No worries fam. And thanks for clarifying! With that clarification, I think I’ve found what has caused the confusion for me.

Bazzite, even if it’s ultimately derived from Fedora, is actually not closely related to (‘traditional’) Fedora, but instead to Fedora Atomic.

Most of the people that have been recommending Fedora, actually meant the non-Atomic variants. And while this might seem minor, which arguably it is, it is important to be conscious of this distinction.

(‘Traditional’) Fedora behaves a lot like most other distros. Fedora Atomic, instead, introduces a new paradigm. Bazzite goes all-in on this new model and we might even refer to it as next-gen (if you will). Though, it’s important to mention that the next-gen part is only true within the context of Fedora. This is because Fedora has been the only distro to have clearly pronounced their ambitions in this direction. They even reiterated this in their Fedora Strategy 2028 and I quote: “Objective: Immutable variants are the majority of Fedora Linux in use”. (Note that atomic is a rebranding of immutable)

So, within the context of Fedora, even if I don’t see the traditional model being sunset anytime soon, the atomic variants do seem more promising in terms of longevity.

Personally, I’m a huge fan of Fedora Atomic; in particular the uBlue projects, so that includes Bazzite. Therefore, I absolutely welcome you on board for Bazzite. But, it’s important to be aware that Bazzite is not representative of what (‘traditional’) Fedora is (or vice versa); it’s not a “flavor”.

I think your response has so far been the most comprehensive. Thank you so much.

It has been my pleasure :D ! Thank you for reading through all of that 😅.

“Tinkering” in my case is pretty broad. You’re correct when you suppose that I like to mess with UI aesthetics and workflows. The other misc tinkering I more mentioned in case there’s some distros that are unsuited to working with strange or niche programs (such as the media encoding and physical media management stuff I mentioned). It sounds like that’s not really much of a problem though. Anyway what counts as “niche” is very subjective so probably wasn’t that helpful to mention.

Thanks for the clarification!

I have not heard of Bazzite.

Interesting. Its fan base can be rather vocal. Furthermore, it has been enjoying a very healthy amount of media coverage. Digital Foundry dedicated a video on it. And even LTT briefly mentioned it recently.

It kinda looks to be perfect if I end up going with Fedora (It’s the most recommended so far).

I didn’t quite capture the intent of this sentence. My bad. Would you mind elaborating/clarifying/explaining? Apologies if I’m coming across as obtuse 😅.

It seems to be quite new

Correct.

and I don’t want to jump on just for it to be a flash in the pan.

I understand. I absolutely agree with you that e.g. Fedora’s future is more certain than Bazzite. Even if the latter recently reiterated their continued support.

As I understand it though, even if it is, it’s easy enough to change distros.

FWIW, the complete Fedora Atomic ecosystem -that Bazzite is part of- allows changing distros with a single command. The only limitation being that the designated distro has to be part of the ecosystem as well. So, even if Bazzite would implode one day after you’ve switched to it, you could just ‘rebase’ to (say) Fedora Kinoite.

Others have said to not be worried about locking oneself in

Agreed.

and to just jump in and try.

Kinda. It’s more nuanced I think 😅.

Also not a fan of “Gaming Mode” style UI but I guess I can just not use it.

Exactly. Bazzite on desktops/laptops defaults to the DE after logging in. So, as you’ve noted already, you don’t have to use it ;) .

Again, thank you very much for your detailed response.

You doubled down on the kind words. I appreciate it. Thank you for being you!

Why don’t you try to be useful instead? Is there anything wrong with Bazzite? Are there other distros that are better suited for what OP needs?

Honestly I’m not expecting much from ya. Though, I hope you can surprise me.

I, like many I’m sure, am taking Microsoft’s discontinuation of Windows 10 support as an opportunity so switch over to Linux.

Welcome on board!

Does the distro I pick matter?

In short: Yes.

There seems to be a lot of debate around which distro is best

TL;DR: There’s no distro that is best for everyone. Each individual has their own best. You just gotta find what suits you best.

but a lot of the discussion I’ve seen breaks down to what each distro comes packaged with

This is a thing of the past. With the excellent Distrobox, you can install any package from any distro on whatever distro you’re running.

This confuses me as if a distro doesn’t come prepackaged with something can you not just install it?

