There's no infighting. It just feels that way because you picked an inferior distribution.

Linux users are often very passionate about the software they put on their computers, so they tend to argue about it. I think the customization and choices scares off a lot of beginners, I think the main reason is lack of compatibility with Windows software out of the box. People generally want to use software they are used to.

Linux generally has a higher (perceived?) technical barrier to entry so people who opt to go that route often have strong opinions on exactly what they want from it. Not to mention that technical discussions in general are often centered around decided what the "right" way to do a thing is. That said regardless of how the opinions are stated, options aren't a bad thing.

Subjectively: it is hard to keep my legs shaved

Objectively: there's never enough programming socks

They’re updated regularly. Take a look at your etc/apt/sources on both. Debian has everything coming from their servers, Ubuntu has a bunch more.

If you’re going Ubuntu -> Debian be prepared to switch to testing or enable some packages from testing or even use an alternate install method for some software (yt-dlp).

Debian favors stability over anything else so the packages are thoroughly tested before release and then only upgraded for security issues, until the next release 2 years later when everything gets an update.

Ubuntu favors releasing more recent package versions constantly throughout the period between major releases.

You can install packages on Debian from the backports repo if you occasionally need an package to be a more recent version.

Another option is to install apps from Flatpak. The apps in Flatpak have their own separate dependency system and can be used on any distro.

If neither of these works for you and you find yourself constantly wishing packages were newer you may want to consider a different distro.

Some people switch their Debian from stable to testing to get similar updates to Ubuntu. You can try that but please understand you may experience the occasional issues.

Be wary of adding external repos (that don't point to debian. org) because they can mess with the package dependencies and prevent you from upgrading to the next version when it comes out. (This also applies to Ubuntu.)

Someone already gave an answer, but the reason it's done that way is because on Linux, generally programs don't install themselves - a package manager installs them. Windows (outside of the windows store) just trusts programs to install themselves, and include their own uninstaller.

you install program A, it needs and installs libpotato then later you install program B that depends on libfries, and libfries depends on libpotato, however since you already have libpotato installed, only program B and libfries are installed The intelligence behind this is called a package manager

In windows when you install something, it usually installs itself as a standalone thing and complains/reaks when dependencies are not met - e.g having to install Visual C++ 2005-202x for games, JRE for java programs etc

instead of making you install everything that you need to run something complex, the package manager does this for you and keep tracks of where files are

and each package manager/distribution has an idea of where some files be stored

Kali is a pentesting distro, it's not designed for malware analysis. The distro you'd want to use for malware analysis is REMnux, but it's mostly meant for static analysis. Static analysis is fine, but you may not be able to dig deep unless you're familiar with decrypting code and using tools like Cutter, Ghidra, EDB etc for debugging. Naturally you'd also need intimate low-level coding experience, familiarity with assembly language and/or Win32 APIs (or whatever APIs the malware is using). So this isn't an area a casual security researcher can just get into, without some low-level coding experience. But you can at least do some beginner-level analysis like analysing the PE headers and using some automated tools which employ signature-based detection, or you could analyse strings and URLs embedded in the malware; stuff like that.

Dynamic analysis is far more easier to get into and more "fun", but the problem is of course, with most malware being made for Windows, Linux is kinda irrelevant in this scenario. But you could still run Linux as a VM host and run the malware inside a Windows VM. The problem with running malware in VMs though is that these days any half-decent malware would be VM/context aware and may evade detection, so for accurate results you'd really want to run the malware on a real machine, and use tools like procmon, IDA, wireshark etc for analysis. But again, decent malware may be able to evade tools like procmon, so it can get quite tricky depending on how clever your malware is. You'd normally employ a combination of both static and dynamic analysis.

Industry pros these days often use cloud-based analysis systems which can account for many such scenarios, such as Joe Sandbox, Any.Run, Cuckoo etc. These offer a mix of both VM and physical machine based analysis. You can use these services for free, but there are some limitations of course. If you're doing this for furthering your career, then it's worth getting a paid subscription to these services.

Coming back to Kali Linux - it's not something you'd want to install permanently on physical machine, as its meant to be an ephemeral thing - you spin it up, do your pentesting, and then wipe it. So most folks would use it inside a VM, or run Kali from a Live USB without installing it.

There are also alternatives to Kali, such as ParrotSec and BlackArch, but really from a pentesting toolbox point of view, there's not much of a difference between them, and it doesn't really matter (unless you're a Linux nerd and like the flexibility Arch offers). Most industry folks use Kali mainly, so might as well just stick to it if you want to build up familiarity in terms of your career.

As for your Surface Go - you could install a normal daily-driver Linux distro on your Surface if you really want to, and then run Kali under KVM - which is personally how I'd do it. Running Linux on Linux (KVM) is pretty convenient has a very low performance overhead. You can also employ technologies like ballooning and KSM to save RAM, if your system has low RAM.

It's a distribution completely centered around the Nix package manager. This basically allows you to program how your system should look using one programming language. If you want an identical system, just copy that file and you're set.

NetworkManager doesn't support DoH, DoT or other recent protocols like DoQ and DoH3. You'll need to set up a local DNS resolver / proxy which can handle those protocols. You could use dnsproxy for this. Once you set it up, you can just use "127.0.0.1" as your DNS server in NetworkManager.

Btw, if possible I'd recommend sticking to DoH3 (DNS-over-HTTP/3) or DoQ (DNS-over-QUIC) - they perform better than DoT and vanilla DoH, and are more reliable as well.

If you really want to switch there isn't really any reason to not use X.

If you really want to use Wayland I guess it will take a while longer. It's not really 100% foolproof even if you get AMD. The vast majority of apps on Linux are designed for X and XWayland isn't completely ready either.

Old timer here! As many others replying to you indicate, Ctrl+C means SIGINT (interrupt running program). Many have offered the Ctrl+Shift+C, but back in my day, we used Shift+Insert (paste) and Ctrl+Insert (copy). They still work today, but Linux has 2 clipboard buffers and Shift+Insert works against the primary.

As an aside, on Wayland, you can use wl-paste and wl-copy in your commands, so git clone "$(wl-paste)" will clone whatever repo you copied to your clipboard. I use this one all the time

In Terminal land, Ctrl+C has meant Cancel longer than it's meant copy. Shift + Insert does what you think Ctrl+V will do.

Also, there's a separate thing that exists in most window managers called the Primary buffer, which is a separate thing from the clipboard. Try this: Highlight some text in one window, then open a text editor and middle click in it. Ta da! Reminder: This has absolutely nothing to do with the clipboard, if you have Ctrl+X or Ctrl+C'd something, this won't overwrite that.