Live Mode</h3>
<p>
Booting into Live Mode is as simple as choosing Live Mode in the boot menu.
After the session, all data will be gone.
</p>
</a>

<a href="/wiki/Debian" class="card-wrapper" draggable="false" id="explain-linuxbased">
<span class="image-wrapper"><img class="image image-cover" src="/w/images/thumb/6/62/Linux-based-kicksecure-promo.jpg/300px-Linux-based-kicksecure-promo.jpg" alt="Based on Linux" decoding="async" loading="lazy" /></span>
<h3>Based on Linux</h3>
<p>
Linux is highly reliable, secure, free and Open Source. That's why Kicksecure is based on Linux.
</p>
</a>

<a href="/wiki/Forcing_.onion_on_Project" class="card-wrapper" draggable="false" id="explain-onionwebsite">
<span class="image-wrapper"><img class="image image-cover" src="/w/images/thumb/3/33/Onion-website-promo.jpg/300px-Onion-website-promo.jpg" alt="Onion Website" decoding="async" loading="lazy" /></span>
<h3>Onion Website for Enhanced Connection Security</h3>
<p>
Our website offers an alternative onion service version.
This offers a higher connection security between the user and the server.
</p>
</a>



<a href="/wiki/AppArmor" class="card-wrapper" draggable="false" id="explain-apparmor">
<span class="image-wrapper"><img class="image" alt="Risk Minimization" src="/w/images/thumb/e/ec/AppArmor-logo-promo.png/300px-AppArmor-logo-promo.png" decoding="async" loading="lazy" /></span>
<h3>Risk Minimization</h3>
<p>
AppArmor profiles restrict the capabilities of commonly used, high-risk applications.
</p>
</a>

<a href="https://github.com/Kicksecure/security-misc" target="_blank" class="card-wrapper" draggable="false" id="explain-account">
<span class="image-wrapper"><img class="image" alt="Strong Linux User Account Separation" src="/w/images/thumb/8/87/Account-separation-promo.png/300px-Account-separation-promo.png" decoding="async" loading="lazy" /></span>
<h3>Strong Linux User Account Separation</h3>
<p>
Linux User Account Separation is not always a given on Linux systems. In Kicksecure it is.
</p>
</a>

<a href="/wiki/Sysmaint#Overview:_What_is_sysmaint_and_Why_Should_I_Care.3F" class="card-wrapper" draggable="false" id="explain-usersysmaint">
<span class="image-wrapper"><img class="image" alt="Safer System Maintenance through User-Sysmaint-Split" src="/w/images/b/b6/Usersysmaint-clipart.svg" decoding="async" loading="lazy" /></span>
<h3>Safer System Maintenance through User-Sysmaint-Split</h3>
<p>
Kicksecure boosts security by separating everyday use from system admin tasks.
Two accounts are used by default—one for daily work, one for maintenance—limiting what harm malware could do.
</p>
</a>

<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#libpam-tmpdir" class="card-wrapper" draggable="false" id="explain-tmpdir">
<span class="image-wrapper"><img class="image" alt="Safer Temporary Files with libpam-tmpdir" src="/w/images/thumb/a/a1/Tmpdir-hp-promo.jpg/300px-Tmpdir-hp-promo.jpg" decoding="async" loading="lazy" /></span>
<h3>Safer Temporary Files with libpam-tmpdir</h3>
<p>
Kicksecure includes libpam-tmpdir to improve system security by isolating temporary files per user
and tightening file permissions, reducing the risk of /tmp-based and symlink attacks.
</p>
</a>

<a href="/wiki/About#Implementation_of_the_Securing_Debian_Manual" class="card-wrapper" draggable="false" id="explain-sdebian">
<span class="image-wrapper"><img class="image" alt="Hardening with Securing Debian Manual" src="/w/images/b/bd/Sdebian-logo.svg" decoding="async" loading="lazy" /></span>
<h3>Hardening with Securing Debian Manual</h3>
<p>
Kicksecure applies key system hardening techniques from the Securing Debian Manual by default,
and adds original research to boost the baseline security.
</p>
</a>