Even if we would disregard Distrobox, you should be able to install software that’s not packaged. So, you’re intuition is right.

Or is there some advantage to preinstalled packages other than mild convenience? Are some components difficult to integrate into your local environment?

Exactly. Managing software that’s not packaged in any way comes with its own set of jank. So, new users are definitely discouraged. However, as mentioned previously, this whole issue is solved with Distrobox. And if you don’t like CLI, BoxBuddy provides an excellent GUI and more. Again, this is mostly a solved problem.

One of the more salient differences I’ve seen between distros has been what the various companies and teams include aside from installed packages (such as snap and rolling out amazon search as a defult search), and the data they choose to retain/sell. Part of the reason I’m switching is due to Microsoft’s forcing in of unwanted features and advertising. Is the company that owns whatever distro I choose likely to be a problem in the future? Are there particular ones to avoid/ones to keep an eye on?

So, what you’re referring to is mostly a Ubuntu problem. They’ve made a couple of bad decisions in the past. Other than them, this is mostly non-existent.

Some peeps got question marks regarding distros like deepin, but I don’t know if there’s anything conclusive on this.

Lastly, some distros and/or (so-called) desktop environments might collect telemetry to improve themselves. But this is done in a way that suits free and open source software. Thankfully, if you’ve got problems with this, you can always turn it off.

I am the sort of person who does like to tinker with things from time to time but I do also want to use my computer most of the time so I’d like to end up using a mature distro.

So, all distros allow you to tinker. My question is: What is it you’re tinkering with?

• If you just want to have complete control on how your desktop environment behaves without going into (unofficial) extensions or editing text files, then you should at least take a look at the KDE Plasma desktop environment; which is literally found on all distros and very well supported.
• If, instead, your definition of tinkering is more broad or otherwise different than what I suggested, then please feel free to elaborate.

I have identified a few frontrunners in my search but I have seen conflicting information on which of them is “mature” (sufficiently stable so I spend less time fighting my computer than I do using it as well as having a large enough community and resources to help me remedy issues I might come across). Do any of these seem like they wouldn’t fit that bill? The frontrunners are: fedora, kubuntu, mint, pop and tuxedo.

• Fedora is a good pick. Though, I’ve been daily-driving (a) Fedora(-derivative) for almost three years now. So I might be biased :P .
• Regarding Kubuntu, let’s just say that it’s at least a controversial pick; problem being the Ubuntu part of the equation. I’d personally discourage you from going that route, but it’s ultimately your choice.
• Linux Mint is cool. I’d argue it does more hand-holding than Fedora, which is great to have as a beginner.
• Pop!_OS is interesting. It has garnered a great fanbase for a good reason: System76 sells hardware with their software (i.e. Pop!_OS), so they obviously care. However, Pop!_OS has definitely seen better days. It’s currently in limbo; the ambitious COSMIC desktop environment is just around the corner. But how smooth will the transition be? How much longer will Pop!_OS users have to endure with the relative lack of work put to the system they actually daily-drive? A lot of questions, but not a lot of answers. I’d personally discourage this as well.
• Tuxedo OS is similar to Pop!_OS. But where Pop!_OS first went to champion the GNOME desktop environment to later ‘abandon’ it for their own COSMIC. Tuxedo OS, instead, turned their eyes towards KDE Plasma. From what I’ve heard, it’s a good pick. As TUXEDO makes hardware just like System76 does, it’s unsurprising for them to care as well.

Does linux have issues interfacing with multiple monitors?

Unfortunately, I’m not very familiar with multiple monitors. The few times I did need it, which was on Fedora with GNOME, it did work well. I suppose it should be fine.

Does it handle HDR okay?

On KDE Plasma, yes. On GNOME, from what I could gather, it should work starting from GNOME 48. Which is a couple of months away. Though, IIRC, some ‘GNOME-powered’ distros may have tried to support HDR in its experimental stage already. On Cinnamon, what we find on Linux Mint’s flagship distro, AFAIK it’s not great (yet) 😅.

In terms of UI and workflow I really don’t mind putting in some time tinkering with the DE, exploring it and getting it how I like. It seems Plasma KDE might be good for this? Please let me know if this is an incorrect assessment. If it is, does it matter what DE I choose? If so, is there something you could recommend for my use case.

