I don’t agree with what is written in that blog BTW, 1st I like that there’s a repo that at least tries as best as it can to protect the free software aspect of the apps, which many disregard but are pretty important to me, that’s one of the main values from f-droid for me. Proprietary binary components can include many invasive “features” one is not aware of. As requirement the source code and building from it is required. If you build from source, removing proprietary dependencies for example you’ll get a different binary, and that requires a new signature on the final package. F-droid has improved a lot on reproducible builds. And I’ve read in several places magnifying the issue of apks from official f-droid being moths later compared to original developer release, my own experience is different, and when I’ve written, I immediately get a reaction from someone which doesn’t agree with me (I never reply back). I’ve read about the single entity signature, but that alone should not be an issue, otherwise we would be distrusting packages from debian, arch, and so on, which use a set of signatures to sign all of their packages, particularly when the build and signing process is automated, in some distros most packages come signed by the same bot. The issue about using a VM with a LTS distro about to expire or already expired is a valid one, but can you blame them when migrating breaks their flows and they don’t have enough hands, and that got overcome any ways. Now a days things are working fine AFAIK. That the clients support multiple repos violate an android policy, oh well, I don’t care much about android policies, and google for that matter, which collects a ton of data from users and people forgets about what that means, but what a bad practice not to follow those policies.

I believe some people really dislike free software, which is not the same as open source, one really need to value the four basic freedoms it procures, and if one doesn’t give a dumb for whatever reason then one doesn’t really appreciate free software, perhaps all one wants is not paid software, which is not the same. Free has two meanings and people often gets confused, and f-droid is about free software. It’s true they can’t guarantee every single bit of their content, but they trying through their policies and a few scripts has value to me, and taking a look at what free software meaning and the basic freedoms it looks to preserve is important to be understood before complaining about an organization trying to offer free software. It would be more appropriate if the terminology changes to use the spanish “libre” word instead, but it is what it is, that why sometimes FOSS is instead referred as FLOS (free/libre or free and libre). And true, as a result developers who want to provide apks through f-droid and also through non free software app stores or repos (whatever makes more sense) need to have in place something to account for the differences, and that’s not optimal, but there’s a good reason for it, but some developers just don’t want to do it and even less not depending on android proprietary stuff or other proprietary stuff for that matter, which is their prerogative any ways.

A little rant of mine, not we all have to agree over the same arguments I guess.

Well, it is available on the IzzyOnDroid separate f-droid repo, so if using the f-droid client, you can still grab freetubeAndroid with it.

Never tried it though, and not sure how bloated for a phone, but it’s easy to install/update with any f-droid client.

ohh, as I set sponsorblock for it some time back, I thought it also did it, but it does not.

Tubular and Libretube (both available on f-droid btw)

Well, to me xmpp is the way to go, but I guess it’s not a matter of opinion, but rather understanding the motivation.

Why is your dad looking for telegram? What caused your dad to look into it? Perhaps digging into those, one can make a case with alternative more private options. For sure one can always argue in general the already mentioned alternatives, and the ones to come are better privacy wide, but it boils down to why is him looking to use telegram. If it’s about having friends or co-workers, or a high school set of friends there, I would think there’s no way to change his mind, :( But more technology arguments like stickers, better voice/video conferences, whatever, then that’s more something that can be argued I would think, the same way if he’s just looking for something more private of course.

If using wayland: wlsunset

Where did you get this idea?

I didn’t knew about Microsoft taking over the fsf either, and I am getting concerned about the real freedom behind my beloved Linux.

I think you are confusing FSF with the Linux Foundation, and you can see MS as part of the platinum LF members. Was that it, or you really meant FSF?

If you have installed wlroots, that’s why. Wlroots has a hard dependency on libseatd, which is provided by seatd. Labwc also directly depends on it. Sway as well can use seatd as both documented by sway itself, and its arch wiki, but for some reason it doesn’t directly depend on it, though it depends on wlroots, :). This is not a problem on arch since the seatd service can co-exist with logind/systemd, and on arch you can use the seatd service combined with libseatd for software build on top of libseatd, and users on arch can then choose between seatd or policy kit on that software. On other non systemd distros like artix, the seatd daemon is in conflict with logind (on artix it’s extracted from systemd), precisely because you can get away without logind as long as you use acpid to provide some of the functionality logind also provides besides session administration. Not sure if besides wlroots on archthere’s additional software depending on seatd. Several wayland compositors are based on wlroots, which attempts to somehow offer a standard for compositor and applications developers.

So it might be xdg-desktop-portal behaves differently for sandboxed apps such as flatpak ones than regular apps, hmm. So I’d still like to know how required d-bus is…

Thanks a lot !

Have you explore hyprland, niri (scrollable, not dynamic, but it’s sort of dynamic then) or sway (static tiling though, but offering tabbed layout and dynamic stacking/floating, plus hugely customizable)? Did you discard them because not close enough to bspwm? Just curious, not to judge your decision or anything like that.

