cross-posted from: https://lemmy.ml/post/12400033 (Thank you https://lemmy.ml/u/Kory !)

I first used Linux about 5 years ago (Ubuntu). Since then, I have tried quite a few distros:

Kali Linux (Use as a secondary)

Linux Mint (Used for a while)

Arch Linux (Could not install)

Tails (Use this often)

Qubes OS (Tried it twice, not ready yet)

Fedora (Current main)

For me, it has been incredibly difficult to find a properly privacy oriented Linux distro that also has ease of use. I really enjoy the GNOME desktop environment, and I am most familiar with Debian. My issue with Fedora is the lack of proper sandboxing, and it seems as though Qubes is the only one that really takes care in sandboxing apps.

Apologies if this is the wrong community for this question, I would be happy to move this post somewhere else. I’ve been anonymously viewing this community after the Rexodus, but this is my first time actually creating a post. Thank you!

UPDATE:

Thank you all so much for your feedback! The top recommended distro by far was SecureBlue, an atomic distro, so I will be trying that one. If that doesn’t work, I may try other atomic distros such as Fedora Atomic or Fedora Silverblue (I may have made an error in my understanding of those two, please correct my if I did!). EndeavourOS was also highly recommended, so if I’m not a fan of atomic distros I will be using that. To @[email protected], your suggestion for Linux Mint Debian Edition with GNOME sounds like a dream, so I may use it as a secondary for my laptop. Thank you all again for your help and support, and I hope this helps someone else too!

  • Throwaway1234@sh.itjust.works
    1·
    7 months ago

    Those are just Firefox. Using some other routing doesnt improve security.

    Never said or implied they were. Security is achieved through

    Tor Browser or Mullvad Browser in a disposable qube on Qubes OS

    Tor and Mullvad are only for preferred for the sake of anonymity as every user runs the exact same config on the same type of network.

    Vanadium might be degoogled and not send critical platform data, but it is not fingerprint resistant afaik.

    Hmm, you might be right. TIL. Thank you! Somehow, I was having high expectations for it… *sigh*

    On mobile, browsers cant really be that though.

    Do you happen to know why that’s the case?

    On Desktop there only is ungoogled Chromium which is a beginning. But especially secureblue doesnt use it for some reason.

    If I recall correctly, ungoogled-chromium has (at least in the past) been slacking on security. Don’t know if that’s still a thing though.

    • Pantherina@feddit.de
      1·
      7 months ago

      QubesOS is interesting, I think overcomplex but needed until better systems are in place. Bubblejail would be an alternative that runs on normal hardware.

      I dont know how resistant Vanadium is, it for sure doesnt send critical data, but screen size, hardware specs etc cant be not send without having no GPU acceleration and a letterboxed screen.

      mobile browsers have limited screens size and every SOC has a different GPU basically. So if you avoid hardware rendering, you would still need to pretend to be the smallest phone comparable, and pixel density etc. may still be different.

      Ungoogled Chromium is a set of patches. These should totally be applied to Secureblue chromium, but currently it is saving effords by just using Fedora chromium and a few policies.