Does Slackware not having rolling releases for packages. I legit know nothing about Slackware other than it isnt for me.

Security and bug fixes have made Plasma 6 run better for me. Wayland support is better now too (which matters to me). Minor features that improve usability. Newer kernel means i can use newer features, which some of the apps I use depend on. The main thing with your setup I was surprised about is that it isn’t an LTS kernel (from what I can tell). If you are just not updating and not using LTS software (i can’t tell), then you are missing plenty of security fixes.

Why are you using KDE5 and an old kernel, and not just having updated software?

I think it is good to link to the original on ccc.de

Proprietary subscription OS, big no for me. Has worse specs than a Google Pixel and probably doesn’t have strong hardware security. Wtf would I not just use a Pixel with GrapheneOS, which is FOSS, heavily deblobbed over base AOSP, and substantial more secure and private. What a weak argument “AphyOS is a subscription operating system, simply because if you don’t pay for a product, you are the product” when GOS is free. They should just sell a phone and guarantee OS updates for (at least) 5 years like any (reasonable) OEM would do if they “care about their users”. The only, and I mean only, feature that I think is interesting is the SD card slot, which isn’t revolutionary.

If you don’t want a Google Pixel because buying it supports Google, get it used in Good or Mint condition from a site like Swappa.com, that way no profit makes it’s way to Google.

At the time, I was running on an very old 2004 Dell Win XP laptop and it still had alright performance.

These days on my full gaming PC, I get amazing MC performance, like 300+ fps vs my friend on W10 gets like 130+ fps.

Linux stays winning!

The permission OP should look for is DRI.

I actually really like GNOME and haven’t had problems yet with extensions. I have it the way I like it, and no matter what I do, I haven’t found features that are half-implemented or broken like on KDE (eg. theme search missing/hiding 90% of themes, desktop effects broken after install, weird crashes, freezing when accessing system apps or app menu). I think Qt is ugly (personal preference) and I prefer libadwaita GTK4 apps for their stability. People are going to hate, but there is no such thing as a perfect project that fits everyone’s needs. I am not saying GNOME is perfect or that it isnt opinionated (i wish app status indicators were supported, ability to modify Flatpak app permission in the system settings, and support for dock/panel), but GNOME is solid and (dare I say it) is a good DE.

Btw I love KDE and it is the DE i am currently using. I also love GNOME. There aren’t really any DEs I hate except maybe Deepin. Any DE that doesn’t support Wayland (or doesn’t plan on it) is not something thst I ever plan on using because security and stability are BIG requirements for me, I don’t like technical debt or legacy cruft.

As I mentioned, most security vulnerabilities are not reported because it may not seem security related. The distro maintainers can’t keep up with every package and read all the commits, so as a result security fixes often go unfocused. It is a real big problem that many security researchers acknowledged.

I still would never recommend a “stable release” or LTS distro because the vast majority of security vulnerabilities never receive a CVE, and as a result the a large amount of vulnerabilities go unpatched for months. Also I like distros that take security seriously (Fedora and openSUSE).

Only game I played on Linux before Proton was Minecraft Java (cracked) for Ubuntu in like 2014.

It has to do with LTS kernel (iirc) making it incompatible with certain new(er) hardware. I recommend Fedora KDE.

Why is it better? KDE has more features and first-class Wayland support. If I wanted an X11 DE, I would choose XFCE because of its general clean code and performance.

Redox is UNIX-like, not a BSD flavor. The kernel, init, userland, etc. aren’t BSD related.

Sound like exactly what I have been wanting, though i will never use this fork for something so small and without a Flatpak.

Then that could be used to fingerprint too.

You don’t have to sandbox he browser with Bubblejail if you don’t want. I was only suggesting it and providing instructions in case you wanted an extra layer of isolation.

The browser can’t create unprivileged namespaces because Flatpak blocks access to namespace creation. This DOES interfere with an important method of sandboxing used by browsers on Linux. It makes site isolation weaker, which could allow an attacker from a malicious site to steal information from any open tab, or possibly escape the sandbox. Browser sandboxes are multilayered for a reason, one less layer makes exploitation exponential easier. The Firefox Flatpak is official, but that doesn’t mean it is safe. Flatpak sandboxing is substantially less strong than a browser’s isolation strategy This because Flatpak is a general purpose sandbox mostly meant for making distribution of software easy by providing an identical environment across all Linux distros, not for rigid security. Browser’s provide a more fine grained sandbox that is designed around the threat model that the website is compromised/malicious and is attempting to hack you, since websites are effectively just apps. Don’t use Flatpak’d browsers at all, or the very least not as your default.

Dont install browsers as Flatpaks, very bad for security. Flatpaks use Bubblewrap, but that isnt the reason they degrade browser security. Bubblejail is an app that makes sandboxing with Bubblewrap easy and didn’t integer with the browser’s own sandbox (unlike Flatpak). I don’t know if Firefox supports hardened_malloc now.

To use Firefox, you need to use ujust with-standard-malloc firefox (or something like that). It also needs user namespaces (same with Mullvad VPN/Browser), run ujust set-unconfined-userns on

Follow these steps to make Firefox run with standard malloc:

For Firefox with no sandboxing …

• cp /usr/share/applications/firefox.desktop ~/.local/share/applications/firefox.desktop
• Edit the newly created file so any line that starts with Exec=firefox to Exec=ujust with-standard-malloc firefox

For Firefox with Bubblejail, assuming you have already created a profile named Firefox and generated the desktop entry. Edit the file ~/.local/share/bubblejail/instances/Firefox/services.toml and add the following snippet:

[debug]
raw_bwrap_args = [
    "--ro-bind",
    "/dev/null",
    "/etc/ld.so.preload",
    ]