You can always start sooner and dual boot on Linux Mint to get familiar test your usecases. I have been dual booting and haven’t logged into Windows in over 6 months. Gaming is pretty good for many games on Linux.
You need to first understand what kind of interaction you expect with your OS. For this, you can start by considering what you use your OS for and currently what you do for your OS. e.g. Before I jumped to Linux, I was just starting to learn PowerShell on Win, because I saw a lot of places in my system where I wanted to use it. I felt consistently dissatisfied with the lack of things I could just tell the system to do, making me go to scripting. This way, I knew I won’t have a problem with putting time into something that takes a lot of configuring. But since I was still new and wanted an easy start, I went with Manjaro KDE. It was based on Arch, but had a system of differed updates, giving me a feel of it being easier. Plus, it had a lot of customisations out of the box, some of which, I learnt from, when making my own configurations for EndeavourOS. EndeavourOS considers itself to be more terminal oriented, and it is possible to easily get a full-fledged tty system, just by selecting it in the installer. I chose KDE because I like changing the Appearance a lot, but you might want to look at other DEs depending upon your expectations.
Ubuntu has been shifting a lot to snaps, so if you want your computer to be snappy (the literal meaning), you might want to avoid it (ironically). But at the same time, if you want less configuration requirements and want to keep most of your exp outside the terminal, on top of finding it easier to install software from vendors’ websites, you can consider it. If you are fine with putting in the minimal amount of brain usage it takes to understand the installation instructions of the website - and by that I mean, read the heading telling you which distro the copy-paste text is meant for (I know ppl too lazy to do that and trying paste an apt command into Red Hat) - I suggest Fedora/Linux Mint and a slew of others.
DE = Desktop Environment apt = Package Manager (kinda like an app store on terminal) used for Ubuntu
P.S.: If you choose an Arch-based distro, make sure you keep a backup OS that is in the Debian/Fedora tree. I keep a Debian KDE, mainly for older linux games, which ask for packages that have been long removed from Arch, but it is useful in case you break something. That way you won’t have to wait for the time it takes to make a Live USB and can just restart.
So much stability and reliability, while modern packages. Just using Debian or Mint (Ubuntu LTS with an outdated Desktop and opinionated theming) is not a solution for a good experience, as you need updates.
Btw I broke every other Distro before, so I ended up on Fedora Kinoite
Some of my favourites are Void Linux, Artix and Opensuse Tumbleweed
Void was my first non-systemd distro, and it was super snappy as well. Some packages may not available but overall I had a really great experience with it. It also offers a version with the musl C library. Pretty cool if you ask me.
Opensuse tumbleweed is an overall a great distro, it’s one of my favourites. Also I noticed that many people have recommended it and that’s for a good reason. It’s installer isn’t that user friendly but I would prefer it over Fedora’s installer any day. ( I haven’t tried the last 3 iterations of Fedora, so it might have changed now )
Artix is well… arch with different init systems. Nothing too crazy. Its what I have been daily driving for the past year or so.
I love how polished everything is in Gnome. I try another DE because of some cool thing, but I keep coming back to Gnome.
There are a couple of minor things that irk me, but man, how good Gnome looks, the consistency, stability, and attention to detail from the devs make it superb to me.
The accessibility options are also great for a Linux distro.
And, and I know people hate this about Gnome, but I love that it’s not just a Windows UX/workflow clone with a start button in the bottom left that opens a small start menu, Taskbar along the bottom with time and system stuff shoved in the corner, minimise/maximise/close buttons on the top right of every app, etc.
They’re ballsy enough to do usability studies and go with what makes sense, not just what we’re most used to, even though it’s opened the devs up to hate and threats.
If I run these as an unprivileged user via xhost, they don’t really work well.
This is not a strong security boundary and in this case is basically doing the opposite of what you want. Giving access to an X session is basically giving the app full access to your user account. As an example they can inject keystrokes to open a terminal and do whatever they want. X also gives every program access to every other program.
Running as a different user will prevent direct access to other resources of your user account which may block some generic malware/spyware that tries to gobble up random files, but keyloggers and screen captures will just work as expected because they use X anyways.
As mentioned in other comments the best solution to this is Wayland. Under Wayland apps don’t have direct access to each other. These apps use “Portals” which are trusted permission prompts. So if you try to share the screen under Wayland you will get a trusted prompt that list all windows, and if you select one the app only gets access to that one selected window.
Although it is worth noting that most apps running under your user account will have pretty broad access. This can be mitigated by sandboxing tools like Flatpak but many available Flatpaks don’t provide much isolation. Carefully check the permissions if isolation is important to you.
And for the truly paranoid anything running under the same kernel is not strongly isolated. It is likely good enough for these partially trusted apps like Zoom or Teams (they are not likely to actually try to exploit your system, just suck up more data than you would like them to) but not strong enough for running completely untrusted programs that may be malicious. You would at least want a VM boundary (see Qubes OS) or ideally different physical hardware.
Another good option is running these in a browser. Browsers are designed from the ground up to run untrusted software safely. Google Meet works perfectly in the browser and Zoom has all of the core functionality available. (I don’t use MS Teams so can’t vouch for it.) This is my main approach to isolating proprietary software as it is reliable and I also value features such as cross-platform usage. Half of these programs just run Electron anyways so running in my main browser will use less resources and be faster than running 7 different Chromium processes.
So wayland fixes most of these. Is it possible to run GUI programs as another user just like in X with xhost though ? I’m asking not only from a security point, but as a practical one since I need to run the same program under different namespaces/users
I can’t way I have tried. But Wayland uses a socket, so many you can set file permissions to let other users access it?
I don’t know what your exact use case is but if you just want programs to have different “profiles” you can probably do something like setting $HOME to point somewhere else or otherwise configure their data directory.
linux
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.