<a href="/wiki/Documentation" class="card-wrapper" draggable="false" id="explain-docs">
<span class="image-wrapper">
<img class="image image-cover" alt="Extensive Documentation" src="/w/images/thumb/5/55/Advanceddocumentation213123.jpg/300px-Advanceddocumentation213123.jpg" decoding="async" loading="lazy" />
</span>
<h3>Comprehensive Security Documentation</h3>
<p>
Knowledge is a defense: Kicksecure offers extensive documentation to empower users with critical security information and best practices.
</p>
</a>

<a href="/wiki/Malware" class="card-wrapper" draggable="false" id="explain-virus">
<span class="image-wrapper"><img class="image" src="/w/images/thumb/c/cf/Shield.png/300px-Shield.png" alt="Virus Protection" decoding="async" loading="lazy" /></span>
<h3>Virus Protection</h3>
<p>
Kicksecure provides additional security hardening measures and user education for better
protection from virus attacks.
</p>
</a>

<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#Console_Lockdown" class="card-wrapper" draggable="false" id="explain-console">
<span class="image-wrapper"><img class="image image-cover" alt="Console Lockdown" src="/w/images/thumb/7/74/Console-lockdown.jpg/300px-Console-lockdown.jpg" decoding="async" loading="lazy" /></span>
<h3>Console Lockdown</h3>
<p>
Legacy login methods can be a security risk. Console Lockdown disables them for improved security
hardening.
</p>
</a>

<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#Permission_Lockdown" class="card-wrapper" draggable="false" id="explain-homelockdown">
<span class="image-wrapper"><img class="image image-cover" alt="Home Folder Permission Lockdown" src="/w/images/thumb/3/3b/Homelock-hp-promo.jpg/300px-Homelock-hp-promo.jpg" decoding="async" loading="lazy" /></span>
<h3>Home Folder Permission Lockdown</h3>
<p>
Kicksecure locks down user home folders by default, preventing one user from viewing another's files.
This adds an extra layer of privacy and security.
</p>
</a>

<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#umask_hardening" class="card-wrapper" draggable="false" id="explain-umask">
<span class="image-wrapper"><img class="image image-cover" alt="Umask Hardening for Safer File Defaults" src="/w/images/7/70/Umask-clipart.svg" decoding="async" loading="lazy" /></span>
<h3>Umask Hardening for Safer File Permissions</h3>
<p>
Kicksecure improves file security by setting a stricter default umask for non-root accounts,
so new files aren’t readable by others unless explicitly allowed.
</p>
</a>

<a href="/wiki/About" class="card-wrapper" draggable="false" id="explain-debian">
<span class="image-wrapper"><img class="image" src="/w/images/thumb/3/30/Debian.png/300px-Debian.png" alt="Based on Debian" decoding="async" loading="lazy" /></span>
<h3>Based on Debian</h3>
<p>
Kicksecure is based on Debian, one of the most reliable Linux distributions.
</p>
</a>

<a href="/wiki/Verifying_Software_Signatures" class="card-wrapper" draggable="false" id="explain-signed">
<span class="image-wrapper"><img class="image" src="/w/images/thumb/7/77/Key-lock-gpg.png/300px-Key-lock-gpg.png" alt="Digitally signed releases" decoding="async" loading="lazy" /></span>
<h3>Digitally signed releases</h3>
<p>
Downloads are signed so genuine Kicksecure releases can be verified.
</p>
</a>

<a href="/wiki/Trust#canary" class="card-wrapper" draggable="false" id="explain-canary">
<span class="image-wrapper"><img class="image image-cover" alt="Warrant Canary" src="/w/images/thumb/4/49/Canary-promo.jpg/300px-Canary-promo.jpg?20220902121433" decoding="async" loading="lazy" /></span>
<h3>Warrant Canary</h3>
<p>
A canary confirms that no warrants have ever been served on the Kicksecure project.
</p>
</a>

<a href="https://github.com/Kicksecure/swap-file-creator" target="_blank" class="card-wrapper" draggable="false" id="explain-swap">
<span class="image-wrapper">
<img class="image" alt="Swap File Creator" src="/w/images/thumb/7/7b/File-swap-promo.jpg/450px-File-swap-promo.jpg" decoding="async" loading="lazy" />
</span>
<h3>Swap File Creator</h3>
<p>
Running low on RAM isn't a security problem with swap-file-creator. It will create an encrypted swap
file.
</p>
</a>
</div>



