There is a tradeoff between UX, user liberty, and user privacy. Traditionally, Linux is leaning heavily towards liberty. However now there are systems have locked down core system (like chrome os or mac os), so it is impossible to mess things up. Yet user might complain that they “cannot do anything”.
As for telemetry, privacy is a fundamental pillar of human right. I admire FOSS communities’ stance on privacy by default, and I don’t think they should change that. Although now opt-in privacy preserving telemetry is slowly getting implemented in Linux, I think it is a good thing, but needs still be treated carefully. Privacy-preserving telemetry is good, but it is notoriously hard to guarantee such correctness.
Finally, I think the bug Linus encountered is extremely rare. The flatpak install script is broken, and the apt install removes DE. I don’t think there are any documented incident of both installation methods to have such critical failure. It is even more unfortunate that it happens just as the most popular tech youtuber decides to try Linux.
The key is only released into ram, so unless the thief can read content from ram they cannot easily decrypt your disk. And most common thief probably do not have that ability.
That being said, you do need a login password to prevent the thief straight up booting into your OS and copy everything using the file manager…
One of the advantage of using TPM with FDE, is that you can use a much longer random password. If I dont use TPM I am forced to use a password I can remember, which is likely the same password I use somewhere else. This means if someone close to me stole my laptop, they will have reasonable chance of guessing my password.
I would add, even my last Windows machine surface laptop 2 with latest windows 11 don’t have this feature. it is so awkward, I just stopped using gesture all together.
All the problem I haven encountered with flatpak is short-term (GPU passthrough, wayland support etc), and all of them either dont work or require a one time fix.
Basically if I dont encounter problem on the frist day, I have never encounteted any problem after that, unless a update introduced some bug in the software, of course.
I also realized my american appliance do this same when I try to set them to celsius (nest etc). I guess that is where this unfortunate misconception comes from.
bandcamp is pretty great. Granted, they are still a for-profit company; a popular community based solution would be nice. But they do let you download lossless file to self-host or just listen on device.
The only complain is the lack of classical music (not modern/contemporary classical) on there. But I would imagine most classical music is public domain by now. I just don’t know where to find them…
Edit: found it: www.classiccat.net or internet archive has a huge collection of classical music.
I am no expert, but if we are allowed to design everything from ground up, I believe personal electric vehicle (e-bike etc, abbreviated as PEV) for suburb, transit/bike/walk in city, and high speed rail between cities are probably the way to go.
City should be mostly car free, people can transit to suburb via transit, and to other city via rail. People move within city using walk/bike/tram. Vehicle besides delivery and commercial vehicle should be discouraged from entering the city, by removing in-city parking and setup no-go zones for private vehicles.
Even in the U.S. most people in suburb live rather close to a town center (less than 15 mins with PEV or bike). Thus efficient transit from town center to city can be a good idea. People will be discouraged from driving to city due to the lack of road and parking within cities.
For long form travel, people should move via high speed rail. Then take local travel options once arrived. High speed rail provide a faster and more comfortable travel alternative to driving.
Finally, I believe for people living in rural areas (an hour to any town center on PEV), cars and electric cars are their only option. If they want to enter city or suburb, they can drive to the nearest town center and take transit.
If the device is stolen, your disk is still encrypted at all time. If you believe your OS’s login system is reasonably secure, then the attacker should have no way to access your data: they cannot access the data from software because it is blocked by login screen, they cannot access the data from hardware because it is protected by FDE.
One of the misconceptions I had before is that I assumed that the disk will be decrypted when you enter the LUKS password. This is not true, the password is loaded into the ram, and only decrypts necessary parts to RAM. All the data on the disk is never decrypted, even when you are working in your OS.