Astra Linux in basic security mode doesn't make much sense - basically in that case it is a Debian 10 on somewhat customized kernel and with custom DE. The main thing is proprietary multi-level security and integrity protection coupled with custom hardened kernel. This distro is not intended for home use with nice user experience but for government computer systems where MAC and MLS is needed.

As a note, Chromium GOST is a fork of Chromium with patches for GOST encryption, as well as some root certificates added that are controlled by Russian CA. It's a pretty recent addition made just in case you wouldn't have access to global CAs for whatever reason, or if they wouldn't let signing of Russian domains. Other than that it's pretty much the same, mmmaybe with the exception of added cryptoprovider called CryptoPro (not sure if it's installed on Astra's build of it though).

Just to clarify here my caution isn't because it isn't made in the west. It is because its endorsed by and used specifically by military; I would be hesitant of any distro that has additional protection in place!

I am using Astra Linux in every day. I checked the traffic with wireshark. If I dont use the internet, there is also no traffic on the line. If a microsoft os is running, there is permanent traffic. I think it is safe and it is fast. I have two login options in the smolensk version.

I doubt the version of Astra the Russian military uses is open source, so it is not Astra; it is a closed source fork.

I have the Special Edition but have not tried to install it yet.

35th Like! Very interesting video, thanks 👍

This looks quite a bit like a window Vista or 7 themed window XP. Which probably is intentional.

I'm actually curious to know if it will let you install a different desktop environment?

What wallpaper u using as thumbnail for this

To try this out completely, I would set up a virtual network with a virtual router dedicated to managing it so I could firewall off my actual network, monitor and capture all network traffic and provide a DNS server so that I could readily sink-hole stuff until I could validate that it was benign. Actually it's pretty easy to set up a pfSense VM to do this. I've done this before in VirtualBox using a bridged or NATted i/f for WAN and an internal network for the untrusted LAN though I didn't try setting up something like a PiHole to manage DNS at that time. There's a significant chance that you'd uncover nothing of very great interest but I would be vaguely curious to see what it reached out to other than the dedicated repos.

I find your comments interesting about using this distro. You can find out what it's doing because it's open source and you can look at the source and figure out what it's doing. In addition, it's interesting that you don't make those same comments about western world Linux distros.

Very interesting, thanks! Do anyone know some details about the 3 security levels that you can choose from during the installation process?

I'm actually curious what the EULA is but cautious about connecting to any server that hosts it. Not torrenting it either

All i could say. They touched the kernel, so many stuff under the hood. It will leak not more information than google and other big corporationn coolect on you. And google spyware of cource is deprecated in this distro as well as windows telemetry. But in my oppinion is also bloated in size, optimized for speed. fly-wm working in old PCs - DDR1,pentium 4.

Russian Debian KDE that is so bloated that it works offline (who preinstalls 3 browsers and blender?) and a weird theme and ugly proprietary Desktop. Like, they literally copied entire pages of Dolphin and systemsettings into their proprietary stuff. The display config and that properties are 100% stolen, not sure if KDE is even that permissive?