Depends on how much privacy you need and how much tinkering to get things to work that you’re willing to put up with.

In general, using a variety of services will be more private than going with a single entity like Proton.

Bitwarden is self-hostable, which makes it potentially more private than Protonpass… assuming you actually set up the self-hosting.

Signal isn’t a good long-term plan, as it’s entirely hosted in the US. I don’t think there are currently any known compromises to the encryption model, but iirc the company can see all your communications metadata (which means the government could potentially as well). I don’t mind it for talking with friends, but I would recommend against it for extreme privacy needs (e.g. the government starts getting overzealous with who it counts as enemies of the state, and you or your friends become targets).

At least some level of human review is going to be needed.

So… completely negating the point of a User Repository??? Introduce some kind of authoritative oversight, and it’s essentially just another regular repository, erasing all the benefits of the AUR. The whole point of the distro slapping a huge disclaimer of “DISCLAIMER: AUR packages are user produced content. Any use of the provided files is at your own risk.” at the top of the homepage is because these kind of compromises are the trade-off one makes

That’s optimistically quick

Sincerely,

A Debian user

I though white magic was healing and black was harming?

I get where y9u’re coming from, screen-sharing used to be a massive pain point for me. I regularly host movie nights thru discord on my Debian + GNOME pc. I haven’t switched off Wayland in a few months on that one. Besides the occasional audio issue, which gets resolved by unsharing and then sharing the window again, I haven’t had issues.

Idk about remote desktop. On the same PC, I used to use Remmina to access my work (windows) PC, starting about 2.5 years ago; the only problem I had back then was that I had to run Remmina as root for the multi-monitor support to work correctly (which could be done as a regular user in Xorg). All this to say that remote desktop hasn’t ever really been FUBAR for me, and I haven’t tried it in about a year. On the other hand, the “you’ve gotta be root” was a deal-breaker, and even back then I only tested it in one direction (never tried accessing my Debian pc via RDP).

Wouldn’t this be better achieved with udev rules instead of an always-running script?

I use AntiX (core) with runit, and it’s basically just an opinionated Debian with less systemd bloat (and extra packages from MXLinux repo). It works swimmingly on my laptop with an i3-4030U Lenovo Flex 2 (although I did upgrade to 16 GB of memory). It worked blazingly fast headless, but is still remarkably performant for Sway; as for not looking old/ugly, Sway is beautiful as long as you put in the time to customize it

I actually got into Sway bc of my love for i3wm, and Wayland has gotten to the point where I’m no longer seeing any benefits from sticking to Xorg (although there are probably edge cases); I predict that Wayland will be superior option for older hardware within a couple of years, unless XLibre makes some major leaps.

they benefit people who only don’t want their network-provider watching, but don’t care who else may be.

Proxies and VPNs seem like the most obvious targets. They mostly prey on people who don’t understand the technical workings thereof (had my mom ask if she needed to get a VPN bc firefox opened on ad for theirs, claiming it enhanced privacy), and serve little benefit to people who are doing the kind of illegal activities that make governments take notice. They serve as a single point of compromise for anyone, and they work worldwide so that all your traffic can be monitored even when you’re on a different ISP/in a different country. It’s like the perfect MITM, and people are even willing to pay to have themselves monitored.

The truth is that at best they benefit people who only don’t want their network-provider watching, but don’t care who else may be. It’s the perfect setup for a 3-letter agency to just sit and monitor everything anyone does, waiting for someone who’s just a little too careless to access illegal content thinking they’re anonymous.

Reject Convenience did a pretty thorough rundown on what they’re doing: https://www.youtube.com/watch?v=iX3JT6q3AxA

It’s been a minute since I watched, but my key takeaways were that they just reach out to one type of broker which barely scratches the surface of the Data Economy iceberg, and since there’s no legal precedent outside of California and the EU, it’s purely up to the brokers to decide whether or not they want to comply.

So I think it’s probably more likely they really are just private companies preying on people’s anxieties about privacy and relative ignorance about the topic, rather than some kind of governmental conspiracy

Are there mobile desktops for Debian?

If you just want the DE and to configure everything else yourself, you can always just install phosh or sxmo on top of a debian/raspbian installation.

Mobian/Droidian are targeted for smartphone SoCs, so they would take a lot of tinkering to get runnin on an RPi

If you want a full OS that’s already configured to be a smartphone-like device, something like Glodroid may be your best bet. They’re an infrequent updater, the only reason I mention them is because they can target Broadcom devices (like RPis)

If you don’t mind getting away from building the hardware yourself, and just want a phone that you can run linux on, FairPhone/PinePhone/Librem 5 seem to be the way to go

Aside from that, afaict you’re in for designing your own device from extant components and then crowd-funding to pay for a factory line to assemble it for you (this is essentially what the PinePhone did)

realistically how feasible is it going to be to have something be completely free of it?

It’ll be feasible if we encourage a culture of not using it. It doesn’t have to be the main mode of development — and all the big names can keep their slop generators — but as long as there remains a demand for slop-less software, there will be people willing to make it happen.

