Interesting. How do you regard the following link? https://github.com/pobthebuilder/resolve-flatpak

Oh wow, flatpaks are pretty cool. Thank you for that info! Are there any downsides to it? Or is it just straight up superior to all other options?

I believe I heard that there was some scandal involving Ubuntu, but perhaps I’m wrong. Please feel free to correct me. Are there any (other) distros that I should be weary of for privacy-sake?

For security, I want to be well-protected against any and all untargeted attacks. So protection against malware is included.

Thank you for the general notes/recommendations/advice about safe practices on Linux! Regarding sudo (and the terminal in general), I’ve just accepted that it will be part of my workflow going forward, even if the amount of times I had used it on Windows can probably be counted on one hand. Regardless, beyond not sudoing random commands, are there like rigid guidelines (or something) one should adhere to for safe/secure computing?

It’s vega. So, how exactly should I proceed? Thank you so much for the help!

Thank you very much! Some have raised issues on immutable distros. So I don’t really know what I should do. Nor, do I know whether their criticisms are valid. Regardless, I suppose I’ll have to see it for myself and arrive at my own conclusions.

So what is the purpose of immutable distros?

Furthermore, my introductory reading would suggest some benefits:

• The read-only base system as well as the containerization might prove beneficial for stability.
• Furthermore, I would think that the read-only base system also contributes for eliminating some attack vectors.

And, with GrapheneOS’ endorsement of secureblue, I find it hard to believe that it doesn’t provide any benefits. But please feel free to enlighten me on this.

Though usability is probably a very legit concern, though. So perhaps not the brightest of ideas to start with as a first distro, but we’ll see.

So, if I understood you correctly, openSUSE does have weird customizations and does not give a stock experience. Right?

but the community is lacking, and the frequency of issues with updates and packages is way more than Fedora.

Interesting. The first part was something I was expecting, but the latter part actually surprised me.

I suppose that, if it came down to Fedora vs openSUSE, I’d just have to give it Fedora then.

Anyhow, any thoughts on non-atomic Fedora vs atomic Fedora?

it is not a way to go if you want anything graphics card

Yeah, I don’t think this will work nicely with Davinci Resolve. But we’ll see.

You’re probably right. I just hoped to receive some valuable input. Thankfully, I did get some of that; so this wasn’t an exercise in vain.

Firstly tell what ur GPU that u wanna use it for davinci resolve

An Amd GPU from 7 years ago

secondly tell what ur threat model

I haven’t properly formalized my threat model yet. But assume that I want protection against any and all untargeted attacks.

tell what u want exactly to achieve

A general-use OS that I’d use to replace my Windows 10 installation. There’s a ton of software that I use and for which I have to find replacements (eventually), but Davinci Resolve is probably my biggest worry.

That looks pretty cool. Thank you so much for sharing that!

Would you happen to know how it compares to the flatpak (or something) that was shared by the other person?

Good to know. Thank you!

Do you think it’s suitable for a newb as their first distro? FWIW, someone else had already pointed out the existence of a flatpak.

Uhmm…, I’ve heard it’s hard 😅. Though, I will consider it if the following applies:

• Its difficulty is in the same ballpark as the security-focused distros on Privacy Guides’ list
• It can trade blows with the security-focused distros with respect to security

Would you happen to know if the above applies?

immutable distros (e.g. fedora atomic desktops) are secure in the sense that they’re containerized.

Hmm…, is it like properly sandboxed? That wasn’t the impression I was getting. But I’m more than happy to be wrong on this.

Furthermore, how do they achieve this beyond Flatpak?

but i do see someone else has packaged it. if that runs well, i think you’d have nothing to worry about.

Oh, wow, that’s pretty cool. Thank you for that find!

Thank you for your comment! It contains many gems to benefit from*

It will be simpler to harden their preferred distro than to take a hardened distro and make their software work on it.

This is what I found to be particularly curious. So, would you say that the (extra) security/hardening provided by the likes of Qubes OS and secureblue is trivial to apply elsewhere? If so, would you be so kind to give me some pointers? I did try to find it myself but failed. Perhaps I’m not using the correct search terms OR perhaps I don’t even know where to look.

I suggest checking their website and going with their top suggestion.

Excellent. Why didn’t I think of this before 😜 . Uhmm…, based on their instructions, I believe installing the Rocky Linux 8.6 image that they provide is the safe bet. Right?

Finally, I’m left with two questions:

• What does Rocky Linux’ absence from Privacy Guides list suggest? Would you happen to know how it’s (perhaps supposedly) tangibly worse than their picks?

Thank you. Could you perhaps substantiate it beyond an endorsement? Like, for a newb, I don’t see how it would be better than openSUSE beyond prioritizing the following:

• “Leading edge” (Fedora) vs rolling release (Tumbleweed) OR ‘stable’ (Leap)
• IBM (Fedora) vs SUSE (openSUSE) - (We might even choose to reframe this as US vs Germany/EU)

Like, for an outsider, the Fedora endorsement mostly just confirms that Fedora is the more popular option. But that doesn’t have to be on merit. If it is on merit, would you so kind to point this out? Especially security-wise*