kixik 1 week ago • 100%
OK, there's a codeberg comment someone else shared, and based on that there's another of such comments from another issue, which sort of indicates an attempt to get back / reset current behavior, but I'm not sure if that one worked or not given the comments from the one who posted it...
Yes, it seems a mess, :(
kixik 1 week ago • 100%
There's also this comment: https://codeberg.org/librewolf/issues/issues/2029#issuecomment-2281388
kixik 1 week ago • 100%
Sorry about that. I was not aware of other meanings. I'll try to remember to use the complete "software" word instead of its acronym I was used to since the 90s... Hopefully under the context what I wrote doesn't get misinterpreted. Thanks !
kixik 2 weeks ago • 100%
What was your setting that is getting overwritten? What I can see from librewolf settings are:
- network.dns.disablePrefetch
- network.dns.skipTRR-when-parental-control-enabled
- doh-rollout.provider-list
- network.trr.mode
- network.trr.uri
kixik 2 weeks ago • 100%
If talking about non proprietary kernels' drivers, such as linux, then again, profit is what regulates it. No wonder why now nvidia finally cares about linux, being the most used kernels behind the cloud, behind servers of whatever. Meaning, it's not profitable not to support linux now a days for Nvidia.
The other fundamental factor is lock-in, which is abused by some big corps, such as MS.
But the profit idea es even wrong, but it's what we have been educated with. For an OEM, providing FOSS drivers or FOSS FW doesn't mean to have less profit, but somehow it's interpreted as such. And there's also our culture, backed by corps again, that tends to make us believe that everything profitable enough has to be corporate secret, and if not, others would take advantage of you business. That way of thinking really prevents for more FOSS adoption at the OEMs level. I don't agree with it. It might be the presence or lack of some HW features might be inferred by the drivers/FW, but it doesn't mean your competitors will know how exactly you provide such feature, and even less how to make it with the performance you do. And usually once released, you really want to show off your features, your innovation and so on, not keep it secret. So in general, really see no issue for OEMs not to offer drivers and FW as FOSS, even as free/libre SW.
I can imagine OEMs offering FOSS drivers and FW, but that not being as convenient for the major players in the market, since that would risk their position in the market. Just a thought...
Remember the lock-in mechanisms by the corps that feel being threatened if open sourcing dirvers... Some of which no longer say it out loud, but still think GPLed licences are a cancer...
kixik 2 weeks ago • 100%
I'm not aware of any, do you mind sharing anyone, better if not requiring account?
BTW I can easily find blogs about p2p solutions for whatever, but not about p2p blogging solutions...
kixik 2 weeks ago • 100%
The issue with social networks is the account requirement. Even though decentralized, they still require servers with accounts. If you, to prevent not being able to access at some point included an email, and the server gets hacked, then there you go.
Perhaps is a mistake of mine, to think social networks are not anonymous enough. Maybe they are. But tracking mechanisms are so sophisticated now a days, than the need for an account make me think they won't ever be. That's why I excluded social networks. Perhaps it's the only option as of Today though.
kixik 2 weeks ago • 100%
I have never bought the idea that free/libre SW in general is just not as easy, including GNU+Linux. I'll leave out open source initially, and come back to it later, not because it doesn't experience the same, but because corporate wide it doesn't suffer the same fate. And linux itself is one of the most widely used kernel if not the most, it happens similarly to openssl, and so many other open source components. So I see no issue with linux adoption, I can't think of any kernel more adopted than linux...
To me what has really affected free/libre SW is the monopolistic abuse of the corporations, plus their ambitions, and how in Today's world, they have created the illusion that being a technologist is the same as being a technology consumer, which gets into the hearts of governments and education systems (more hurting, public education systems). Let me try some practical examples:
- Educations systems translate the need to educate students about technology into making them familiar with MS different SW, like the windows OS, MS outlook, MS office, MS project, MS visio. Even on the higher levels of education, colleges and universities prefer to use matlab over octave for example, even for just matrix operations scripting. Office covers spread sheets BTW, so people specialized on accounting know excel, but no other spread sheet.
- On public education systems, where one would be inclined to think it might get more interest on developing the expertise to not depend on proprietary SW only, it's where corporate reach deeper offering "cheap" educational licences.
- From the prior two keep in mind that educational licenses from proprietary SW usually means future professional and people depending on proprietary SW in general. They are meant not to educate, but rather generate the future dependent population.
- Governments, whether local or nation wide, instead of adhering to open standards, for any kind of form submission, and even further to adhere to use of free and open source SW, to build the technical and competency expertise required to have a criteria about different technologies, about SW, infrastructure, DBs, and so, they prefer to require citizens to use non free or open source SW to create required forms, and prefer to pay for SW solutions which totally lock in the entire solution, usually coming from big corps, or other companies actually making use of SW and technologies coming from big corps.