Being an artix user, are you using logind (the official default), or just seatd, or the new logind alternative turnstile (not supported by all init systems, looks like only dinit which I use and openrc, tough void has it working with runit I believe)? I’m wondering what’s really required on wayland. I like the approach of just seatd, but I don’t know what one would lose and what are the wins, but if not seat alone then turnstile which actually require seatd. Also I would like to drop calling d-bus, but I’m not sure if that would prevent the compositor to work, but further if screen sharing with webrtc, electron apps like slack or teams-for-linux would stop working. I guess not using d-bus would not affect mako. But any ways, I’m curious of what would be you choice for your wayland experience if/when you get into it. The official and default way is just logind plus d-bus plus polkit. For such sharing xdg-desktop-portal is required, which fundamentally seems to be plumbing of d-bus, but I’m not sure…

BTW, from the blog post referenced, dudemanguy is also the mpv developer, so that requires quite a lot of effort (mpv specially on the support side of things, besides the developing effort, particularly to support wayland, and mpv does for some time now) together with artix effort. I’m glad he’s back writing, :)

Hey, sorry to take adantage of your answer, perhaps you can help me out though.

Is dbus actually necessary for xdg-desktop-portal? I understand from this flatpak post that xdg-desktop-portal is actually a bunch of d-bus interconnections, which of course make d-bus fundamental for xdg-desktop-portal, but wanted to confirm. xdg-desktop-portal is a must on wayland if one wants to share screen through webrtc, or electron apps like slack or teams-for-linux (probably zoom which is Qt as well). But I’ve read some people (this for example) start sway from console without d-bus, without logind/systemd, just seatd on the background (wlroots and sway support seatd). So perhaps those people are not interested on sharing screen, I don’t know. Or perhaps such d-bus plumbing is only required for flatpaks apps, which are sandboxed, thus requiring all that interconnection to access resources and such, and then I’m not sure about a thing…

Thanks !

BTW, just in case, not only the system configs are inmutable on Guix, the root/system directory is also read-only making it an inmutable distribution. So the argument that the Guix system is not inmutable is not correct. There are many places clearly stating that, but the itsfoss 12 inmutable linux distributions is one of them, and by its definition of inmutable:

An immutable distro ensures that the operating system’s core remains unchanged. The root file system for an immutable distro remains read-only, making it possible to stay the same across multiple instances.

So Guix is actually an unmutable distribution. But moreover, it’s much more than that.

I second xmpp + omemo, and would caution that as far as I can remember matrix leaks significant metadata when syncing between instances/services.

As a personal decision I got away from signal (molly in fact) more than a year ago.

I’m also keep jami working with my family, particularly for things not requiring immediate response. It’s a different beast, since it’s p2p, but there’s no server associated to it, no matter if decentralized or not. It’s easy as well, just not as responsive, in particular if looking for immediate responses… I like and keep both, hoping jami improves.

Ohh, I understand now what you’re saying. LOS (upstream) finally allowed uG to work on their images, though not pre-installed with them, it’s mentioned on LOS4uG FAQ, see question Why do we need a custom build of LineageOS to have microG? Can’t I install microG on the official LineageOS?, the answer includes a couple of references to LOS MRs. I was not aware of that, and that makes all derived ROMs inherit such ability from upstream LOS, including divestOS, so now I see what you were talking about. The answer in that FAQ doesn’t indicate that the official F-Droid client can be installed, and even better neither it or it’s lighter official client (that one never supported privileged extension) require privileged extensions to install apps in the background, so no need to install such extension through adb, and once installed the F-Droid client, one can add the microG repo to keep the uG apps up to date. Therefore no need for LOS4uG actually.

The sad thing is that divestOS images/ROMs are no more, since divestOS is dead. I hope LOS ports divestOS’ boot locking/unlocking mechanism from the still available divestOS repos, that would make LOS even better.

The other sad thing is that as LOS4uG signs with its own keys, different than the LOS ones, once you start with such images, unless you can backup everything, apps, apps settings and contents, LOS settings, and so on, without a google account, you’ll have to keep using it, until you change phone, or you are OK with a factory reset and having to set everything again, since moving to LOS implies different signatures and keys, which in turn implies factory reset and further cleanup to make the image work, :( That holds true if wanting to move to divestOS images as well.

Sorry I didn’t understand what you were saying. I’ve been using LOS before it was named like that (cyanogen), and as far as I can remember when uG showed up, LOS decided it didn’t want to support it, and it was until early last year that it decided to finally allow it, though not helping a bit providing it pre-installed, which is fine, because then the user can get to it, or rather Gapps. So I never read back about LOS criteria changing…

What do you suggest? If they get forced to use something encrypted, they won’t choose XMPP for sure, most probably something like whatsapp or telegram.

Being forced to use non standard protocols, and specially non federated ones is also a concern. Where I live, it’s assumed that all clients/users must use whatsapp, so they don’t answer your questions, you can’t ask them anything, you can’t share any doc with them if in need for support, it it’s not through whatsapp. And everyone seems happy with it.

e2ee by itself is not enough for privacy, metadata counts, and on proprietary communication systems one doesn’t even have a clue what data is mined by the company/owners or even worse if they have non disclosed mechanisms to do that or even worse to introduce back doors.

