Overview
Alfred Linux is a complete operating system built from the ground up with AI as the primary user interface. Based on Debian Trixie (13), the current v7.77 Kingdom GA target ships 150 build hooks on the live-build host (three dedicated security hooks plus the 6-module Omahon Seal, for 38 security modules total) — a stack no other distribution ships as one integrated image. For context: v7.77 GA (April 2026) shipped 17 hooks; we set a 42-hook milestone for Matthew 1:17 (Abraham → Christ) and the build outgrew it as observability, attestation, and the Kingdom-worship suite expanded. Everything below in Build History records growth by milestone, not today’s headline count.
How “150 hooks” is counted: 150 = files matching config/hooks/live/*.chroot + config/hooks/live/*.binary in the GoForge alfredlinux-com-source-live repo (147 chroot + 3 binary). The build also runs 23 stock Debian live-build hooks via config/hooks/normal/ symlinks (locale generation, apt cache, dbus machine-id removal, etc.) — for 173 total hooks executed at build time. We don’t count those 23 toward the marquee number because Debian wrote them, not us. Why not 42? 42 was the April 2026 milestone (Matthew 1:17, the 42 generations from Abraham to Christ). The Kingdom outgrew the marker as observability waves, attestation, the AI stack, and the worship suite landed. The original 42 are still in there at the foundation. Separately: the bytes on /download can still expose fewer Alfred hook markers inside the squashfs until the next successful reseal from that tree; see includes/ga-release-state.php ($gaFrozenIsoHookCount vs $gaPlannedHookCount).
Target release: v7.77 GA “Kingdom of God Edition”
General Availability — frozen ISO published on-site. Debian Trixie 13 base, Linux kernel 7.0.6 (custom compiled from source; debs in build/config/packages.chroot/), x86_64, UEFI+BIOS hybrid when built with the documented bootloader path. 150 build hooks in source (~150 active in the bytes shipping right now — the next reseal builds from the full 150). 38 security modules (including the Omahon Seal). AKJV Bible (94 books, 39,482 verses). 27-track worship album “Jesus Christ The Light Our Universe.” GPG signed (RSA-4096, Key ID: 32BCEDE8C8DD8B00). Omahon Seal: Boot Seal, Watchman, Vault, Shell Guard, Secure Erase, Sovereign Attestation. ISO size: see /download (measured du -h on the frozen artifact).
Alfred Linux is not a Linux distribution with a chatbot bolted on. The AI is integrated at the operating system level — from voice-driven shell interaction to the development environment to the browser. Every component was chosen and configured to serve the mission: your voice is the command line.
What Ships in v7.77
- Alfred Desktop Environment — XFCE4 with custom theming, Arc dark theme, Papirus icons, JetBrains Mono font, and branded Plymouth boot splash
- Alfred Browser — Built on Tauri + WebKitGTK. 4.7 MB. Zero telemetry, zero tracking. Replaces Firefox-ESR entirely
- Alfred IDE — full VS Code-compatible IDE (code-server 4.115.0) on port 8443. Alfred Commander extension is bundled but currently NOT working in 7.77 GA (see Honest gaps).
- Alfred Voice — Kokoro TTS engine with PyTorch CPU backend, spaCy NLP, and a welcome greeting on first boot
- Alfred Search — Meilisearch local search engine for offline-first, instant search across all local content
- Calamares Installer — Full graphical disk installer with Kingdom of God branding, custom slideshow, and encrypted disk support
- Welcome App — 7-page first-boot wizard (Python/Tk) for voice setup, WiFi config, tool launcher, P2P seeding opt-in, and keyboard shortcuts
- Alfred Store — Flatpak-powered app center with 6 curated categories, search, one-click install, and threaded updates
- Voice 2.0 Wake Word — Always-on “Hey Alfred” detection via openWakeWord. Systemd service with configurable threshold
- alfred-update & alfred-info — CLI tools for one-command system updates (APT + Flatpak + Alfred version check) and branded system info panel
Kernel Deep-Dive
Alfred Linux 7.77 GA ships Linux kernel 7.0.6, custom-compiled from Linus Torvalds' mainline source tree. This makes Alfred Linux the first operating system distribution in the world to ship kernel 7. Kernel 7.0 was released by Torvalds on April 5, 2026 (first major version bump since 6.0 in October 2022); 7.0.1 was the first stable point release.
