So, a while back I installed Xfce with Chicago95, but was disappointed. Xfce just doesn’t vibe with me, and a strict emulation of Windows95 is not really what I wanted, I just wanted something that “felt” that classic.
So I was gonna give up and just use KDE, until I saw TDE. I think TDE is probably what I’m looking for but I’m concerned about using anything so minor because security.
It TDE secure (for personal use)?
Can a DE even be insecure, or are they all generally as secure as each-other as long as you follow the rules (trustworthy software, closed firewall, install patches fast, and disaster recovery plans)?
What vulnerabilities can a desktop environment even have (edit)?
As far as the TDE devs know, there haven’t been any issues resulting in a user getting hacked, they’ve modernized the underlying code, and actively patch any reported vulnerabilities: https://redlib.tiekoetter.com/r/linuxquestions/comments/1f81hz4/is_q4ostrinity_desktop_environment_inherently/
That said, it is still a niche codebase with a small team, so they might not have the resources to be so proactive against theoretical vulnerabilities as a project like KDE or GNOME with Wayland. If you’re being targeted, TDE would certainly be a shiny attack surface, but otherwise, I don’t really see why a hacking group would go for something as niche as TDE. There’s a tradeoff, like the one I take with X11 because I refuse to give up my XFCE+Chicago95 setup for an arguably more secure Wayland setup.
Most of the issues of a desktop environment just come down to there being more code and therefore a larger attack surface. Lots of widgets, obscure processes, and nooks and crannies to hide malicious stuff too. And legacy code with expansive privileges from the days before security was as much of a concern. While not Linux, it is analogous with security being a big part of why Microsoft released Server Core, which stripped out much of the GUI.
An extreme case, I also know of a someone who used Windows XP to do rather important work on the internet until around 2020. Only thing that stopped them were websites getting too bloated to load on their computer. But they did follow the basic rules as you mentioned and seemed to be just fine.
I guess it all comes down to the security of X11, and also whether X11 could even be exploited without arbitrary code execution though Anki or Firefox or Steam Chat or something. At which point no sane hacker would waste such an exploit on X11 that’s rapidly becoming defunct.
I think they skipped the third rule, install patches fast.