Well, I think you already mentioned the key thing about encrypting disks. It’s not about protections when the block device is already decrypted and the filesystem already mount. At that point your disks are decrypted and anyone with or without physical access to your device, if gaining any access to it you’re toast. That’s true, but that’s not what disks encryption help you with, and you already mentioned. If you turn off your device, and someone steals it, or gains access to it, they can’t look at your contents, that’s it. That wouldn’t prevent malicious people, to instead plant something through UEFI for example, and you are right about that case. And if you never turn off your computer, and just do sleep to memory, then you depend on how strong your password is, or any other authentication mechanism you have…

Can you explain why if someone get access to your encrypted disk, they would have access to its contents?

Phoenix is not a browser, is it? AFAIK it’s a similar user.js to Arkenfox… They claim to be better, and have their on comparison, but I don’t know:

https://codeberg.org/celenity/Phoenix/wiki/Comparison

Arkenfox has been like the default user.js for privacy… Perhaps phoenix already is better…

Well it’s a bit confusing. On Guix’ wiki General features you can read:

Guix keeps track of these references automatically so that installed packages can be garbage collected when no other package depends on them - at the cost of greater storage requirements, all upgrades in Guix are guaranteed to be both atomic and can be rolled back.

The roll-back feature of Guix is inherited from the design of Nix and is rarely found in other operating systems, since it requires an unorthodox approach to how the system should function (see MicroOS).

And then on its wiki Guix System (operating system) Roll-back you can read:

This is accomplished by a combination of Guix’s functional package manager, which treats each package and system configuration as an immutable and reproducible entity,[58] and the generation system which maintains a history of system configurations as “generations.”

So the system configurations on a Guix system are actually immutable, as opposed to regular gnu+linux distributions, which can change the system configuration on the fly. What else is immutable on Guix, I can’t tell, but at least you can not change its system configs. What is atomic is the upgrades.

I’m not sure, but as Guix borrowed these properties from Nix, I’d think this applies to Nix as well.

In other words, at least the Guix system has immutable components. And further, the system config which is immutable, is also declarative. Combining those two things might be intimidating, since it’s not like on the fly one can go and change the system config, which might be required when debugging some misbehavior, and it’s what most distros document, then one needs to learn about guile, and a bit about functional programming I guess or at least their basics… Deploying systems might take advantage of such declarative configurations though…

Regarding omemo, dino is getting there, see its closed issue 1609. Not sure why it has taken them too long for a new release, but they have the stuff already merged.

Ups, I just got to enjoy piped and in particular pipeline on gnu+linux and libretube on AOSP.

Pipeline in particular allows to totally avoid electron (freetube), and in both cases the piped instance is the one communicating with youtube, not me, :) And both applications support sponsorblock (tubular does, but newpipe doesn’t). But not talking directly to youtube is a win. Did I mention dropping another electron app, :) ?

But… I installed pipeline from AUR, because I don’t like flatpak… Not sure if other user repos offer it as well…

I’m interested on what changed that make it differ from Mull in a non recommended way. Are you referring to their 1st MR? where they outline:

• Replaced Arkenfox & Brace preferences with ones from Phoenix 2025.01.06.1…
• Added support for Google Safe Browsing (Safe Browsing is disabled by default and can be enabled by setting the following preferences to true in about:config)

I understand Mull was using arkenfox which is sort of the go-to reference, and now ironfox move to phoenix. The safe browsing is the same approach Librewolf follows, though I don’t like their comment on a proxy. I don’t like their choice of the brave search engine, but I always replace that with searxng tweaked a bit.

The MR doc doesn’t look too terrible, but don’t know about the changes themselves.

As mentione SMS is by no means secure, and although silence hadn’t gotten any update, still works as a champ on Android 15.

What works for me is freetube on desktop, and tubular/newpipe on AOSP.

https://gitlab.com/ironfox-oss/IronFox/-/issues/7

https://gitlab.com/fdroid/fdroiddata/-/issues/3457

Ohh, so it changed for being webkit, to be a FF based browser. At any rate Librewolf keep being like the closest, FF but with better defaults, and without the need to configure the arkenfox stuff.

It’s a webkit engine based browser, actually it uses webkitgtk. Now webkit is the engine on which safari (apple) is based as well, and it’s been there for some time. blink, which is what chromium based browsers use, is a fork from webkit with its own extras.

So it all depends, chromium based browsers are all blink engine based browsers, which are pretty related to webkit engine based browsers (midori is not the only one BTW). As well as there are a ton of blink based utilities such the electron ones (chromium in disguise), there are still quite a bit based on webkit, specially gtk applications.

gecko as opposed to the other major web engines never had some sort of toolkit that would make it easier for other applications than the mozilla ones to be based on it, and it seems there will never be such toolkit, even less with the dominance of blink based browsers and applications, and in a lesser way but still high use webkit applications and browsers.

If looking for actual alternatives to what dominates the market, I believe gecko is the option at the moment, and if the FF defaults are unsane, I’d strongly suggest using Librewolf, which is essence is FF with much better defaults, it partially uses arkenfox configs, but it’s independent and has its own decisions, and also removes very few blobs like pocket at build time.

Eventually servo might become the web engine to look for, and perhaps verso the web browser based on servo. But they are still in early stages as to be considered for day to day regular use. I’m not sure if servo is both a web engine and also offers itself as a toolkit so other applications besides a web browser can be based on it, similar to webkit or blink, but I believe that’s not the case, at least not yet, though I wouldn’t put my hands on fire for this, :).

