For a GNOME modified experience there is the Nobara Official Project based on Fedora Workstation. This could be an option out of the box I guess for a more “user friendly” Gnome.
Last time i checked Nobara disabled secure boot. If you want a similar layout you could just use some extensions.
1 Like
I think still the same. I don’t mind the secure boot disabled and find an interesting project for those that have trouble tweaking Fedora for their likes as an option of pointing to Ubuntu. Nevertheless, is a good heads up.
I’d caution the use of Nobara.
It is an ok Linux distro for newcomers.
Its a great distro for gaming with a lot built-in quality of life features for gaming.
Its not a good distro for privacy and security:
- SecureBoot disabled (for Nvidia GPU users)
- SE Linux is replaced by AppArmor
- Discord sandbox is off (but Discord is not installed by default)
But of course, it is still better than Windows.
As for the first point. Nvidia has always been a mess and even with “normal” distros you still need to enroll your own key. So I don’t think it’s really a con
2 Likes
IMO the main downside to Nobara is it gets slower updates than Fedora, now that it snapshots Fedora instead of pulling directly from their repos. My concern is delayed access to security updates. For example, my Nobara machine only today got the bluez and qemu updates Fedora shipped a few days ago to address CVEs.
There is little reason to use offshoots on desktop imo. If you want Fedora use Fedora, if you want Arch use Arch, etc.
1 Like
I would argue there’s still a benefit even if it’s a self-signed key after you install the Nvidia driver, since you’re still getting enforcement against any other new kernel components getting added without your knowledge.
The creator of Nobara does awesome work, I just couldn’t see basing the entire OS installation - including custom kernel patches - on work that’s only really being done and reviewed by a single individual / by an extremely small group.
4 Likes
Not necessarily, off-shoot Ubuntu is fine
@anon39565454
ah, yea spins of Fedora or Ubuntu are almost always kept in sync and are fine
This is the real problem. I’m not sure for how long Eggroll will continue around working on this. I like that certain things were made to mitigate some controversy around Fedora, such as the recent talk about Telemetry. He was clear that it wouldn’t be included in Nobara.
1 Like
Secure Boot does not even come supported out of the box in Qubes.
" Is Secure Boot supported?
UEFI Secure Boot is not supported out of the box as UEFI support in Xen is very basic. Arguably secure boot reliance on UEFI integrity is not the best design. The relevant binaries (shim.efi, xen.efi, kernel / initramfs) are not signed by the Qubes Team and secure boot has not been tested."
Source: Redirecting…
You do know secure boot it’s just something made for Windows?
@Voilable
Secure Boot is a general UEFI standard, it is not Windows specific.
It isn’t the most robust, but has some benefits.
It should be noted that Qubes not supporting Secure Boot isn’t really a downside as it has its own more robust implementation: Redirecting…
Intel TXT is pretty rad, it effectively turns the host OS into its own domain and runs the verification in another distinct domain iirc.
3 Likes
And yea UEFI it’s faster and works less with Linux so, I got my point.
I think you are (unintentionally) restating really out of date misinformation.
Nearly every major linux distro supports (and recognizes the value of) Securing the boot process, and every other major operating system (iOS, Macos, Windows, Android) has implemented some version of secured/verified boot.
A very short and non-exhaustive list of people and projects within Linux that have acknowledged the value of securing the boot process are:
- Linus Torvalds (and other Kernel developers like Matthew Garrett)
- All the major enterprise/security focused distros (including Red Hat, Ubuntu, OpenSUSE)
- Major community distros (including Debian, Arch, and Fedora)
- Even Richard Stallman and the FSF–who are about as anti-microsoft as they come–has acknowledged the potential security benefits of securing the boot process.
The idea that this is some Microsoft scheme to control people / shut out competition from Linux (a popular theory 10 years ago in Linux circles) proved not to be the case, and at this point is just misinformation. The Debian Wiki says it better (and has more credibility) than I do:
What is UEFI Secure Boot?
UEFI Secure Boot (SB) is a verification mechanism for ensuring that code launched by a computer’s UEFI firmware is trusted. It is designed to protect a system against malicious code being loaded and executed early in the boot process, before the operating system has been loaded.
What is UEFI Secure Boot NOT?
UEFI Secure Boot is not an attempt by Microsoft to lock Linux out of the PC market here; SB is a security measure to protect against malware during early system boot. Microsoft act as a Certification Authority (CA) for SB, and they will sign programs on behalf of other trusted organisations so that their programs will also run. There are certain identification requirements that organisations have to meet here, and code has to be audited for safety. But these are not too difficult to achieve.
SB is also not meant to lock users out of controlling their own systems. Users can enroll extra keys into the system, allowing them to sign programs for their own systems. Many SB-enabled systems also allow users to remove the platform-provided keys altogether, forcing the firmware to only trust user-signed binaries.
11 Likes
(post deleted by author)
It looks like that a conversation from 10/2023 was transformed in a pool to advocating for Nobara today 11/2025. In a way that looks like that I started it.
I don’t think Nobara is a distro that worth a look anymore.
Please close this thread if possible.