Flatseal: well that’s normal, it can’t control Flatpak’s access controls if it is itself sandboxed. Even if it was sandboxes, it could just grant itself everything.

For Xournal: it’s probably because it doesn’t support portals or whatever, so it can’t use the open file dialog to get permissions. So it needs to be able to get to your files somehow to open them.

In both cases, it just means its permissions model is more like regular applications you’d get from your package manager. If you install Xournal with apt/dnf/pacman it also won’t be sandboxed.

The point of sandboxing is you can run applications you don’t trust too much, or significantly reduce the blast radius if say, your browser gets breached: then it has another barrier to overcome to reach anything other than the browser’s own data. The lack of sandboxing doesn’t inherently imply the app is evil or will hack you. It just means it doesn’t have the extra protection around it. So like, probably don’t open sketchy PDFs in it, but I wouldn’t stop using the app solely because it lacks sandboxing.

There shouldn’t be any issues with that. Most distros handle “install side by side” situations out of the box.

Data partition probably doesn’t matter. Nobara might use snapshots for updates so you can rollback, not sure, but it also shouldn’t horribly break things for /home.

The thing btrfs does well is root and home can be the same partition, but different subvolumes. Technically you can even have multiple distros on a single btrfs partition by means of subvolumes, so there’s no unusable wasted space.

I would do btrfs, Mint won’t care about the filesystem having more features than it needs, and there’s so many advantages to btrfs.

E: I might leave homes separated and explicitly share some folders you want to keep in sync. Mint’s configurations could impact Nobara’s configurations and vice-versa. Especially if versions of things differ, maybe Nobara will upgrade some configs and make them unusable with older packages from Mint. You can just symlink your downloads and documents and whatever to a common shared data partition or subvolume dedicated to that use case.

Depends on how good the ISP router is. I’ve had one that had most of the advanced settings available, so I didn’t feel the need to change. For a while I had offloaded DHCP and DNS and VPN to a Raspberry Pi. It’s very much possible to make do with the ISP router. That ISP would let you passthrough the public IP to a box on your network which lets you do a lot of stuff without going into bridge mode, so I could make my server the target while still letting the router do the routing so if my server was down it didn’t take the whole network with it.

Then I got a bad one where it won’t even let you set up port forwards unless the device is registered over DHCP so my static stuff and VMs didn’t work. Got my EdgeRouter X back online to get my stuff done.

I do use VLANs and stuff now so it makes sense for me to use my own router. With everything getting breached these days, I have a VLAN just for my computers, another one for smart but trusted-ish devices (the TV’s gotta reach the NAS), one for IoT that’s completely shielded off.

What you’re missing out on depends a lot on what features you don’t have you could make use of. If you have like 3 devices using the network like I did when I lived alone, yeah you’re probably not going to miss out on the VLANs. But maybe you want to do ad blocking network-wide. Maybe you’d want to better prioritize interactive traffic like VoIP and video calls or games. Maybe you want a reverse proxy or VPN that works even if your home server is down. Maybe you want your kids to not hog all the bandwidth. There’s a lot of things a router can do.

So if the ISP router does everything you want and you’re happy with its performance, it’s fine. Just keep it in mind, when you start being like “I wish it had X and Y features” maybe consider an upgrade then.

If you have the option of not getting a router from your ISP, I would definitely recommend bringing your own. If they provide it regardless and you’d be replacing it through unofficial means, eh, if it works well…

Most modern operating systems randomize the MAC. DHCP does have extra fields such as the device’s hostname that can be used to counter that.

But as I said, that’s unlikely to be the weakest link. If you don’t trust the network you’re also likely in a public environment where people can just see you anyway.

I guess the hostname could be used to defeat MAC randomization if you use public WiFi like hotels, airports and coffee shops. You could probably identify repeat users if you cared enough.

But then your worry should be the security cameras not the WiFi, because that’s what’s gonna tie you personally to your device connecting.

virtiofs is amazing, got my entire Steam library on it. It’s like it’s not there, NVMe speeds no problem.

When I worked in a restaurant kitchen, we used to soak rags with water and freeze them in the walk in freezer, then once it’s nice and frozen we’d wear the rag around our necks.

There’s large blood vessels in the neck feeding your brain, so if you’re able to cool down the blood there, it’ll spread to the whole body surprisingly fast.

