Secure distro for daily use - eviltoast

Hi, Im searching for a secure distro for normal daily use for my laptop. Currently Im running arch linux with full disk encryption, secure boot, linux hardened, firewalld and most apps as flatpaks (with some disabled permissions using flatseal). I think its pretty secure laptop but it could be more secure.

Tails and Whonix are the most secure but they are not ment for normal daily use…

There is a lot of new immutable distros. Getting (system) malware is harder to get on them. Im most interested in blendOS, because its based. Does anyone know if it has full disk encryption, secure boot, etc. or can it be done by the user? What about other distros like Fedora Silverblue?

Any other recommendations?

Thank you :)

  • chevy9294@monero.townOP
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    Thank you for your detailed answer! Im already using a minimalist distro (arch) with (almost) no problems. Before that I used Fedora. Becase of that and your recommendation I will probably switch to silverblue. Im a little scared of selinux (I was thinkering too much with fedora) but better with it than without. For AUR apps I will use distrobox. I would also like to try toolbx for my projects!

    • throwawayish@lemmy.ml
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      Becase of that and your recommendation I will probably switch to silverblue.

      Silverblue is incidentally also my daily-driver; custom image through uBlue’s template to be more precise*.

      Im a little scared of selinux (I was thinkering too much with fedora) but better with it than without.

      Yup, SELinux is definitely a double-edged sword in that it’s very powerful but can therefore be a bit more restrictive. Though, currently it’s our only bet when it comes to confining containers as it’s (vastly) superior over AppArmor in that aspect. Which explains openSUSE’s recent conversion from AppArmor to SELinux for their distros that rely heavily on container workflows; like MicroOS, Aeon, Kalpa etc. Unfortunately it’s not the easiest to understand, but I’m sure you’ll manage 😉!

      For AUR apps I will use distrobox.

      Hehe, you know what’s good 😛.