I'm a bit late on this topic and I'd llike to go back to the questions Schoelje originally asked.
1. Regarding stability:
I already posted my suggetions on renaming here:
http://forums.solydxk.com/viewtopic.php ... 36&#p42036
and I think that would be enough for the moment (provided that BE is really stable as people say, I haven't tried that myself).
If you follow the idea of more or less ditching the rolling distro and XFCE too then we have to aks why have Solyd at all? Being just another distro doesn't cut it. There's Mageia, there's Mint, there's LDBE ... And there seems to be the problem that debian stable has with new hardware. So rolling has its merits and when I complained about the last update I just meant a warning in a more prominent place when starting the update would have been nice. I'm using the rolling distro and in spite of the hiccups I would like to continue with that.
And, because somebody asked, I'm a 1-person-business too, using SolydX-HE. I need a stable system but I can deal with some hours of instability and bug-tracking if I'm warned ahead. The warning is crucial though. I think the rolling edition can be managed by most small business owners. If you are warned ahead you can either time the update for the weekend (if you feel fit enough) or organize friendly/professional help in advance.
I don't agree that businesses usually have older hardware (maybe the bigger ones but not those run by the owner). All those entrepreneurs I know buy their hardware at their local discounter (ALDI !) whenever they feel like it - milk, bread, cheese - scanner - toilet paper ... you get the idea - and expect it to just work with their OS. My business friends use either Win7 or Mint or Ubuntu and the last 2 groups regularly run into driver problems (and subsequently call my friend who has to solve the problem).
2. Regarding security:
Even if malware is not a threat to Linux at the moment, it will be in the future (see Android). But I don't think a virus scanner would really help. I never used on under Win (3.1, XP) in the last 20 years and I never had malware. Other people use a plethora of security programs and get one virus after the other. So I think a big part of the problem sits in front of the computer.
That being said IMHO the important thing is whether the Debian architecture is inherently save (which Windows, as far as I understand, is not). For this Solyd has to trust the Debian people.
3. Regarding privacy:
I don't read and compile code myself so I have to trust those people that do. I think that the Debian way of doing things is our best bet that Debian does not have pre-implemented backdoors. I don't trust MS in that regard. In fact I KNOW there is reason not to trust them. I don't trust Ubuntu and, to be honest, I'm not sure about RedHat and Suse but I don't have any information to base my mistrust on. So that's why I switched to Debian. There is not much Solyd can add to that.
But that's just half of it as long as you use the internet. The other half is prudent browser and email usage and that has to be done by the hopefully informed user, the distro can't help too much. NoScript and some way to block flash should be mandatory. I would also recommend adblocking because many malware is spread by flash ads. I'm using RefControl and RequestPolicy too but that needs some dedication. Stay as far away as possible from Google and Facebook and remember that whenever a service seems to be free (as in free beer) it means you are the merchandise. And even if you are doing all this it won't help much - there is still nothing working against browser fingerprinting so big brother will still be watching you.
As you can see from everything I have written my main security and privacy concern is NOT the random hacker or common criminal but big companies (Google, Facebook, MS to name some) and governments (Five Eyes and certainly others too).
To all the americans or those others who think a hardened system is only necessary for criminals: A lot of the stuff the NSA is doing is considered CRIME under european laws (I'm not willing to discuss the legal details here just take it as a given at the very least for Germany). Those of us who are under threat of punishment forced to obey these laws (i.e. lawyers, accountants, schools, priests, medical practioners ... and by choice journalists) HAVE TO fight and I really hope that Solyd would go into a direction to help with this as soon as suitable means are available.
So now back to some practical questions:
a) Antivirus - implement it in the BE if you have time and think it's necessary but I would not give it priority.
b) NoScript, Flashblock and Adblock(+/edge) can be included in the distro (is it already?) without problems because it is quite straightforward to use.
c) I would propose to add Startpage.com as a search engine. That way you have Google without being traced by it. I tried DuckDuckGo but was not impressed with the results.
d) SELinux: I don't know anything about it. Wiki says the NSA is involved? Code has to be trusted (see above) so stay away please!
e) Someone mentioned SSD-support. This usually involves multi-disk-installations. I had to figure out everything by hand and that was hard. Would be a good thing if someone could tweak the installer for that. If not ... we'll survive.
f) Encrypted harddisk: I don't think this really helps. The disk needs to be decrypted while you are working with it - so at that point everything is accessable anyway. If you are a target HD encryption doesn't protect you, if you are not a traget it does nothing. Or does it? I don't know enough about it. I would prioritize keeping the existing editions. If you have time, why not? But make it optional. Encryption on installation would nead some very elaborated scripts to not go wrong I suppose.
g) Definitely mail encryption doesn't protect you, at least at the moment. It just makes you a target, Your encrypted mail is stored until the agencies find a way to break the encryption. It could probably be added without much trouble in the solyd-extensions though. But the existing addons leave much to be desired ... Additionally mail content (which would be encrypted) is not necessary for spying on you. Meta data (which remains unencrypted) is sufficient. There are methods working against meta data espionage but they have to be implemented on the mail server - so until they do we are pretty much screwed anyway. That's why I don't encrypt mails at the moment.
h) TOR usage definitely makes you a target. Its counterproductive, I would not recommend it - in fact stay away from it. The agencies watch over all the exit nodes and they already found ways to trace you back. Also independant exit-node-operators are put under legal pressure, nowadays child abuse is usually the leverage used. You just don't want to be put near that category, no way. Just the suspicion will completely ruin your life. TOR might be useful for some purposes (communication with undercover people in Irak or stuff like that - even those will get caught) but not for average use. Every flash you use will betray your IP anyway. Read up about TOR or - better - just don't bother with it.
i) The only additional thing privacy-wise I would like to have (and I am already searching around for it) is an application based firewall. I know "personal firewalls" are frowned upon but they did a good service to me in my windows past. I really like to know whether a website tries to get firefox to connect on a non-standard-port and I liked to be informed if any software tried to "phone home". But this is me and if there even is an application layer FW for Linux (tipps welcome!) I will manage to find and install it myself.
This was a long post. I'd like to finish with thanking the developers for their work and all those that populate the support forums for their help. I'm sorry that I can't help with the real stuff because I'm just a user without any programming knowledge. If there is something I could do in spite of this let me know.