Decoding “Linux 7.0.6”
7 = major version (first since 6.0 in Oct 2022)
0 = minor (first release in the 7.x series)
1 = first stable point release on top of 7.0
(Earlier candidates carried -rc7-alfred while we tracked Torvalds' release candidates; we cut over to 7.0.1 stable, then upgraded to 7.0.6 for GA.)
Compiled from the official git.kernel.org/torvalds/linux source tree with Debian Trixie's production config as the base, adapted via make olddefconfig. Custom LOCALVERSION tag. Built on 8-core EU build server.
What Kernel 7.0 Brings
- 3 New Hardware Mitigations (Kernel 7 Exclusive) — ITS (Indirect Target Selection), TSA (Transient Scheduler Attacks), and VMSCAPE (VM Escape) — not available in ANY 6.x kernel.
- 24 Total CPU Vulnerability Mitigations — Spectre v1/v2/BHI, Meltdown (PTI), MDS, TAA, L1TF, SRBDS, SRSO, RFDS, GDS, Retbleed, MMIO, SSB, SLS, Call Depth Tracking, Retpoline, IBPB/IBRS, plus the 3 new ones.
- Expanded Rust-in-Kernel — More kernel subsystems in Rust for memory safety.
- EEVDF Scheduler Refinements — Better latency and throughput on multi-core machines.
- Latest Hardware Support — Intel Xe2, AMD RDNA4, NVIDIA 570+, WiFi 7, USB4, Thunderbolt 5, PCIe Gen 6.
Alfred Linux Security Hardening (12 Gaps Patched)
The default kernel 7.0 config ships with 12 security gaps that Alfred Linux patches at boot. No other consumer distro patches all 12:
| # | Default Gap | Risk | Alfred Fix |
|---|---|---|---|
| 1 | INIT_STACK_NONE=y | Uninitialized stack info leaks | init_on_alloc=1 |
| 2 | INIT_ON_FREE not set | Freed memory retains secrets | init_on_free=1 |
| 3 | MODULE_SIG_FORCE off | Unsigned modules can load | lockdown=integrity |
| 4 | MODULE_FORCE_UNLOAD=y | Force-unload modules | Lockdown blocks |
| 5 | IO_URING=y | #1 kernel vuln source 2022–2025 | io_uring_disabled=2 |
| 6 | USERFAULTFD=y | Race condition exploit enabler | unprivileged_userfaultfd=0 |
| 7 | X86_IOPL_IOPERM=y | Direct I/O port access | Lockdown blocks |
| 8 | DEVMEM+PROC_KCORE | Physical memory read | Lockdown blocks |
| 9 | X86_MSR=m | Disable security features | Lockdown blocks |
| 10 | HIBERNATION=y | RAM written to disk | nohibernate |
| 11 | RANDSTRUCT_NONE=y | No struct randomization | Next compile pass |
| 12 | IOMMU_DEFAULT_DMA_LAZY | Weak DMA protection | iommu.strict=1 |
Additional Hardening Layers
- 16 Boot Parameters —
lockdown=integrity nohibernate debugfs=off io_uring_disabled=2 tsx=off slab_nomerge page_alloc.shuffle=1 iommu.strict=1 vsyscall=noneand more - 40+ Sysctl Rules — ASLR, kptr_restrict=2, dmesg_restrict, perf paranoid=3, BPF JIT hardening, kexec disabled, SysRq disabled, userfaultfd restricted, tty ldisc locked
- 30+ Module Blacklist — DCCP, SCTP, RDS, TIPC, Firewire, Thunderbolt, cramfs, hfs, freevxfs, jffs2, appletalk, IPX, and more
- nftables Firewall — Drop-by-default, rate-limited SSH (10/min), rate-limited ICMP (5/sec), full audit logging
- AppArmor + Fail2ban + auditd — Mandatory access control, SSH brute-force 3-strike 24h ban, comprehensive audit trail
- Secure Mounts — /tmp and /dev/shm: noexec, nosuid, nodev
- Core Dumps Disabled — Hard limit 0, kernel.core_pattern=/bin/false
- Auto-generated IDE Passwords — Each session gets a unique random password, no default credentials
- Omahon Seal (6 modules) — Boot Seal (HMAC-SHA256 of 14 boot files), Watchman (inotify on /etc + /boot), Vault (tmpfs secrets), Shell Guard (secret redaction), Secure Erase (3-pass wipe), Sovereign Attestation (build chain verification). Named after the breath of God — what was dead is raised incorruptible
Previous Kernel: 6.12.74 (RC4–RC6)
Alfred Linux v7.77 RC4 through RC6 shipped on Linux kernel 6.12.74 from the Debian Trixie security repositories — a Longterm release with 74 rounds of Debian kernel team security patches. RC7 leapfrogged to kernel 7.0 compiled from source, making Alfred the first distro on kernel 7.
