kyub @ kyub @discuss.tchncs.de

Posts

1

Comments

206

Joined

2 yr. ago

RethinkDNS is probably better, but I'm currently still using NetGuard Pro and kind of happy with it, but I will soon migrate to Rethink DNS. If you use NetGuard, make sure to use the Pro version, download its hosts file and use it in whitelist mode and display all contacted hosts/IPs for each app (block everything by default, allow only the technically necessary connections!). The more proprietary apps you use, the more tracking hosts you'll see being contacted (lots of proprietary apps contact Google, Meta, etc.). Don't allow these connections.

Remember that this is just one case in isolation. US-based data hoarders like Google, Meta, Microsoft, and so on are also regularly sued for various privacy law violations. And they all deserve it equally, TikTok included. I hope no one is left out. That said, unfortunately, the punishment is often a joke, which means these companies simply pay it out of their pocket change and then continue doing the exact same stuff. For example, France sued TikTok for something like 5 million $. Unless that number goes into the billions at least, I bet it's still way more profitable for those companies to continue to absolutely sh*t on anything privacy related. So, in essence, nothing will change because of this. Not for US-based data privacy violators, not for Chinese-based. "Same shit, different country" has never been more fitting.

Get an external drive, it's useful to have lying around for those rare occasions where you have something on an optical disc.

Arch breaking easily is such an over-exaggeration. I've run Arch so many years and the amount of tinkering I've had to do because of botched updaates is so minimal. Often times, they announce it on their main website even, with instructions on how to fix it. You also should have configured filesystem snapshots to easily revert after a bad update. Or have a USB installation medium ready to boot from and then repair/downgrade the affected bad package. That's usually all there is to do, and it happens rarely.

If you have multiple problems after Arch upgrades, then I'd guess that's a misconfiguration on your end, leading to unstable system behavior after updates. Arch doesn't do any kind of hand-holding, you're allowed to completely misconfigure and break your system, but then it's also your own fault.

If you didn't update for a while, you should probably update the archlinux-keyring package first, then do the rest of the updates. Otherwise, the other packages won't be able to be updated when package signing keys changed in the meantime

So yeah, I wouldn't recommend Arch for beginners, unless you really want to learn Linux the "hard way" and have a little bit of spare time and don't mind reading on the Wiki, but still, Arch instability is kind of over-exaggeration. Arch is very stable for a rolling release distro, but you do have to do a little bit of maintenance every now and then. That's the nature of rolling-release. I still wouldn't call that unstable, though.

If the user is at least somewhat competent, antivirus is normally not needed. Antivirus has several issues on its own, before even considering its defense "capabilities": it can contain spyware itself (harvesting user data, auto-uploading "interesting" files to the AV vendor cloud which leaks personal data, etc.... e.g. Avast was recently caught spying on the web browser traffic of all their user base and then selling that data. Yes, that's an AV vendor you're supposed to trust), AV (like all software) has security holes which can be exploited (there was already malware which only worked BECAUSE you had an AV installed, and it wouldn't have worked if you hadn't), and you have one more process constantly running in the background with lots of access rights which isn't great either, it may even damage your system by finding and quarantining false positives, and if your system is already infected then any AV running on it is also compromised as well and won't find certain malware anymore because the malware can hide its processes from the AV. Furthermore, AV is only somewhat good at detecting past threats, not good at all at detecting current, dangerous threats. (Typically, virus writers test their own creations against current AV anyway, ensuring that they don't detect it). Also, no AV detects e.g. Windows 10+/MS Office/MS Edge/Google Chrome/etc.'s invasive telemetry, which is (in this case) a euphemism for spyware functionality bundled with an otherwise legitimate application. AV should at least warn about it, otherwise it doesn't live up to its promises of combating spyware at all.

All in all, a competent user is likely to have more security/privacy issues or trouble WITH an AV, than without it. Which means, in the hands of a competent user, AV is the only thing on the system which behaves the most like malware. So simply by learning and following good security practices, you can avoid most if not all threats coming your way anyway, without any additional software needed on your machine.

