First of all, I’d like to apologize for contributing to the constant stream/flow of posts in which the main theme/idea/motive is to find a suitable distro for the OPoster. I wish we’d have a dedicated community that’s active/large to the extent we’d be able to delegate/contain these convos to their designated places, but alas…
With that out of the way, we can get to the actual meat. So, for two weeks, I’ve been reading a ton about different distros. And while I’m still primarily overwhelmed by the amount of choice, I think I’ve finally got somewhat of an idea.
Requirements:
- Software-wise, the only thing I’m worried about is Davinci Resolve. It should work, but it seems to be hit or miss. The distro I wish to use should handle this gracefully.
- I’m a huge snob for security and privacy. As I’m kinda worried that desktop Linux’ security isn’t on par with M$ or macOS, I wish to use as secure of a system as possible to (somewhat) compensate for that.
I like to follow ‘authorities’ whenever I’m overwhelmed. As I’ve known them since their PrivacyTools-days, it was easy for me to designate Privacy Guides as such. Hence, I’ve come to appreciate its recommendations. But, I believe the tailor-made consensus by this communities’ experts is at least equally important.
That’s where I’m coming from, let’s head over to the questions:
- 
Are PrivacyGuides’ recommendations actually good in the first place? 
- 
From what I can tell, the subset of security-focused distros are (at least potentially) my end-game. But, from what I could gather, they’re not sensible picks for a newb. Is this correct? 
- 
As for what remains, I got the following assumptions (please correct me if I’m wrong*): - The anonymity-focused distros don’t seem well-suited for general use.
- Hardening Arch or NixOS to the extent we find within the offerings of Fedora or openSUSE isn’t trivial.
- Fedora’s Atomic Desktops offer something tangibly superior security-wise over what we find for traditional Fedora and openSUSE at the expense of convenience.
 As such, am I correct to assume that Fedora Atomic Desktops are best for me? Would you happen to know if it plays nicely with Davinci Resolve? 
- 
Are there any other distros worth mentioning within the context? If so, which ones and why? 
- 
Any gotchas or otherwise I should be aware of? 
Thanks in advance for your input!


So what is the purpose of immutable distros?
Furthermore, my introductory reading would suggest some benefits:
And, with GrapheneOS’ endorsement of secureblue, I find it hard to believe that it doesn’t provide any benefits. But please feel free to enlighten me on this.
Though usability is probably a very legit concern, though. So perhaps not the brightest of ideas to start with as a first distro, but we’ll see.
The entire functional premise of immutable distro builds was for mobile and edge devices. It makes flashing/updating dead simple, and it’s easier to revert to a known good revision if something goes wrong.
There is no “stability” benefit, because the running system is unchanged, only the filesystem operates differently. I’m not sure where you read that. Also, containers aren’t inherently more stable than anything, so that’s extra confusing if you read that somewhere.
The filesystem being read-only doesn’t help reduce your attack surface at all? If you’re vulnerable to a zero-day on any running service on stock distros, you’d be vulnerable on immutable as well.