<a href="https://www.kicksecure.com/wiki/SUID_Disabler_and_Permission_Hardener" target="_blank" class="card-wrapper" draggable="false" id="explain-sui-disabler">
<span class="image-wrapper"><img decoding="async" loading="lazy" class="image image-cover" src="/w/images/thumb/e/ed/Disablesuidbinary.jpg/300px-Disablesuidbinary.jpg" alt="Permission Hardener" /></span>
<h3>SUID Disabler and Permission Hardener</h3>
<p>SUID Disabler and Permission Hardener enhances system security by strengthening the isolation of Linux user accounts and more.</p>
</a>

</div>
</div>
</div>

</div>




<div id="values" class="section-values">
<div class="inner-wrapper">
<h2 class="no-item">
Freedom Values
<span class="share-tooltip" data-anchor="values"></span>
</h2>

<div class="col-container cc-3 justify">

<a href="https://github.com/Kicksecure" target="_blank" class="card-wrapper" draggable="false" id="explain-opensource">
<span class="image-wrapper"><img class="image" alt="Open Source" src="/w/images/thumb/0/09/Osi_standard_logo_0.png/300px-Osi_standard_logo_0.png" decoding="async" loading="lazy" /></span>
<h3>Open Source</h3>
<p>
We respect user rights to review, scrutinize, modify, and redistribute Kicksecure. This improves
security
and privacy for everyone.
</p>
</a>

<a href="/wiki/Reasons_for_Freedom_Software" class="card-wrapper" draggable="false" id="explain-freedom">
<span class="image-wrapper"><img class="image" alt="Freedom Software" src="/w/images/thumb/a/a3/Heckert_gnu.big.png/300px-Heckert_gnu.big.png" decoding="async" loading="lazy" /></span>
<h3>Freedom Software</h3>
<p>
Kicksecure is Freedom Software and contains software developed by the Free Software Foundation
and the GNU Project.
</p>
</a>

<a href="/wiki/What_we_do" class="card-wrapper" draggable="false" id="explain-research">
<span class="image-wrapper"><img class="image" src="/w/images/thumb/7/7f/Cornues.png/300px-Cornues.png" alt="Research and Implementation Project" decoding="async" loading="lazy" /></span>
<h3>Research and Implementation Project</h3>
<p>
Kicksecure is an actively maintained research project
making constant improvements; no shortcomings are ever hidden from users.
</p>
</a>

<a href="/wiki/Reasons_for_Freedom_Software" class="card-wrapper" draggable="false" id="explain-auditable">
<span class="image-wrapper"><img class="image image-cover" alt="Fully Auditable" src="/w/images/thumb/4/44/Bho78-4ycp0.jpg/300px-Bho78-4ycp0.jpg" decoding="async" loading="lazy" /></span>
<h3>Fully Auditable</h3>
<p>
Kicksecure is independently verifiable by security experts and software developers around the world.
This improves security and privacy for everyone.
</p>
</a>

<a href="/wiki/Reasons_for_Freedom_Software#No_Intentional_User_Freedom_Restrictions" class="card-wrapper" draggable="false" id="explain-respect">
<span class="image-wrapper"><img class="image image-cover" alt="Complete respect for privacy and users freedom" src="/w/images/thumb/e/ef/Respect-freedom-symbol.jpg/300px-Respect-freedom-symbol.jpg" decoding="async" loading="lazy" /></span>
<h3>Complete respect for privacy and user freedom</h3>
<p>
Kicksecure respects data privacy principles. We don’t make advertising deals or collect sensitive
personal
data.
</p>
</a>

</div>
</div>
</div>




<div id="upcoming" class="section-upcoming dark-section">
<div class="inner-wrapper">
<h2>
Upcoming Security Enhancements
<span class="share-tooltip" data-anchor="upcoming"></span>
</h2>

<div class="col-container cc-3 justify">





<a href="/wiki/Sandbox-app-launcher" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" src="/w/images/thumb/6/60/Sandboxing123123.png/300px-Sandboxing123123.png" alt="Sandboxed Application Launcher" decoding="async" loading="lazy" /></span>
<p>sandbox-app-launcher is an application launcher that can start each application inside its own
restrictive sandbox. Each application runs as its own user, in a bubblewrap sandbox and confined by
AppArmor.</p>
</a>