That said, if the user is quite incompetent and executes everything at random and doesn't really care what sites he visits or what phishing mails he opens, and generally has a carefree attitude when workilng at the device, then having an antivirus constantly scanning everything and maybe avoid execution of a known threat, can do more good than harm.

If you're ever unsure, upload the file in question to virustotal.com - it will scan with something like 30 antivirus engines. You can't do that on your own. That makes it more likely that something is found, if there is a known threat in it. Or ask on a forum. If you're unsure your own system is infected, scan it with an offline virus scanner booted from a USB drive (preferably also with multiple scan engines), because scanning from inside an already infected system cannot ever guarantee full recovery. Although, no AV can ever guarantee full recovery regardless, which is why in the end you should completely re-install any infected system, and not rely on one AV's cleaning capability. Because there's no guarantee that the AV found and cleaned everything. If the malware contained a backdoor then maybe there's new, undetected malware already present as well.

Well, Linux is like a juggernaut that's inching ever closer in all sorts of areas (while already dominating in some areas). The time frame where it makes sense for Microsoft to spend increasing amounts of resources to maintain and further develop Windows is closing, and if you look closely, they've pretty much shown that Windows is not at all priority #1 anymore since at least Nadella became CEO. We also live in a world which is increasingly becoming OS agnostic, which is bad for Windows' dominance and great for Linux, MacOS, and others (because there's less and less relevant applications specifically requiring Windows). Of course, Linux on the desktop also grows stronger and more mature year after year, which further accelerates the change.

There will also be some points in time which hugely accelerate things, like Valve going all-in on Steam Deck and Proton and to make Steam a more independent store/community platform, and also Microsoft making Windows worse and more user-hostile over time. From a business perspective, it makes sense for MS - they want to go full cloud (= full control), almost full removal of control for the user, and full ingestion of as much data from the user as they can - to sell it, utilize it for own purposes, and train AIs with it. It's what increases profits in the short-term. A lot of companies are doing that kind of stuff. MS is just one of the more ruthless ones, which, again, makes sense, because they still have a big userbase to exploit. In the long-term, they're damaging, no, DESTROYING Windows' reputation as a half-decent OS (even among Windows fans) and driving more and more users to the alternatives. It's kind of inevitable. MS' striving for profit has doomed Windows, and soon, when no single company will be able to compete with the ever evolving Linux ecosystem anymore, Windows is also doomed. It's kind of a law of nature now. It's not a question of if, just when.

(I've used both Windows and Linux extensively, Windows since MSDOS/Win3.x, Linux since 1998. About 10 years ago, I've switched exclusively to Linux and banned Windows into a VM only that gets booted less and less [I think it's been off for 2 years already]). I, for one, welcome our new old Linux overlords.

Now that you know better, make sure to keep an eye on Windows or MacOS only dependencies in the future, and avoid those.

Flameshot is great, I use it every day at work and home. The integrated editing/annoation/drawing functions are superb.

Clickbaity titles on videos or news sites is the new standard. I watched it. The point he's making is basically that music was harder to make/produce some 50 years ago, so there was more incentive to "make it worth the effort", compared to today. And the 2nd point he makes is that music consumption is now so easy as well (listen to whatever you want instantly) compared to when you could only listen to something when you bought the physical album, that there's also less incentive for the listener to really get involved into some albums.

Personally I think these are valid points on the surface but they are not "the answer" to this kind of multi-faceted question. They're at best a factor but we don't know how big these factors are. Also I think one big reason he thinks that way is because he grew up in that environment and so he has a bias for "owning physical copies of albums".

I also think music hasn't gotten worse, the market is just simply over-saturated because there's just way too much music, you'll never be able to listen to it all. And there are absolutely hidden gems or really good bands/artists forming even today, it's just much harder to find them. Generally a problem of today's age: it's likely that what you're looking for already exists, you just have to find it within a whole ocean of content.