I actually managed to get cold in hot humid july summer in the kitchen with that method.

You’re connected over WiFi 6.

I do like the YouTube integration. A good chunk of them have a link to a main long form video which is nice when you don’t want to watch a video in 50 parts. You can scroll and be like, that’s a cool project let me watch the full 30 mins video.

A lot of these are partial bans. Canada for example only bans it for government issued phones which makes sense, there shouldn’t be any apps let alone social media apps on those devices.

Probably move on to YouTube Shorts or Instagram reels. I don’t have Instagram but the YT Shorts are basically just TikTok crossposts anyway.

Ideally Pixelfed would win but that’s very hopeful, a lot of the creators are expecting to be paid.

There’s too much money to be made with the format for it to die yet.

It’ll depend a lot on your experience. I can just install Arch without reading the wiki at all in about 5 minutes for something fairly vanilla. If you’re comfortable with Linux then following the wiki won’t be too hard, took me maybe 2-3 hours on my first install before I had my DE and everything all set up (12 years ago). If you’ve never used Linux before and take the deep dive then it could take hours and days depending on how fast you can absorb all that information.

“Easy” is very subjective, there’s stuff that’s so dumbed down for the sake of “easy” that it makes my life harder when I need to do more complex stuff. I know people for whom linear algebra in 11 dimensions is easy for them to do and solve. Easy is relative to your own personal experience level and what you’re trying to accomplish.

Install it in a VM as a test run, you’ll see by yourself.

No, simply because even with pure CSS and even pure HTML you can find ways to leak some information about the browser. For example, a background image that only loads on 1920x1080, another for 2560x1440, and so on. Make hundreds of those for every possible resolution (they can be the same file on the server but at a different path), and there you go, you now figured that the client downloaded img/background/2448x1280.png from the server logs. You can use the same trick for fonts as well, you just apply the same trick on a box on the page that is sized based on text content. Repeat for every font you want to test for.

There’s just a ton of those little features that are for performance optimizations because loading a 4K background on a 480p phone is a bad experience for everyone involved. Sometimes you need to know the size of some elements to position other elements relative to it. You need the mouse cursor position to open popups at the right place. You need the window size to realign popups and modals. You’d have to go back to text based only sites like it’s the 80s and 90s to avoid that kind of fingerprinting.

And thus Tor’s solution: everyone’s got the same window size, same fonts and everything.

And since when have you known any computer to be problem-free?

Software that’s not made from overworked engineers working 80 hours a week pressured to work even faster to complete this week’s sprint.

I’m so tired of “computers are buggy and everyone accepts that”. No! Computers don’t have to be buggy, you just have to not shove trash software on it made by morons doing the bare minimum.

I have software that’s been running on servers for literal years, not a single bug. The hardware’s been sized appropriately and I wrote good, sustainable and maintainable code. My computers all can easily do weeks and months of uptime. I pick up my laptop and open the lid and 100% of the time it wakes up from sleep and it’s ready to go.

The overwhelming majority of “production” and “enterprise quality” code I work with is total garbage that should never have been written and its author never hired in the tech space. We repeatedly get reports on how X car manufacturer was pwned for not following best practices that are a decade or two old.

Corporate greed makes EVs suck because it’s developed for as cheap as possible and the target is “good enough customers tolerate it”. Shit barely works properly when going through the happy path and the error path just… usually crashes your car.

I’ve had to reboot my car at red lights way too fucking often and it’s not even an EV. 2020 model and the infotainment reliably crashes if I have a Slack or Zoom call going because it tries to read the phone number off my phone over Bluetooth and doesn’t know how to handle a null phone number = the radio crashes.

It’s not fucking rocket science.

Yes

No, why would I? I’m a grown up, I don’t need mommy’s money.

Obligatory https://youtu.be/xDLvUqhwHZc

Postgres 16 and pict-rs 0.5.16, but neither are critical it’ll just miss features. Like if you use pict-rs 0.4.x then you can’t use the image proxy, but you shouldn’t anyway.

AFAIK the only downside of still being on 15 is it doesn’t perform quite as well on high traffic instances but should otherwise be fine.

Indicates to me the decision to do ActivityPub was bolted on very late in the project’s lifecycle, probably rushed to try to take the users flocking away from Twitter.

Because a lot of those limitations makes zero sense.