Our Silverblue images utilize GNOME, which is the only desktop environment that secures privileged Wayland protocols like screencopy. This means that on non-GNOME systems, applications can access screen content of the entire desktop. This implicitly includes the content of other applications. It's primarily for this reason that Silverblue images are recommended. KDE has plans to fix this. GNOME also provides thumbnailer sandboxing in Gnome Files, which mitigates attacks via thumbnailers. This is a relative recommendation between the desktop environments available on secureblue. GNOME has some extra security niceties like the ones listed above, however it does not solve any of the fundamental issues with desktop Linux security. For more details, consult the table below.
DE/WM
Secures privileged Wayland protocols?
Sandboxes thumbnailers?
Stability
Recommendation
GNOME
Yes
Yes
Stable
Recommended
KDE Plasma
No
No
Stable
Not recommended until Plasma secures privileged Wayland protocols
Sway
No
No
Stable
Not currently recommended
River
Yes
No
Beta
Recommended for those interested in trying out a WM
nvidia-open images are recommended for systems with NVIDIA GPUs Turing or newer. These include the new open kernel modules from NVIDIA, not Nouveau. nvidia images are recommended for systems with NVIDIA GPUs Pascal or older. These include the closed kernel modules from NVIDIA.