It was actually interesting to see chromebooks mentioned on those guides, do you know whether there is a degoogled ChromeOS alternative/fork much like GrapheneOS is for android?
Here there are a lot of good stuff
https://madaidans-insecurities.github.io/guides/linux-hardening.html
also https://www.kicksecure.com is a project that try to apply a lot of security practices on debian (it is used as base for https://www.whonix.org/), his docs and forum are full of good infos.
For learning there are many routes, I know only the "way of the monkey": nerd on computers, try stuffs, break things and, after some time, you will gain the knowledge to hack low level stuff on your Os.
There are absolutely other ways to learn this stuffs, but I dont know exactly, every person need to find his personal methods and paths.
I reccommend start hacking with arch linux because it is minimal and customizable and it has a lot of documentation and a big community to learn from.
A linux system is as secure as you make it, so a first arch installation will probably be even less secure than an ubuntu on average (lacks of mandatory acces control forexample...), but it is a good base to learn.
it is like bitcoin, the real utlimate resources to keep your bitcoin secure is to know how it works; when you have knowledge then you know what tools use and how use them.
Discussion
I dont know exacly, there is chromiumos that is like what AOSP is for android or chromium for chrome. But a complete security and privacy focused distribution like grapheneos doesnt exists today.
Recently google announced that it will migrate a lot of chromeos system to android, making it more similar to a sort of android x86-64.
I think will ship the google forked gki kernel like android and will run on the integral android JVM.
In future maybe grapheneos could be released easily for desktop, as chromeos is becoming de facto android.
https://blog.chromium.org/2024/06/building-faster-smarter-chromebook.html?m=1
Even if grapheneos is objectively so good, I dont like the "security-by-restrict-user-access" approach. I think the control of the system and the root access are the most important thing for "owning your computing", even if from great powers come great responsabilities and great dangers.
Also with a google owned giant monolith like AOSP or chromium, even if open source, you will be subject to the decision of a single company (who will fork this mess? Who has so much money? Another google?).
Linux distros can be simple, modular in his components so you own your system and choose what component to use. I personally forked and maintain a wayland based window manager with my patches, and it is manageble by one man in spare time. How many people would need to fork and hack with the android graphic stack? Thousands plus one. Because one guy need to change the lightbulb.
Yeah pretty much agree on everything, especially the "one giant controlling the system's future" part.
By the way, I wanted to try out Alpine and labwc to see whether they could replace Fedora/Debian and Gnome/KDE as a desktop daily drive (at least for me), do you have some insights on those?