In any case, minimize the number of parties that will have their hands on your data. Uninstall anything that’s unnecessary, compartmentalize personal work in a privacy-respecting browser and office suite, and avoid unofficial Windows ISOs.

If your school is going to install monitoring software on it, consider the laptop compromised. Only do coursework, accessing things licensed through the school, exams, the bare necessities, on the Windows laptop. Start saving up for a (refurbished) laptop to learn and use Linux without risk to your work laptop.

If now is not the time to buy another laptop, consider installing Linux on a second SSD, if a slot is available, or even a USB 3.0 drive, if you’re allowed to boot from one. Just back up and if possible remove the Windows SSD before installing so it’s not overwritten by accident.

Be judicious with debloat scripts as they can interfere with some more invasive programs (e.g. Adobe suite, Autodesk) you may need for your studies. Consider making full disk backups before doing anything drastic. Anyway, if you can’t or won’t use LTSC, the yearly Windows updates can and will undo your hard work debloating and ticking privacy checkboxes.

At the end of the day, Windows is closed-source and we can’t be completely sure what it’s doing behind our back. It’s fine for a dedicated work device, but the time spent on taming it for personal privacy could also be spent getting another machine and getting to know Linux.

Pardon my ignorance, why would those be suspicious?

Are you able to source “IoT” cards without ID verification?

Got a job at a BYOD workplace, so I ended up having to repurpose my old devices as my work devices. Fortunately I had many from my hoard to choose from. Still get taken aback when I realize that most of my coworkers have all their work stuff connected to their personal devices without a second thought.

For desktops, zram with no swapping to disk. Hasn’t given me any trouble yet, except for the rare news website (it’s always news websites) with a horrific memory leak.

For laptops, zram plus a low-priority swap file for suspend-then-hibernate. My old laptop drains a fair bit in sleep mode and my new one doesn’t have proper S3 suspend because microslop is pushing manufacturers to only support S0 idle.

Always a file, never a swap partition. Everything that can be encrypted lives inside the encrypted root partition.

It’s fine to watch people critique Linux and compare it with Windows, but in my honest opinion, Mutahar is not worth your time.

Except for systems with very limited resources, systemd or not won’t make much of a difference in performance. A lot of tutorials on reading system logs and managing background services will assume that you are using systemd.

I’ve only ever used distros with systemd, not necessarily with intent, but because it was the default and well-supported. Probably won’t switch unless

• Debian switches
• there’s a change that breaks my workflow
• it somehow starts phoning home to a big datacenter.

No experience personally with Lineage or eOS on a tablet, but if you end up with a tablet that doesn’t have official support from either, I can vouch for the LeOS GSI (generic system image). Minimalist and with all pings to Google servers stripped out.

That said, updates can be hit or miss with the GSI. The gold standard is still the Pixel Tablet with GrapheneOS, no fuss with complicated install and update methods.

Try installing just plasma-desktop

Would love to use SimpleX too, but the plan fell apart while trying to use it with family. Surprisingly many people fail to grasp the concept of anything other than a phone number, social media profile, or email address. It fell apart among my more tech-savvy friends because we missed calls and had delayed notifications despite SimpleX eating through the battery like no other messaging app.

No doubt, SimpleX is the concept of a messaging app done right and could be better than any other. It’s just the implementation that needs work. But I’d be happy to hear if there’s any optimizations I could try and revisit it.

See if anyone has reviewed how the model of interest performs under Linux or check if there’s a report for it on linux-hardware.org

Around 2020, I had purchased a new laptop and desktop. It took about two years until everything worked on the laptop under Arch, main issue being the microphone and speakers. About another year and a half until the same on Debian. On the desktop, the wireless card didn’t work with Linux on day one and still doesn’t work that well on Linux to this day. Swapped that thing out with an Intel wireless card.

Building an Android ROM is decently resource-intensive. Back when DivestOS was first discontinued, I wanted to see if there was anything I could do about rolling my own updates for my device. Decided against it once I saw how much RAM (or tradeoff being time) it would need.

Also I’m lazy and I’d probably miss security updates if I had to go through the build process as frequently as GrapheneOS updates.

Driver support for various old peripherals and nvidia cards

I use UTC+0 because I don’t like the ideas of timezones and DST.

Surprisingly good in most cases. Main thing missing for me is support for programs directly talking to USB devices (understandably, the associated driver support is its own can of worms).

1000% agree. Had to install an older version of Pinta because it was also gnomed a while back.

While I’ve yet to contribute to open-source projects aside from reporting issues, I’ve got my eyes set on something like libadapta. As soon as one of the programs I use on a daily basis gets gnomed, I’m going all in to soft fork libadwaita and restore as many GTK3 features as I can.

• someone who ran rm -rf /usr/share/icons/Adwaita

I practically never need to. I’ll find a way to make things work one way or another.

Depends on the degree of coreboot support. If the vendor or a firm like 3mdeb officially supports coreboot on your model of choice, it’ll have first-class support and you won’t miss out on anything compared to your typical proprietary BIOS.

If you plan on installing it yourself, do read carefully through the coreboot docs since some systems will have a few quirks (e.g. audio jack issues on T480/T470). But once coreboot is up and running on your computer, it’s smooth sailing on Linux. Compiling and flashing can be a bit of a rabbit hole, but I’m happy to give some pointers if you go this route.

I daily drive a ThinkPad X230 with Libreboot and haven’t had any issues. The only significant differences I’ve noticed are

• Faster boot times (1 to 2 seconds to reach LUKS prompt)
• Config menu (nvramcui payload) has very few options
• (Libreboot exclusive) Full-disk encryption by having GRUB with LUKS2 support directly on the BIOS
• I left out UEFI support since it’s complicated on the X230 and it’s not necessary for Linux to boot

Lost my mind a few years ago over this quirk. Now I always change both files when I want to change the hostname.

I’ve been daily driving Debian Stable for the past 5 years and I am more than happy to continue for the next five. It’s also on nearly all of my machines and the majority of my VMs.

I’m honestly not very keen on the latest features or hardware, but I am very keen on my software being predictable and consistent, so the Debian release cycle is perfect for me.