You hit the nail on the coffin. KDE Plasma would probably serve you best, yes. Eventually, you may want to explore Window Managers for how they could further enhance your workflow. But, let’s take it easy :P . One step at a time. Start with KDE Plasma. Get comfortable with Linux and the whole ecosystem. And if it so happens that you’re not satiated with KDE Plasma’s workflow options and you’d like to explore other possibilities, then looking into WMs is definitely a worthwhile endeavor.

I have a Nvidea build (RTX 2080). I have heard this can be an issue with Linux.

Yup. It has been better lately, but thank you for bringing this up.

I also have intermediate experience with linux through university and my job (with servers) as well as tinkering with SteamOS.

Things I use/do on my PC (roughly ordered in terms of priority):

• Gaming including emulation

Have you considered Bazzite?

Photoshop cs6

Out of everything, this could be a slight concern. You could make it work through Wine, and it seems to have decent results. If you’re not opposed to using Photoshop CC 2021, there’s this GitHub repo worth looking at as well.

davinci resolve

This is notoriously difficult to install. Thankfully, the excellent davincibox comes to the rescue. Furthermore, it’s also found in the AUR and nixpkgs. Note that the Nix package manager can be installed on (almost) any distro, though it’s relatively advanced.

Misc “Tinkering” (Handbrake, dvd burners/rippers, Really any weird thing I come across that I want to tinker with)

Assuming this “Tinkering” is the same as the one I asked you to elaborate/clarify before, then I can inform you that most distros handle it pretty well.

Alrighty, I think you’ve clearly demonstrated to have done your research. Thank you for that!

FWIW, assuming that KDE Plasma is your DE of choice (at least for now) for both its (relatively mature) HDR support and tinker-friendliness, then -out of your selected distros- only Fedora and Tuxedo OS remain to be considered.

Fam, please, as other kind people have already reminded you, make your texts look crisp. You’re talking about UI/UX and how Linux is seemingly bad at it and how you would like to put in effort so that it may improve. Then, please, at the very least, start with putting money where your mouth is and show that your communication-skills and writing are on point. You can’t work with others if communication fails.

I’ll try to digest your ramblings and provide answers wherever I can. So without further a due.

I just had a shower an was thinking why linux OSes cannot look pretty like mac? Do linux programmers have no idea what looks good?

It’s all a matter of taste, anyways. Linux offers you great standards from the get-go. And you can mold it to your heart’s content, see here for some inspiration. If you, for whatever reason, didn’t like what you saw on Linux Mint, then it’s on you to make it look better for you. If you want something that looks better by default, I’d argue that the likes GNOME, KDE Plasma, Budgie and Pantheon offer a step-up.

Because I met people in my life who are so good at programming and that other boring stuff but do not know what sells or looks good. You know what I mean? Look what you are wearing, do you really cannot afford something that suits you, you probably making 3 times what I do. Is similar thing happening with linux GUI, can afford it but dont know that it would make your community 100x bigger? And yes i noticed it is getting better over past 10 years or so. Slightly. Currently im trying linux mint with MACOS wallpaper. I do have macbook, I just wanted to try linux after i realized I cannot install freetube on mac (not the end of the world and not final decision stop using mac or windows which I also have for gaming). Not unless i run some commands to disable “security”. And i do not feel comfortable doing it. Trying freetube happened after the day when apple locked my secondary icloud account which I used to try Indian youtube premium subscription by redeeming indian itunes card to top up the balance and buy subscription via appstore. it worked for a month, good that I bought only one months youtube price worth of itunes rupees. Was about 3 euros or dollars. I am quite new even to MacOS - 5 years or so, maybe 8. 99.9% of time not using terminal.

I’ve ignored the above as it didn’t feel like you were making a point or asking a question. Please feel free to enlighten me if I’m wrong.

So again what is it with Linux GUI? Can someone collaborate with me or ideally other aspiring and avid UX/UI designers to create something that would blow everyone’s even apple users’ minds? I mean if nobody wants I can help to make linux look amazing can you just do the coding and materialize it. I mean i have no xperience and never even tried to make an os GUI concept, should I do it first and then do similar rant? using gimp or photoshop? I have both. Photoshop GUI looks better lol and I even downloaded GIMP 3.something RC…

• Step 1: Make a cool rice (read: theme/customization) using whatever Desktop Environment or Window Manager you like to use as a base.
• Step 2: Share it on one of the many unixporn platforms; we even got some of them on Lemmy.
• Step 3: If people actually like it, you can share the associated dotfiles or what have you through GitHub or elsewhere.
• Step 4: Grofit. That’s all there is to it.