If you're looking for innovative or non-standard stuff, you can always look at smaller artists or the indie scene, same is true for movies, games, music. The big producers always have a tendency to stick to what works and what's proven to be popular so everything becomes similar. But smaller artists do not have to care about such things, they are ready to risk much more and in doing so, you might just create a real gem or something that was never or almost never tried before.

Yes. It’s basically about a ban or circumvention of E2EE, as usual. And as usual, this is not an option. Do not throw away your rights to strong, working encryption. Never.

• Closed source (has always been bad for an OS, a 1-US-company controlled blackbox at the heart of your "personal" computer)
• Privacy nightmares (and getting worse)
• Forced cloud integrations (and getting worse)
• Forced AI integrations (and getting worse)
• More bloat and ads (and getting worse)
• More restrictions (e.g. local user accounts) (and getting worse)
• More dark patterns to try to annoy the user and get him/her to accept something that MS wants (and getting worse)
• More opt-out, on-by-default bad stuff being added (and getting worse)
• There's probably more...

The question is wrong: it's not why do you "still" hate Windows. I did like Windows 7. It was the last Windows I liked. After that, it's just a downhill enshittification spiral. The only real question is: at which point will it be too oppressive for the common user that even the most common user will try to avoid it entirely. And I fear that there's still more than enough room for MS to make Windows worse before enough people migrate away from it.

The "opposite" was just referring to those 2 aspects - Mullvad has stronger anti-fingerprinting which leads to more breakage. Librewolf has that aspect reversed. Of course, both browsers are similar overall. That's just one detail where they prioritize differently.

Arch is not at all problematic, however if you're still inexperienced with Linux in general, there might be smaller issues with some packages which might be unsolvable or hard to solve in that particular case (but any experienced user can easily solve those by e.g. downgrading the problematic package until a fix is available, or by restoring a filesystem snapshot). My current Arch installation is almost 5 years old and I only had a couple of very minor individual package update issues, and one time where the system couldn't boot anymore after an update, which could be desastrous for a newbie, but only for a newbie. So, any talk about Arch being unstable is most likely exaggerated. Windows 11 these days has more update failures than Arch, and Arch updates almost daily. Yes, Arch is not "perfectly stable" due to it being rolling release and receiving updates almost daily, but on the desktop or notebook that "less-than-perfect-stability" really doesn't matter much unless you have some kind of allergy against breaking changes or spending 15-30min to fix something or get annoyed if you have to reboot. The fast updates and generally very up to date packages generally more than make up for the disadvantages. At least on the desktop and notebook. I'm not sure if I could recommend Arch on servers. Also, you should at least update Arch once a week (or more often). If you don't update for multiple weeks, then updates might fail because Arch assumes that everyone is on or close to the most current updates. Or you might have to first update the pacman-keyring before updates work again. In any case, updating often is also a way to keep Arch more stable. If you don't like updating often, don't use Arch.

Not generally, however you might want to avoid any early dot-zero releases (e.g. 6.0.x). These tend to be a bit buggy with KDE Plasma, but the bugs get fixed soon. NVidia drivers should be better with the very latest updates, they are supposed to work well on Wayland now. But I don't buy Nvidia, just AMD, so I'm not following this stuff closely.

Both are good. Librewolf is more like vanilla Firefox, just configured way better by default. Mullvad Browser is like a port of the Tor Browser (also based on Firefox) for the clear web (or for use with Mullvad's VPN, or whatever). Also configured very well by default. Mullvad Browser has better anti fingerprinting stuff built-in but as a result of its unusual configuration some sites might be broken. Librewolf is kind of the opposite in that regard - sites won't be broken but you'll be easier to fingerprint. In any case, they both are at the top of the best Firefox variants I'd say.