</div>

<div class="mw-collapsible mw-collapsed no-item slider-list-if-js" data-expandtext="Learn More" data-collapsetext="Show Less">
<h3>8 more Enhancements →</h3>
<div class="mw-collapsible-content">

<div class="col-container cc-3 justify">

<a href="/wiki/apparmor.d" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" src="/w/images/thumb/7/79/Mandatoryaccesscontrol.jpg/300px-Mandatoryaccesscontrol.jpg" alt="AppArmor" decoding="async" loading="lazy" /></span>
<p>apparmor.d - Full system Mandatory Access Control (MAC) policy - "AppArmor for everything"</p>
</a>

<a href="https://forums.whonix.org/t/untrusted-root-does-it-make-sense-to-try-to-improve-security-by-restricting-root/7998" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" src="/w/images/thumb/5/53/Untrustedrootaccess.jpg/300px-Untrustedrootaccess.jpg" alt="Restricting root" decoding="async" loading="lazy" /></span>
<p>Untrusted Root User</p>
</a>



<a href="/wiki/Dev/VirusForget" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Deactivate malware after reboot" src="/w/images/thumb/e/e7/Malware-symbol.jpg/300px-Malware-symbol.jpg" decoding="async" loading="lazy" /></span>
<p>Deactivate malware after reboot from non-root compromise</p>
</a>

<a href="/wiki/Hardened-kernel" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Hardened Linux Kernel" src="/w/images/thumb/6/6d/Hardenkernel.jpg/300px-Hardenkernel.jpg" decoding="async" loading="lazy" /></span>
<p>Hardened Linux Kernel</p>
</a>

<a href="/wiki/Security-misc#Reduce_Kernel_Information_Leaks" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Limit Kernel Information Leaks" src="/w/images/thumb/5/5a/Limit-kernel-leak-hp-promo.jpg/300px-Limit-kernel-leak-hp-promo.jpg" decoding="async" loading="lazy" /></span>
<p>Limit Kernel Information Leaks</p>
</a>

<a href="/wiki/Security-misc#hidepid" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Hide Other Users' Processes for Better Isolation" src="/w/images/thumb/6/63/Hidepid-hp-promo.jpg/300px-Hidepid-hp-promo.jpg" decoding="async" loading="lazy" /></span>
<p>Hide Other Users' Processes for Better Isolation</p>
</a>

<a href="/wiki/Noexec" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Enhanced Security via Mount Options and Compiler Restrictions" src="/w/images/thumb/4/47/Comprestrict-hp-promo.jpg/300px-Comprestrict-hp-promo.jpg" decoding="async" loading="lazy" /></span>
<p>Enhanced Security via Mount Options and Compiler Restrictions</p>
</a>

<a href="https://forums.whonix.org/t/lock-down-interpreters-compilers-interpreter-lock-compiler-lock/18499" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Limit Compiler and Interpreter Access" src="/w/images/thumb/8/8b/Complimit-hp-promo.jpg/300px-Complimit-hp-promo.jpg" decoding="async" loading="lazy" /></span>
<p>Limit Compiler and Interpreter Access</p>
</a>

<a href="https://forums.whonix.org/t/use-codecrypt-to-sign-whonix-releases/7844/2" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Post-quantum cryptography resistant signing" src="/w/images/thumb/9/90/Postquantum.jpg/300px-Postquantum.jpg" decoding="async" loading="lazy" /></span>
<p>Post-quantum cryptography resistant signing of releases</p>
</a>

<a href="https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="Mount Options Hardening" src="/w/images/thumb/7/7b/Mountoptions.jpg/300px-Mountoptions.jpg" decoding="async" loading="lazy" /></span>
<p>Mount Options Hardening</p>
</a>

<a href="wiki/Sysmaint" target="_blank" rel="noopener" class="card-wrapper" draggable="false">
<span class="image-wrapper"><img class="image image-cover" alt="multiple boot modes for better security" src="/w/images/thumb/7/7c/Multipleboot.jpg/300px-Multipleboot.jpg" decoding="async" loading="lazy" /></span>
<p>Role-Based Boot Modes, multiple Boot modes for better security (user-sysmaint-split)</p>
</a>

