Let me tell you a secret: any linux distribution is a kernel + a set of pre-installed drivers and programs + their configs. Nothing more than that! Most distributions use the same kernel and roughly the same set of programs. The only differences are in the desktop environment and initial settings.

I would recommend Linux Mint Debian Edition (LMDE) as a start choice. Do not trust those who say that if you choose a “beginner’s distro” you won’t have to get into the console or text configs. Your choice of distro will determine how often you’ll do this.

As a regular user, I’ve used different distributions and always something didn’t work. Many issues couldn’t be solved via GUI, so I had to deep dive into both the console and all Linux services.

P.S. Arch Linux daily-driver.

Nobody knows your workflow better than you. The best answer anyone can give you is “experiment and figure out what works best with the hardware you have and the software you want to run”.

if you’ve never used OpenBSD, stick to GNU/Linux and mess around with OpenBSD in another machine, partition or VM.

I would recommend against Alpine and OpenBSD if you’re new to this. As others have said, almost every distro is private and secure, and barring extreme security concerns you’ll be served well by any of them. IMO pick something that is easier to get started with and has a larger userbase, like Linux Mint, Debian, or OpenSUSE Tumbleweed. After you’ve been using Linux for a while you’ll be more comfortable to start investigating Alpine and OpenBSD to see if you like the specific way they do things.

Most Linux distros will be fine except Ubuntu and probably some others. What you run on your OS is much more important. I personally run OpenSUSE but any (mostly) FOSS distro will be fine. If you run Tails with Chrome that would be worse than Ubuntu with a few tweaks and LibreWolf.

and saw the repo of hackliberty, they say to use alpine linux

On the same page you should have noticed links to excellent articles found on privsec.dev and madaidans-insecurities.github.io; both of which advocate other distros (as well) with the former not even mentioning Alpine. As for hackliberty’s usage of Alpine; I believe they stated it as their backend of choice for running their online services. So not necessarily recommended as their OS of choice on a desktop device. Though I’d love to be corrected if that’s not the case.

I was also looking to stuff like openBSD

If you can deal with it, go for it. Unfortunately I couldn’t give up my workflow to that degree. One has to be mindful, though, that however powerful openBSD is, one can elevate it further by using it in conjunction with Qubes OS; this guide might help you with that. Furthermore, this also makes it possible to not forego your entire workflow for the sake of openBSD.

just hardening the arch build I use rn

Also a decent choice, it might need constant tinkering and a lot of know-how to keep it splendid at all times. Though, it’s definitely doable as long as you’re committed and eager to improve yourself. And once again, this work doesn’t have to be for naught; once more this knowledge can be used to perhaps further harden an Arch-qube.

what do you think about that?

It’s always best to first define your threat model. After which it becomes clear to what degree you need further protection and what would be the best course of action to achieve that. For some, just moving from Windows/macOS to Linux is already a giant leap and might be enough for their threat model. While for others, this might not be enough as they have to be a lot more cautious to such a degree that even openBSD on a regular laptop might not be sufficient. If you just want maximum protection, then Qubes OS is surely your best bet IF you learn how to use it properly on a well-supported device; kudos if you can get your hands on one that support Heads as well. If you don’t mind a mobile device, then something with GrapheneOS should suffice as well.

IMO, you seem to be very new to all of this. Being overzealous might make you a lot more susceptible to burnout. Which is something you absolutely don’t want, as this is not a sprint but rather a marathon; keeping it up and going on is therefore of utmost importance and incremental change can help with that.

Ok, in your Post you say you want Privacy, but go on to describe Distros for Security.

Before you do anything, you should make a threat-model:

• Who do you want your data to be safe from
• What applications/programs do you use
• Who do you want to be protected against security wise.
• Are there any institutions/irganizations you trust (Tor, i2p, BitWarden, Linuxkernel, *BSD, Firefox, Chromium, Xmpp, Matrix, LLVM)

If you can answer the questions above, you can make more informed decisions, and if you want you can tell them to me either publicly or over multi@conversations.im (xmpp)

Here a short summary of a few operating systems to choose from:

Fedora Silverblue: Pros:

• Encryption of personal data possible
• Immutable
• Mandatory Access Control framework (SELinux)
• Everything is set up for you already, by people that know their stuff
• Big company with lots of resources, and fast security updates Cons:
• Big company you have to trust
• Less control over the operating system. Both for you or an attacker
• Immutability still very new, may cause problems

Alpine: Pros:

• very minimal -> small attack surface
• encryption optional, and made easy Cons:
• no MAC my default
• a lot of configuring you have to do yourself. Mistakes are a big concern

OpenBSD: Pros:

• audited into oblivion
• incredibly minimal Cons:
• incredibly minimal: No mac framework (!!)
• Disk encryotion might be tricky on your first try
• software support
• Wayland support still experimental

In my conclusion: If you trust Redhat more to build a safe os than yourself: go Silverblue

If you know what you are doing Alpine is a more minimal approach than Arch, and may be a fantastic choice if you know how to set up mac, fdi and a secure desktop

If you have a server or reverse proxy, OpenBSD will be a incredibly tough nut to crack for even government agencies, but due to the missing mac usecases as desktop simply don’t make sense to me.

I hope that helped

The BSDs are very hard to daily drive. You need to be quite knowledgeable in UNIX to get things done with them.

It is truly a rabbit hole …

I use Alpine on my desktop. I would like to know more about why it was cited as a good choice. I’ve used many distributions since I switched to Linux (in 2006) and I never had the impression that Alpine was a hardened distribution. I will say that I have had no issues with it and feel that the community is quite friendly, reactive, and helpful.

In the end, it depends on you threat model and use. Containers are a good idea, flatpaks are regarded by some as a good way to protect privacy… I am regularly updating my extremely basic guide because little things change so frequently.

IMO, Alpine or BSDs are no better than Arch in terms of privacy

deleted by creator

Don’t go with alpine and openbsd if you re not so comfortable already. Go with big Linux distros: Ubuntu (or popOS), fedora, open suse tumbleweed, and such. I’d personally recommend pop it Ubuntu, since they are based on Debian, you have huge ecosystem and info