The thinkpad yogas (at least the models i worked with) work just fine with Linux (Except maybe the fingerprint reader but i never bothered to get it working).
When you need a software recommendation for handwriting/annotating then i strongly recommend xournal++. Imho the best there is and i prefer it over any windows application (onenote sucks balls). Have used it for 5-6 years now.
I have a 2-in-1 Lenovo Yoga 6 13" that I’ve installed Linux on. I’ve given up on the fingerprint reader working. The part manufacturer doesnt make drivers for Linux nor do they provide the necessary information for someone to make one themselves.
I use a thinkpad x1 yoga 4th gen with Ubuntu 23.10. Works great. Palm rejection has given me a couple problems, but only sometimes… I have not had time to troubleshoot yet though. I tried xournal++ first but was very unhappy, then tried the snap version of onenote which was much worse and landed on Rnote. Rnote is great!
It’s interesting as a comparison to M3 now and at different power limits. I’m hoping it may hopefully benefit the asahi project also. As a windows product I don’t think it’ll be good at all unless Microsoft has a Rosetta like emulation layer that is nearly as good as Apple. Without that this product will not do well.
Nobara KDE user here. One of the reasons why I chose it is because it comes with many of the customisations that I’d normally do (such as using an optimized kernel). But in addition, I use:
Opal instead of LUKS
KDE configured with a more GNOME/macOS like layout (top panel+side dock)
GDM instead of SDDM, for fingerprint login
Fingerprint authentication for sudo
TLP instead of power-profiles-daemon for better power saving (AMD P-State EPP control, charging thresholds etc)
Opal drives are self-encrypting, so they’re done by the disk’s own controller transparently. The main advantage is that there’s almost no performance overhead because the encryption is fully hardware backed. The second advantage is that the encryption is transparent to the OS - so you could have a multi-boot OS setup (Windows and FreeBSD etc) all on the same encrypted drive, so there’s no need to bother with Bitlocker, Veracrypt etc to secure your other OSes. This also means you no longer have a the bootloader limitation of not being able to boot from an encrypted boot partition, like in the case of certain filesystems. And because your entire disk is encrypted (including the ESP), it’s more secure.
I still feel skeptical about using a chips controller for encryption. AFAIK there have been multiple problems in the past:
Errors in the implementation which weaken the encryption considerably
I think I even read about ways to extract the key from the hardware (TPM based encryption)
Do you provide a password and there are ‘hooks’ which the boot process uses for you to enter the password on boot?
I think it is nice to have full disk encryption, but usually we are speaking about evil-maid attacks (?), and IMHO it is mostly game over when an attacker has physical access to your device.
Yes, I do provide a password on boot, as you said, keys can be extracted from the hardware so that’s not secure, which is why I don’t use the TPM to store the keys.
There are no hooks necessary in the bootloader, as it’s the BIOS which prompts you for the password and unlocks the drive.
And yes, there have been implementation problems in the past, but that’s why the Opal 2.0 standard exists - don’t just buy any random self-encrypting drive, do your research on past vulnerabilities for that manufacturer, and check if there are any firmware updates for the drive (don’t just rely on LVFS).
Also, the common hardware attacks rely on either a SATA interface (to unplug the drive while it still has power) or older external ports vulnerable to DMA attacks such as PCMCIA or Thunderbolt 3.x or below; so those attacks only affects older laptops. Of course, someone could theoretically install a hardware keylogger or something, but this is also why you have chassis intrusion detection, and why you should secure and check any external ports and peripherals connected to your machine. Overall physical security is just as important these days.
But ultimately, as always, it comes down to your personal threat model and inconvenience tolerance levels. In my case, I think the measures I’ve taken are reasonably secure, but mostly, I’ve chosen Opal for performance and convenience reasons.
I’m much happier to install one of the dozens of adblock addons, than to disable the built in one and still install an addon. Cuz that would mean bloat. I want to have the options to choose the adblock I have installed, and not only which one I use.
Builtin adblockers of other browsers, especially more commercial ones, have proven to be buyable by ad companies. They also fail, and have failed, on YouTube, where some addons still succeed.
One could argue Mozilla could encourage the users to actively choose an adblocker, but that would mean annoying popups and basically ads for adblockers.
Default FF with a few settings and addons is fine.
Used to live in Cary, now in Clayton (house prices… geez). Work at State so I see that giant Redhat building everyday. Hell I’m on Centennial campus so they used to be down the street.
Firefox does something else very important: provide another rendering engine for the web. When that landscape homogenizes, you get IE6 all over again. And we never want to go back there.
Also I’d rather there was a separate option for additional privacy than it be the default.
People who want the extra privacy can usually figure out what they need and how to get it. The average person will just switch back to chrome when websites break. They wont be able to figure out which settings to toggle off in order to fix the site
Keep Firefox useful for most people while also building more privacy friendly features.
If it’s something people SHOULD be using, have a popup explaining it and let people decide
It wouldn’t be terrible, as long as it’s based on an open source foundation. Although that depends on the specific open source license. As long as the engine can be forked, the worst of IE6 should be avoidable.
But yes, with Opera moving to Blink, you’ve got really only two-ish browser engines. KHTML/WebKit/Blink and Gecko. WebKit/Blink are Open Source, but I think mostly BSD, so Apple/Google could migrate to a proprietary license easily.
Gecko is MPL, which IIRC is somewhat Copyleft like the GPL, just a bit less stringent.
With the Apple/Google impasse with WebKit/Blink, I think we should be able to avoid an IE6 situation, but I would feel better with a stronger Copyleft license.
As much as I love Firefox, I think Firefox has less browser share than it did back in the IE6 days.
You have a pre-installed tool and a tool that looks better but which you need to install. When you need it for a rare task, and you administer many machines, it is easier to use what you already have on each of them.
Sorry, I don’t understand what you are talking about. Yes, you can run them in SSH session. No, you still need to have them installed on the remote machine to do this. And installing diagnostic tools is not only time consuming, sometimes it can be even impossible if you already get in troubles (and if you did not, why would you need them?).
Cringe take. I’ts just a fun pretty system monitor tool. I work as a senior cloud architect. I have 10 years of pretty heavy professional and home Linux usage and I just installed it on my home server because I have a unused 1/3 on one of my monitors at home where it can just live forever inside tmux.
It’s fun to see Plex take more resources because someone started a stream, or see the different parts of kubernetes working when I start a few containers. I have also added a drive to my btrfs raid so I was interested in seeing what kinda load the re balance did on the system over time. Turns out not much. It’s a fun tool.
I use different tools on the several Azure environments I am part of maintaining lol.
linux
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.