I would add: turning off telemetry, especially windows and other ms products
If you like customizing your shell, there are really cool things one can do with zsh.
I have mine set up with suggestions to complete the name of the program, or even command line options for it.
Lol, I saw a knee in the first panel, a breast in tge second, and had to go over the entire comic again to get the joke
Ok, in your Post you say you want Privacy, but go on to describe Distros for Security.
Before you do anything, you should make a threat-model:
- Who do you want your data to be safe from
- What applications/programs do you use
- Who do you want to be protected against security wise.
- Are there any institutions/irganizations you trust (Tor, i2p, BitWarden, Linuxkernel, *BSD, Firefox, Chromium, Xmpp, Matrix, LLVM)
If you can answer the questions above, you can make more informed decisions, and if you want you can tell them to me either publicly or over multi@conversations.im (xmpp)
Here a short summary of a few operating systems to choose from:
Fedora Silverblue: Pros:
- Encryption of personal data possible
- Immutable
- Mandatory Access Control framework (SELinux)
- Everything is set up for you already, by people that know their stuff
- Big company with lots of resources, and fast security updates Cons:
- Big company you have to trust
- Less control over the operating system. Both for you or an attacker
- Immutability still very new, may cause problems
Alpine: Pros:
- very minimal -> small attack surface
- encryption optional, and made easy Cons:
- no MAC my default
- a lot of configuring you have to do yourself. Mistakes are a big concern
OpenBSD: Pros:
- audited into oblivion
- incredibly minimal Cons:
- incredibly minimal: No mac framework (!!)
- Disk encryotion might be tricky on your first try
- software support
- Wayland support still experimental
In my conclusion: If you trust Redhat more to build a safe os than yourself: go Silverblue
If you know what you are doing Alpine is a more minimal approach than Arch, and may be a fantastic choice if you know how to set up mac, fdi and a secure desktop
If you have a server or reverse proxy, OpenBSD will be a incredibly tough nut to crack for even government agencies, but due to the missing mac usecases as desktop simply don't make sense to me.
I hope that helped
You can just use protonmail + simplelogin then. Way easier and incredibly convenient
how do you think gcc and llvm are installed on a gentoo system?
I know its a meme, but I am on a Laptop with a ryzen 5 3500U and it only takes 1,5h
No, its a youtube channel