N.E.P.T.R

Both Firefox and Chromium support native Wayland.

Also, this might lead you in the right direction for remote Wayland apps: https://github.com/wayland-transpositor/wprs

You could set up Wayland probably. Just make sure you use GNOME (Mutter) since it is the only Wayland DE that protects the screencopy API.

Docker guest still shares a kernel with host. Use a custom OCI runtimes like kata-containers (VM) or gVisor/sydbox-oci (unprivileged application kernel) to reduce the kernel attack surface and protect against privelege escalation.

Yes

No, it is not a proxy for another search index/engine.

Yes, you can add Brave search to your other browsers.

I wouldn’t stress much. It would take a targeted attack to have actually compromised your phone. It is alright.

It removes more proprietary binary blobs and I dont care about gapps.

I heard that he was a scammer or pseudo privacy expert from other comments. I wouldn’t recommend that phone. If you care about the privacy or security of your device, use DivestOS with a supported Pixel/OnePlus, or GrapheneOS with a Pixel. Only buy the phone new if you are super paranoid of some zero-day vulnerability being used on you. I recommend swappa.com because they have quality control, returns, and good prices for used devices (you can even get mint quality devices).

Comparison of Android ROMs: https://eylenburg.github.io/android_comparison.htm

iodeOS has been behind on security updates often (still better security against unsophisticated attacks than Ubuntu but not a good ROM): https://divestos.org/pages/patch_history

No VoIP, spaces, or threads support yet. Promising because it is written in rust and works well with Desktop portals.

My recommendation is GOS if you care about out of box experience and using gapps, DivestOS if you care about degoogling and removal of proprietary code. Both are hardened.

YouTube is a monopoly. The reason no one really uses multiple platforms to upload videos at the same level as YouTube is because it was run for a long time at a loss to push out all competition. I have no simpthy.

Yes, but Plasma doesnt protect against screen recording. The Devs expressed interest in protecting against arbitrary screen capture, still work in progress. See this issue: https://invent.kde.org/plasma/xdg-desktop-portal-kde/-/issues/7

Flatpak is installed on basically every Linux distribution. Literally all I do to install Steam is go to the Software Center and search “steam” and click install. It takes 2 clicks.

Cinnamon with Wayland is still in testing. X11/X.Org is unmaintained software and is less secure than Wayland. GNOME is the only desktop at the moment that actually protects the screen from arbitrary recording by applications. Just food for thought.

I don’t like Snaps either, but it isn’t a that big of a deal. Ubuntu is still vastly more private than Windows. I do prefer Fedora much more because it actually sandboxes system services with SELinux polices. Snap creates a better sandbox for applications than Flatpak, but it is slower to launch applications, depends on AppArmor (which is less secure than SELinux), and uses hard coded package repo (centralized design).

On Linux, you can install Steam inside a sandbox for better security. Easy to do with either Flatpak or Bubblejail. This makes it so that Steam does not have full file system access.

Disabling unnecessary background services, disabling telemetry, removing preinstalled adware. Easy to do with WinUtil by Chris Titus Tech.