I would be interested to know why you are pushing this product across multiple places on Lemmy. Your post, despite disparaging “viral marketers”, has a viral marketing tone with statements such as “I feel like I’ve been wasting money on my VPN ever since I found Riseup”.

Additionally, while I do believe a free VPN using an autonomous collective, resource pooling approach is a great idea, in practice this VPN has had… not a great history from my point of view. A quick search shows that in 2017 they were forced to comply with US Law Enforcement https://en.m.wikipedia.org/wiki/Riseup, see the Warrant Canary section. VPNs based in the US are known to be at risk, and this is another good example.

When choosing a VPN provider, server location is important, as well as company location. You are repeatedly encouraging people to Torrent from a VPN based in one of the most zealous countries opposing file sharing worldwide, and one that has already worked with Law Enforcement.

Yeah I actually am slowly realizing that I agree with that. Lots of bigots in Phoronix comment sections… and that doesn’t even include the obviously psychotic rants, its just the ones that unashamedly shit on DEI all the fucking time

The GUI version was working a month or so ago, but a recent Tumbleweed update broke openVPN when using port forwarding via natpmpc. Bug report here https://bugzilla.opensuse.org/show_bug.cgi?id=1236718

Wireguard on the Proton GUI client on Linux is experimental, don’t use it except for testing. Use the manual setup, and make sure to test for DNS leaks.

FYI, for folks currently using a normal PIN and looking to use this, it’s intended that the 2nd factor PIN at least be different than the main unlock PIN. Otherwise you can just swipe up to dismiss the fingerprint prompt and get to the main PIN prompt; if its the same as your 2nd factor, that’s pointless.

I was told on the Graphene matrix channel that the most secure configuration for this is:

Main unlock method: 6 word diceware password

Secondary unlock method: biometric + 6 character 2nd factor PIN

Be aware that if you use this config that you will be prompted for the main unlock method (long password) at reboot, and also every 48 hours.

With Linux, you can literally do anything that you want. And lots of people are already doing just what you describe, making pretty and functional Desktop Environments and compositors for anyone to use. As a beginner I’d encourage you to check out all the major Desktop Environment options first. You can usually get any of these in most major distros (Cosmic may be less available and mature right now).

https://www.gnome.org/

https://kde.org/

https://system76.com/cosmic/

Article with others https://www.geeksforgeeks.org/best-linux-desktop-environments/

Then you can get into compositors, plugins, and other customization, where you can make your system look almost exactly how you want it:

https://hyprland.org/

https://extensions.gnome.org/extension/6099/paperwm/

https://github.com/Bismuth-Forge/bismuth

https://github.com/YaLTeR/niri

These just happen to include tiling because I love tiling haha… I’m sure there are other non-tiling projects you could try out as well.

Edit: sounds like you may have already rejected a bunch of the status quo Desktop Environments as too boring haha. Then I would encourage you to check out Cosmic, and then the experimental tiling compositors I listed above… I’m sure you will find them unique at the very least!

I use a text/limited voice only plan from https://tello.com/

This is hilarious… after bailing from using the run file a couple months ago and going back to the 550 driver due to instability, I finally decided to install the 570 manually today. Should have waited LOL, the timing…

In my case, 2 USB 3.0 hard drive enclosures with twin drives, in ZFS mirror configuration. I keep the the disks “awake” with https://packages.debian.org/bookworm/hd-idle, and it meets all my needs so far, no complaints about the speed for my humble homelab needs.

Michael’s clickbait game is amazing lmao

As someone who has migrated data to new PCs many times, I will say you should always back everything up and sort through it later. I have had many occasions where I’ve forgotten about important files or documents and deleted them because I didn’t know they were in the location I deleted. Storage is relatively cheap, buy a 30$ hard drive dock and a couple TB hard drive (spinning HDD, not an SSD), and use a program like FoxClone to completely clone your current OS drive. Then you can happily wipe it and still have the backup should you need it.