</div>
</div>
</div>

</div>
</div>









<div id="contribute" class="section-help">
<div class="inner-wrapper">
<h2>
Join the team!
<span class="share-tooltip" data-anchor="contribute"></span>
</h2>
<div>
<a href="/wiki/Contribute">
<img decoding="async" loading="lazy" width="450" height="415" src="/w/images/thumb/6/62/Digital-nomad.jpg/450px-Digital-nomad.jpg" alt="Help Welcome" />
<span><b>Your help is very welcome!</b> As a patron, as a multiplier or even as a contributor!</span>
</a>
</div>
</div>
</div>

</div> 






<div class="mini-modal section-modal" id="modal-explain-protectedupdates">
<img src="/w/images/thumb/1/16/Malware-updates-promo.jpg/600px-Malware-updates-promo.jpg" alt="Protected Updates" decoding="async" loading="lazy" />
<p>
Kicksecure update servers know neither the identity nor IP address of the user because
<a href="wiki/About#torified_updates" target="_blank" rel="noopener">all upgrades are downloaded over
Tor by default</a>.
</p>
</div>

<div class="mini-modal section-modal" id="modal-explain-kernel">
<img src="/w/images/thumb/8/8d/Tux-halo-promo.jpg/600px-Tux-halo-promo.jpg" alt="Kernel Hardening" decoding="async" loading="lazy" />
<p>
Kicksecure uses
<a href="https://github.com/Kicksecure/security-misc" target="_blank">strong Kernel Hardening Settings</a>
as recommended by the Kernel Self Protection Project (KSPP).
</p>
</div>

<div id="modal-explain-time" class="mini-modal section-modal">
<img src="/w/images/thumb/6/6d/Stopwatch.jpg/600px-Stopwatch.jpg" alt="Time Attacks Defense" decoding="async" loading="lazy" />
<p>
<a href="/wiki/Time_Attacks">Time attacks</a>
on Kicksecure users are defeated by
<a href="/wiki/Boot_Clock_Randomization">Boot Clock Randomization</a>
and secure network time synchronization through
<a href="/wiki/sdwdate">sdwdate</a>
(Secure Distributed Web Date).
</p>
</div>

<div class="mini-modal section-modal" id="modal-explain-ports">
<img src="/w/images/thumb/2/29/Closed-ports-promo.jpg/600px-Closed-ports-promo.jpg" alt="Closed Ports" decoding="async" loading="lazy" />
<p>
Kicksecure provides a much lower attack surface since
<a href="/wiki/Debian_Tips#Open_Ports">there are no open server ports by default unlike other Linux
distributions.</a>
All unsolicited incoming connections are rejected.
</p>
</div>

<div id="modal-explain-tirdad" class="mini-modal section-modal">
<img src="/w/images/thumb/a/a9/Data-leak.jpg/600px-Data-leak.jpg" alt="Prevent TCP ISN Leaks" decoding="async" loading="lazy" />
<p>
Without TCP ISN randomization, patterns in outgoing traffic can reveal unique characteristics of a system’s CPU, compromising user security.
<a target="_blank" class="external text" href="https://github.com/Kicksecure/tirdad">TCP ISN randomization</a>
helps preserve security by masking these signals.
</p>
</div>

<div id="modal-explain-virtualizercompatible" class="mini-modal section-modal">
<img src="https://www.kicksecure.com/w/images/thumb/8/8e/Virtualizer-compatible.jpg/600px-Virtualizer-compatible.jpg" alt="Many virtualizers" decoding="async" loading="lazy" />
<p>
You can easily try Kicksecure by using
<a href="/wiki/Download">
various virtualizers
</a>
, which enables security compartmentalization by running a Kicksecure VM on top of a Kicksecure host to isolate
malware and testing inside the VM.
</p>
</div>

<div id="modal-explain-brute" class="mini-modal section-modal">
<img src="/w/images/thumb/d/d7/Franck-v-_E1PQXKUkMw-unsplash.jpg/600px-Franck-v-_E1PQXKUkMw-unsplash.jpg" alt="Brute Force defense" decoding="async" loading="lazy" />
<p>
Kicksecure protects Linux user accounts
<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#Bruteforcing_Linux_Account_Passwords_Protection" target="_blank">against brute force attacks</a>
by using pam faillock.
</p>
</div>

