Would the security benefits alone justify using Silverblue as a desktop OS?

You should follow this section of the documentation to add an external RPM repository to Silverblue: Troubleshooting :: Fedora Docs

Personally, I think that immutable OSes will eventually become the norm everywhere (macOS already does it, and portions of Windows too). However, with the complexity of Linux systems in general, it’s likely going to be a while before the whole experience runs as smoothly as non-immutable distros, so I consider it an early adopter thing in the Linux world today.

Sure, it adds another dimension of security - but in practice, I don’t think that one benefit is worth justifying moving to it until it becomes mainstream and ubiquitous, especially considering all of the other security features available now that others have discussed in this thread.

There is no real difference in security between the two. Since that is the question you are imposing and this discussion is getting a bit derailed. Silverblue only uses an immutable root filesystem. /etc, /home etc are not read-only and obviously you have the exact same attack vectors. Malware can still attach binaries to your system or modify configuration, you’re still not safe from untrusted packages if you blindly install them, etc etc. Frankly, you gain nothing security-wise.

That said, Fedora uses SELinux, as others have said, so there’s inherent security to begin with. Just learn to use it, don’t disable it/put it in permissive mode, like a lot of people not understanding SELinux do, and you’ll be fine.

PS I would advise against Silverblue for any use case not actually benefiting from a read-only root filesystem and, frankly, I seriously doubt that it’s the future of Linux. Perhaps the future for technically inept people that can’t be bothered (see the average Mac user) but I as an engineer, and I imagine most power users, would not be comfortable with the limitations it comes with.

Sage point - the main purpose of immutable OSes is to make the operating system more stable and easier to develop for, update, and roll back (if something goes wrong). While it could be argued that these things relate to security, that’s merely a side effect only.

What I really like about Silverblue is that if I layer a package and later decide that I no longer want to layer it, I do not have to think about all the extra packages that were included as dependencies. In some distros it is not easy to remove all those dependencies as removing a package only removes the specified package and not its dependencies.