Secureblue vs ChromeOS

Hi,
I’m struggling with choosing a good desktop solution, specifically between secureblue and ChromeOS (on my Chromebook Plus). I know that ChromeOS is considered one of, if not the most, secure desktop operating system at the moment (GrapheneOS (@GrapheneOS): "QubesOS, macOS and ChromeOS are the most secure options for desktop OSes with different advantages. ChromeOS is the closest to providing mobile style app sandboxing, exploit protection, etc. and is more secure than macOS overall, but it's focused on using Google services." | nitter), but that its first-party privacy is really bad. Is the telemetry really that bad? Also is there a reason why it isn’t recommended at the moment?
I also have a laptop with secureblue installed that I sometimes use, but heard that Linux is really insecure (Security and Privacy Advice | Madaidan's Insecurities). All I do with these machines is light browsing and some gaming, which could be achieved on either one. I also considered QubesOS and MacOS, but the former is really inconvenient and almost unusable and the latter is quite expensive. Windows 11 could also be an option, but I don’t think that it is more secure than secureblue(?). What would be the right thing to do?

If you do even light gaming I wouldn’t say ChromeOS is a viable option.

It sounds like you’re considering buying a new device. If so, you could have one machine for gaming with more lax security and another for work/personal life with more strict security. Personally I use Secureblue on my laptop for everyday stuff, and my desktop has Fedora for gaming and tinkering.

It’s not clear what your threat model or technical experience is. Without knowing those details it’s hard to make a good suggestion. I would not recommend Secureblue to a Linux beginner for example. MacOS sounds like the best overall option based on what you’ve said but it really depends.

yes

it isn’t, just sandbox your apps

There’s various downsides to ChromeOS including how it handles encryption and issues with proprietary systems in general.

I don’t know much about ChromeOS in particular, I’ve heard rumours that it’s comparable to (or worse than) Windows 11. Based on the company’s track record it’d be fair to assume it’s probably bad.

Probably due to privacy concerns. Privacy Guides also prefers open source solutions which ChromeOS is not.

The “Linux insecurity” fear mongering is way overblown, Secureblue or even Fedora Workstation should be just fine for your use case. And as mentioned previously, there are various security issues inherent to proprietary systems like Windows, macOS, and ChromeOS. Whichever is “more secure” isn’t clear but rather more dependant on your threat model.

Generally speaking QubesOS, macOS, and ChromeOS are all bad options for PC gaming. Windows obviously has the best compatibility but Linux comes in a close second. The out of the box gaming experience on Secureblue probably won’t be great. Fedora Workstation might be a bit easier but if you don’t have a reason to obsess over security, you might even consider a gaming-oriented distribution like Bazzite.

(This isn’t to say that Google and ChromeOS are the best, but I feel like the reality isn’t completely black and white (also not that you guys are saying it is))

In that Twitter thread, GrapheneOS tries to counter telemetry concerns by saying this:

A small amount of uninvasive telemetry isn’t the catastrophe people make it out to be and LOTS of open source software including Firefox has similar telemetry to macOS. You aren’t avoiding all telemetry, etc. by using open source software, and it’s a tiny aspect of privacy.

Couldn’t one install Steam using the Linux development environment?

ChromeOS has added device passwords as an alternative to Google Account passwords

Google sponsors the Linux Foundation and supports lots of open systems with the Summer of Code

Also this:

I still see it as an issue since the vast majority of users are likely to be vulnerable to it, but if you’re in the know you can avoid it.

That doesn’t change any of the issues with ChromeOS, etc?

ChromeOS is adopting more and more aspects from Android, which is open source

It seems like you haven’t read the 3 articles my comment links to. It’s not something that can be resolved merely by supposedly increasing the percentage of open source software used.

I’m aware that Google’s handling of open source software is relatively restricting and unideal, but ChromeOS is still more open than Mac and Windows, and there is hope for ChromeOS to open up even more in the future.

Android will have more power over the project, and the Android devs have the opportunity to demonstrate a better OSS attitude than the ChromeOS devs

OOTB this might be true with some of the distros, but secureblue is proof this is over exaggerated. I have used Secureblue for gaming but it has several quirks that can interfere with gaming but it is not impossible to do so on it.

Improved gaming experience · Issue #284 · secureblue/secureblue

I highly recommend a silverblue with bazzite to do any tyoe of gaming. You can harden and secure the distro quite well and sandbox everything. Using flatseal you can tell your application wat it can and cannot do. I have personally gone through several hardening measures that have zero impact in gaming.

Sorry for necroposting, but I found this really applicable: