The desktop security model is insecure in general. Phone OSes are much more secure.
Reasonable desktop OS to use is Qubes, Fedora, MacOS, ChromeOS, or Windows pro/enterprise (hardened)
Phones are much more secure especially the Pixel 8/pro with MTE immensely reducing remote exploitation. GrapheneOS is the only distro that enables MTE by default and recently implemented it in their Vanadium browser.
Secure phones (secure elements are important): IPhones and Pixels (GrapheneOS or stock)
Also yes, Chromium is much more secure on Linux than Gecko based browsers because of its great internal sandboxing and site isolation. Firefox on Windows is catching up though, but still bad on desktop Linux and android.
This all doesn’t matter if you’re running an EoL device. Make sure your receiving official security and firmware updates.
The thing is I use Noscript so I guess having random malicious Javascript executed is pretty rare. And Firefox + Arkenfox is so much more private than damn Chromium, even though I keep a Flatpak of Chromium around.
I understand that the hardened Fedora Ublue version from qoijjj isn’t that far off, maybe removing flatpaks is a bit weird and makes little sense.
I am pretty sure I wont use Chromium, as Firefox is just working better for me? Everything makes sense, and for sure I wont give Google any Data.
After buying a steam deck and seeing how good everything worked I just yeeted my entire bootdrive. Never looked back ever again (Then again I still own a surfacebook so it’s not fully commiting)
I have been working on Fly-Pie for more than 3 years now and I am very happy with the result. However, I have always wanted to create a similar application for the desktop in general. This is why I started this project.
Any beginner guide that advises against Ubuntu does disservice to beginners. It’s doing the opposite of helping beginners get into Linux. Ubuntu is still the easiest on-ramp to Linux today by far, despite anyone’s feelings about Canonical. Avoiding it harms Linux adoption.
Give a kid the arch install wiki and a computer with the USB iso ready to go. Tell them they aren’t allowed food until they install it and run neofetch.
The big advantage for me is that lact runs as a (systemd) daemon. This is more convenient for me than having to autostart CoreCtrl.
A disadvantage of the daemon is that it can’t be packaged on flathub.
Enable and start the service (otherwise you won’t be able to change any settings): sudo systemctl enable --now lactd
You can now use the GUI to change settings and view information.
Don't bother "securing" directories like that. The meaningful permission bit is the write permission on the directory holding the file. cat ~/.bashrc > ~/.bashrc.new; put-malware-in ~/.bashrc.new; rm -f ~/.bashrc; mv ~/.bashrc.new ~/.bashrc or the like will still work if you have write permissions to /home/username at all. Marking the file immutable with chattr +i as root might be slightly more effective, but realistically still not enough in a lot of cases as the parent directory can still be renamed. Not to mention you've only found some of the low-hanging fruit; your text editor most likely also has a few ways to accomplish arbitrary code execution in its config/scripting/plugin files but it absolutely doesn't stop there.
Don't bother buying old systems because they can have free firmware. Ever since Spectre, CPU vulnerabilities have made old machines completely unsuitable for high-security purposes time and time again. Not all mitigations are equally effective and with mitigations on, performance takes a massive hit on those 10 year old machines. If you can get a reasonably new system with free firmware, that's good, though.
Thats important… are you sure you can delete files without write permission? Couldnt this be avoided? Because if you cant delete or write to a file, it is basically immutable right?
Chown sudo is still missing so currently its useless. But how do you do that without a root account?
I would NOT say it has been on decline. It's pretty good for its target. There also hasn't been any regressions I can see except for the obvious Nautilus. (I use MATE, but mostly because of its looks)
As a kid I had windows 98 (and later xp) dual booted with debian and at some point some version of suse. This was ~20 years ago
Well I used it just fine and I knew a bout the mysterious “root” and “sudo” that my dad would use but I was just playing some games and maybe using the web browser.
Using the GUI I never learned Linux and it wasn’t until a few years ago that I started using Linux again, and it was only because I wouldn’t be able to continue using Windows 7 anymore.
So I don’t have any experience with teaching Linux and especially not to kids, but I think kids are actually really good at learning stuff if they need too, so give them a PC and the tools to figure things out, if they want to use it they’ve got to learn, and don’t give them other options where they don’t have to learn anything.
I realize that the major point of GIMP 3 is the port to GTK3. That said, I feel like colour spaces are what people have been waiting for and probably the most significant deficiency that keeps GIMP from being treated as a professional tool.
If they are really this close, why not set the GIMP 3 release date for when colour management is ready?
Non-destructive editing will be huge as well. GIMP 3 is really going to be a crazy leap forward. It is going to be amazing to finally get access to all this work that has been walled off for decades.
The bug situation sounds terrible. Honestly though, they should just get 3 out and then make bug fixing the number one job until it gets into better shape.
Not only is it a small team but right now there are basically two different projects ( 2 and 3 ). With only one code base, perhaps the pace of progress can improve.
So you're saying: don't release the GTK 3 port until colour spaces are also complete? Why not give people what's ready, and then when colour spaces are ready, cut another release? No need to make people wait who don't need colour spaces.
(Additionally, it's easier to verify that bugs reported before the release of colour spaces are more likely to be related to the GTK3 port.)
Colour spaces are ready. They are saying I may be hard to wire it up in all the right places in a month. Why not take two months and get it in? I mean, it has been over a decade already.
Many people have been waiting for 3.x for literally half their lives. To save a month, they are going to launch 3.x with the big change being the toolkit? Seems like a wasted opportunity.
If it were going to be 6 months or more I would agree with you. From the write-up though, they delay would only be a few weeks.
linux
Newest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.