- In their effort to discredit free/libre SW, the idea that the fundamental principles behind free/libre SW hurt the SW industry, or that are irrelevant to Today's world or even worse than that, there were claims that the GPLed kernel was a great threat and GPLed SW a cancer. Now that open source usage has totally overcome free/libre SW, there are no such claims, but the damage is done. There's nothing wrong with people wanting some compensation from corps, when developing SW, and thus not using free/libre licenses like GPL-3+ or AGPL, but in the end that eventually might hurt the users rights protected by such licenses, which such corps don't really care that much (their profit has higher priority for sure), and experience shows that just because SW is licensed open source doesn't guarantee any compensation for the development whatsoever, so if volunteering SW, doing so as open source is not even close to get every developer a decent income out of their contributions. Well, except for the big corps backed SW, linux included, but that's not the majority of open source SW.
- The discredit of free/libre SW, which allowed the eventual creation of open source, is such that the banning of individuals ends up being an attack to the organizations behind it and even their principles and motivation.
- Moving away from the free/libre SW observations, even now with open source, from the big corps, which barely compensate the open source developers, complain about the open source supply chain, campaigning against not well maintained SW and such, there's the famous image of a complex and heavy structure depending on a weak and deficient leg. Whatever truth around that figure, it of course hides the overall picture of the developer of such leg not ever being compensated (not to mention paid) for his library or SW component, and perhaps that's one of the reasons the project got even abandoned, but now it's easy to blame such situation when talking about FOSS in general.
Paid SW might be more intuitive to use at times, I can understand that. There are paid developers making the UIs more intuitive and attractive, in the end it needs to be bought or massively consumed to get earning through its use. But if you look deeper, perhaps it's not just that free/libre or open alternatives are non intuitive at all, perhaps people gets used to that UI when attending basic or high school, or college/university. Perhaps even when exposed to mobile devices even when they can barely walk. Everything else, different in nature, will look alien to the future "technologists"...
On a sad (lacking hope) note, I don't think there's any indicator of things changing. My only hope is changes in educational systems, which are nowhere happening, and not the parents, as mentioned they are already convinced that using google, ms, apple, oracle or whatever prepare their kids for the future and will make them the technologists of the future.
On a funny note, I would answer the motivating question with: Linux is so good that it's actually most probably the most used kernel world wide, :)
Hello ! I'm wondering if there's some blogging mechanism which would allow some sort of unique digital signature (PGP perhaps) to prevent personification, but which allows non traceable and fully anonymous author. Not looking for blockchain like stuff (apart from the layer Monero adds, blockchains are totally transparent, traceable and non anonymous). Not looking for bigotry, attacking people or anything like that. The idea is to be able to share ideas, even corporate related, without being afraid of retaliations whether at work, corporations or governments. Expressing something at pubic might bring unexpected consequences, particularly if not aligned by the corporation one works on if that's the case, or might provoke AI, bots, or paid/unpaid people looking around, to include anyone in a particular list, without even warning the writer about it. So I was looking if such thing is possible, and if it exists. Social networks of course wouldn't be an option, they're not anonymous, and at contrary can be used to cross-reference and trace people. If such solution doesn't exist, I'm wondering if something based on gnuNet might get close, although gnuNet is not meant to make users anonymous. Or perhaps something based on i2p. Of course the digital signature should be used exclusively for the blog posting, and can't be associated to any real email, host, or whatever... Feedback on the blog posts should also be allowed to anonymous people with their own unique digital signatures. But this is harder, since depending on the technology, not sure if moderation would be allowed, or even if it would make sense, in which case, no blog feedback should be allowed, though no feedback is really a down side for blog posts. Maybe allowing just the original post to remove feedback. Some other down side, but that's unavoidable, is the lack of non on thread feedback, meaning giving feedback through email or any other medium, since if that was available would make the writer non anonymous... If such thing is not available, and eventually based on something like gnuNet or i2p, most probably clients would be needed to write blogs but another one that would offer some sort of RSS/atom functionality for the blog to be accessible from current RSS/atom readers.
kixik 1 month ago • 100%
umap on french servers, and umap is between other things an API on top of open streetmap...
Is that correct?
kixik 1 month ago • 100%
I see your point, many thanks !
kixik 1 month ago • 100%
I see, thanks !
kixik 1 month ago • 100%
Well, there is something mentioned about latest version of omemo:
OMEMO doesn’t attempt to provide even the vaguest rationale for its design choices, and appears to approach cryptography protocol specification with a care-free attitude.
To put it mildly, this is the wrong way to approach cryptography
...
Because there is no rationale given for this sudden square-root reduction in security against existential forgery attacks, we kind of have to fill in the gaps and assume it was because of some kind of performance or bandwidth considerations.
But even that doesn’t really justify it, does it?
You’re only saving 16 bytes of bandwidth by truncating the MAC. Meanwhile, the actual ciphertext blobs are being encoded with base64, which adds 33% of overhead.
For any message larger than 48 bytes, this base64 encoding will dominate the bandwidth consumption more than using the full HMAC tag would.
...
Is truncating the HMAC tag to to 128 bits still secure? According to Signal, yes, it is. And I offer no disagreement to Signal’s assessment here.
The problem is, as I’ve said repeatedly, OMEMO’s specification makes no attempt to justify their design decisions.
Then on one of the comments, there's an interesting comment on something signal has mentioned it's working on quantum resistance, that it's no clear is something omemo will support, and even less when clients might adopt if eventually available:
Indeed quite often someone compares the two protocols and implies OMEMO is as mature as the current state of the art Signal protocol. Allow me to throw in the emerging post-quantum support that Signal is adding or already has in libsignal.
Somehow is implied on the comment that omemo is immature compared to libsignal...
At any rate, dino uses libsignal-protocol-c (on Artix/Arch 2.3.3), not libomemo, and conversations uses libaxolotle-java (according to the "about" section in the settings). So somehow using signal library underneath. Although I have no idea how up to date with regards to the signal library those might be (though the axolotl dependency on conversations allows to think it's outdated). And for conversations the author mentions:
To be clear: These aren’t separate dependencies that Conversations pulls in to implement plugin supports. They’re first-party cryptographic implementations all within this Android app’s codebase.
I guess by 1st party the author means like copy/paste the code (with local twists, which might be dangerous but perhaps necessary) to have a local version of the libraries. This sounds like a non version related criticism, but it's client related rather than protocol related, however the author mentions other clients are way worse, leaving no hope...
I don't see on dino an option to always use omemo BTW, not sure if dino just it implies omemo by default, but it doesn't have a way to force it. Perhaps a feature to ask dino developers...
At any rate, according the post there's little hope for xmpp + omemo. Which was actually something I was still hoping for, well, besides getting jami working at some point (but it has crypto issues on its own, including lack of auditing).
soatok.blog
This blog post, and some of its comments are pretty interesting and concerning at the same time. Not really sure if in the end that means that nothing other than centralized controlled messaging can be as cryptography safe. Any comments?
kixik 2 months ago • 100%
betterbird tray solution doesn't work on wayland, given a bug on common code (affects both, Firefox, Thunderbird and derivatives). Just in case that's one of the motivations of using betterbird. That by the way was the only feature that really made me look at betterbird, and as it didn't work, I went back to TB. And if you're wondering, birdtray doesn't work on wayland, 😑.
kixik 2 months ago • 50%
Thunderbird is working on enabling exchange, and meanwhile you can combine it with TBSync plus its provider for exchange AcriveSync extensions. And given TB hadn't care so far about tray, to at least avoid TB dying by mistake, you can also add Minimize on Close extension. Mail would still be IMap, so it'll work as long as the outlook provider enables IMap support, but for the company I work it's enabled. But such support is coming up on TB. Not sure if its solution would be 100% open source, but I hope it is, otherwise, I'm not sure if everyone will want to have a blob proprietary binary inside TB...
kixik 2 months ago • 100%
Fortunately there's still Artix GNU+Linux :)
kixik 3 months ago • 100%
There are several patches under its patches source directory, and there are different sort of packages, one example is the sed patch to avoid including pocket in the build. The DRM widevine is not included either on the build, though it can be installed if you want it installed (probably there's a patch for that somewhere).
But I no longer see removing binary blobs being advertised by Librewolf, it's been a while since I don't check on their site...
kixik 3 months ago • 100%
Not true, FF comes with few binary blobs which are removed from Librewolf. Also there are some things disabled entirely at build time, so they are removed from being an option. So it's not just the settings, and it's not plain re-branding. Some distros has gotten it wrong, believing that it's just a matter of settings, but at least on the case of Librewolf and the Tor browser that's not the case.
That hey depend on FF continuous development to exist is true, that doesn't mean they just rebrand.
kixik 3 months ago • 100%
Yes SMGL is still active. You can try joining one of their channels. There are still people looking for source based distros, not sure while Gentoo is the only thing that pops up for them. I used it for some time, and it's fantastic. Sadly having to build stuff takes too much time, particularly on old, and not performance oriented HW. They had support for binaries, and actually include a binaries grimoire, so you could install binaries that used to take too much time, like Firefox for example. Still it takes too much to keep a source based distro. And if you go all the way, then when changing parts of the building toolchain, like gcc, the recommendation was to build everything so that everything would be built with the more up to date toolchain, that was cool, since SMGL has tools for it, but those fancy stuff take as well a lot of time. There I learned 1st about ccache, hahaha.
Sooo fun, :)
kixik 3 months ago • 100%
DeGoogle Yourself
I deleted my Google account…
kixik 4 months ago • 100%
why toxic? Or better yet, define toxic.
DeGoogle Yourself
I deleted my Google account…
kixik 4 months ago • 100%
mozilla private derivatives such as librewolf on the desktop and mull on android I just fine. So FF keeps being relevant as not being a derivative from chromium/chrome, it can remain apart from google disabling adds removing extensions.
