Adding rules to protect local services and regulate inbound and outbound network traffic is pretty simple, if you understand how ufw works. Aside from the firewall, which as noted above is inactive by default, there are no other network or application-level security features in place. SELinux, AppArmor, and Tomoyo, three mandatory access control applications for Linux distributions, are missing from Chakra. This gives Chakra the worst security posture of any distribution that has been reviewed on this website. From a purely security angle, this distribution is a nightmare. There is an interesting discussion on the Chakra forums regarding the security posture of Chakra that I will encourage everybody to read, You may access it here. The second post in that thread shows the level of ignorance on security matters that pervade some Linux communities.
Final Thoughts: This is a distribution I could be running on my personal computers, if not for the lack of physical and network security applications. The security shortcomings aside, no attempt appears to have been made to make this release to “just work” out of the box, without a user spending valuable time installing applications that should have been installed from the “factory.” But even that is a minor inconvenience. It is the very bad security posture that is a show-stopper, for me at least. At a minimum, I hope the developers will address the security angle by next the release. And it wont hurt to make sure that that next release “just works.” Until then, you might want to read how to customize Chakra 2011.11.
Resources: Download installation images from here. All the basic information you need to know about Chakra are available here. You may post support questions here or on Questions and Answers.
Screenshots: More screenshots from test installations of Chakra Edn 2011.11.
Just a screenshot showing the installation in progress.
BURG is the default boot loader. This installation step shows that Tribe does not give you an option to configure a password for BURG. You can do that, however, by installing BURG-Manager.
Initial ramdisk customization options during installation.
The default KDE 4.7.3 desktop.
The desktop showing the Stackfolder, a favorite feature of mine. With the Stackfolder, you can browse all your file system directories without launching Dolphin, the file manager. How to customize Chakra 2011.11 provides instructions on how to install Stackfolder.
And there is the KDE Plasma Netbook interface. This screenshot shows installed multimedia applications.
Starting Calibre, the installed e-book reader.
Thank you so much for doing this review, this kind of feedback is appreciated.
You are correct about the security issues, it has not had the attention it deserves in developing this Distro, and needs to be addressed in the next team meeting.
As you mention, a Chakra ISO is GTK2 free, that ofc means, shipping flashplugin by default is not an option, it requires GTK2. The java-runtime shipped in the ISO for libre-office is openjdk, Chakra chooses foss options as much as possible, and let’s the user decide, if they prefer proprietary instead.
Which brings us to the focus of Chakra. There are plenty of Distro’s, that require no user intervention, all is setup by default, but gives the user less power over the final installed system. That was never the goal of Chakra. The goal is an easy to setup basic system, were the user has all the power to make the KDE install their own, user intervention and Wiki reading is required. This part of the goal clearly needs to be better explained, and will be one of the goals for the next release.
Thanks to all the chakra team and everyone in kde Gnu and upstream for making this distro a reality, Im looking up for the security enhacements and the next dev meeting to see where is going to go chakra in the future!!!
Nice review… Hail Chakra!!!! XD
1. Semi-rolling releases. 2. Polished KDE implementation 3. Very fast package manager* 4. Relatively easy installation.
If the security issues are taken care of (especially having the option to start/configure the firewall during installation), I will probably use this as my primary OS.
It is great to see the developers responding (positively) to honest reviews like this. Looking forwards to the next release (beta?).
*Package management: I still need to wrap my head around the package management in Chakra. Seems like if all the dependencies are self-contained in an application, it should work well without breaking during upgrades. But having the dependencies ‘bundled’ into the applications – does that not duplicate the libraries and consume memory (albeit very little)?