Risks of Using Kali Linux as a Primary Desktop OS

Hello everyone,

I have a question that I’m sure many users have wondered about: what are the actual risks of using Kali Linux as the main operating system on a personal computer?

I understand that Kali is primarily designed for professional use in offensive security, controlled environments, or virtual machines. However, I really enjoy using Kali natively on my hardware on a daily basis. I find it very powerful, smooth, and I love its command-line tools.

That said, I’ve always had some concerns about security. Many people advise against using Kali as a regular desktop OS but don’t always clearly explain why it might be risky or not recommended.
Is it mainly because the pre-installed tools can be dangerous if misused? Or does the distribution itself (services, network configurations, etc.) introduce vulnerabilities or behaviors that make it less safe for standard use like browsing, emails, or document editing?

So I have two main questions:

  1. What are the concrete security risks involved in using Kali Linux as a daily driver installed on bare metal?
  2. What tips or best practices would you recommend to secure Kali Linux when used as a daily desktop OS?
    (For example: hardening, disabling unnecessary services, profile separation, sandboxing, etc.)

Thanks in advance for any insights! I’m open to recommendations, links, or shared experiences.

2 Likes

Perfectly usable as an everyday distro.

Whilst there are some things in this list I may not bother with myself, this will give you an idea of things you may want to think about;

“add a non-root user”? seems a bit dated ^^

3 Likes

prolly used gpt to write the article.

1 Like

I like kali purple as my primary, going to try to install wazuh
Have to install debian testing keys and repos for some other applications

I didn’t say it was my guide, just an example of some things you ‘may’ want to think about :wink:

1 Like

Would it be ok replace win 7 with kali ?

That is up to you, really

Thankyou . thought it might work to give new life to an old laptop .

You know what they say, opinions are like arse holes. Everyone has one.

I have seen so many opinions made about Kali over the years over it’s inherent insecurities, upto and including suggestions that it is backdoored on purpose(it’s not).

It used to come with only the root account enabled so people said it was insecure because of that. Not a security risk in my mind. However, that’s no longer the case any way.

If someone has enough of a foothold in your system to access any of the pre installed tools, then you are pwned already.

No more than almost any other Linux distribution.

Again, the same as any other linux distribution.

Kali is just Debian with some customisations, a very cool logo and some pre-installed tools and you can opt to not install them during the installation process.

2 Likes

I’ve been using Kali as my primary OS since 2018. To stay on the safe side, avoid using the kali-rolling repository. Instead, use the kali-last-snapshot branch to prevent a bunch of errors after performing updates or upgrades.
More info: Kali Branches | Kali Linux Documentation

That’ll work, but it can do much more than just revive an old machine. Enjoy it anyway

Saw the same kind of question yesterday on Reddit. Wondering why all of a sudden people seem so concerned that Kali could not be used as main OS.

People especially harp on about not using it as a daily driver not based on knowledge but based on hearsay. I use it as a daily driver and have hardened what I needed to harden as per the Kali FAQ articles. Case closed. It is just as secure as any other linux distro. Ignore the opinions as if you know linux then you will be fine.

Yeah lots of talking anyway. I’m not always a good listener.

I’ll check those articles you mentioned.

Thanks

I am currently using Kali as the main OS on an old x220 Thinkpad computer that used to have a Windows 7 OS from all the way back to 2015, and it’s working fine except for some lags caused by the lack of memory space, but overall there shouldn’t be any security issues. I just wiped the entire disk because there isn’t really anything valuable on the system anyways and just installed Kali. Even if you are not using it for offensive security you can still use it as a day-to-day OS like windows.

Kali Linux does not seem to support UEFI secure boot (upstream Debian does), so that is a risk. Check out my StackExchange question for more details: https://unix.stackexchange.com/questions/766309/error-boot-vmlinuz-6-6-9-amd64-has-invalid-signature-with-secure-boot-on-in

Actually you can create and sign your own loader shim, which is all the upstream Linux distros do anyway. Its just not something included by default.

Using Kali as your main OS can be risky because its built for security testing, not daily use. It may have fewer safety features unstable updates and security tools that can be dangerous if misused.

I would ask the following:

  • For what purpose?
  • How comfortable are you with Linux?