this post was submitted on 25 Feb 2024
60 points (89.5% liked)

Privacy

32456 readers
592 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I first used Linux about 5 years ago (Ubuntu). Since then, I have tried quite a few distros:

Kali Linux (Use as a secondary)

Linux Mint (Used for a while)

Arch Linux (Could not install)

Tails (Use this often)

Qubes OS (Tried it twice, not ready yet)

Fedora (Current main)

For me, it has been incredibly difficult to find a properly privacy oriented Linux distro that also has ease of use. I really enjoy the GNOME desktop environment, and I am most familiar with Debian. My issue with Fedora is the lack of proper sandboxing, and it seems as though Qubes is the only one that really takes care in sandboxing apps.

Apologies if this is the wrong community for this question, I would be happy to move this post somewhere else. I've been anonymously viewing this community after the Rexodus, but this is my first time actually creating a post. Thank you!

UPDATE:

Thank you all so much for your feedback! The top recommended distro by far was SecureBlue, an atomic distro, so I will be trying that one. If that doesn't work, I may try other atomic distros such as Fedora Atomic or Fedora Silverblue (I may have made an error in my understanding of those two, please correct my if I did!). EndeavourOS was also highly recommended, so if I'm not a fan of atomic distros I will be using that. To @[email protected], your suggestion for Linux Mint Debian Edition with GNOME sounds like a dream, so I may use it as a secondary for my laptop. Thank you all again for your help and support, and I hope this helps someone else too!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 10 months ago (1 children)

What proper sandboying in fedora are you missing? Fedora is very advanced in that regard compared to most other distros.

Traditional Fedora and especially atomic distros are very good for this, see other comments as well recommending ublue.

[–] [email protected] 1 points 10 months ago (1 children)

I had installed an app (flatpak) that required the use of my microphone. I knew I had disabled microphone permissions globally in settings, so I went into settings and turned microphone access on. The app successfully used my microphone, but the issue is it doesn't show up as an app that requested microphone permissions in settings. Further reading showed that sandboxed apps are forced to request microphone access, but unsandboxed apps can freely use the microphone. This led me to believe that the flatpaks I had been installing were not sandboxed. I could be wrong, so some insight would be much appreciated!

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago) (1 children)

Flatpack makes use of Bubblewrap under the hood for sandboxing. You probably got confused by XDG Desktop Portal.

[–] [email protected] 5 points 10 months ago (2 children)

To add on to this, if you are using flatpak apps and want granular permission control, check out flatseal. Fedora (IMO) has one of the best flatpak integrations out of the box. Other "sandboxing" or containerized app deployments are snaps (made by Canonical), and appimage (I'm not entirely sure this qualifies as an app container).

From my experience, flatpaks is currently leading in adoption when compared to the other two.

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago) (1 children)
[–] [email protected] -1 points 10 months ago

Thanks! Flatpak-KCM is perfect as I'm thinking I'll move to fedora KDE in a couple days when f40 drops. I'm hoping that the Wayland experience on NVIDIA GPUs will be smoother there than on GNOME.

[–] [email protected] 0 points 10 months ago (1 children)

There is something almost identical in the settings app, is it different from that? Also, is there a way I can check which apps are/aren't sandboxed? Thank you!

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago) (1 children)

Unfortunately the gnome flatpack settings is a lie. You can only view them, you can't actively modify them. Unless it's changed recently?

[–] [email protected] 2 points 10 months ago (1 children)

I looked into flatseal, and I am incredibly happy with it, it instantly made me feel much better about my digital hygiene. As for GNOME flatpak settings, there are some toggles, but only minimal (notifications, background, etc.)

@[email protected], that has to be one of the most helpful suggestions for an app I've received since I first used Linux. Truly, thank you!

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago)

Gnome really needs to start getting on this stuff; I've been disappointed in the way Gnome handles implementing new things and their tendency of going the "#QuirkyGirl" route instead of getting the shit implemented in a cross-distro way like everyone else.
For example the XDG-Desktop-Portal accent color protocol where Gnome devs were actively against it and required a lot of push back from the community.