GrapheneOS supports this type of security checking outside of Google’s Play Integrity API but app devs have to enable it. The Graphene devs encourage leaving one star reviews, emailing support, and linking this page: https://grapheneos.org/articles/attestation-compatibility-guide

Invidious still works very well, however it is an ongoing battle with YouTube. They ban an instance and the instance’s ban evasion routine tries again, or in the case of IP range bans migrates to another provider and the game goes on. Despite this, it is the only way I know of to access YouTube relatively pain free using a public VPN provider. By now YouTube has blocked a lot of public VPN IPs. To me, this advantage makes it worth it.

The best way to keep up with which instances are currently functional is via the Invidious Matrix room, https://matrix.to/#/#invidious:matrix.org. You can also check the instances list https://instances.invidious.io/ but it may get out of date sometimes.

Finally, I’ve found the best way to use Invidious is via FreeTube (Linux) or Clipious (Android).

What do you recommend for users coming from Windows?

The ultimate in privacy for YouTube is Invidious https://invidious.io/, which fully proxies your videos from YouTube through an Invidious server. Every once in a while YouTube will get the upper hand and figure out how to fingerprint and block the servers, but so far the community has always figured out how to circumvent it. One advantage is that you can feasibly use a VPN with Invidious; without it, you have to keep hopping from VPN server to VPN server until you find one YouTube hasn’t already blocked, especially on a large public VPN like ProtonVPN. This applies to NewPipe as well, since NewPipe still tries to talk to YouTube directly as far as I understand. On Android I use Clipious as the app to access the Invidious servers.

Agreed of course, just letting them know the choices they have haha… my path was long, from Windows to Ubuntu to Lubuntu on an old PC, then dabbling with Qubes (daily driving was too painful) which introduced me to Debian and Fedora, back to Windows for gaming, dipped my toe back into Linux gaming with Fedora, and finally settled on openSUSE Tumbleweed for all my machines. It was all worth it tho!

Proton, which is the main enabler for Linux gaming given that not many games are released with a native Linux version, is provided via Steam already with no need to install SteamOS. If you are coming into Linux brand new from windows I’d recommend installing a very popular distro like Ubuntu, or Mint. Learn the basics, and make sure to learn how to backup your data on Linux. If you are a) frustrated with missing some feature or software in your current distro or b) just curious about tweaking your system, start learning about how to work in the Linux shell (start with bash). Then come have some fun on a distro like openSUSE Tumbleweed (my current distro), where you always have access to the latest software and can change tons of things about your system in exchange for having to put in some more time to manage it. If that still doesn’t satisfy your needs and you have decided you love Linux and are never going back, then check out Arch Linux or its derivatives where you have nearly unlimited freedom but the highest time investment.

Michael using different language than NVIDIA to describe the state of the driver is confusing. I guess he considers New Feature Branch to be stable, except the first 555 versions released under that designation were (IMO, based on my system and watching the feedback forums and changelogs for 560/565) not very stable from a user perspective… which I suspect is likely why NVIDIA has not released any 555/560/565 to Production Branch for ~6 months now. And it’s still not clear which major version is planned for Production Branch…

So many people say to isolate google play services in another profile, but I have not seen anything quantifying the amount of attack surface reduction or what benefit this gives in terms of anonymity or security. Google play services includes Firebase Cloud Messaging (FCM) which is what enables most apps to give timely notifications. There are alternatives like ntfy, but they require some understanding of how to set them up, and tinkering.

Finally, multiple profiles is useful for the most security conscious but for the typical user I do not believe its very useful. One thing I noticed is notifications are not consisently reliable, so setting up a “Facebook” profile does isolate you from the app but then you may miss notifications. You also have to type your password for every profile switch.

Agreed… depending on Google to implement or fix very specific features is just shouting into the void. Use a trusted 3rd party app like Bitwarden, as you mentioned

Nope, pretty normal. You’ll find that you’ll need frontends and proxies for tons of things. For example Instagram hasn’t ever worked for me with a VPN. I no longer have an account anyway, but for the times someone sends me a link I’ve had to find sites that let you view the content without actually visiting Instagram. Same with reddit, reddit frontends are very good these days (I’d recommend any Redlib instance). Also, sometimes a specific VPN server is IP blocked and you can just connect to a different server to view a web site that blocked you initially. It is a fair amount of work, but honestly its helped me slow down my consumption of random bullshit anyway haha. I use ProtonVPN and pay for premium.