Fedora is great as it works out of the box but I don’t like systemd and red hat control. Arch works all the time, never crashes (yes fr), is awesome for any weird use cases, has the best software support in linux w/ AUR + flatpaks, but isn’t compiled from source or customizable enough. Gentoo is the way. I recommend bazzite gnome to any beginner, it corrects fedoras problems (crashes, KDE 6 madness) while making it more usable and with great software out of the box.

Don’t forget that COMMON_FLAGS="-march=native -O2 -pipe" is the most effective optimization if you don’t want random bugs that prevent from emerge -e @world after that to optimize your system correctly, being therefore more effective that COMMON_FLAGS="-march=native -O3 -pipe -flto".
USE=“-systemd openrc -glibc musl hardened -binary-redistributable modules-sign verify-sig -wifi -bluetooth -glib -introspection -lzma grub dracut dist-kernel dbus X -val -gnome -kde alsa pulseaudio”

Hot takes:

• systemd and glibc will get us all pwned one day
• Jia tan glows like a millions stars (US when solarwinds: eNDoFthEWoRlD, US when xz: i slep)
• (generally) more code = more bugs = more vulnerabilities
• you didn’t compile it from source with signature verification = it may as well be proprietary blob from a security standpoint
• fully open source software and hardware will win over, looking over to a deblobbed hardened kernel on RISC-V so that no ME or PSP or Pluton is spying and draining battery
• X11 is functional but insecure and dead
• and wayland is a mess because everybody discussed too much instead of writing code (should have been named X12 and been a full rewrite of X11 only changing necessary parts) but is the future
• f*** nvidia
• GrapheneOS is the only truly solid mobile OS
• Secure Boot is a joke, TPM cannot be trusted ever and UEFI is slightly better for security (compared to EFI) but too complicated, bloated and proprietary to its core
• Don’t build an AES accelerator inside your CPU, I don’t trust it, same for RNG, we should only use open algos on open hardware
• If you haven’t disabled RSA and ECDSA keys and password auth, your pulic facing ssh server is already snooped on by Jia’s friends, in ED25519 we trust
• Only RISC-V based framework laptops will save us from the proprietary hardware madness, but rn any framework is better than anything else as at least the BIOS can reasonably trusted not to have an intentional backdoor by framework (ME or PSP still exists tho)
• ext4 is dead, use btrfs: no corruption, no data loss, easy cli utility for verification/snapshot/backup/labeling/anything, shame its drivers aren’t included in the default initramfs
• swap is necessary on any linux system even if its a little bit, trust me please (I used to dislike swap and learned the hard way when a critical server crashed at the worst possible moment)
• KDE 6 is a hellhole of crashes bugs and freezes, was an adept of 5, I was all for it but heh, guess i’ll switch to sway