L'ideale sarebbe avere un'infrastruttura principale di codice open-source minimo distribuito in modo sicuro e firmato, ma essere comunque in grado di eseguire codice non affidabile. La prima cosa che viene in mente è qualcosa come Qubes . Non conosco un confronto completo, ma so che prendono molto sul serio la loro paranoia del codice base.
Qubes takes an approach called security by compartmentalization, which allows you to compartmentalize the various parts of your digital life into securely isolated compartments called qubes.
This approach allows you to keep the different things you do on your computer securely separated from each other in isolated qubes so that one qube getting compromised won’t affect the others. For example, you might have one qube for visiting untrusted websites and a different qube for doing online banking. This way, if your untrusted browsing qube gets compromised by a malware-laden website, your online banking activities won’t be at risk. Similarly, if you’re concerned about malicious email attachments, Qubes can make it so that every attachment gets opened in its own single-use disposable qube. In this way, Qubes allows you to do everything on the same physical computer without having to worry about a single successful cyberattack taking down your entire digital life in one fell swoop.
alternative:
link
link
link