The free software movement was started 40 years ago. We can’t just give up now. How many years should we wait? People are only becoming more dependent on computers and our problems keep getting worse. Windows users have been able to abandon it many years ago, but they don’t care about freedom.

It's not about giving up. It's about continuing the fight while also making sure that people have real, tangible alternatives in the meantime. Look at GNU/Hurd - it might just as well never grow into something useful or competitive. Don't put all your eggs in one basket. The first "goal" is to get rid of Windows, and Windows is for the first time in like 30 years losing one of its pillars (gaming) to Linux (and by extension also MacOS, because every non-Windows OS profits from the developments). It doesn't matter if the overall situation isn't perfect. It's still real, tangible progress. Also the market share jump from < 1% (since pretty much forever) to 4% recently.

I had the same feeling about 10 years ago, but users of proprietary software are willing to take a lot of abuse. It’s almost impressive how stubborn they are. This includes users of Reddit, Twitter, Apple and others. I don’t think Microsoft will lose any significant amount of users just by abusing them more, and when it comes to features, Windows is improving lately.

Not by itself maybe, but in combination with Linux becoming more mainstream-viable for sure. I've heard from so many long-time Windows users lately that they're considering switching to Linux in the near future. I don't think Windows is in it for long, except on business desktops because they're usually vendor-locked-in with special applications. Maybe a generation after that, when home users aren't all guaranteed familiar with Windows anymore as they are today. I also don't think people will take much more abuse, the EU is also pushing back hard against abusive US companies. Also, if the AI copilot stuff blows up or doesn't become popular enough, Microsoft will have put all their eggs in one basket in vain. Currently it seems more like a very expensive gimmick - who needs an AI admin copilot to clean up the trash bin, change font size or toggle dark mode? Sure, you'll be able to talk to your bot, but everything you do will be harvested and the gain you get from it is almost irrelevant. Maybe if you have a disability or so it could be cool.

I agree that more freedom is better, but if people don’t understand the end goal, they will keep making the same mistakes. SteamOS is proprietary. Most of the popular GNU/Linux distros have proprietary software in their repositories. On mobile I see people switching from proprietary Android to proprietary Sailfish OS. They just keep falling in the same traps over and over again. Steam is one of those traps. If GNU/Linux became mainstream on desktop today, I have no doubt that it would be a proprietary distro. Then it will be only a matter of time before it turns into something even more proprietary like Windows. Because why wouldn’t it?

I don't think it would. It would be a mixture of libre software and propirietary software, which is better than 100% proprietary software still. The most important component is the OS itself.

That’s why we must explain it to them. Some will listen and others will not, but there is nothing else we can do. We are doing our best to rival the proprietary apps, but it’s a battle we’ve been fighting for 40 years. There will always be something missing and even if there isn’t, it will always be inconvenient to switch from something you already know. Reddit users could switch to Lemmy, but they won’t. If at some point they decide to switch to some other proprietary alternative, that will not fix their problem. It will be only a matter of time before the other company or developer starts abusing them too.

Yes, we must continue advocating for libre software. However, it's still time to celebrate the beginning of the end of Windows.

I know, but if we make compromises on our freedom, we will never keep it. The companies that make proprietary software will not let us. They could make money from developing libre software instead, but they don’t have to, because our society thinks non free software is fine.

We will keep enough freedom. It's a gradient. The world isn't black and white. Playing a proprietary game or playing back a BluRay on an otherwise fully free system is still much more progress than running 100% proprietary sofware. Change also won't come in a perfect way. First, desktop Linux needs to fight back on equal footing against Windows, and that (unfortunately) means it needs to be able to run whatever proprietary apps or games the users still need. Because otherwise they wouldn't switch and your utopia would remain an utopia without any measurable progress towards it.

https://piped.video/watch?v=KW6E51xXcWc for Valve's contributions, by a KDE dev. According to a 2022 interview they pay over 100 open source developers working full-time on various important open source projects, from Mesa to Vulkan to AMD GPU drivers to KDE Plasma to gamescope to Wine to DXVK and VKD3D to you name it. The whole desktop ecosystem is benefitting from this, not just the Steam Deck, and not just gaming.

