diff --git a/nixos/boxes/foureighty/custom-kernel.nix b/nixos/boxes/foureighty/custom-kernel.nix
index 6fcf382f..4d1acab0 100644
--- a/nixos/boxes/foureighty/custom-kernel.nix
+++ b/nixos/boxes/foureighty/custom-kernel.nix
@@ -13,19 +13,23 @@
       HARDLOCKUP_DETECTOR y
       BUG y
 
+      DEBUG_RODATA        y
+      DEBUG_SET_MODULE_RONX y
       SECURITY_SELINUX_DISABLE  n
+      SECURITY_WRITABLE_HOOKS  n
 
       STRICT_KERNEL_RWX  y
 
-      DEBUG_CREDENTIALS      y
-      DEBUG_NOTIFIERS        y
-      DEBUG_SG               y
-      DEBUG_STACKOVERFLOW    y
+      STRICT_DEVMEM y
+      DEBUG_CREDENTIALS     y
+      DEBUG_NOTIFIERS       y
+      DEBUG_PI_LIST         y
+      DEBUG_PLIST           y
+      DEBUG_SG              y
       SCHED_STACK_END_CHECK  y
 
       SHUFFLE_PAGE_ALLOCATOR  y
-
-      SLUB_DEBUG  y
+      SLUB_DEBUG y
 
       PAGE_POISONING            y
       PAGE_POISONING_NO_SANITY  y
@@ -47,6 +51,17 @@
       ACPI_CUSTOM_METHOD  n
       PROC_KCORE          n
       INET_DIAG           n
+
+      INET_DIAG_DESTROY  option no
+      INET_RAW_DIAG      option no
+      INET_TCP_DIAG      option no
+      INET_UDP_DIAG      option no
+      INET_MPTCP_DIAG    option no
+
+
+      CC_STACKPROTECTOR_STRONG y
+
+      KFENCE y
     '';
   } ];
 }
diff --git a/nixos/gui/default.nix b/nixos/gui/default.nix
index fc4b9d1c..1436b9f5 100644
--- a/nixos/gui/default.nix
+++ b/nixos/gui/default.nix
@@ -42,6 +42,7 @@
       slack
       spotify
       ssb-patchwork
+      unstable.torbrowser
       unstable.discord
       unstable.electrum
       unstable.freecad