So yes, FF is food to thrive, and so its derivatives will...
kixik 4 months ago • 100%
I has improved quite a bit. The phone app still requires navigating over its settings to get less battery consumption, and having ntfy or any other unifiedPush notification provider available in the phone. But with the default configs, you get Jami working at least. I tried it before, and I found before synchronization between devices was a mess. Currently it just works. I still find it hard on immediate/urgent calls or messages, which might not happen when you expect, but other than that it's working.
On the desktop, the default configs are pretty sane.
And the best part, it's being actively developed. And the UI is undergoing through lots of improvements. So if usability is your concern, it's getting better, and each release improves over the prior one...
kixik 4 months ago • 100%
The audit is true, but at least Jami didn't make up its own crypto lib, it uses standard already in use crypto stuff. To there's a huge difference there.
BTW, they are actually re-writing stuff... But yes, they need more recent audits...
kixik 4 months ago • 100%
Have you read it's github front page?
This is an experimental cryptographic network library. It has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis. Use this library at your own risk.
BTW, if you look at its issues (including closed ones, which most probably aren't really closed) you'll find pretty interesting discussions about its crypto not being right. That said, I'm not sure what irungentoo brings to the picture...
At any rate, if you're looking for distributed messaging, I'd look into Jami. It also uses DHT and something similar to torrents mechanism. Jami is my only option so far for distributed messaging. There's also Briar, but I don't like it for regular messaging, particularly on phones (too much battery usage), neither its underlying technology, but if it's to your liking, then that's another option for distributing messaging.
kixik 4 months ago • 100%
pending for subscription, we'll see, and while pending, still not syncing properly...
lemmy.ml
Hello, !xmpp@lemmy.ml was locked by my mods, and continued on !xmpp@slrpnk.net which is entirely fine given federation, so I guessed I could follow it on the lemmy sort of synced space/community, !xmpp@slrpnk.net, where I can post to the slrpnk community without having an account there. But for some reason recent posts on [slrpnk real xmpp community](https://slrpnk.net/c/xmpp) are not showing on !xmpp@slrpnk.net, like if they're not syncing anymore. Any way to remediate it?
Linuxkixik 4 months ago • 100%
What is implied with alacritty not being customizable, what is then .config/alacritty/alacritty.toml meant for? That said, I'd argue kitty has hard coded what fonts can be used with it, though some might think this is good, but in my mind it's a limitation.
At any rate, this is a matter of taste. I use alacritty with screen. Some might argue kitty is better because of tabs supports, and if that's a thing for them, then that's fine...
At any rate, again, terminal emulators are a matter of taste...
kixik 4 months ago • 100%
Because I have no clue what's going on... I'm assuming you guys know better.
And no, they don't seem to be old... There's a recent post about dino I don't see, I don't see either a post about some messages not decrypted, another about dergchart, and finally another one about gajim...
If there's nothing to comment here, that's fine... I was just wondering.
Hi ! As I have account on lemmy.ml, I look into the lemmy community created on slrpnk.net through the federated [lemmy community](https://lemmy.ml/c/xmpp@slrpnk.net), but its contents don't match the ones on the original [slrpnk community](https://slrpnk.net/c/xmpp). There are some messages missing. Not sure if this is something someone would care, but I was planning to look at the contents through the lemmy instance, where I do have my account... Greetings !
kixik 4 months ago • 100%
You might want to set both configs off. Not just one, although one seems off by default, but better make sure both get off in librewolf.cfg...
kixik 4 months ago • 100%
IT might be, but librelinux for example really removes all binary blobs, although there's some tooling around doing that, so new cases might be missed without human inspection, but they are careful about binary blobs... So from the whole spectrum of open source stuff, if you care about binary blobs, chances are better on the libre/free SW side.
kixik 4 months ago • 100%
Well this one is not false, :(
browser.search.serpEventTelemetry.enabled
Though this one is:
browser.search.serpEventTelemetryCategorization.enabled
So it seems not quite fully disabled... But telemetry is supposed to be off on librewolf...
blog.mozilla.org
I believe the settings to disable this on Librewolf are set by default...
kixik 4 months ago • 78%
Probably Guix, and GNU endorsed distributions. Binary blobs are not allowed on free/libre distributions, or not on their official repos. That said, most gnu + linux distributions don't care about those. Most will take care, if they get to realize it, about distribution licenses, so if something has some sort of legal issue to be distributed, that will get purged from its repos most probably...
kixik 4 months ago • 100%
BTW, moved to iosevka myself, now my current preferred font for both, the console, and fixed fonts...
Many thanks for the suggestion @toastal@lemmy.ml
kixik 4 months ago • 100%
I'm not systemd user, and I generally see this absorbing as much as possible as a terrible practice. I don't usually comment on systemd stuff, since I'm happy just not being forced to use it.
