Pro/Con of Linux Distributions from a CypherPunk perspective
Linux Mint:
Pro: Very stable, things are likely to just work. Updates rarely break the system. And installs of Ubuntu versions of software usually work, but you don’t get the slow speed of Ubuntu’s snaps.
Con: Very slow update cycle, so you’re getting security updates last. Some newer software either won’t work or you have to manually get debian packages from their website. You can change the desktop environment, but if you leave it cinnamon then you can’t use Wayland yet. (which is a more secure display protocol)
Fedora:
Pro: Ships with Wayland and SELinux out of the box. This is a pro if you trust the academic research on SELinux but...
Con: The NSA made SELinux and even though it’s open source, how many impartial non-US firms have audited it with enough expertise to really know if there’s a backdoor? My questioning of this will cause controversy, but it’s a fair question. At least be aware if you disagree with me.
Kicksecure:
Pro: Live mode let’s you erase everything. Can be used as a VM or even the host OS. AppArmor is default as is Firejail. Although you could just run these things on any distro.
Con: It’s still debian, so you are getting slower updates. But debian has large software support
Arch:
Pro: Bleeding edge of updates. Huge amount of software.
Con: Updates may break things and require you to roll back things. (Luke Smith has a tutorial on this)
Void:
Pro: Faster and less attack surface by removing SystemD (the startup system for almost every other distro, btw Artix is Arch without it). Void also has a more secure version with it’s libraries (musl and GNU libc). And rolling release meaning faster security updates.
Con: A lot of software is not compatible with the more secure changes, but you can check their website to see which software works on which versions.
Qubes:
This is an OS that lets you run everything in virtual machines with a minimalist hypervisor
Pro: Least attack surface with a Xen hypervisor. Some experts consider it the hardest to attack.
Con: Requires good computer specs, especially for things like fast video. And there’s potential USB issues
(btw an alternative to Qubes is Kicksecure in live mode as the base OS with KVM QEMU machines).
Gentoo:
Pro: Can be customized to the best security settings (think all the things mentioned in this article, SystemD removed, musl vs libc, wayland, ect).
Con: Requires a large time investment to modify these things
Follow us on Nostr for more!
I'd also add Debian an OpenSuse MicroOS for who care about stability
Qubes is great but the disk management is sometimes a real pain. Mint is a great distro to install on computers for someone, starting with #Linux
And followed, what about Pop 😁
I'm a security noob, but wouldn't being on the bleeding edge of updates (like with Arch) be just as much as a security vulnerability as a it is a benefit due to the fact that you are getting updates that are not well baked yet?
... also missing Debian on the List ..