Best practices?

Don't copy paste commands into the terminal you don't understand.

RTFM

Use the computer like a computer. Linux is not a lifestyle; it's a tool you use to shitpost, watch videos, play games, etc.

One of the forums regulars, Pjotr, made this website exactly for questions like that: https://easylinuxtipsproject.removed/p/1.html

--> see "B. Right after the installation of Linux Mint"

What I suggest. Dont look at hardening yet. Only do so if you feel like your ready to touch the Internal workings of the OS. I do suggest using full disk encryption if this is a laptop.

Saving your files in your home folder just like how you did on windows is fine. Nothing wrong their.

Personally I would familiar your self with the terminal. It is not scary at all. sudo apt install program is how I would install software on mint (or any Debian based system).

Oh and above all. Use the system and try to do your normal task. See what you run in to and ask help where needed. We are here to help you along the way if needed.

Almost everything you do on desktop linux is already "outside the core os".

This is mostly relevant for server software configuration, where you should run services with as few system privileges as possible. Preferably you isolate them entirely with a separate user with access to only the bare minimum it needs.

This way, if a service is compromised, it can't be used to access the core system, because it never had such access in the first place. Only what it needed to do its own thing.

By default, nothing you run (web browser, steam, spotify, whatever) should be "running as admin".

The only time you'll do that on desktop linux, is when doing stuff that requires it. Such as installing a new app, or updating the system. Stuff that modifies the core os and hence needs access.

Basically, unless you needed to enter you password to run something, then it's already "outside" the core os.

you can always add eg. a swap file later if needed - apparently not as good as a swap partition, but it is more flexible. With 48 GB of ram I hardly think you're going to have issues, but that depends entirely on what do you do with the system.

Firewall isn't really helping the system against you, it's to block ousiders getting in - more or less.

install locations: if you just use what's in mint's repositories, you don't really need to think about it. Out-of-repository stuff like steam games etc generally live in ~/.steam or so. Or in some dedicated path you configure in steam/whatever.

As for snap/flatpaks/whatever, haven't used a single one. But in general: I'd favor the distribution's repos, if at all possible for installs. If the app isn't there, but is in snap... fine, I guess? As long as it's managed by some kind of package manager for easy install/update/uninstall. But having to manually download and install from a website? Rather not, that's when the maintenance becomes manual.

And of course, opinions are opionated. Your system, your rules. :P

For the swap space, yes that's for when you run out of RAM. 48GiB is plenty of RAM, so you should be fine without it. I have 32GiB of RAM on my system and have been running without swap for ages without issue.

Hardening guides like that are mostly designed for things like web servers which are connected to the public internet and need higher scrutiny. The default configuration for distros like Mint should be secure enough for the average user.

However, don't feel invincible and run random code from random sites. Both Windows and Linux can't protect you against malicious code you run yourself.

Having organised partitions is the kind of thing that people obsessed with organisation do. For most people, the default partitioning scheme is fine. However, as always, remember to keep backups of important data.

For installing software, Mint has a Software Centre (which is distinct from the Snap Store). I'd recommend installing software using that for the average user.

In Mint, there are three main types of packages:

• Debian/APT packages, which are provided by Mint (well, technically by the Debian distro and they trickle down to Mint, but technicalities). Not all software is available from Mint's repos and they may be out of date.
• Flatpak packages, which are provided either by developers themselves or dedicated fans. They are usually more up to date and have a degree of sandboxing.
• Snap packages, which are controlled by a company named Canonical. As of late, Canonical has been a bit "ehhhh", so there's pushback against Snap. Mint has it disabled and has their reasoning explained here: https://linuxmint-user-guide.readthedocs.io/en/latest/snap.html

Mint's software centre is able to install both Debian and Flatpak packages. I'd recommend using it where possible since it allows automatic upgrades and easier installation/uninstallation.

Advice from personal experience as a simple user - you don't need dual boot. One machine = one system. Run win apps with wine. Win upgrades can and will break your bootloader and make you normal Linux partition unbootable. Multiboot is used by professionals for specific tasks.

I know there is lots of guides and things because for clicks people like to write guides. However all the defaults on mint are sensible. You can pretty much install is stock and be done. You can use these guides if you want but they are optional. You can use flatpak, .deb, snap or whatever else you want to install things. I tend to use .debs when available and flatpaks as my backup. As a Linux user I haven't had to do all that much tweaking in years to be honest.

EDIT: Just saw that Malik already did mention this more succinctly. Please feel free to ignore me.

ORIGINAL COMMENT: The comments here already cover a good bit, esp. with the link to Piotr's blog post.

However I don't see anyone reacting to your mention of the snap store.

If you want some details about that, you can read here: https://linuxmint-user-guide.readthedocs.io/en/latest/snap.html

But in a few words, distributing software is kinda of a mess in Linux at first glance, for various technical reasons.

To caricature, you used to only install the packages from your distribution (mint for you) repositories, and if a program wasn't in it, you had to either compile it or jump through other hoops.

Then came other formats which made distributing software across Linux distros easier, with some caveats. Two notable ones are Snap and Flatpak.

Snap was made by the guys behind Ubuntu and mint is an offshoot of Ubuntu that made the willful decision to not do snaps by default after a number of fiascos.

My advice would be: try installing software through the normal mint repositories, ideally the non Flatpak version. If it does not exist there or is buggy or whatever, consider the Flatpak. Only failing that should you look into snap IMO.

Most Linux distros are already hardened. You can use "extreme" distros but as long as there'y no need, stick to a "normal" distro first. You can switch whenever you want.

If you have 48GB you don't need a swapfile. To min-max you could lower the "swappiness" so it uses swapfiles way less. It's just bonus memory that lives on the SSD. Swap files and swap partitions behave the same unless you run out of SSD space.

Linux system has better architecture than Windows so your system is safe unless you install a virus (of which there are way fewer).

Where you install programs? Just use the app store or terminal, the location doesn't matter.

The "hardening" is interesting though, you can go really far into security if you want. If things are installed in user-space it can't fuck with your computer on a fundamental level so it's preferred. You don't have to worry about it though unless your installing some niche programs from someone you know nothing about.

Do not press the hidden button.

Thanks for asking this question, it's really amazing and helpful for us old Linux people to see the experience of somebody who's coming over fresh. I think you are asking the right kinds of questions and I wish you the best of luck.

Specifically about Windows Defender, I haven't seen any tool like that on Linux, but I am curious to see what you find out.

Half a dozen people said so already but I'll repeat :

backup your stuff.

You are like a tightrope walker on a high line without security. Sure the view is amazing, yes you feel free... but a misstep and that's it.

How? Well depends what your data is but start simple, copy your most important files, e.g. family photos, personal notes, etc (NOT HD movies from the Internet... not anything you can get elsewhere) on a USB stick you go stuffed in a drawer.

Once you DO have your stuff saved though, please, pretty please DO go crazy! Have fun, try weird stuff, bork your installation... and restart from a neat safe place. It's honestly amazing to learn, so deeply empowering for yourself and those around you. Just make sure your data don't suffer from it.