However, even though I don't use it, the decision of people managing systemd really affects non systemd users. See by succeeding in getting all major distros into become systemd distros (somehow now governed by RH, if anyone cares), everything systemd absorbs tend to leave alternatives sooner or later deprecated, or abandoned.
Even autofs is no longer part of some official repos, given systemd has its own auto mount/unmount functionality... And there are several other examples...
At any rate, hopefully the more bloated systemd, doesn't make it the more vulnerable. And also hopefully, doesn't make life worse and worse to non systemd distros and users...
BTW, before sudo there was su, so a life without sudo is possible, :)
Hey ! On LOS 21, the app DeviceLockController is there, but it can't be stopped neither disable, at least from my side. There's another one I don't trust, Android System Intelligence, but I could stop it and disable it. Those two apps really are scary to be part of LOS. Is anyone aware of bugs on LOS about getting rid of them? How about DeviceLockController? A reasonable way to disable it without risking too much bricking the phone in the process? Thanks !
`xz-5.6.1-2` from Artix system repo is already available. Artix corresponding news: [The xz package has been backdoored](https://artixlinux.org/news.php#The_xz_package_has_been_backdoored)
I'm not self hosting, so I'm depending on what the server admin enables, and the policies they establish. That said, the server fully supports [xep-0313](https://xmpp.org/extensions/xep-0313.html), which perhaps among other things control messages being kept on the server precisely for the purpose of sending them to all registered devices, thus allowing the sync. But perhaps there's a policy in place removing the messages from the server as soon as some device has gotten it, leaving only online devices with the ability to grab them. I don't know if that's possible... I experimented getting a device offline for a couple of minutes, and then exchanged messages with another account, and also to my same account. Then eventually I got the device offline, and none of the messages, not even the ones sent to myself, were ever synced on the device just coming online... This is really sad, since that's precisely one of the benefits of having servers over peer to peer solutions, it's easier to sync devices through the server. Might this be some sort of policy to keep disk usage on the server low? I might need to explore some other server if that's the case... Thanks ! Edit: Communicated with the admin, and they mentioned this was unexpected.
Just wondering, as the reasons to move here are gone, can the community go back to lemmy.ml? There are quite some posts over lemmy.ml, so going back there would be useful I believe, and also moving the few posts here over there would be just great (perhaps not the comments)... Just an honest question, not to provoke flame wars or anything like it... Greetings !
cross-posted from: https://lemmy.ml/post/12692350 > Anyone aware of a conversations fork with support for unified push notifications? Or a similar xmpp android app with omemo (just the same as conversations' support) and unified push notifications support, available through the official f-droid repor or a f-droid repo if not available from the official ones? > > BTW, I noticed [!xmpp@lemmy.ml](https://lemmy.ml/c/xmpp) community was locked. Any particular reason for that? Also, Converstions requests to set unrestricted use of battery, to use battery under background without restrictions. So it seems unified push notifications would help, though this [github issue](https://github.com/iNPUTmice/Conversations/issues/4014#issuecomment-783151358) sort of indicates unified push notifications wouldn't help, so it just tells me there's no intention to include support for it on Conversations, but not that it wouldn't help save battery.
Anyone aware of a conversations fork with support for unified push notifications? Or a similar xmpp android app with omemo (just the same as conversations' support) and unified push notifications support, available through the official f-droid repor or a f-droid repo if not available from the official ones? BTW, I noticed [!xmpp@lemmy.ml](https://lemmy.ml/c/xmpp) community was locked. Any particular reason for that? Also, Converstions requests to set unrestricted use of battery, to use battery under background without restrictions. So it seems unified push notifications would help, though this [github issue](https://github.com/iNPUTmice/Conversations/issues/4014#issuecomment-783151358) sort of indicates unified push notifications wouldn't help, so it just tells me there's no intention to include support for it on Conversations, but not that it wouldn't help save battery.
https://disroot.org provides several decentralized federated services, as email and xmpp, besides other cloud services as well... But not sure if asking here is right or not, but don't know anywhere to ask either... Is it having a license issue, does anyone know about it? Any status updates? ``` Websites prove their identity via certificates. LibreWolf does not trust this site because it uses a certificate that is not valid for disroot.org. The certificate is only valid for p1lg502277.dc01.its.hpecorp.net. Error code: SSL_ERROR_BAD_CERT_DOMAIN ``` But also: ``` disroot.org has a security policy called HTTP Strict Transport Security (HSTS), which means that LibreWolf can only connect to it securely. You can’t add an exception to visit this site. The issue is most likely with the website, and there is nothing you can do to resolve it. You can notify the website’s administrator about the problem. ``` I also tested with ungoogled chromium and pretty similar thing... Anyonea aware, and also about disroot saying on this? Edit (sort of understood already, no issue with disroot at all): The issue only shows up under the office VPN. It seems like disroot is not recognizing the office's cert... Edit: Solved. Yes it's the office replacing the original cert with its own, as someone suggested. Thanks to all.