The Linux Kernel Landscape (May 2026)
To understand where Alfred Linux sits in the kernel world, here is the full landscape of active Linux kernel branches as of May 2026:
Kernel Upgrade Roadmap
Alfred Linux is now on kernel 7.0.6 — the first distro on earth to ship kernel 7. Here's the full trajectory:
The Path to Kernel 7.0
Linux kernels are modular — upgrading requires rebuilding the ISO with the new kernel. Alfred Linux's build system (live-build + 16 custom hooks) makes this manageable. For kernel 7.0, we compiled directly from Linus Torvalds' source tree, adapted Debian Trixie's production config, and built custom .deb packages. The kernel is one hook in our build pipeline.
| Phase | Target Kernel | Why | Status |
|---|---|---|---|
| v2.0 (Legacy) | 6.1.0-44 |
Debian Bookworm default. Rock-solid stability. First bootable ISO. | ✓ April 2026 |
| v4.0 RC4–RC6 | 6.12.74 |
Rebased to Debian Trixie. EEVDF scheduler, Rust-in-kernel, UEFI+BIOS hybrid boot. | ✓ April 2026 |
| v4.0 RC7 | 7.0.6 |
Custom-compiled from Torvalds' mainline. 3 exclusive mitigations (ITS, TSA, VMSCAPE). 12 security gaps patched. First distro on kernel 7. | ✓ April 6, 2026 |
| v7.77 GA (NOW) | 7.0.6 |
Enterprise security hardening: 38 modules (32 hardening + 6 Omahon Seal), 3 dedicated security hooks, FDE, AppArmor, fail2ban, AIDE, ClamAV, nftables default-deny. 150 build hooks. | ✓ April 7, 2026 |
| v7.77.x (next kernel cadence) | 7.0-stable or 7.1 |
Still the 7.77 product line: kernel moves to 7.0 stable (or follow-on) with full regression testing. RANDSTRUCT enabled where applicable (compile-time hardening). | Post-GA (2026) |
What a Newer Kernel Gets Us
- Better Hardware Support — Every kernel release adds hundreds of new device drivers. Latest NVIDIA, AMD, Intel, Qualcomm, and Broadcom hardware. WiFi 7, USB4, Thunderbolt 5, PCIe Gen 5 NVMe.
- Performance Gains — The kernel scheduler (EEVDF in 6.6+), memory management (MGLRU), and I/O subsystem improve substantially with each release. 6.12+ benchmarks show 5-15% improvements over 6.1 in many workloads.
- Security Features — Newer kernels include improved address-space randomization, better speculative execution mitigations, shadow stacks (Intel CET), and Rust-based kernel modules for memory safety.
- Rust in the Kernel — Starting with 6.1, the kernel supports Rust as a second language alongside C. This is revolutionary for memory safety. Each newer version expands Rust support significantly.
- eBPF Improvements — Extended BPF for tracing, security, and networking gets more powerful with each release, enabling better Alfred-level system monitoring and AI-driven kernel optimization.
Alfred Linux Already Ships the Latest Kernel
With v7.77 GA, Alfred Linux is the first distro on earth shipping Linux kernel 7.0 — now with 38 security modules (including the Omahon Seal) across 3 dedicated hooks. Custom-compiled from Linus Torvalds' mainline source tree, with Debian Trixie's production config as the base. This isn't a random git snapshot — it's the official 7.0-rc7 release from kernel.org, built with make bindeb-pkg on 8 cores, adapted via make olddefconfig, and hardened with 17 boot security parameters, 45+ sysctl CIS L2 rules, a 30+ module blacklist, an nftables drop-by-default firewall, AppArmor enforced, fail2ban, AIDE file integrity, ClamAV antivirus, and LUKS2 full-disk encryption. No other distro does this. Headline today: v7.77 Kingdom extends the same kernel story with 150 live-build hooks on the ga profile — see the overview card above.