<div id="modal-explain-entropy" class="mini-modal section-modal">
<img src="/w/images/thumb/e/ec/Entropy-promo.jpg/600px-Entropy-promo.jpg" alt="Better encryption" decoding="async" loading="lazy" />
<p>
Strong entropy is required for computer security to ensure the unpredictability and randomness of cryptographic keys
and other security-related processes.
Kicksecure makes encryption more secure thanks to <a href="/wiki/Dev/Entropy">preinstalled</a> random number
generators.
</p>
</div>

<div id="modal-explain-livemode" class="mini-modal section-modal">
<img src="/w/images/thumb/7/7e/Live-mode-promo.jpg/600px-Live-mode-promo.jpg" alt="Live mode option" decoding="async" loading="lazy" />
<p>
Booting a VM into
<a href="/wiki/Live_Mode">Live Mode</a>
is as simple as choosing Live Mode in the boot menu.

After the session, all data will be gone.
</p>
</div>

<div id="modal-explain-linuxbased" class="mini-modal section-modal">
<img src="/w/images/thumb/6/62/Linux-based-kicksecure-promo.jpg/600px-Linux-based-kicksecure-promo.jpg" alt="Based on Linux" decoding="async" loading="lazy" />
<p>
Linux is highly reliable and secure. It is Open Source and freedom paradigm sets it apart from other OS.
That's why Kicksecure
<a href="/wiki/Debian">
is based on Linux.
</a>
</p>
</div>

<div id="modal-explain-onionwebsite" class="mini-modal section-modal">
<img src="/w/images/thumb/3/33/Onion-website-promo.jpg/600px-Onion-website-promo.jpg" alt="Onion website" decoding="async" loading="lazy" />
<p>
Our website offers an alternative onion version which offers a higher connection security between the user and the server.
This is because connections over onions are providing an alternative end-to-end encryption which is independent from
<a href="/wiki/Forcing_.onion_on_Project">
flawed TLS certificate authorities
</a>
and the mainstream Domain Name System (DNS).
</p>
</div>

<div id="modal-explain-firewall" class="mini-modal section-modal">
<img src="/w/images/thumb/8/82/Firewall-symbol.png/600px-Firewall-symbol.png" alt="Advanced Firewall" decoding="async" loading="lazy" />
<p>
Our Firewall is configured specifically for securely using the Internet.
</p>
</div>

<div id="modal-explain-apparmor" class="mini-modal section-modal">
<img src="/w/images/thumb/e/ec/AppArmor-logo-promo.png/600px-AppArmor-logo-promo.png" alt="Apparmor" decoding="async" loading="lazy" />
<p>
<a href="/wiki/AppArmor">AppArmor</a> profiles restrict the
capabilities of
commonly used, high-risk applications such as Tor Browser.
</p>
</div>

<div id="modal-explain-account" class="mini-modal section-modal">
<img src="/w/images/thumb/8/87/Account-separation-promo.png/600px-Account-separation-promo.png" alt="Strong account separation" decoding="async" loading="lazy" />
<p>
Learn more about our
<a href="https://www.kicksecure.com/wiki/Dev/Strong_Linux_User_Account_Isolation" target="_blank">Linux User Account Separation</a>
.
</p>
</div>

<div id="modal-explain-usersysmaint" class="mini-modal section-modal">
<img src="/w/images/b/b6/Usersysmaint-clipart.svg" alt="Safer System Maintenance through User-Sysmaint-Split" decoding="async" loading="lazy" />
<p>
Kicksecure increases safety by using separate accounts for daily use and admin tasks. This is called
<a href="/wiki/Sysmaint#Overview:_What_is_sysmaint_and_Why_Should_I_Care.3F">user-sysmaint-split</a>.
It prevents routine software—like a hacked browser—from gaining full system access or installing rootkits.
</p>
</div>

<div id="modal-explain-tmpdir" class="mini-modal section-modal">
<img src="/w/images/thumb/a/a1/Tmpdir-hp-promo.jpg/600px-Tmpdir-hp-promo.jpg" alt="Safer Temporary Files with libpam-tmpdir" decoding="async" loading="lazy" />
<p>
To prevent /tmp-based attacks,
<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#libpam-tmpdir">Kicksecure uses libpam-tmpdir</a>,
which creates secure, per-user temporary folders and sets strict permissions. This blocks common threats like symlink exploits.
</p>
</div>

