• Pantherina@feddit.de
    link
    fedilink
    arrow-up
    45
    arrow-down
    5
    ·
    edit-2
    1 year ago

    https://www.youtube.com/watch?v=5eKSQT5mV-c

    Important: Nobara is way less Secure than Fedora.

    • no Secureboot
    • monthly updates instead of often daily
    • purposefully removed SELinux (because the Dev doesnt know how to use it)
    • still no Fedora39!

    If you want to game, stick to regular Fedora. A project that is actually secure is ublue with dedicated NVIDIA images that should just work and never break, and they even have Bazzite, an Image specifically for the Steamdeck but also for Desktop.

    These images are only ½ day behind upstream, apply minimal additions and patches (like drivers, codecs, packages, udev rules for controllers) and Nick from the video above found out that the Nobara patches with their weird less supported Kernel arent really worth the hassle.

    • Skimmer@lemmy.zip
      link
      fedilink
      arrow-up
      7
      arrow-down
      1
      ·
      edit-2
      1 year ago

      I 100% agree, its best to just stick to upstream Fedora imo. Glad you made this comment. The security issues of Nobara always put me off, especially since basically everything it does can just be applied to regular Fedora. I think Nobara would much better serve as a script or toolkit, similar to Brace, or something along those lines instead of an entire separate OS with the security issues it brings.

    • yum13241@lemm.ee
      link
      fedilink
      arrow-up
      11
      arrow-down
      6
      ·
      1 year ago

      Secure Boot is an utter piece of bullshit from the depths of hell.

      • Pantherina@feddit.de
        link
        fedilink
        arrow-up
        3
        arrow-down
        4
        ·
        1 year ago

        Proprietary UEFI BIOS is, but for a secure system with local manipulation prevention it can be needed. Also secureboot is a security measurement against malware so no, its simply the best we have.

        Look at Coreboot if you want a secure modern system

        • novacustom
        • 3mdeb
        • starlabs
        • system76
        • yum13241@lemm.ee
          link
          fedilink
          arrow-up
          11
          arrow-down
          1
          ·
          1 year ago

          Secure Boot is just Bootloader Signature Enforcement controlled by M$, it’s not gonna prevent Superfish 2.0 from happening.

          Unfortunately, I don’t have a coreboot-able system. When I move out I’ll make that a priority.

    • retro@infosec.pub
      link
      fedilink
      arrow-up
      6
      arrow-down
      5
      ·
      1 year ago

      As a non-power user, I don’t want daily updates. Monthly is perfectly fine for me.

      • meteokr@community.adiquaints.moe
        link
        fedilink
        arrow-up
        9
        arrow-down
        1
        ·
        1 year ago

        Linux desktop updates are handled totally differently than Windows. I don’t even see them, as my distro just has a timer that checks for updates once a day, then updates the whole system in the background. If anything, this behavior is intended for non-power users.

      • Pantherina@feddit.de
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        1 year ago

        Then disable the updates lol. This is done in the background and includes all the security patches so you dont even see any of it, not a single popup.

        We are not talking about backported security fixes, but literally no updates for an entire month.