I am no expert, but if we are allowed to design everything from ground up, I believe personal electric vehicle (e-bike etc, abbreviated as PEV) for suburb, transit/bike/walk in city, and high speed rail between cities are probably the way to go.
City should be mostly car free, people can transit to suburb via transit, and to other city via rail. People move within city using walk/bike/tram. Vehicle besides delivery and commercial vehicle should be discouraged from entering the city, by removing in-city parking and setup no-go zones for private vehicles.
Even in the U.S. most people in suburb live rather close to a town center (less than 15 mins with PEV or bike). Thus efficient transit from town center to city can be a good idea. People will be discouraged from driving to city due to the lack of road and parking within cities.
For long form travel, people should move via high speed rail. Then take local travel options once arrived. High speed rail provide a faster and more comfortable travel alternative to driving.
Finally, I believe for people living in rural areas (an hour to any town center on PEV), cars and electric cars are their only option. If they want to enter city or suburb, they can drive to the nearest town center and take transit.
There is a tradeoff between UX, user liberty, and user privacy. Traditionally, Linux is leaning heavily towards liberty. However now there are systems have locked down core system (like chrome os or mac os), so it is impossible to mess things up. Yet user might complain that they “cannot do anything”.
As for telemetry, privacy is a fundamental pillar of human right. I admire FOSS communities’ stance on privacy by default, and I don’t think they should change that. Although now opt-in privacy preserving telemetry is slowly getting implemented in Linux, I think it is a good thing, but needs still be treated carefully. Privacy-preserving telemetry is good, but it is notoriously hard to guarantee such correctness.
Finally, I think the bug Linus encountered is extremely rare. The flatpak install script is broken, and the apt install removes DE. I don’t think there are any documented incident of both installation methods to have such critical failure. It is even more unfortunate that it happens just as the most popular tech youtuber decides to try Linux.
Most country, urbanist or not, do have wilderness, where you can live and die without people know.
You don’t need to live in the city if you dont want to. You can live off grid, and burn your own feces for heat if that is the life of your choosing. What people here are fighting for is to keep this living style is outside of cities.
Basically, city is not the place for giant emotional support vehicles. And outside traffic should not disrupt the normal form of transportation in cities, which should be dominated by public transport, walking, and efficient personal vehicles (like bike, scooters, wheelchairs, etc).
The key is only released into ram, so unless the thief can read content from ram they cannot easily decrypt your disk. And most common thief probably do not have that ability.
That being said, you do need a login password to prevent the thief straight up booting into your OS and copy everything using the file manager…
One of the advantage of using TPM with FDE, is that you can use a much longer random password. If I dont use TPM I am forced to use a password I can remember, which is likely the same password I use somewhere else. This means if someone close to me stole my laptop, they will have reasonable chance of guessing my password.
Can you explain a bit on how the key erasure works? AFAIK TPM only refuse to release the key when certain PCR dont match, is there a setting to let it erase key?
If the device is stolen, your disk is still encrypted at all time. If you believe your OS’s login system is reasonably secure, then the attacker should have no way to access your data: they cannot access the data from software because it is blocked by login screen, they cannot access the data from hardware because it is protected by FDE.
One of the misconceptions I had before is that I assumed that the disk will be decrypted when you enter the LUKS password. This is not true, the password is loaded into the ram, and only decrypts necessary parts to RAM. All the data on the disk is never decrypted, even when you are working in your OS.