If I’d suggest something, that would be a standard and federated protocol with e2ee like xmpp + omemo. But again, I’d be naive to assume that’s a possibility, if forced to do something corporations will choose what’s more convenient to them not to the user, and that usually translates into proprietary abusive mechanisms.

Now about nerds using gnuPG/openPGP keys, ohh well, thunderbird chose what to me is the wrong path of not using gnuPG underneath (now by default all keys are exposed unencrypted, unless you choose to use TB’s master password for example, between several other limitations, the good thing is that there’s sequoia-octopus-librnp to the rescue), but that path allows them to offer a really easy way for users to interact with openPGP keys. On Android K9, now a days Thunderbird, has made it really easy as well to use gnuPG/openPGP keys when accompanied with openkeychain for example. There’s nothing obscure neither truly complex about current gnuPG/openPGP usage these days. I would agree like 15 years back one really needed to learn how to maintain the gnuPG keyring, how to add and manage public keys and how to manage your own private keys. But even then there was Enigmail, which after TB chose that path turned into just a shell to help move from Enigmail to the chosen TB’s librnp way, and Enigmail made it really easy to do all that gnuPG stuff. Besides thunderbird, which I wouldn’t say is a nerdy thing, there were/are several other easy alternatives to use and handle gnuPG/openPGP keys. So, not really nerdy, I’d think just willing to go a bit beyond what the corporations offer you, for “your own convenience”. But how many people even care? I’d say we’re a sleepy society, accepting everything imposed to us, even when there’s no need to, because of the hassle to look for truly privacy respectful, security respectful (from the user perspective, not just the corporations perspective), and also really important user liberties/freedom respectful, which Today’s corporations with the help of some communities and the banning culture we all embraced, have been successful in convincing us that’s unnecessary in favor of more “practical” alternatives, including proprietary ones…

Well, I think you already mentioned the key thing about encrypting disks. It’s not about protections when the block device is already decrypted and the filesystem already mount. At that point your disks are decrypted and anyone with or without physical access to your device, if gaining any access to it you’re toast. That’s true, but that’s not what disks encryption help you with, and you already mentioned. If you turn off your device, and someone steals it, or gains access to it, they can’t look at your contents, that’s it. That wouldn’t prevent malicious people, to instead plant something through UEFI for example, and you are right about that case. And if you never turn off your computer, and just do sleep to memory, then you depend on how strong your password is, or any other authentication mechanism you have…

Can you explain why if someone get access to your encrypted disk, they would have access to its contents?

Phoenix is not a browser, is it? AFAIK it’s a similar user.js to Arkenfox… They claim to be better, and have their on comparison, but I don’t know:

https://codeberg.org/celenity/Phoenix/wiki/Comparison

Arkenfox has been like the default user.js for privacy… Perhaps phoenix already is better…

Maybe @fishonthenet@lemmy.ml or @mickie@jeremmy.ml. BTW I remember about !librewolf@jeremmy.ml but I think it didn’t survive, and on lemmy instances this is the only Librewolf community.

Well it’s a bit confusing. On Guix’ wiki General features you can read:

Guix keeps track of these references automatically so that installed packages can be garbage collected when no other package depends on them - at the cost of greater storage requirements, all upgrades in Guix are guaranteed to be both atomic and can be rolled back.

The roll-back feature of Guix is inherited from the design of Nix and is rarely found in other operating systems, since it requires an unorthodox approach to how the system should function (see MicroOS).

And then on its wiki Guix System (operating system) Roll-back you can read:

This is accomplished by a combination of Guix’s functional package manager, which treats each package and system configuration as an immutable and reproducible entity,[58] and the generation system which maintains a history of system configurations as “generations.”

So the system configurations on a Guix system are actually immutable, as opposed to regular gnu+linux distributions, which can change the system configuration on the fly. What else is immutable on Guix, I can’t tell, but at least you can not change its system configs. What is atomic is the upgrades.

I’m not sure, but as Guix borrowed these properties from Nix, I’d think this applies to Nix as well.

In other words, at least the Guix system has immutable components. And further, the system config which is immutable, is also declarative. Combining those two things might be intimidating, since it’s not like on the fly one can go and change the system config, which might be required when debugging some misbehavior, and it’s what most distros document, then one needs to learn about guile, and a bit about functional programming I guess or at least their basics… Deploying systems might take advantage of such declarative configurations though…

It’s been a while since extensions need to be signed for FF to enable them. Not sure if Librewolf build scripts do something about it, but the config is not configured by default:

% grep xpinstall.signatures.required /usr/lib/librewolf/librewolf.cfg
%

and if you look for it on about:config, it’s enabled. So far it’s functionality is mainly to sort of not allowing dangerous extensions, though that promise can’t really be fulfilled, and besides, and it’s true the feature can be abused, but it’s not something new for FF, not sure why that petition is showing up just now, hmm. For the apps I use, this hadn’t posed a problem on Librewolf so far.

But it’s been a while I don’t see Librewolf devs around this community and the other lemmy one I know !librewolf@jeremmy.ml seems abandoned. Perhaps someone is familiar with Librewolf build scripts…