{{Header}}
{{Title|title=
System Audit
}}
{{#seo:
|description=Verifying the system is configured as intended
|image=Systemcheck1234640.png
}}
[[File:Systemcheck1234640.png|thumb]]
{{intro|
Verifying the system is configured as intended
}}
{{audit_mininav}}

= General Overview =

The issues discussed on this page are the same for any operating system and are [[unspecific|unspecific to {{project_name_long}}]].

= The Challenge of System Audits =
Performing system audits is beyond the reach of non-technical users. It requires a deep understanding of source code, the ability to utilize specialized analysis tools, and the expertise to interpret complex outputs. This level of proficiency is typically found in sysadmins or individuals with similar technical backgrounds. 

Much like how a non-specialist cannot perform heart surgery, even a doctor outside of that field lacks the skills to do so. There’s no shame in this limitation. iI simply reflects the specialized knowledge required for such a task. Similarly, expecting a non-technical user to conduct a system audit is unrealistic.

= Limitations of Automated Tools =

There are no automated tools for end users with sufficient usability to be truly informative. Rather than providing insights, existing tools can lead to more questions and cause confusion. In general, this is related to the current state of development for security-focused operating systems, see:

* [https://forums.whonix.org/t/the-problem-with-security-guides-and-how-we-can-fix-it/8563 The Problem with Security Guides and How We Can Fix It]
* [https://forums.whonix.org/t/fixing-the-desktop-linux-security-model/9172 Fixing the Desktop Linux Security Model]
* [[Linux User Experience versus Commercial Operating Systems]]

= systemcheck and {{project_name_short}} =

For the purpose of system checks, [[systemcheck]] is available on the {{project_name_short}} platform.

Even when system check tools exist, the thoroughness of checks performed by the software is a relevant question. An all-encompassing, automated testing suite for all functionality and security features remains a distant implementation goal.

= Certification and Audit Tools =

Some certification/audit tools exist, but they have poor usability, see: [[Dev/certification|Certification and Audits]].

Related: [[Security Reviews and Feedback]]

= Trust and Expertise =

Realistically, users can only [[Trust]] that software works as described and intended, develop skills to undertake audits and/or pay someone to perform that task.

= Related =
* [[systemcheck]]
* [[Security Reviews and Feedback]]
* [[Dev/certification|Certification and Audits]]

{{reflist|close=1}}
{{Footer}}
[[Category:Documentation]]