Anyone aware of a testing framework hopefully integrating well, and abstracting the [shuttle](https://docs.rs/shuttle/latest/shuttle) testing functionality? BTW I found [rtest](https://docs.rs/rstest/latest/rstest), but it doesn't in particular abstracts shuttle at all, it's a fixtures generic framework. Planning to use shuttle to do MT testing targeting C binded code, and looking for a way to abstract as much as possible the shuttle scheduler trait and such... Thanks !
blog.system76.com
blog.system76.com
cross-posted from: https://discuss.tchncs.de/post/6777822 > *Notable changes*: > - Tracking improvements. For example, if you use the launcher to launch an application and then switch workspaces, it will still launch in the workspace you opened it from; > - Supported the ext-session-lock protocol, which authenticates the user and informs the compositor when the session should be unlocked > - XDG activation and DBus activation support > - work on HDR > - Ongoing work to package COSMIC on NixOS: [tracking issue](https://github.com/NixOS/nixpkgs/issues/259641)
blog.system76.com
cross-posted from: https://lemmy.ml/post/11708298 > Hello ! > > As Mint is based on Ubuntu, I’m wondering if it will follow the missteps (to me at least) Ubuntu is doing to demote *.deb packages in favor of snaps? > > Well that based on [Ubuntu 23.10’s New Software App Will Demote DEBs (Apparently)](https://www.omgubuntu.co.uk/2023/07/ubuntu-23-10-new-app-store-deb-support) post, and its [lemmy.ml discussion](https://lemmy.ml/post/1845074). > > From all ubuntu based distros, Mint seems not to follow those missteps, but I'm wondering if Rhino will do the same. Actually I don't like Rhino created a wrapper package manager which actually gets snap support as well as apt on the same bucket. But who knows, it might be they won't follow ubuntu on this. > > Does anyone know? > > My interest on Rhino comes from it being rolling release. But I don't want snap to become the source of common/important packages. > > Thanks !
Hello ! As Mint is based on Ubuntu, I’m wondering if it will follow the missteps (to me at least) Ubuntu is doing to demote *.deb packages in favor of snaps? Well that based on [Ubuntu 23.10’s New Software App Will Demote DEBs (Apparently)](https://www.omgubuntu.co.uk/2023/07/ubuntu-23-10-new-app-store-deb-support) post, and its [lemmy.ml discussion](https://lemmy.ml/post/1845074). From all ubuntu based distros, Mint seems not to follow those missteps, but I'm wondering if Rhino will do the same. Actually I don't like Rhino created a wrapper package manager which actually gets snap support as well as apt on the same bucket. But who knows, it might be they won't follow ubuntu on this. Does anyone know? My interest on Rhino comes from it being rolling release. But I don't want snap to become the source of common/important packages. Thanks !
AFAIK waybar doesn't offer quick launch buttons, but it does offer custom modules, which one can use to mimic such buttons. I'm using custom modules in a pretty simple way, for example for librewolf (I didn't find an awesome icon font for it, so using the FF one): ``` "custom/librewolf": { "format": "", "interval": "once", "on-click": "librewolf", }, ``` I have some other ones for other applications. I do use keybindings as well, and I can use wofi to search for the applications, but none of them are really alternatives for other users. It does work ! However I was looking for a very simple way to add what official modules, like a "tooltip-format" which is part of the official modules. Not sure why on earth it's not part of the custom modules. So for example, I'd look for something similar to: ``` "custom/librewolf": { "format": "", "tooltip-format" "Librewolf Browser" "interval": "once", "on-click": "librewolf", }, ``` So that if someone doesn't recognize the awesome font icon, one could just find out by the tip shown when getting the mouse on top of the button. As this is not supported. Is there any simple way to do that? Hopefully not requiring to add several scripts just for this. Something that might be part of such snippet, and pretty simple would be great, 🙂 Please let me know of suggestions. Thanks !
Old post but better have it in this community
Old post, but better have it in this community
Although the artix [dinit official support](https://artixlinux.org/news.php#Support_for_dinit_system_is_now_official) announcement was done like 2 years back, only now I tested it, since I felt comfortable with s6. I have to say I really like it so far, :)
I just noticed there's an app installed on a recently acquired pixel 4a 5g, "android system intelligence", which I never found installed on other phones like moto or xiaomi ones. It also had by default a bunch of permissions granted, which I removes, and only left it with notifications. Is this a system app I should leave working with more permissions? Should I disable it instead (if possible, I didn't try)? Is it required for an android system proper functionality? Is it bad to remove all permissions except by the notifications one? Does this damage functionality? I'm just suspecting about an "android intelligence" thing. What have others done about it?
