If distros signed the bootloaders with their own keys, then I would configure my system to only use those keys and not include Microsoft’s.

12th gen alder lake seems much better at s0 sleep than my 8th gen one. Less battery drain.

I've looked into the hardware disk encryption before. The problem that it has with Linux is it isn't compatible with secure boot OOTB and could cause sleep issues. That's just the nature of OPAL 2 disks. I'm curious to see what they will do, but then the security is up to the TPM chip and the BIOS.

One word: printers. Linux isnt event plug and pray, it just detects it.

I've had fTPM issues with the bios because I changed CPUs and lost key attestation. Maybe it's my fault, but the reset process isn't documented anywhere clearly and it's not worth digging up my old CPU to reset the Mobo.

Graphene has been good at getting security and feature updates out the door quicker. For that reason (and that google telemetry will happen no matter what OS), it's much more secure.

I need to settle on one for a bit. I like Fedora for it’s edge stability and embracing newer secure technology. But, I will be shifting to Debian 12 or Ubuntu LTS because I need to get real work done. I like Pop and Mint, but they don’t have secure boot which I desire.

I’ll probably enjoy arch when I get the time to play with it more.

Holy cow I will test this later. My touchpad even on a regular DPI display goes crazy sometimes.