Ok, in your Post you say you want Privacy, but go on to describe Distros for Security.
Before you do anything, you should make a threat-model:
- Who do you want your data to be safe from
- What applications/programs do you use
- Who do you want to be protected against security wise.
- Are there any institutions/irganizations you trust (Tor, i2p, BitWarden, Linuxkernel, *BSD, Firefox, Chromium, Xmpp, Matrix, LLVM)
If you can answer the questions above, you can make more informed decisions, and if you want you can tell them to me either publicly or over multi@conversations.im (xmpp)
Here a short summary of a few operating systems to choose from:
Fedora Silverblue: Pros:
- Encryption of personal data possible
- Immutable
- Mandatory Access Control framework (SELinux)
- Everything is set up for you already, by people that know their stuff
- Big company with lots of resources, and fast security updates Cons:
- Big company you have to trust
- Less control over the operating system. Both for you or an attacker
- Immutability still very new, may cause problems
Alpine: Pros:
- very minimal -> small attack surface
- encryption optional, and made easy Cons:
- no MAC my default
- a lot of configuring you have to do yourself. Mistakes are a big concern
OpenBSD: Pros:
- audited into oblivion
- incredibly minimal Cons:
- incredibly minimal: No mac framework (!!)
- Disk encryotion might be tricky on your first try
- software support
- Wayland support still experimental
In my conclusion: If you trust Redhat more to build a safe os than yourself: go Silverblue
If you know what you are doing Alpine is a more minimal approach than Arch, and may be a fantastic choice if you know how to set up mac, fdi and a secure desktop
If you have a server or reverse proxy, OpenBSD will be a incredibly tough nut to crack for even government agencies, but due to the missing mac usecases as desktop simply don’t make sense to me.
I hope that helped
I would add: turning off telemetry, especially windows and other ms products