Hi "CrazyElf" (Chris),
Welcome to the wonderful world of Linux Mint and its excellent forum !
It would help to know more about your system setup. If you run "
inxi -Fxzd" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information.
Something to think about, you can go "overboard" with too much security and make your system unstable, or extremely slow, or both.
CrazyElf wrote:I'm hoping to use Linux as my main daily driver, as I have become increasingly worried about my privacy given the direction that Microsoft is going. I recently had a close friend of mine get hacked and I have been thinking about how to secure my data considering how vulnerable we all are. I would imagine that Linux Mint would take security relatively seriously given the recent attack this year on this site and that Linux overall is going to be more secure than Windows.
To help prevent hackers:
Linux and Linux Mint are much more secure than other operating systems already. The event you are referring to was a cowardly attack to the Linux Mint website, not by breaking into active Linux Mint operating systems, and they have now secured their websites. The hackers did alter some of the Linux mint download ".iso' files, but that has also been corrected, and anyone can verify the Linux Mint download files to make sure they are from the original Linux Mint developers and are okay to install and use.
Secure your hardware router (enable its firewall, allow only trusted access by network card Mac address and or IP addresses), use a good password and change its password at least monthly, Enable your Linux Mint software firewall (ufw, Gufw), Change your local ISP's Internet connection's default DNS servers to secure ones from OpenNic project, dns.watch, OpenDNS, etc... in the router or at the computer desktops, use a VPN provider for your network connection(s), use a good Linux Mint login password, use "Firejail" for all Internet enabled applications, etc... When not using your computer for extended periods of time, away from your computer for more than an hour, overnight, etc... then disconnect from your Internet connection by simply clicking the Network Manager icon in your system tray panel, and clicking "disconnect" from your Local ISP connection. You can easily re-connect to your local ISP Internet connection when you want using the same procedure. Or, just shutdown your computer when not in use...
CrazyElf wrote:The only time that I plan to use Windows going forward I think will be for applications that need it. Microsoft Office 2016 (unfortunately the world of business revolves around Office and not LibreOffice) and games mostly, but there are a few other Windows only software that Wine doesn't seem to work that well with.
LibreOffice is an excellent MS office alternative (getting better all the time with updates as well), and it can read and write all but the most complicated MS Office documents, spreadsheets, etc... You can always use MS Office Live Online for those exceptions, or Google's Docs and other Google Office stuff. You can install MS Windows into VirtualBox or VMware, and run anything related to MS Windows in that while still in Linux Mint without dual booting, including MS Office or games.
The "Steam" system that is available for Linux is a great option for gamers, and it is getting better each week ...
CrazyElf wrote:[*]Buy a Trusted Platform Module 2.0 (it's actually hard to find the 14 pin TPM 2.0 variant here in Canada)
I am not familiar with this (yet), so no comment from me.
CrazyElf wrote: [*]Set up LUKs for my main partition on my Mint SSD (a Samsung 850 Pro 256 GB)
You can setup encryption for your "/home" folder during the initial install of Linux Mint. A note of caution regarding encrypting a drive, or its partition, or the entire "/home" folder, if you encounter an error of some kind, hard drive error (bad sector, etc...), or some other kind of error, then you can easily loose access to the entire drive, partition, or your entire "/home" folder and all of its contents.
CrazyElf wrote: [*]For now encrypt my Windows disk with Bitlocker AES 256 bit (a Samsung 850 Pro 512 GB with 7.5% overprovisioning) - not a perfect solution
You can install a program like "VeraCrypt" to create a super secure area of a drive or external drive (USB flash drive stick) to put secure data and files in that.
CrazyElf wrote: [*]Thinking about looking for a good password manager
"KeePassX" (v2.x) and "KeePass2" are superb secure password managers an d are available in the Software Manager or Synaptic Package Manager (SPM).
CrazyElf wrote: [*]I've set up 2 factor authentication for my main email
I am assuming from your comment that you are using the excellent "Gmail" services. If you want to use some really good 3rd party programs for secure chat messaging, etc... then using 2 factor authentication may make that more difficult, or impossible. Of course, you can change that at anytime. The only true secure email is by using GPG (PGP) encryption which requires setting up GPG keys for you and your email contacts. Fortunately, it is an easy thing to do, and Linux Mint has applications for this "GPA", "SeaHorse" (Passwords and Keys), KGpg, Kleopatra, the console terminal command prompt, etc... Thunderbird has "Enigma", etc...
CrazyElf wrote: [*]I also have a personal email on my website and I'm thinking about using RSA 4096 bit for my sensitive emails
Again, this requires that you and your email recipients have GPG (PGP) encryption keys that you exchange with each other.
Hope this helps ...
Enjoy using Linux Mint ...
Have a great day !