Bottom line, you might want to take a look at Librewolf.

Unfortunately divestOS is retiring, and Mull, something like Librewolf but for AOSP based devices, has ceased development. I’m really hoping someone capable of forking it does it…

Totally unrelated, mull is pretty cool in the sense that it brings arkenfox configs for the user, and it strips some binary blobs. To me the AOSP privacy browser with no actual alternative. Some say it’s like librewolf for AOSP.

Bottom line, no, totally different things.

Yet Another Call Blocker?

The only reasons I sometime back looked into betterbird was thunderbird breaking TbSync and its companion “Provider for Exchange ActiveSync”, which I really need for work, and because of their tray support (I don’t like the modern way which rejects the benefits of the tray functionality, or notification area which is how it’s also called now a days).

For the first thing, I was able to live with thunderbird by reverting the upgrade and keep its package from upgrading at all, until the two extensions I required eventually supported the new thunderbird version which broke them. I looked into betterbird as an alternative since someone suggested it given betterbird wasn’t moving as fast at that time as thunderbird was, and at that moment they were not breaking the extensions I’m force to use if wanting to use thunderbird as email client at work.

For the tray, ohh well, it doesn’t work on wayland if you don’t use gnome or kde (I use wayfire), so it couldn’t help me at all. I found a bug reported on mozilla (not sure why not also on betterbird) which matches my case, so no luck with their tray support, :(

Other than that I really didn’t find a compelling reason to use betterbird instead of thunderbird. But if I were a gnome or kde user, perhaps its tray support might be compelling enough.

They don’t, I mean registering your username/basename is not a requirement, they chose the registration as the default to make it easier to be found. But you can get away with not registering your username/basename and instead exchange with your contacts you ID number, and with that besides able to choose whatever username/basename, there’s no central directory to find you, which is good depending on your use case, but the Jami guys are right to say that makes it virtually impossible for others to find you and establish a conversation unless you exchanged somehow your ID numbers, but that’s not actually finding, :)

That option is a one time choosing, when creating the account though.

It is open source, which is good, but ultimately it depends on the service provider as usual, what it logs and for how long. The good thing, is that by design there’s not much which can be collected.

But for a mechanism that is supposed p2p distributed, unified push, their proxy stuff (which also helps reduce battery usage), make the app not such p2p, but the gain in battery life might be your priority. DHT is as well a point of gathering several connections, and also to collect metadata, but to be honest, DHT is so good for this purpose, that I don’t complain.

The thing is that on the phone by default you don’t get a pure p2p experience, which is BTW really hard, as requiring both ends being present if pure p2p, and it’s really hard to actually contact the other end at any time. Although if wanted, jami can be configured as such, except by the DHT part I believe.

yes, but it’s mostly for open source apks, the beauty of apkupdater is that it allows installing/upgrading some apks from apkpure and other sources (it was true for apkmirror directing to the right place to download and install from the browser, but on apkmirror most apks now days don’t install/upgrade unless you install their own apkmirror app), avoiding google play and avoiding aurora store (which besides the issues with anonymous connections, it gets upgrades pretty late for some reason). That’s something I don’t see an alternative for. Yes, upkupdater also allowed to install/upgrade from github/gitlab/… but its major purpose to me, was to be able to install/upgrade some non open source stuff without the need to connect to google play, and using recognized and reputable mirrors like apkpure and when it was feasible apkmirror. For FLOSS I use f-droid (official repo, plus non official like “izzyondroid” and others). Unfortunately there are a few apps I’m forced to use, which are not open source…

First of all, it’s been a while since it’s no longer his code, and the contributions from whatever amount of people must be respected. That was used some time back as justification to never moving to GPL3 or latest.

Second, there’s now a huge foundation behind it. Although he has gating approval for whatever he wants, the money coming from big enterprises would cease. Remember now MS already claims it loves linux.

Third, although it’s pretty linked to second, the project is not an independent community project anymore. Even risc-v people took care not to create a so nation specific project (even though its origins are totally linked to the academy from a particular one), that it doesn’t matter which country imposes sanctions to others, no country can prevent another from using its open ISA to build their own stuff. Linux, and its linux foundation failed on this, and as it’s pretty dependent on the big tech and enterprise, now it has no options to be compliant. Which you could see recently from banning developers and the legal reasons involved (well done, as risc-v, that would have had minimal impact, or better yet, if a community project not linked to any country, then that would have gone differently).

All in all, linux’s success has lead it to be a non community driven, non independent project, and I would guess the enterprise and big tech, which is pretty reliant on linux now a days, wouldn’t let linux go away unless they already have an alternative.

Though never say never right? But my take on this is both, no single person owns linux, so no single person can take it away, and there’s too much reliance on it from big tech and enterprises as to let such important project, and key on their software supply chain (years back thinking on software supply chain was in no one’s mind) or so they say.

If ever getting to administrate non systemd boxes, and in need to deal with the system logging mechanism, then syslog-ng comes close to the most probable mechanism use. And no, non systemd gnu+linux distributions are not legacy, there are quite a few out there, just not the major or mainstream ones, like Artix, Void, Guix, and several others, not to count non gnu+linux OSs like BSDs…