Current GA vs historical RC rows (read once)
Current product line — v7.77 “Kingdom of God Edition”: 150 build hooks on the production ga profile in the alfredlinux-com-source-live tree. That is the number to cite for what ships next.
Frozen milestone — v7.77 GA (April 8, 2026): shipped 17 hooks in the timeline below. That figure is archived truth for that release, not the current Kingdom hook total.
RC / sprint rows (RC4–RC8, b1–b6, etc.): counts like 10, 12, 13, 16 hooks describe only that week’s ISO as engineering grew the stack. They are not contradictions of 42 — they are the ladder we climbed.
Bible tongues (api/version.json → bible_tongues): must match the count of language data lines in hook 0292’s embedded languages.conf (currently 48 codes for Acts 2:4 breadth). English ships full AKJV when the 0290 TSV is present; Spanish, French, and Hebrew ship richer offline seeds; forty-four additional rows use compact two-verse tongue-* seeds until fuller texts are added. scripts/release-integrity.sh check-repo enforces that equality. Further dialects or full TSVs remain documented in Forge README.txt until matching rows ship in hook 0292.
Build History
Alfred Linux v2.0 was developed through a rigorous incremental build pipeline. Each build added one major component and was tested before the next layer was added. Here is the complete build record:
v1.0 — Foundation (14 builds)
The original Alfred Linux v1.0 went through 14 iterative builds to establish the base operating system, desktop environment, and basic voice integration. The final v1.0 ISO was 1.5 GB and proved the concept: a bootable Linux desktop with AI voice integration.
v2.0 — Full Stack (9+ builds)
v4.0 — “The People’s OS” (Trixie Rebase + 4 New Features)
The Boot Fix Story
RC1 and RC2 were successfully built but contained a critical boot defect that was discovered during ISO inspection: the bootloader referenced /live/vmlinuz and /live/initrd.img, but the ISO only contained the versioned files (vmlinuz-6.1.0-44-amd64). This meant the ISOs would fail to boot on any hardware.
The fix was a build hook that runs as the absolute last step (hook #9999) in the chroot phase, creating copies of the kernel and initramfs with the generic names that the bootloader expects. RC3 is the first build with this fix and the latest Debian security patches (kernel 6.1.0-44, including WebKit, OpenSSL, ImageMagick, and GStreamer security updates).
Bundled Components
Every component is pre-installed and configured. No package manager needed for the core experience.
Alfred Browser
Zero-telemetry sovereign web browser. 4.7 MB. No Google Services, no ad tracking, no phone-home. Set as the system default browser, replacing Firefox entirely.
Alfred IDE
Full Visual Studio Code in the browser via code-server 4.115.0 on port 8443 (build target). Build status: the last lb binary run exited non-zero on 2026-05-12 03:43–00:49 UTC, so no code-server binary is in the current chroot yet. Hook 0300 will fetch 4.115.0 from coder/code-server releases and falls back to the locally staged 4.96.4 if the download fails. Known issue: the bundled Alfred Commander extension (hook 0300 installs alfred-commander-5.0.0.tar.gz; an earlier 1.0.1 build also failed) crashes the extension host on activation in 7.77 GA. AI chat, voice commands, and MCP tool integration are unavailable until the Commander extension is repaired. The IDE itself, terminal, file editing, Python/Node/Git toolchain, and Meilisearch are unaffected.
Alfred Voice
Text-to-speech engine running entirely offline. No cloud API needed. Speaks on first boot with a welcome greeting. spaCy NLP for natural language processing.
Alfred Search
Lightning-fast local search engine. Indexes all local files and documentation. Sub-50ms search results. No internet connection required.
Calamares Installer
Graphical disk installer for permanent installation. Supports LUKS full-disk encryption, alongside/replace partitioning, and automated install modes.
Desktop Environment
Lightweight, fast desktop with Arc dark theme, Papirus icons, JetBrains Mono font, and custom bash prompt. Branded fastfetch with Alfred ASCII art.
