Combine this with Librera Reader and you can listen to eBooks easily.

Yeah, I already understood that. I just thought the comment above was saying it already had ARM emulation, but it was bad or something. I just misunderstood what the above comment was saying.

IIRC, it is a current limitation of rpm-ostree, which results in an ISO that is nearly double in size.

Pretty sure Waydroid uses the x86 image of LineageOS, cus last time I used it (like a year or more ago) I had to get x86 version of APKs I wanted to install.

If I had to guess, they probably don’t use the APIs, inside using scrapping of some sort.

I moved an older relative to Mint and I regret it. Weird lagging and display server crashes sometimes, probably because of X11. Plus it’s release cycle is very slow, so old packages. Ubuntu is far from my favorite distro, but at least it uses a DE with first class Wayland support.

Here are my recommendations from last time I saw this question asked: https://lemmy.blahaj.zone/comment/17912220

Yeah np. Good luck.

You can use both through the browser, which is the safest way of doing things because the browser sandboxes the web apps, isolating them from your system. If you prefer an app for Messenger, look on Flathub, though I advise against it. The two apps I found for Messenger are Franz and Ferdium (a fork of Franz with more features).

To mitigate the privacy risks:

• Firefox with uBlock Origin (or Librewolf)
• Avoid sharing anything sensitive.

Nothing much you can do sadly.

Maybe a setup FIDO2 LUKS unlocking, but that requires a security key: https://www.privacyguides.org/en/security-keys/

While I do find GOS drama a bit annoying, they aren’t wrong about the lacking security of many AOSP forks. iode and /e/OS have a history late patches for security vulnerabilities in both the OS (https://web.archive.org/web/20241231003546/https://divestos.org/pages/patch_history) and for the forked apps they bundle with it. Each Android monthly and Chromium patches usually contains dozens High Risk CVEs, so taking a month or 2 is unacceptable. Neither are good for privacy or security.

See a comparison between some Android ROMs here, especially noting the update speed section: https://eylenburg.github.io/android_comparison.htm

You could setup LUKS TPM unlocking.

Yes, which is why i very much like what GrapheneOS does with Storage and Contacts Scopes.

Understandable. Though the security difference between Flatpak and Xen VMs, or even between Flatpak and Snap, is pretty big. Flatpak is mostly sandboxed to provide a consistent run environment to apps across distros, and id say 50% or more of the Flathub apps seem to have weak default sandbox security settings. Snap does a better job security-wise of reducing sandbox escape potential, but is still a far cry away from the containerization of Qubes.

Android doesn’t expose any app data and requires a permission for accessing storage (unlike Linux).

Freebsd is also on distrowatch. Qubes is not desktop Linux because it doesnt function like normal linux. It uses the Linux kernel, but in a similar way to how Android isn’t Linux, neither is Qubes.

Your hardware is most likely not free and open source. If you use non-free hardware, it is better to have security fixes then leave it unpatched. If you are using non-free hardware it doesn’t matter how free your distro is, you still must depend on hardware blackboxes. Your hardware can directly interact with your distro and do something malicious regardless of the presence of firmware blobs.

Those distros (Fefora & Debian) are fully free, but acknowledge that hardware isn’t in most cases. And like responsible and reasonable developers they choose what is best for stability and security.

I agree with PrivacyGuides on why to avoid Libre Kernels

https://www.privacyguides.org/en/os/linux-overview/#choosing-your-distribution

Linux-libre kernel and “Libre” distributions

We recommend against using the Linux-libre kernel, since it removes security mitigations and suppresses kernel warnings about vulnerable microcode.

AND

Proprietary Firmware (Microcode Updates)

Some Linux distributions (such as Linux-libre-based or DIY distros) don’t come with the proprietary microcode updates which patch critical security vulnerabilities. Some notable examples of these vulnerabilities include Spectre, Meltdown, SSB, Foreshadow, MDS, SWAPGS, and other hardware vulnerabilities.

We highly recommend that you install microcode updates, as they contain important security patches for the CPU which can not be fully mitigated in software alone. Fedora and openSUSE both apply microcode updates by default.

Definitely agree. If they could somehow make it a Flatpak with minimal permissions I would def check it out. Otherwise, I don’t use any unsandboxed software to avoid apps having arbitrary permissions.

Understandable.