<div id="modal-explain-sdebian" class="mini-modal section-modal">
<img src="/w/images/b/bd/Sdebian-logo.svg" alt="Hardening with Securing Debian Manual" decoding="async" loading="lazy" />
<p>
<a href="/wiki/About#Implementation_of_the_Securing_Debian_Manual">Kicksecure integrates many of the system hardening practices from the Securing Debian Manual</a>
to improve its security posture. Although Debian's manual is older, Kicksecure supplements it
with its own research and publishes updated security guidance in its wiki,
ensuring users benefit from both foundational and current best practices.
</p>
</div>

<div id="modal-explain-docs" class="mini-modal section-modal">
<img src="/w/images/thumb/5/55/Advanceddocumentation213123.jpg/600px-Advanceddocumentation213123.jpg" alt="Extensive documentation" decoding="async" loading="lazy" />
<p>
Knowledge is a defense: Explore
<a href="/wiki/Documentation">Kicksecure's comprehensive documentation </a>
to strengthen your security posture and reduce vulnerabilities.
</p>
</div>

<div id="modal-explain-virus" class="mini-modal section-modal">
<img src="/w/images/thumb/c/cf/Shield.png/600px-Shield.png" alt="Virus Protection" decoding="async" loading="lazy" />
<p>
Kicksecure provides additional security hardening measures and user education to provide better
protection from
<a href="/wiki/Malware">viruses / malware</a>.
</p>
</div>

<div id="modal-explain-console" class="mini-modal section-modal">
<img src="/w/images/thumb/7/74/Console-lockdown.jpg/600px-Console-lockdown.jpg" alt="Console lockdown" decoding="async" loading="lazy" />
<p>
<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#Console_Lockdown">
Console Lockdown
</a>
disables legacy login methods and thereby improves security hardening.
</p>
</div>

<div id="modal-explain-homelockdown" class="mini-modal section-modal">
<img src="/w/images/thumb/3/3b/Homelock-hp-promo.jpg/600px-Homelock-hp-promo.jpg" alt="Home Folder Permission Lockdown" decoding="async" loading="lazy" />
<p>
Kicksecure enforces
<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#Permission_Lockdown">strict file permission settings in /home</a>,
automatically removing read, write, and execute access for others during setup or account creation.
This prevents users from accessing each other's files and corrects unsafe permissions that may exist from earlier configurations.
The approach aligns with hardening principles from the
<a href="/wiki/About#Implementation_of_the_Securing_Debian_Manual">Securing Debian Manual</a>.
</p>
</div>

<div id="modal-explain-umask" class="mini-modal section-modal">
<img src="/w/images/7/70/Umask-clipart.svg" alt="Home Folder Permission Lockdown" decoding="async" loading="lazy" />
<p>
To reduce the risk of unintended file exposure,
<a href="/wiki/Dev/Strong_Linux_User_Account_Isolation#umask_hardening">Kicksecure sets a stricter default umask</a>
for non-root accounts so that new files are inaccessible to other accounts by default.
This enhances security beyond the /home folder, especially in shared areas like folder /var.
</p>
</div>

<div id="modal-explain-debian" class="mini-modal section-modal">
<img src="/w/images/thumb/3/30/Debian.png/600px-Debian.png" alt="Based on Debian" decoding="async" loading="lazy" />
<p>
In oversimplified terms, Kicksecure is just a collection of configuration files and scripts.
Kicksecure is not a stripped down version of Debian; anything possible in "vanilla"
Debian GNU/Linux can be replicated in Kicksecure.
<a href="/wiki/About">About Kicksecure</a>
</p>
</div>

<div id="modal-explain-signed" class="mini-modal section-modal">
<img src="/w/images/thumb/7/77/Key-lock-gpg.png/600px-Key-lock-gpg.png" alt="Securely signed" decoding="async" loading="lazy" />
<p>
Downloads are
<a href="/wiki/Verifying_Software_Signatures">signed</a>
so genuine Kicksecure releases can be
<a href="/wiki/Verify_the_Kicksecure_images">verified</a>.
</p>
</div>

