Safety and security are immutable Linux's calling cards.
In the beginning, there was the source code.
And, Linus Torvalds shaped it and called it Linux, and it was good. Now the operating system was formless and hard to use, so Owen Le Blanc of the Manchester Computing Centre (MCC) said, "Let there be a Linux distribution," and there was light. And from then until now, most Linux distributions have been based directly on the source code and packaging systems such as DEB and RPM. But, there is another approach called immutable Linux, and it's been gaining popularity over the last few years.
Immutable Linux distributions come with a read-only core system. This means the base operating system, once installed, cannot be modified during regular use.
Patches, including system updates, are done, during a reboot. This is called an atomic upgrade, which means that the update of everything is handled as a single transaction. If something goes wrong, you can easily revert to its previous state.
This architecture approach significantly enhances system security and stability, as it prevents unauthorized changes and reduces the risk of system corruption. Instead of updating things piecemeal the way most major Linux distributions do, everything is updated at once.
Why? Because since the core system is read-only, it's far less vulnerable to malware and tampering. If you can't add anything to the operating system, you can't corrupt it. In addition, immutable distributions use containerization for applications. This further isolates programs from the core system and each other. So, even if you do have a bad application, it has far less access to the underlying system than, say, a Windows application does to Windows.
Another immutable Linux win is that it offers unparalleled reliability and stability. By preserving a consistent state, their software dependencies remain intact. This reduces the compatibility issues that come from updates or changes in traditional systems. The result? More reliable performance with minimal downtime.
To install applications, you use containerized applications and universal package formats such as AppImage, Flatpak, or Snap. While many old-school Linux users hate this approach, this containerized method for application installation has several advantages.
First, they're distribution agnostic. That means if you have a Flatpak of Discord, you can install and run it on any Linux distribution that supports Flatpak.
These containerized package systems also avoid the dependency issues that come with traditional package managers. The old-school package managers often must update not just the applications, but all their software dependencies as well. Sometimes that isn't possible. Meanwhile, the container packages contain all the software you need to install and run its program.
They also give you the power to install plenty of proprietary software programs. For example, they make it simple to install Zoom or Spotify, whereas it can be troublesome installing either on Linux systems using traditional package managers such as the Advanced Packaging Tool (APT) or DNF.
Finally, because these applications run in containers, they're more secure than their package-based brethren.
None of this, by the way, is all that new. While some reports have been proclaiming that immutable Linux distros represent a radical change, that's not the case. Indeed, you've already been exposed to the immutable Linux approach, but almost certainly didn't know it. You see, underneath its Chrome web browser, ChromeOS is an immutable Linux system.
ChromeOS isn't the only immutable Linux in a box. For instance, if you play games with a Steam Deck under the hood, you're running the immutable SteamOS version 3.2, which is based on Arch Linux.
Immutable Linux, though, isn't just for hardware. There are many immutable Linux distributions. Some are from major Linux distributors that you already know, such as Fedora Silverblue, openSUSE MicroOS, and Canonical's forthcoming Ubuntu 24.04 will also have an immutable version.
Others include Vanilla OS, Endless OS, and the developer-friendly Project Bluefin.
Now, immutable Linux distros aren't for everyone. They're less flexible than the usual Linux distros. In addition, some applications and services don't work well with containerized environments.
So, why should you consider any of these? Easy. They're all very stable and secure. If you're never been a desktop Linux user before, they're also easier to install and run than their conventional older brothers.
I've been running Linux since version 0.11 appeared in 1991 when I had to download it via ftp from MIT. In those days, you had to compile it from C, and nothing was easy. Fast forward to today, and I can run Linux in my sleep. So, I don't need an "easy" Linux. But, many people still do. For them, I suggest you give one of the immutable Linux distros a try.
In particular, for Linux newcomers, I recommend the Fedora-based Silverblue, the Ubuntu-based Vanilla OS, or the Debian-oriented Endless OS. They're all easy to use, stable and secure. I think you'll like at least one of them.
- Adenman
- 1
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.