Privacy, freedom to choose whatever I want, focus on FOSS (I hate/dont trust proprietary software), and security features for hardening Linux (Landlock, SELinux, Bubblewrap, sysctl, hardened_malloc).

Thanks for the info! Didn’t realize it was dash.

Rust (Golang or any mem-safe lang) is/are useful for designing secure applications, but not the reason Syd is so great. It is impressive because it is unprivileged, simple yet very granular, has tons of exploit mitigations and hardening options, defaults to hardened_malloc (on arm64 and x64), it’s multilayered sandbox (using landlock, seccomp, namespaces, and more), but of course being written in a memory safe language is an important plus (as memory corruption vulnerabilities are a very large class of common vuln). It abstracts the complexity of working with low-level sandboxing API (such as landlock) while allowing you still construct complicated sandboxes). The dev is also very open to add new ideas.

I thought about it (and I might still) but the project is still in beta and implementing sysctl and MAC would slow everything down development-wise. Switching to Fish would be easy and cool though.

I am excited to see Chimera Linux mature because iy seems like a distro which prioritizes a simple but modern software stack.

Features of Chimera that I like include:

• Not run by fascists
• Not SystemD (dinit)
• Not GNU coreutils (BSD utils)
• Not glibc (musl)
• Not jemalloc (mimalloc)
• Proper build system, not just Bash scripts in a trenchcoat

What I would like:

• MAC (SELinux)
• Switch to Fish over Bash (because it is a much lighter codebase)
• Switch from mimalloc to hardened_malloc (or mimalloc built with secure flag). Sadly hardened_malloc is only x64 or aarch64
• Hardened sysctl kernel policy

What I want out of a secure Linux (or BSD) system is full (top-to-bottom) sandboxing of all components to enforce least privilege. I am want to learn how to make my own distro (most likely for personal use) which uses strong SELinux policies, in conjunction with syd-3 sandboxing, which seems like the most robust and feature rich, unprivileged sandbox in both the Linux/BSD worlds (also it’s totally in safe Rust from what i can tell).

Another thing that I would love to make is a drop-in replacement for Flatpak that is backwards compatible but uses syd-3 instead. It has much better exploit protections than Bubblewrap, and is actually an OOTB secure sandbox. I dont know much about the internals of Flatpak, or how to use xdg-desktop-portal, but I am going to start more simple with a Bubblejail alternative. One major advantage of syd is that you can modify an already running sandbox, so theoretical you could show a popup that says something like “App1 is requesting microphone access.”, where you could toggle on without needing to restart the app.

Need to get better at coding tho lol

If I had to guess, they probably don’t use the APIs, inside using scrapping of some sort.

Maybe a setup FIDO2 LUKS unlocking, but that requires a security key: https://www.privacyguides.org/en/security-keys/

You could setup LUKS TPM unlocking.

Yes, which is why i very much like what GrapheneOS does with Storage and Contacts Scopes.

Understandable. Though the security difference between Flatpak and Xen VMs, or even between Flatpak and Snap, is pretty big. Flatpak is mostly sandboxed to provide a consistent run environment to apps across distros, and id say 50% or more of the Flathub apps seem to have weak default sandbox security settings. Snap does a better job security-wise of reducing sandbox escape potential, but is still a far cry away from the containerization of Qubes.

Android doesn’t expose any app data and requires a permission for accessing storage (unlike Linux).

Freebsd is also on distrowatch. Qubes is not desktop Linux because it doesnt function like normal linux. It uses the Linux kernel, but in a similar way to how Android isn’t Linux, neither is Qubes.

Your hardware is most likely not free and open source. If you use non-free hardware, it is better to have security fixes then leave it unpatched. If you are using non-free hardware it doesn’t matter how free your distro is, you still must depend on hardware blackboxes. Your hardware can directly interact with your distro and do something malicious regardless of the presence of firmware blobs.

Those distros (Fefora & Debian) are fully free, but acknowledge that hardware isn’t in most cases. And like responsible and reasonable developers they choose what is best for stability and security.

Definitely agree. If they could somehow make it a Flatpak with minimal permissions I would def check it out. Otherwise, I don’t use any unsandboxed software to avoid apps having arbitrary permissions.

Recommended Distros

General Use:

• Fedora KDE
• openSUSE Slowroll with KDE

Gaming Focused:

• PikaOS
• Bazzite
• Nobara
• CachyOS

When picking a distro for gaming, I always recommend using one that gets frequent/fast updates. All my recommendations get fast updates. If you are mainly just gaming, go with a gaming focused distro. If you want a system without many apps or modifications, go the general use route.

I can elaborate on each of my picks on request.

For setting up and selecting Piper TTS voices, use Pied. Then use KMouth by KDE to have an app to paste text in an make use of Piper TTS voices.

That plus KMouth would be exactly what OP wants. KMouth is an app you can paste text in and have speechd play it.

Mullvad has many methods of obscuring the fact that you are sending VPN traffic, specifically designed to fight VPN censorship and firewalls.

Matrix with either Element or Fluffychat