It's not hard to set up if you already have sufficient baseline technical knowledge to feel comfortable copy-pasting the right commands from the Internet with hope that you don't brick your computer (which ironically fedora or opensuse kinda did although I eventually found out how to work around the failure which makes my laptop permanently unable to use an older version of Linux lololol).

Arch was really easy to set up, I followed tutorials for fedora from fedora which never worked, and opensuse worked until a power outage then never again. So easy. So simple.

Secureboot with shim is the easiest, the arch (/standalone) way seems to work better and more securely since it's my own keys, but again depends on feeling a lot of unearned confidence. Some distros like Ubuntu and suse include mechanisms for secureboot, others do not, hence hit or miss.

Tldr I know what you're telling me, and from my pov and experience none of that changes what I said for the average "go on, try Linux, you'll like it" user.

Interesting, thanks for the links I'll take a look

Yeah was thinking about that (edited to add immediate) -- games are certainly background loading nowadays but the stuff needed is intended to be in ram by the time it's needed, afaik.

For sure I'm just saying i'd guess that's because at play time you're loading everything into ram. For bulk loading I would encryption perf follows the general use case.

(Tldr encryption shouldn't matter for games)

That's quite a take given the source of most current end to end encrypted messaging algorithms.

But also, whooosh

It's a real challenge to get a fully encrypted system with secure boot (easier now but still hit or miss with Linux) and tpm.

What you're describing is the user level security model which is as you said restrictive enough to be annoying, and more controlled than windows.

Edit: undid autocorrect from user level to user never 🙄

I don't know what you're responding to, I'm responding to a comment about refresh rate.

You didn't explain the implications of what radio free Asia is, I did. I don't know what words I'm putting in your mouth.

That's fine, but why?

You have granular control over universal windows apps (ie windows 8+ apps) and one global lock over all desktop apps (non uwp), and one global lock over everything. It's pretty solid considering how little control Microsoft has and it's wonderful fetish for compatibility.

Tldr basically same as Linux, except app distribution in Linux was bad enough for so long that more stuff is in the new restricted format while windows still has tons of things which will never go away and aren't in the sandbox. I think not finding a way to sandbox all desktop apps was a mistake.

Define properly shut down. Do your thieves usually ask first?

If it has to go to disk for immediate loading of assets while playing a video game you're losing more than 1-5 fps