Yes, which is why i very much like what GrapheneOS does with Storage and Contacts Scopes.

Understandable. Though the security difference between Flatpak and Xen VMs, or even between Flatpak and Snap, is pretty big. Flatpak is mostly sandboxed to provide a consistent run environment to apps across distros, and id say 50% or more of the Flathub apps seem to have weak default sandbox security settings. Snap does a better job security-wise of reducing sandbox escape potential, but is still a far cry away from the containerization of Qubes.

Android doesn’t expose any app data and requires a permission for accessing storage (unlike Linux).

Freebsd is also on distrowatch. Qubes is not desktop Linux because it doesnt function like normal linux. It uses the Linux kernel, but in a similar way to how Android isn’t Linux, neither is Qubes.

Your hardware is most likely not free and open source. If you use non-free hardware, it is better to have security fixes then leave it unpatched. If you are using non-free hardware it doesn’t matter how free your distro is, you still must depend on hardware blackboxes. Your hardware can directly interact with your distro and do something malicious regardless of the presence of firmware blobs.

Those distros (Fefora & Debian) are fully free, but acknowledge that hardware isn’t in most cases. And like responsible and reasonable developers they choose what is best for stability and security.

I agree with PrivacyGuides on why to avoid Libre Kernels

https://www.privacyguides.org/en/os/linux-overview/#choosing-your-distribution

Linux-libre kernel and “Libre” distributions

We recommend against using the Linux-libre kernel, since it removes security mitigations and suppresses kernel warnings about vulnerable microcode.

AND

Proprietary Firmware (Microcode Updates)

Some Linux distributions (such as Linux-libre-based or DIY distros) don’t come with the proprietary microcode updates which patch critical security vulnerabilities. Some notable examples of these vulnerabilities include Spectre, Meltdown, SSB, Foreshadow, MDS, SWAPGS, and other hardware vulnerabilities.

We highly recommend that you install microcode updates, as they contain important security patches for the CPU which can not be fully mitigated in software alone. Fedora and openSUSE both apply microcode updates by default.

Definitely agree. If they could somehow make it a Flatpak with minimal permissions I would def check it out. Otherwise, I don’t use any unsandboxed software to avoid apps having arbitrary permissions.

Understandable.

What part dont you agree with? I guess it can be more difficult for some people and depending on the documentation provided by the part manufacturers, it can be longer. I generally think PC building is easy.

I agree with you about avoiding prebuilts. They cost more for than the base parts by a decent margin, which can easily be avoided by watching a YouTube video on “How to build a PC 15 min” and 2 hours of your time.

Even after using PopOS I dont understand the hype. It is Ubuntu-based, meaning that its packages are stale and often quite out of date, which isn’t something I would recommend for a gaming distro.

Better to pick one of the following, which are gaming focused, user friendly, and have up-to-date packages for {Mesa, Vulkan, Wine, Kernel, etc}:

• PikaOS
• Bazzite
• Nobara

Edit: My reason for saying that up-to-date packages are paramount is because a newer kernel supports more features, better performance, new hardware support, less bugs, and the same is true for packages that effect gaming. Desktop environments get better quickly through updates and bug fixes that effect gaming may take a year of more to reach pepetually out of date distros like Ubuntu. It is generally quite important, but less important if you use Steam Flatpak because it is slightly sandboxes.

The AMD rx 9060 xt 16gb GPU looks good.

Then choose whether you want DDR4 or DDR5 RAM, and based on that pick choose a modern Ryzen CPU. For a CPU cooler, I recommend something by Arctic. For example, I got the Arctic Freezer 34 eSports DUO used (because used is basically as good as new but way cheaper).

For motherboard company, I would avoid ASUS because of the recent security vulnerabilities. Maybe try ASRock, as they are budget friendly and aren’t lacking. Really anything is fine as long as your CPU fits the slot (and so already should your RAM if you choose a CPU compatible with the right version).

Get an NVME SSD with at least 1 TB of spacs and a HDD for extra, slower storage. You can find some good deals on here: https://diskprices.com/

Get a case that can fit your graphics card and CPU cooler. Also should have space in the front and back to channel wires

Use an online power supply calculator to figure what wattage of PSU you need for your parts. You should get a PSU that is Gold or Platinum rated and prefer ably modular wires.

Recommended Distros

General Use:

• Fedora KDE
• openSUSE Slowroll with KDE

Gaming Focused:

• PikaOS
• Bazzite
• Nobara
• CachyOS

When picking a distro for gaming, I always recommend using one that gets frequent/fast updates. All my recommendations get fast updates. If you are mainly just gaming, go with a gaming focused distro. If you want a system without many apps or modifications, go the general use route.

I can elaborate on each of my picks on request.

For setting up and selecting Piper TTS voices, use Pied. Then use KMouth by KDE to have an app to paste text in an make use of Piper TTS voices.

That plus KMouth would be exactly what OP wants. KMouth is an app you can paste text in and have speechd play it.

Mullvad has many methods of obscuring the fact that you are sending VPN traffic, specifically designed to fight VPN censorship and firewalls.

Matrix with either Element or Fluffychat

deleted by creator

You can think yhat Wayland adoption was artificial, bit X.Org is unmaintained software and no developers are picking up reigns of X11. X is dead.

It is possible on both GNOME and KDE iirc. I never use that feature, but i am sure i saw it in the settings.