There’s also the saying “don’t let the perfect be the enemy of the good”: besides the fact that I don’t trust slop-coders to put in any more effort into architecture/security/performance than they do actually learning the languages and writing the code, I also hate that they are willing to fund giant data centers that deplete local reservoirs and cause blackouts for small communities. In this case, I don’t care if it’s “no ai at all” or “no ai as much as is practical,” because both are still better than “full steam ahead.”

There’s probably a better way, but the way that works for me is apt show <package> and then copying everything from the Recommended section into an apt install command

Edit: people in forums are suggesting the simpler apt install --reinstall --install-recommends <pkg>.

I find this preferable because it means the recommended packages get marked as auto, which means an uninstall will automatically remove them.

On the other hand, it forces a redownload and install of <package> which might be unwanted. If you want the best of both worlds, you’re going to have to manually install the recommended packages, then also manually apt-mark auto <list of packages>—although that might make them immediately susceptible to an autoremove, so this might require some tweaking; I’ll work it out when I have time.

If you want to always install recommended packages, add APT::Install-Recommends "1"; to your apt.conf (which just includes the --install-recommends option by default, behind the scenes)

As a rule I don’t tell people to RTFM, because it has some rude dismissive connotations, although I will share when it helps me solve a problem I’ve been butting up against that would’ve been solved if I had just read the docs.

That being said, I do encourage people to read the docs, as others’ walkthroughs can be misinformational, and are usually tied to specific setups or software and hardware versions. It requires learning how to wade through a lot of information to find the info you need, but the info is usually guaranteed to be the most current and reliable.

That all being said, I’m more than happy to help when people want it.

Matrix very recently has had e2ee calling since at least last april

I don’t host a server currently, so I can’t fully recommend it without knowledge of the backend, but i’m liking the experience as a user

Just looked at Session, and holy shit is that a massive downside…

From their own whitepaper:

Through the integration of a blockchain network, Session adds a financial requirement for anyone wishing to host a server on the network, and thus participate in Session’s message storage and routing architecture.

So you have to pay to self-host, and that’s somehow an upside???

This staking system provides a defence against Sybil attacks by limiting attackers based on the amount of financial resources they have available.

Which is a fine explanation in a world where everyone has a relatively equal amount of wealth. This is the epitome of dunning-kruger economics: a little knowledge is a dangerous thing.

Firstly, the need for attackers to buy or control Session Tokens to run Session Nodes creates a market feedback loop which increases the cost of acquiring sufficient tokens to run large portions of the network. That is, as the attacker buys or acquires more tokens and stakes them, removing them from the circulating supply, the supply of the Session Token is decreased while the demand from the attacker must be sustained. This causes the price of any remaining Session Tokens to increase, creating an increasing price feedback loop which correlates with the scale of the attack

So the more nodes a single entity holds, the harder it becomes for other entities to buy nodes and break the monopoly? Did you take 3 seconds to think this through???

Secondly, the staking system binds an attacker to their stake, meaning if they are found to be performing active attacks, the underlying value of their stake is likely to decline as users lose trust in the protocol, or could be slashed by the network, increasing the sunk cost for the attacker.

“Assuming every user is a perfectly rational actor, malicious actors would be shunned. This is somehow due to the economic incentive, and not just how humans operate when they’re assumed to be perfectly rational.”

Also: malicious actors when they find out they might lose their money if they get caught: “welp, I better not do that then. Thanks laissez-faire capitalism!”

Jesus christ fucked on a pike, these dipshits really drank the crypto kool-aid, huh?

I did do the 5 minute search, and found his write-up. I said I wouldn’t be surprised to find out it was fabricated, not that it was.

Nobody wants to point out that Alexey Grigorev changes to being named Gregory after 2 paragraphs?

Slop journalism at its sloppiest. I wouldn’t be surprised to find out that this story was entorely fabricated.

Podcasts?

If you really want to save some space, you can save a lot by opting to use command-line programs instead of the GUIs that basically just act as front-ends for the command-line programs. E.g. most FOSS audio converters just use ffmpeg behind the scenes, so really they’re a lot of extra libraries and such just to give you a graphical means of building up the CLI command. Same goes for videos. Same for images, though a lot of those might use imagemagick instead (even though ffmpeg also does images).

That being said, I use VLC for converting videos and audio files. I honestly can’t tell the difference between uncompressed (e.g. .wav), lossless (e.g. .flac or .ape), and high-bitrate lossy like mp3 v0 or mp3 320. Heck, I can’t even tell the difference between the aforementioned and mid-bitrate lossy audio like mp3 192 or Vorbis (the .ogg format) 192.

Quality is of course dependent on how sensitive the listener’s ears are, and how quality the equipment you’re listening with is. You’ll want to run some test conversions youraelf before committing to any specific format.

If your files are already in lossy formats, then you really don’t have much choice for compression, outside of bundling them all together in a tarball and compressing them with something like gz or zstd. This is only good for storing them, if you try to listen to them, your system will have to extract them, and that either takes time before it plays, or causes stuttering while it plays.