P.S. do good looking linux themes exist and I just dont know it yet?

If you liked any of the ones in the link shared above, then yes.

If they do, why they are not default for distros

Why should they? They are just creations that others made for themselves. There’s no universal design language that’s universally liked/praised or whatnot. If you like what’s there by default, then use it. If not, then don’t; instead make something of your own. Linux clearly owns the scene when it comes to customized setups anyways. So just do what others like you have done: do your own ricing.

why you have to download “some code” after that.

How can they share their personal configs if you don’t download them? You could technically copy and paste all raws, but the end-result is the same; you just made it more cumbersome for yourself. Btw, I believe KDE Plasma might have a platform for sharing themes and whatnot. But please don’t quote me on this. Though, still, you’d have to download ‘stuff’.

How do I know it is not malicious?

Good question. If you can read code, then it’s quite easy. If you can’t, then ensure it’s from a reputable source. Like, if it’s from GitHub, look at:

• how many stars it has received
• how active development is

etc.

Is it that you linux users do not want big community

I think that most people would agree that having a greater piece of the pie definitely helps to be taken more seriously by all parties. So, no: Linux users would like Linux to be more mainstream.

and make linux look bad on purpose

Fam, I’ve been on Linux for almost three years now and I’m very happy with it. Once, I had to do some work on the Windows laptop of my brother. The damn thing just wouldn’t open; updating and rebooting over and over. Accepting that is nothing but Stockholm’s syndrome.

so there is no viruses and other shit that you can find for example on Windows, because I think if same amount of people who are using windows would use linux, linux would not be this secure.

Security through obscurity is definitely a thing. And while server Linux is battle-tested and pretty safe -if you know what you’re doing-, I wouldn’t say the same necessarily when it comes to desktop Linux. It’s a nuanced topic, though.

is it secure actually?

It’s as secure as you’d want it to be. See here the security section of the excellent ArchWiki. Contrary to what you might expect, most of those instructions translate pretty well to other distros. So, if you want, you can make a fortress out of your distro that would put most Windows installations to shame. But, again, it’s on you.

Can you simply explain how is it secure compared let’s say to windows?

When comparing your average distro on default settings to Windows S mode, I think I have to give it to Windows S mode; but you can’t even install software outside of the Microsoft Store, that’s part of the reason why it’s safe. But even then, the Microsoft Store isn’t a beacon of secure software to begin with… Comparing Windows S mode to Qubes OS, however, is a clear victory for Qubes OS. Though, I’d have to admit that Qubes OS is technically not a Linux distro*. Linux is only used within dom0 and the qubes; which is 99% of what how one engages with Qubes OS, though. So I understand where the confusion may stem from.

But you see, we can’t even meaningfully engage in this conversation as I don’t know what you mean exactly with Windows.

Scripts do not start running themselves? Explain me like im five please.

This can differ between distros. On RPM-based systems, we find SELinux, a piece of software that has been developed by the NSA and is to this day actively used in Android for what it brings in terms of security. Though, the distinction should be made that Android makes better use of SELinux than these RPM-based distros do. But, to give some personal insight on this; I’ve had scripts blocked that I ran on Fedora (an RPM-based distro), but most of them went through. It ultimately depends on what the script tries to do. However, scripts running by themselves is pretty wild. Though, it could happen on insecure systems.

On Linux Mint, we find AppArmor, which behaves similar to SELinux. While the latter is infamous for its complexity, it’s generally considered to be more powerful. So much so, even, that disabling SELinux was a thing peeps used to do for ‘comfort’. To give a present issue I’m dealing with myself :P ; I’m pretty sure I’m experiencing difficulty with getting Waydroid to work due to issues relating to SELinux. It’s what it is 😅. But, the piece of mind is pretty neat. Btw, Waydroid should work on most RPM-based systems, mine is just a little special :P .

