Desktop Linux Security Hardening:

- randomize MAC addresses

- use general user@localhost

- disable all OS telemetry

- anonymize keystrokes

- confine/sandbox apps

- update microcode, firmware

- and more!

https://privsec.dev/posts/linux/desktop-linux-hardening/