New in v7.77
These features ship in the 150-hook Kingdom GA set; they build on the v4.0 stack listed earlier in Build History.
Welcome App
7-page first-boot wizard: voice setup, WiFi config, tool launcher, P2P seeding opt-in, keyboard shortcuts. Runs once, remembers. Dark branded UI.
Alfred Store
App center with 6 curated categories: Featured, Development, Communication, Media, Games, Privacy. Search, one-click install, threaded background updates.
Voice 2.0 Wake Word
Always-on “Hey Alfred” wake word detection. Runs as a systemd service with 3-second cooldown and configurable audio threshold.
alfred-update & alfred-info
alfred-update: one-command APT + Flatpak + Alfred version check. alfred-info: branded system info panel showing version, kernel, uptime, memory, disk, services.
Security Stack
nftables Firewall
nftables drop-by-default firewall with rate-limited SSH and ICMP. UFW frontend available for management. Only essential services allowed through.
Fail2ban
Intrusion prevention system monitoring SSH, web, and other services. Automatically bans repeated failed login attempts.
SSH Hardening
Root login disabled, password auth disabled by default, key-based only. Configured during build with security-first defaults.
WireGuard VPN
Modern VPN built into the kernel. Ready for mesh networking, sovereign infrastructure, and peer-to-peer encrypted tunnels.
Build System
Alfred Linux ISOs are built using Debian live-build, the same system used to produce official Debian Live images. The build process is fully automated and reproducible.
Build Pipeline
Build Infrastructure
| Component | Specification |
|---|---|
| Build Server | GoSiteMe dedicated build server, 8 cores, 32 GB RAM |
| Build OS | Debian (GoSiteMe build server) |
| Build Tool | live-build 3.0 (Ubuntu variant) |
| Compression | squashfs with xz (verified in live build log; ~30% smaller filesystem) |
| ISO Tool | xorriso with ISOLINUX hybrid boot |
| Build Time | 30-90 minutes for ISO assembly on a 16 GB chroot (was ~15 min on the 2 GB v2.0 chroot) |
| Network | 1 Gbps dedicated link to Debian mirrors |
System Specifications
ISO Details
| Property | Value |
|---|---|
| Base | Debian 13 (Trixie) |
| Kernel | Linux 7.0.6 (amd64, custom-compiled) |
| Architecture | x86_64 — ISO filenames use Debian’s amd64 tag (same binary runs on Intel and AMD 64-bit; the name is historical, not vendor-exclusive) |
| ISO Type | Hybrid (USB stick + CD/DVD bootable, UEFI + BIOS) |
| ISO Size | 51 GB (50.7 GiB, fully pre-baked with 4 Frontier GGUF AI models, AKJV Bible, worship album, and 150 build hooks) |
| Desktop | XFCE 4.18 + LightDM |
| Init System | systemd |
| Package Format | APT (.deb) |
| Boot Firmware | UEFI + BIOS (ISOLINUX/GRUB hybrid) |
| License | AGPL-3.0 |
Minimum Requirements
| Component | Minimum | Recommended |
|---|---|---|
| RAM | 4 GB | 16 GB |
| Storage | 32 GB | 256 GB NVMe |
| CPU | 2 cores, x86_64 | 8+ cores |
| GPU | Any (VESA fallback) | AMD/NVIDIA with open drivers |
| Network | Optional (works offline) | Ethernet or WiFi |
| Boot | USB 2.0 or CD/DVD | USB 3.0+ |
Pre-installed Package Highlights
| Category | Packages |
|---|---|
| Desktop | xfce4, xfce4-goodies, thunar, xfce4-terminal, lightdm |
| Media | VLC, PulseAudio, ImageMagick |
| Networking | NetworkManager, WireGuard, curl, wget, OpenSSH |
| Security | nftables, AppArmor, fail2ban, auditd, AIDE, ClamAV, rkhunter, chkrootkit, GnuPG, KeePassXC |
| Development | git, vim, nano, python3, build-essential |
| System | htop, fastfetch, file-roller, gparted |
| Fonts | JetBrains Mono, Noto (full CJK support), Liberation |
| Theming | Arc theme, Papirus icons, Plymouth boot splash |
Security Posture
Alfred Linux ships 38 security modules across 3 dedicated build hooks (plus the 6-module Omahon Seal). Every default is chosen for defense, not convenience. v7.77 GA delivers enterprise-grade hardening out of the box.