But some distros don’t ship either one of the two, nor any replacement or whatsoever. So, obviously, that should raise some red flags regarding security. The distros that do this either expect the user to do it themselves, or they just don’t care for whatever reason. Losing this kind of protection isn’t necessarily fatal, but I would personally not feel comfortable.

In case you’re really bothered about security, then consider using Kicksecure or secureblue. These are the most secure general purpose Linux distros that are meant to be used as daily drivers. The aforementioned Qubes OS is still way more secure than these, but Qubes OS is technically based on Xen and not Linux. Though, note that all three of these are known as harder distros. They assume (some) knowledge and lots of reading (comprehension). Use something else first. Become comfortable with Linux. And then consider the move to these more advanced distros.

Regarding what you said about Red Hat, I’m sure that -at least historically- RPM-based distros were simply a pita to work with when compared to the alternatives. I’m a relative new Linux user (only about 3 years so far), so I’ve only seen its better days :P .

I think you can’t, because it requires each voter to rank their preferences, which requires a specific form of voting mechanism. I didn’t participate in the poll, but if it was run as ranked choice, and if we had access to the raw, per-voter results, and if the sample size was sufficiently large; then yeah - we could run a full Condorcet count and get some interesting answers!

I’m not particularly well-versed on some of these terms. However, isn’t it possible to retroactively make the gradings work as ranked choice? So, say a user gave:

• Arch a 4,
• EndeavourOS a 5
• and Manjaro a 3

Wouldn’t this imply that they rank EndeavourOS higher than Arch, and both of them higher than Manjaro? Sure, we won’t always have strict orderings. But I’m pretty sure this doesn’t necessarily constitute a problem.

Regarding ‘distro-buckets’, I think that defining a distro different from another whenever (an attempt at) applying the inverse of the changes doesn’t produce a functional system is cool. I hadn’t considered that before. But, as you’ve noted yourself, this is a gargantuan effort and (probably) not worth it. Like, e.g. let’s look at Deepin, it’s mostly Ubuntu with the Deepin desktop environment. However, their respective auras are very different. I think we’d lose a lot of nuance by placing them in the same bucket. Just my 2 cents*.

I’m surprised to see Fedora ranked so highly.

I actually think it’s to be expected.

If it was done last year, then -with the whole “Red Hat gOiNg ClOsEd SoUrCe” fiasco- it might have dropped. But most peeps seem to have forgotten about that, or just stopped caring (most prominent example for me personally would be Chris Titus; who went from an outright hater that wouldn’t even touch Fedora derivatives (like the many uBlue projects) to outright praising Bazzite).

In case one’s out of the loop, these two articles by Jeff Geerling should give a complete yet nuanced take on the matter. TL;DR: Red Hat made it harder for projects like Oracle Linux to cannibalize their work, but this came at the price of closing off public access to RHEL’s complete source code, and using a EULA Subscription Agreement to try to stop customers from sharing the source code. Which, actually is allowed under the GPL licence; even if some would argue goes against the spirit.

Btw, why are you actually even surprised by it? While Fedora has historically made drastic changes that might have alienated its user base (read: being the first that went all-in on the likes of systemd, Wayland etc.), they’ve demonstrated to show some restraint in the last couple of years; acknowledging even that such radical changes aren’t desirable. In turn, the community rewarded such efforts, making it go from “Red Hat’s testbed distro” to a very respected mainstream distro. In the more recent ProtonDB reports, one can see how significantly it has managed to close the gap in usage between its ecosystem and the other big shots (read: Arch and Debian/Ubuntu).

Did they provide raw scores?

Yup! Here: https://nextcloud.thelinuxexp.com/index.php/s/PQPoRZo7n8dSkjw

one is which could be determined from vote counts

Ah, would this comment help?

I’m more interested in a ranked-choice version of this poll.

Me too. I suppose you could retro-actively use the raw scores for this. I’m curious of your findings!