I get that proprietary software and DRM is a general problem, and Steam is part of that problem, but completely getting rid of that is simply a battle for another time, further in the future. The first battle is to get Windows users abandon their Microsoft/Apple cages, and that's a win that's actually within reach now. Windows also becomes worse by itself, further accelerating the change. That's important, because running a proprietary OS is still much worse than running some proprietary applications or games on a free OS. A closed OS completely shifts control away from the user, leaving only what the developer allows you to do, and it allows the dev to always push his or her agenda by favoring applications from the same developer, and allowing the developer to establish proprietary APIs and libraries like DirectX which was problematic for the competition for quite some time. Establishing Linux as a neutral, user-controlled, non-proprietary, much more trustworthy OS is the first step away from that. And to reach that, users will have to be able to run at least some of their usual applications or games on Linux as well. Otherwise they simply wouldn't switch in the first place. For a regular user, using Linux cannot feel like being a downgrade. A regular user does not understand the ethics behind closed and open source and will never choose a worse free option over a better proprietary one. That either means the free options must become true rivals, or - which is the easier goal for now - the proprietary apps have to run on Linux just as well as people are used to.

A "war" isn't being won all at once instantly, but by winning several smaller battles after one another. Which takes time.

That doesn't surprise me, and yes it was always because of anti-competitive practices, so I'm all for more neutrality, I'll just add 2 shower thoughts:

1. Seeing that Brave is at the top of the browser list, I wonder how many selected Brave just because it's at the top of the list and thought that this must be a good choice then, not because they actually like Brave.
2. It's nice to have such a thing for browsers, but it would have to be expanded to other apps as well, e.g. mail client. Oh well, maybe in another 10 years or so.

Discord has a nice UI and lots of neat features, and it's popular among gamers especially, but it can hardly be recommended. See https://www.messenger-matrix.de/messenger-matrix-en.html for a comparison with other communication programs. Yes, Discord has approximately the most red flags there can be. Discord is essentially spyware, it supports the least amount of encryption, security and privacy techniques out of them all, and everything you type, write, say and show on it is being processed and analyzed by the Discord server and probably in turn sold to 3rd parties. Discord can't make a living from selling paid features only, they have to sell tons of user data, and since all data is basically unencrypted, everything's free for the taking. Discord doesn't even try to hide it in the terms of service or so. They just plainly state they're collecting everything. Well, at least they're honest about it. It's a minor plus. If I had to use Discord, I'd only ever use the web browser version, and I'd at least block its API endpoints for collecting random telemetry and typing data (it doesn't only collect what you sent, it also collects what you started typing).

Matrix, on the other hand, is a protocol. Element is a well-known Matrix client implementing the protocol. On Matrix, everything is encrypted using quite state of the art encryption. It's technologically much more advanced than Discord is. It's also similar, but it won't reach feature parity with Discord. Discord is a much faster moving target, and it's much easier for the Discord devs because they need to, oh, take care of exactly nothing while developing it further. While adding a new feature to Matrix is much more complicated because almost everything has to be encrypted and still work for the users inside the chat channels.

This is just broadly written for context. The two are similar, and you should prefer Matrix whenever possible, but I do get that Discord is popular and as is the case with popular social media or communication tools, at some point you have to bite the bullet when you don't want to be left out of something. I'm just urging everyone to keep their communication and usage on Discord to an absolute minimum, never install any locally running software from them (maybe using sandboxing), and when you're chatting or talking on Discord, try to restrict yourself to the topics at hand (probably gaming) and don't discuss anything else there. Discord is, by all measurements I know, the worst privacy offender I can think about. Even worse than Facebook Messenger, WhatsApp and such stuff, because they at least have some form of data protection implemented, even if they also collect a lot of stuff, especially all metadata.