Free and open-source.
Receives regular software and kernel updates.
Avoids X11.
The notable exception is Qubes, but the isolation issues which X11 typically has are avoided by virtualization. This isolation only applies to apps running in different qubes (virtual machines), apps running in the same qube are not protected from each other.
Supports full-disk encryption during installation.
Doesn’t freeze regular releases for more than 1 year.
We recommend against “Long Term Support” or “stable” distro releases for desktop usage.
Supports a wide variety of hardware.
Preference towards larger projects.
Edit: I’m new to linux
I’ve already written another comment here. But I just noticed that you have edited OP’s text to include that you were new to Linux. Which changes the rules of the game so much so that a simple edit of my other post wouldn’t do it justice for the sake of visibility. Btw, perhaps you should have told us that earlier 😅.
So previously I had named Arch, Fedora and openSUSE Tumbleweed. These distros are still definitely worth the trouble. However, instead of Arch directly, you might wanna opt to an Arch-based distro. They often come with an installation that’s done through a GUI, which you might perhaps conceive as being more intuitive. Though, there are some that argue anything Arch-related is not suited for new users. Personally, I don’t buy into that. But there’s definitely some truth to it in the sense that other distros might be better suited for some new users. We don’t know what ‘type of new user’ you are, therefore we won’t be able to answer that for you. However, my gut feeling tells me that you’ve got some potential to start out with (an) Arch(-based distro) right out of the gate. Though, I’m not very confident (yet)😅.
With that out of the way, I think the following is important to note as well:
-
If you want to avoid X11, then you have to use Wayland. Which, in turn, implies that you’ve got to use either GNOME or KDE as your desktop environment. Unless, of course, you want to try out a tiling window manager (like Sway or Hyprland etc) right out of the gate as well. Which, again, doesn’t make it easier for you to start using Linux 😅. It’s definitely worth it eventually, but perhaps it’s better to not make it too hard on ourselves from the get-go. Coming back to GNOME and KDE, fortunately they’re very well-supported on the previously mentioned three distros. So you should be fine regardless. As to which of the two suits you best…? Well, that’s very personal. An oversimplified overview would be that GNOME is polished and ‘limited in regards to customization out-of-the-box’ while KDE allows you to customize to your heart’s content at the cost of polish. GNOME does have support for extensions that allows it to be easily customized beyond what KDE allows one. However, this comes -once again- at the cost of polish 😅. It’s best to make your own mind with this. Use both of them, and come to judge them yourself.
-
So I can’t but notice that you’re sensitive to your digital security (which is good thing 👍), but that you’d like your distro of choice to do the heavy lifting; which is totally fair. In that case, I would argue that Fedora and openSUSE Tumbleweed are better suited than Arch(-based distros), because they’re distros that take security very seriously. Heck, they’re the only popular ‘upstream’/‘independent’ distros that have managed to configure SELinux for use on their distros. On Fedora this is done by default regardless, while on openSUSE Tumbleweed it can be installed at a later point. (IIRC openSUSE Aeon/Kalpa (old MicroOS Desktop) shipped with SELinux by default, but the linked article suggests otherwise 🤔.) In contrast, while you can make it work on Arch, it’s not officially supported. AppArmor is still great though*.
-
If security is indeed important to you, have you perhaps considered using so-called ‘immutable’ distros? Btw, the name ‘immutable’ is not entirely correct as in most cases only some parts (mainly related to base system components) are read-only during runtime; changes to said base system components (through either installing/remove a package or upgrading) happens atomically and often times requires a (soft-)reboot to actually take effect. Some ‘immutable’ distros even manage to be reproducible and yet some actually manage to be declarative as well. The security-benefits for this can’t be overstated. If you’re interested in ‘immutable’ distros, then it’s worth mentioning that both Fedora and openSUSE offer them through Silverblue/Kinoite/Sericea and Aeon/Kalpa(/Greybeard) respectively. The exact implementation of ‘immutability’ across Fedora’s and openSUSE’s offerings are different. However, I won’t go over that for the sake of brevity 😅.
Please feel free to inquire if you so desire!
-