You may find (most of it) in the description; I’ll paste that below together with the ones he left out so that we have a complete list:

• 34th Deepin
• 33rd ChromeOS Flex
• 32nd Manjaro
• 31st elementaryOS
• 30th Solus
• 29th mageia
• 28th Rhino Linux
• 27th KDE Neon
• 26th VanillaOS
• 25th ZorinOS
• 24th Peppermint OS
• 23rd Slackware
• 22nd OpenSUSE Leap
• 21st & 20th Puppy Linux & Linux Lite
• 19th MX Linux
• 18th Ubuntu
• 17th Gentoo
• 16th Tuxedo OS
• 15th NixOS
• 14th & 13th Debian Stable & Testing
• 12th Tumbleweed
• 11th Alpine
• 10th Nobara
• 9th Fedora Silverblue
• 8th Asahi Linux
• 7th CachyOS
• 6th EndeavourOS
• 5th Linux Mint
• 4th & 3rd Arch & Bazzite
• 2nd Fedora
• 1st SteamOS

My all-time personal favorite is probably MarkText. I’m actually surprised no one else has mentioned it; knowing it has garnered almost 50k stars on GitHub.

I really like it for its realtime preview and support for mathematical expressions. Though, it’s wonderfully feature-rich; so please check out its README for the full list.

Unfortunately, it (currently) doesn’t enjoy as much development as it previouslu did. Which has ultimately led me to pivot to ghostwriter more recently.

Looking at their page the prces look a bit steep for me.

I understand where this is coming from. Buying a spec-wise similar device from say Lenovo would definitely be cheaper. Unfortunately, whether it is System76, TUXEDO or NovaCustom, we pay a premium for the fact that they’re Linux-first.

I have daily driven (a) Fedora(-based distro) ever since I started using Linux. So I’m absolutely biased towards it. However, as Fedora is a semi-rolling release distro that really likes offline updates that involves a reboot, it simply falls flat when it comes to satisfying OP’s needs. They would have a very similar experience to their current one with openSUSE Tumbleweed, the very same they actively want to get rid of.

As such, this distribution would need to be able to handle running for weeks on end without a reboot.

So, it has to be something stable (i.e. receive little to no updates) that’s capable of updating without requiring a reboot. That makes any stable distro a candidate. As such, choose either:

• Debian or something based on it
• Gentoo (stable branch)
• Nixos (stable channel)
• openSUSE Leap
• Ubuntu or something based on it

As I noted in the footnotes of this comment, Qubes OS is technically not a Linux distro as it’s based on Xen instead. But yeah, it’s without a doubt the gold standard when it comes to secure by default desktop operating systems; far surpassing even Kicksecure and secureblue.

As for Tails, while its amnesiac property is excellent for protection against forensics, it’s not meant as a daily driver for general computing; which was also touched upon in the aforementioned footnotes.

For this writing, I’ll focus on the OOTB experience. Furthermore, a daily driver for general use is assumed. I’ll also try to keep it (relatively) brief and concise for the sake of brevity. The tier list found below goes from worst to best.

• Tier -1 : Actively detrimental distros. Joke/meme distros, abandoned/discontinued projects and even outright malicious products. Simply don’t use for production. The likes of Hannah Montana Linux and Red Star OS comes to mind.
• Tier 0 : Unopinionated distros. These should be regarded as blank canvases from which it’s expected that you meld and forge it to your liking. As such, at least by default, they offer nothing in this regard. However, it’s possible to build a fortress if you wish. Both Arch and Gentoo fall under this category.
• Tier 1 : Distros that have put in some work into security, but ultimately fall short. These distributions include security features and maintain regular updates, but their implementation choices can introduce security compromises. This tier often includes derivatives that modify their parent distribution’s security model, sometimes prioritizing convenience over security best practices. While it may be suitable for general use, they may not provide the same security guarantees as their upstream sources.
• Tier 2 : Distros with sane security defaults that rely on backports for their security updates. These distributions prioritize stability while maintaining security through careful backporting of security fixes. Rather than updating entire packages, they selectively patch security vulnerabilities into their stable versions. This approach provides a good balance of security and stability, though it means newer security features might take longer to arrive (if at all). Debian and Ubuntu are prime examples of this.
• Tier 3 : Distros with excellent security defaults and a (semi-)rolling release. For most normies, this is as secure as it needs to be. As it’s on a (semi-)rolling release, it receives security updates as soon as they come. Furthermore, this also allows them to benefit from new security features as soon as they appear. Curiously, the two distros that most resonate with this, i.e. Fedora and openSUSE Tumbleweed, are also known to innovate (and thus are pack leaders) when it comes to security solutions. FWIW, their respective atomic/immutable distros also belong in this tier.
• Tier 4 : Security-first distros. The crème de la crème. These are probably overkill for most people. This is also the first (and only) tier that may sacrifice usability and function for the sake of security. If your highest priority is security, then you can’t go wrong with this one. Kicksecure and secureblue are its flag bearers.

