Hi, Im searching for a secure distro for normal daily use for my laptop. Currently Im running arch linux with full disk encryption, secure boot, linux hardened, firewalld and most apps as flatpaks (with some disabled permissions using flatseal). I think its pretty secure laptop but it could be more secure.

Tails and Whonix are the most secure but they are not ment for normal daily use…

There is a lot of new immutable distros. Getting (system) malware is harder to get on them. Im most interested in blendOS, because its based. Does anyone know if it has full disk encryption, secure boot, etc. or can it be done by the user? What about other distros like Fedora Silverblue?

Any other recommendations?

Thank you :)

  • @[email protected]
    link
    fedilink
    61 year ago

    Puppy Linux - the OS is spooled into RAM from a single signed compressed image. by default there is no write back to physical data store; this can include user folders etc. each boot can be a clean slate.

    Since the OS itself is in a single compressed & signed package, if someone alters it via a sidecar boot to an alt OS, it and you would know.

    When there are chain of custody issues it is pretty secure when added with the usual bevy of other securing options.