Supply chain transparency & GoForge CI
Runtime hardening above is separate from build-time supply chain: verified kernel tarballs, ISO staging gates, and where full-tree kernel audit runs. Public summary: /security-kernel. Authoritative source: commander/alfredlinux-com-source-live — every claim in "Security Modules — The Audited 38" below cites the exact hook + on-disk artifact. Per-kernel manifest documents are not yet published separately; they are inlined into this page.
Hook 0160 — Alfred Security (21 Modules)
- Kernel sysctl hardening — 45+ CIS Level 2 rules: ASLR=2, symlink/hardlink protection, SYN cookies, ICMP redirect blocking, source routing disabled, core dumps off
- Kernel lockdown — integrity mode enforced at boot
- AppArmor — Mandatory access control enforced with custom profiles for Alfred IDE and Meilisearch
- Unattended-upgrades — Automatic security patches enabled by default
- Fail2ban — SSH brute-force protection (3 attempts → 24-hour ban)
- Auditd — 30+ immutable audit rules for system calls, file access, auth events
- DNS-over-TLS — Quad9 (9.9.9.9) + Cloudflare (1.1.1.1) encrypted DNS via systemd-resolved
- USB security —
alfred-usb-storagetoggle tool (USBGuard itself is not installed; see Honest gaps) - Module blacklisting — firewire, dccp, sctp, cramfs, freevxfs, hfs, jffs2, udf, thunderbolt DMA
- PAM hardening — 10-character minimum, 3 character classes, account lockout after failed attempts
- AIDE — File integrity monitoring with daily cron check +
alfred-aide-initbaseline tool - ClamAV — Antivirus engine with weekly scheduled scan via
alfred-scan - Rootkit detection — rkhunter + chkrootkit with weekly cron scans
- hidepid=2 — Users cannot see other users' processes
- Secure mounts — /tmp with noexec,nosuid,nodev; /var/tmp and /dev/shm hardened
- Login banners — Legal warning banners on console and SSH
- Core dumps disabled — via sysctl + limits.conf + systemd
- Cron/at lockdown — Root-only access to scheduled tasks
- Compiler restriction — gcc/g++ restricted to 'dev' group only
- NTS time sync — Chrony with Network Time Security (authenticated NTP)
alfred-security-status— CLI dashboard showing status of all 21 modules
Hook 0165 — Alfred Network Hardening (7 Modules)
- MAC randomization — WiFi and Ethernet interfaces use random MAC addresses per-connection
- nftables firewall — Default-deny ingress, allow established + ICMP + loopback only
- TCP wrappers — hosts.deny ALL:ALL, hosts.allow sshd from localhost
- Port scan defense — nftables rate-limiting rules against SYN flood and port scanning
- Wireless hardening — WPS disabled, strong WPA supplicant defaults
- SSH strong ciphers — chacha20-poly1305, aes256-gcm only; ed25519 + sntrup761x25519 key exchange
alfred-network-status— CLI dashboard showing firewall, MAC, SSH cipher status
Hook 0170 — Full Disk Encryption (4 Modules)
- LUKS2 support — cryptsetup + cryptsetup-initramfs installed and configured
- Strong defaults — aes-xts-plain64, sha512, 4096-bit key, argon2id KDF
- Calamares FDE — enableLuksAutomatedPartitioning checkbox enabled in installer
alfred-encrypt-status— CLI tool to check encryption status of all block devices
Foundational Security
- Zero Telemetry — No phone-home, no crash reporting, no usage analytics. The OS does not contact any server unless you tell it to.