I’d personally grant Linux Mint a position in tier 2, though perhaps others would go with tier 1 instead. As such, a step-up would be a distro from either Fedora or openSUSE.

Thanks for the clarification!

If you trust both the source and the file, then downloading by itself shouldn’t constitute a problem. Supply-chain attacks are still possible, but that’s a hard problem to solve anyways. I suppose I’d only trust Qubes OS to handle that gracefully.

For general browsing, GrapheneOS-folk would advice against Firefox(-based browsers). Instead, they’d recommend (something based on) Chromium. Personally, I do follow that advice. But I understand if you’d like to stick to Firefox(-based browsers).

Coming back to Linux Mint, I won’t go over my (personal) qualms with the security model of the distros it’s based on. But as Linux Mint offers one of the best onboarding experiences, it would be a disservice to lead you elsewhere. Become comfortable with Linux through it. And, perhaps one day, if you feel like venturing elsewhere, you can try out distros that offer better security. Thankfully, Linux Mint’s OOTB security should be sufficient until then.

As for the article, everything except for the fourth recommendation is a W. Utilizing ClamAV could be cool, but it’s based on a very naive understanding. You wouldn’t want an untrusted file on your system in the first place. Obviously, a lot more mileage^[1] is possible. But one has to learn to walk before they can run 😉.

1. Note that the information and instructions found on the excellent ArchWiki often work on and/or apply to other distros as well.

GNU-Linux hardening is useless

This opinion isn’t shared by the author in their actions, as they are known for their contributions to Whonix; both as a security researcher (by their own admission) and (are to this day accredited) as a developer.

Is this a good list?

The link definitely provides some good info. It’s better than nothing. However, it may or may not fall short based on how secure you’d like to make your system.

Anything else I should do to secure a Mint install?

What is it you’re trying to protect and from whom? Whenever the topic of security comes up, one simply can’t engage meaningfully without mentioning a threat model.

In this case, I’ll assume you’re just your average Joe. And, depending on how you engage with your system, Linux Mint might be fit from the get-go. However, if you actively engage in downloading random jank from the internet and have ‘survived’ with the help of Microsoft Defender Antivirus, then you should know that a safety net as such doesn’t exist over on this side. Sure, security through obscurity might save your ass a couple of times. But it’s inevitably a losing battle.

So, without knowing your threat model, note the following important advice that the article somehow hasn’t touched upon:

• Know that you, the user, are the largest attack surface. Even if some distros like Fedora and openSUSE (with the latter AFAIK scoring the best^[1] according to Lynis) actually put in great work to offer pretty secure systems, they absolutely won’t be able to protect you against yourself.

1. It’s important to mention that this excludes security-first distros like Kicksecure and secureblue. Nor is Qubes OS considered as it’s technically not even a Linux distro. Other distros like Tails or Whonix are also not considered as they’re not meant to be used as daily drivers and/or for general use.

Lots of good answers already, but a hidden gem has yet to be mentioned: Endless OS. TL;DR: it’s an immutable distro based on Debian. As for the home directory, please consider one of the many solutions provided by others in this thread. Good luck!

Yes and no.

Has it got its own set of rules you’d have to learn and thus an accompanying learning curve bump? Sure. Which, in actuality is mostly just knowing that Flatseal is your go-to whenever a flatpak causes issues.

Is it a surefire method after you’ve become accustomed with it? Absolutely. All kinds of jankiness can prevent any piece of software from working on your system. With Flatpak, especially on distros that enable it by default, you at least know that your system isn’t the culprit.

Besides, Flatpak is enabled by default on Linux Mint. The PCSX2 flatpak is even verified. So no additional setting up or whatsoever is required.

What makes you weary besides what’s already stated above?

Unfortunately, I don’t know either. From my understanding, X11 as a whole is supported. Therefore, you should be able to hack your way through this. I suppose the installation instructions for Ubuntu should closely align to what’s required for Debian. So that’s your starting point.