Hi ! I recently got a pixel 4a 5g (bramble), and when [installing](https://wiki.lineageos.org/devices/bramble/install), I noticed there's a difference with respect other phones I've installed lineageos on, like [motorola](https://wiki.lineageos.org/devices/kiev/install/variant2), xiomi redmi 4x (discontinued) and others. On this pixel, and probably others, one needs to flash a boot.img, a dtbo.img and a vendor_boot.img, before sideloading lineageos. The vendor_boot.img is supposed to be the equivalent to the recovery.img. On other phones there's only a recovery.img to flash, prior to sideloading lineageos. Now, on this pixel majore version [upgrades](https://wiki.lineageos.org/devices/bramble/upgrade) I see documented only the sideload of lineageos. For other phones I usually upgrade both, the recovery.img and then sideload the new major version of lineage. So not sure if I should then should flash all images, boot, dtbo and vendor_boot, when upgrading on major versions. I guess I could, but I'm wondering. Moreover, even on same major OTA upgrades, I'm wondering what gets upgraded, if I have selected OTA upgrades to also upgrade recovery image, would it just upgrade the vendor_boot one, or would it flash all other images? It's just that it involves flashing several other images, not matching the ones for other phones, :) Thanks !
I noticed on [4.16 release notes](https://doc.coreboot.org/releases/coreboot-4.16-relnotes.html) Intel Alderlake-N RVP was added as a new supported board. I don't know if that means Intel Alderlake N100 and other "N*" like N200 intel processors are also supported or only a particular one. If N100 would be included into the processors supported, is ME disabling supported, or at least mitigating its privacy risks supported? On the same release notes, as part of the significant changes, it's mentioned ME is now disabled from skylake to alderlake. So I'm hoping disabling ME on alderlake n100 is actually possible. I don't know if more boards besides the RVP one (which I don't know which one it is) can be supported. I acquired a Trycoo WI-6 Mini PC [2] with tho hope I could use coreboot on it and more importantly, disable ME on its intel processor. Information of the device, in case useful: > % sudo dmidecode --type 2,4 > # dmidecode 3.5 > Getting SMBIOS data from sysfs. > SMBIOS 3.5.0 present. > > Handle 0x0002, DMI type 2, 15 bytes > Base Board Information > Manufacturer: PELADN > Product Name: WI-6 > Version: To be filled by O.E.M. > Serial Number: To be filled by O.E.M. > Asset Tag: To be filled by O.E.M. > Features: > Board is a hosting board > Board is replaceable > Location In Chassis: To be filled by O.E.M. > Chassis Handle: 0x0003 > Type: Motherboard > Contained Object Handles: 0 > > Handle 0x004A, DMI type 4, 48 bytes > Processor Information > Socket Designation: U3E1 > Type: Central Processor > Family: Other > Manufacturer: Intel(R) Corporation > ID: E0 06 0B 00 FF FB EB BF > Version: Intel(R) N100 > Voltage: 1.0 V > External Clock: 100 MHz > Max Speed: 3400 MHz > Current Speed: 2871 MHz > Status: Populated, Enabled > Upgrade: Other > L1 Cache Handle: 0x0047 > L2 Cache Handle: 0x0048 > L3 Cache Handle: 0x0049 > Serial Number: To Be Filled By O.E.M. > Asset Tag: To Be Filled By O.E.M. > Part Number: To Be Filled By O.E.M. > Core Count: 4 > Core Enabled: 4 > Thread Count: 4 > Characteristics: > 64-bit capable > Multi-Core > Execute Protection > Enhanced Virtualization > Power/Performance Control > % cat /sys/devices/virtual/dmi/id/board_{vendor,name,version} > PELADN > WI-6 > To be filled by O.E.M. > % sudo lshw > > description: Desktop Computer > product: To be filled by O.E.M. (To be filled by O.E.M.) > vendor: To be filled by O.E.M. > version: To be filled by O.E.M. > serial: To be filled by O.E.M. > width: 64 bits > capabilities: smbios-3.5.0 dmi-3.5.0 smp vsyscall32 > configuration: boot=normal chassis=desktop family=To be filled by O.E.M. sku=To be filled by O.E.M. uuid=03000200-0400-0500-0006-000700080009 > *-core > description: Motherboard > product: WI-6 > vendor: PELADN > physical id: 0 > version: To be filled by O.E.M. > serial: To be filled by O.E.M. > slot: To be filled by O.E.M. > *-firmware > description: BIOS > vendor: American Megatrends International, LLC. > physical id: 0 > version: PL-BIOS-M8-AN-H03R100A-A00A-108-A > date: 08/02/2023 > size: 64KiB > capacity: 16MiB > capabilities: pci upgrade shadowing cdboot bootselect socketedrom edd int13floppynec int13floppytoshiba int13floppy360 int13floppy1200 int13floppy720 int13floppy2880 int5printscreen int14serial int17printer int10video acpi usb biosbootspecification uefi > ... > *-cpu > description: CPU > product: Intel(R) N100 > vendor: Intel Corp. > physical