- 24 CPU mitigations — Spectre v1/v2/BHI, Meltdown, MDS, TAA, MMIO, RFDS, SRBDS, L1TF, SSB, ITS, TSA, VMSCAPE compiled in
- 16 boot parameters — init_on_alloc, init_on_free, slab_nomerge, pti=on, lockdown=integrity, debugfs=off, io_uring_disabled, tsx=off, vsyscall=none
- WireGuard Ready — VPN kernel module pre-loaded for encrypted mesh networking
- Auditable Build — Every ISO is built from a documented script. SHA-256 + BLAKE3 checksums are published for each frozen GA release (see /download when live)
Download & Verify
Latest Release: Alfred Linux 7.77 GA — Kingdom of God Edition
Accept the covenant, then use /download (P2P / .torrent / magnet) or the time-limited /downloads/iso.php?t=… link shown there. Plain /downloads/*.iso HTTP is denied. Verify SHA-256 + BLAKE3 before booting; write to USB with dd, Balena Etcher, or Rufus.
Alfred Linux Mobile (Android)
Alfred Linux runs on Android phones and tablets — Samsung Galaxy S26 Ultra, Pixel, OnePlus, any device running Android 12+. No root required. Uses Termux + proot-distro to run a full Debian Bookworm environment with all Alfred components.
What You Get on Mobile
Alfred IDE (powered by code-server — the same VS Code engine used by enterprise teams worldwide, running entirely on your device) · Alfred Search (Meilisearch) · Alfred Voice (Kokoro TTS) · Full Linux terminal · Python, Node.js, Git, and build tools. With Samsung DeX, plug into a monitor and you have a full desktop development environment.
Quick Install
Requirements
- Android 12+ (Samsung One UI 4+, Pixel 6+, etc.)
- 4 GB free storage for the full Alfred environment
- Termux from F-Droid (the Google Play version is deprecated)
- Optional: Termux:Widget for home screen shortcuts
- Optional: Samsung DeX for desktop-mode IDE experience
Samsung DeX Integration
When connected to an external display via USB-C or Miracast, Samsung DeX provides a desktop-like environment. Launch alfred-ide, open your browser, and you have a full VS Code IDE on a large screen — powered entirely by your phone. Alfred IDE runs on code-server, the same engine powering VS Code for the Web at major companies. The Samsung S26 Ultra with 12GB RAM and Snapdragon 8 Elite runs it smoothly.
Architecture Notes
Mobile Alfred Linux runs on ARM64 (aarch64) inside a proot container. The Debian userspace is real — you can install any Debian package with apt. The kernel is Android's, but everything above it is standard Debian Bookworm. This means:
- Full
aptpackage manager — install anything from Debian repos - Python, Node.js, Ruby, Go, Rust — all work natively on ARM64
- No root needed — proot translates system calls without kernel modifications
- Persistent storage — your files survive Termux restarts
- Network access — uses Android's network stack transparently
Contributing
Alfred Linux is open source under the AGPL-3.0 license. Contributions are welcome and rewarded with GSM tokens — live on Solana mainnet.
How to Contribute
- Report Bugs — Test the ISO and report any issues. Boot failures, hardware incompatibilities, broken features. 10-50 GSM per confirmed bug.
- Submit Patches — Fix bugs or add features via pull requests. 100-1,000 GSM per merged feature.
- Write Documentation — Help expand this documentation, write tutorials, create videos. 50-500 GSM per contribution.
- Test Hardware — Boot Alfred Linux on your hardware and report compatibility. We need coverage across laptops, desktops, and servers.
- Translate — Help bring Alfred Linux to your language. Localization is a priority for v3.0.
Build It Yourself
Build Requirements
OS: Debian 12+ or Ubuntu 22.04+ — CPU: 4+ cores — RAM: 16 GB minimum (32 GB recommended) — Disk: 50 GB free — Time: 30-90 min on modern hardware (depends on chroot size + xz compression)
What's Next
Alfred Linux v7.77 is the fully-loaded Kingdom of God Edition. The next milestones are:
- ARM64 build — Raspberry Pi 4/5 and Apple Silicon support
- Wayland desktop — XFCE on Wayland (wlroots) for the Alfred Desktop Environment
- Whisper STT integration — Voice input via OpenAI Whisper running locally on GPU
- Custom wake word model — Train a dedicated “Hey Alfred” model instead of using the built-in closest match
- GSM wallet & mining — Built-in token wallet and compute contribution system
- Secure Boot signing —
shim-signedstaged in chroot; per-key MOK enrollment ceremony pending (not a full Secure Boot path yet — see Honest gaps) - Auto-update channel — alfred-update with delta/OTA patches instead of full ISO rebuilds