<div id="modal-explain-canary" class="mini-modal section-modal">
<img src="/w/images/thumb/4/49/Canary-promo.jpg/600px-Canary-promo.jpg" alt="Warrant caranry" decoding="async" loading="lazy" />
<p>
A
<a href="/wiki/Trust#canary">canary</a>
confirms that no warrants have ever been served on the Kicksecure project.
</p>
</div>

<div id="modal-explain-swap" class="mini-modal section-modal">
<img src="/w/images/thumb/7/7b/File-swap-promo.jpg/600px-File-swap-promo.jpg" alt="Swap file creator" decoding="async" loading="lazy" />
<p>
Running low on RAM isn't a security problem.
<a href="https://github.com/Kicksecure/swap-file-creator" target="_blank">swap-file-creator</a>
will create an encrypted swap file.
</p>
</div>





<div id="modal-explain-opensource" class="mini-modal section-modal">
<img src="/w/images/thumb/0/09/Osi_standard_logo_0.png/600px-Osi_standard_logo_0.png" alt="Open Source" decoding="async" loading="lazy" />
<p>
All the <a href="https://github.com/Kicksecure" target="_blank">Kicksecure source code</a> is
licensed under
<a href="https://opensource.org/licenses/" target="_blank">OSI Approved Licenses</a>.
We respect user rights to review, scrutinize, modify, and redistribute Kicksecure.
This improves security and privacy for everyone.
</p>
</div>

<div id="modal-explain-freedom" class="mini-modal section-modal">
<img src="/w/images/thumb/a/a3/Heckert_gnu.big.png/600px-Heckert_gnu.big.png" alt="Freedom Software" decoding="async" loading="lazy" />
<p>
Kicksecure is
<a href="/wiki/Reasons_for_Freedom_Software">Freedom Software</a>
and contains software developed by the
<a href="https://www.fsf.org/" target="_blank">Free Software Foundation</a>
and the
<a href="https://www.gnu.org" target="_blank">GNU Project</a>.
</p>
</div>

<div id="modal-explain-research" class="mini-modal section-modal">
<img src="/w/images/thumb/7/7f/Cornues.png/600px-Cornues.png" alt="Research Implementation Project" decoding="async" loading="lazy" />
<p>
<a href="/wiki/What_we_do" title="Research">Research</a>
and Implementation Project: Kicksecure makes modest claims and is wary of overconfidence.
Kicksecure is an actively maintained research project making constant improvements; no
<a href="/wiki/Warning" title="Warning">shortcomings</a>
are ever hidden from users.
</p>
</div>

<div id="modal-explain-auditable" class="mini-modal section-modal">
<img src="/w/images/thumb/4/44/Bho78-4ycp0.jpg/600px-Bho78-4ycp0.jpg" alt="Independently verifiable" decoding="async" loading="lazy" />
<p>
Kicksecure is independently verifiable by security experts and software developers around the world; you
don’t have to trust developer claims.
<a href="/wiki/Reasons_for_Freedom_Software">
This improves security and privacy for everyone.
</a>
</p>
</div>

<div id="modal-explain-respect" class="mini-modal section-modal">
<img src="/w/images/thumb/e/ef/Respect-freedom-symbol.jpg/600px-Respect-freedom-symbol.jpg" alt="Respect for privacy principles" decoding="async" loading="lazy" />
<p>
Kicksecure respects data privacy principles. We don’t make advertising deals or collect sensitive
personal data. There are
<a href="/wiki/Reasons_for_Freedom_Software#No_Intentional_User_Freedom_Restrictions">
no artificial restrictions imposed on possible system configurations
</a>.
</p>
</div>

<div id="modal-explain-sui-disabler" class="mini-modal section-modal">
<span class="image-wrapper"><img decoding="async" loading="lazy" alt="SUI Disabler and Permission Hardener" src="/w/images/thumb/e/ed/Disablesuidbinary.jpg/600px-Disablesuidbinary.jpg" /></span>
<p>
The purpose of
<a href="/wiki/SUID_Disabler_and_Permission_Hardener">
SUID Disabler and Permission Hardener
</a>
is to enhance system security. It does this by strengthening the isolation of Linux user accounts,
implementing stricter file permission settings, and decreasing potential security vulnerabilities by turning off SUID-enabled binaries.
</p>
</div>