id: 4a > bus info: cpu@0 > version: 6.190.0 > serial: To Be Filled By O.E.M. > slot: U3E1 > size: 3383MHz > capacity: 3400MHz > width: 64 bits > clock: 100MHz > capabilities: lm fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp x86-64 constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf tsc_known_freq pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr pdcm sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb cat_l2 cdp_l2 ssbd ibrs ibpb stibp ibrs_enhanced tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid rdt_a rdseed adx smap clflushopt clwb intel_pt sha_ni xsaveopt xsavec xgetbv1 xsaves split_lock_detect user_shstk avx_vnni dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp hwp_pkg_req vnmi umip pku ospke waitpkg gfni vaes vpclmulqdq rdpid movdiri movdir64b fsrm md_clear serialize arch_lbr ibt flush_l1d arch_capabilities cpufreq > configuration: cores=4 enabledcores=4 microcode=18 threads=4 > ... > *-display > description: VGA compatible controller > product: Alder Lake-N [UHD Graphics] > vendor: Intel Corporation > physical id: 2 > bus info: pci@0000:00:02.0 > logical name: /dev/fb0 > version: 00 > width: 64 bits > clock: 33MHz > capabilities: pciexpress msi pm vga_controller bus_master cap_list rom fb > configuration: depth=32 driver=i915 latency=0 mode=1366x768 resolution=1366,768 visual=truecolor xres=1366 yres=768 > resources: iomemory:600-5ff iomemory:400-3ff irq:125 memory:6000000000-6000ffffff memory:4000000000-400fffffff ioport:4000(size=64) memory:c0000-dffff memory:4010000000-4016ffffff memory:4020000000-40ffffffff Some information, as you can see, is not provided by the OEM. But as Intel Alderlake-N RVP was added as a new supported board some releases back, I'm hoping that means this board can be flashed with coreboot and more importantly ME can be somehow disabled for it. Does anybody know, and if so what does it need to be done? Are there some instructions? Thanks !
nvidianews.nvidia.com
I started some time ago using a teddit frontend with local subscriptions, and at some point it was hard for the one I picked to keep up, then I moved to libreddit, at that time libredd.it, then it stopped working and moved to libreddit.spike.codes, but it seems it stopped working as well, and finally I moved to libreddit .mha.fi, but some time back there was too much rate limiting, making it unusable, and since yesterday it seems totally down, giving the error "502 Bad Gateway". I also have the libRedirect extension on Librewolf configure to choose among several libreddit instances (so when searching for something any is picked), and most of them seem out of service, or being rate limited as well. So, are frontends for reddit finally coming to an end? Edit: Indeed, it seems at least non self-hosted front-end instances are way rate limited or down
newatlas.com
[r/science](https://libreddit.mha.fi/r/science/comments/17lake0/scientists_made_the_discovery_that_light_alone)
thenewstack.io
[r/cpp](https://libreddit.mha.fi/r/cpp/comments/17kgio4/bjarne_stroustrups_plan_for_bringing_safety_to_c)
news.mit.edu
[r/EverythingScience](https://libreddit.mha.fi/r/EverythingScience/comments/17j10fp/desalination_system_could_produce_freshwater_that)
sfist.com
[r/technology](https://libreddit.mha.fi/r/technology/comments/17jde8a/tech_office_shuts_down_its_free_cocktail_bar_for)
phys.org
cross-posted from: https://lemmy.ml/post/7032271 > [r/Futurology](https://libreddit.mha.fi/r/Futurology/comments/17g6xc5/scientist_after_decades_of_study_concludes_we)
phys.org
[r/Futurology](https://libreddit.mha.fi/r/Futurology/comments/17g6xc5/scientist_after_decades_of_study_concludes_we)
leaddev.com
[r/programming](https://libreddit.mha.fi/r/programming/comments/17f96il/what_mckinsey_got_wrong_about_developer)
www.windowscentral.com
[r/gadgets](https://libreddit.mha.fi/r/gadgets/comments/17flz9q/qualcomms_snapdragon_x_elite_can_beat_apples_m2) [r/hardware](https://libreddit.mha.fi/r/hardware/comments/17fl9qh/qualcomms_snapdragon_x_elite_can_beat_apples_m2)
Any thought on DOH, which is the base for this ECH? I remember in the end cloudfare and some others, providing the service to services, were the ones gathering the information instead of the ISPs... Librewolf still has DOH disabled by default, and although it can be easily change, perhaps that default is overall the sounder way. Do Librewolf guys have different thoughts on DOH now, specially with the possibilities of ECH?
blog.mozilla.org
[r/privacy](https://libreddit.mha.fi/r/privacy/comments/16zf8ov/say_an_encrypted_hello_to_a_more_private_internet)
soatok.blog
[on r/programming](https://libreddit.mha.fi/r/programming/comments/16y1ie7/return_to_office_is_bullshit_and_everyone_knows_it)
