My point is that I will “never” learn a particular distro. And I very much argue there is no point. If you focus on learning all the quirks of Linux Mint then you are screwed if the team behind Mint make choices you disagree with. And if that sounds impossible because Linux is open source and people will just fork it and blah blah blah: Canonical. Or even the shitshow that is Centos/Rocky and RHEL.
I’ve worked with people who insist they are an expert server admin. And, when push comes to shove, they lose their mind over the idea of not running Debian Server or RHEL. That means they are who we call if we have an issue with one of those specific distros but they are pretty much worthless in day to day because they don’t really learn how to debug or “learn” and instead just memorized all the quirks that one team have turned into Features.
I guess it depends on how you define “learn Linux”. I “distro hop” repeatedly every day since we use a mix of ubuntu and rhel “at work” and I use a mix of debian and fedora “at home”. Except for that one vendor’s server that runs (REDACTED).
And the vast majority is the same regardless of distro. Sure I might never be able to remember the package manager flags for each distro and need to figure out where config files are stored but all of that is a quick google away. Because I “learn(ed) Linux” in terms of how to read an error message and search for the appropriate terms. Similarly, some number of months back I ran into an issue with a game but was knowledgeable enough to realize it was a Wayland compatibility issue and did a mess of generating config files in x11 so that I could play the game “normally” after that.
But I guess I take issue with your depiction of this. Mostly? You found shortcomings in distros and picked what you like. Good. But you are more describing “learn openSUSE” or “learn Fedora” as opposed to “learn Linux”.
I generally don’t like atomic/immutable distros outside of an enterprise environment. Odds are you will never run into anything that will bother you… until you do.
Conceptually? I think they are The Future. But I still tend to encourage people to use a more “normal” distro to start with and then migrate if they find problems.
Linux Mint, Ubuntu, and (to a lesser extent) Fedora are basically THE best “desktop” distros. They support a range of desktop evnironments but are mostly built around “just working”. If you are coming from windows, you can’t really do wrong with KDE Plasma or (Linux Mint) Cinnamon as both of those are “more Windows than Windows” as they heavily crib from the vista/7 era. But even whatever the current default Ubuntu desktop environment is called at this point is fine.
So it mostly boils down to what GPU you have.
- AMD? Any of the above
- nVidia? Mint and Ubuntu make this trivial as they have a nice GUI method to turn on the proprietary (so “good”) nvidia drivers. Fedora involves a few terminal commands and seems a lot more prone to getting borked and needing to reinstall the drivers. But I run Fedora with nvidia and have zero concerns.
- Intel? May Erastil protect you.
Personally? I use Fedora with KDE Plasma for my desktop OS. While I am not huge on either, I vastly prefer flatpaks to snaps for app delivery. And I have a lot of concerns with how Canonical/Ubuntu is handling update cadences as a way to promote their enterprise OS.
But also? The beauty of Linux is that it is trivial to reformat. And the best thing you can do is just distro hop a bit for the first month or so. Install Mint. If you find something bothering you, look at what distro does that better and install that. New distro a piece of shit? Embrace Fedora. And so forth.
The reason so many of us get rather tribal about our distro or desktop environment is because we chose them. In the Windows space, you get cranky and hope Microsoft undo something you hate in the next five years (or you install sketchy third party plugins that never work). In the Linux space? You find out that a bunch of people also hate that clippy went away and built an entire distro around support for clippy like behavior. Or whatever.
If you put a bit of effort in you can even re-use your home directory and lose zero data. Although, personally, I have never had the patience for that. Games go on dedicated drives that migrate between installs. And personal documents get backed up to my NAS. So a reformat is just wiping the OS drive, installing the new distro, and then spending a minute or two to figure out what weird ass name an app I like is in the package manager.
Look up how hard it is for humans to remember long strings of numbers. That is WHY ICQ (and eventually phone numbers) were dropped almost immediately in favor of social media and the ability to exchange numbers just by tapping phones.
And in the time it would take to memorize a bar code (12-ish digits, depending on standard) you likely should be rotating that password anyway. And in the time it would take to memorize it you are also very blatantly reading off a sticky note as you “discretely” look at your notebook every time you want to access your password database in public. And if you aren’t in public? Why go through these extra steps when there are much better ways to secure this that are a lot more obvious if they are tampered with.
I get that a youtuber you like talked about this. Youtubers talk about a lot of stupid products in the interest of making Content. But maybe listen to the people who have experience with this kind of hardware and the kind of security theatre policies that make them “a good idea”.
No. That xkcd (not loading but I assume it is the password one?) is not relevant. Because you can’t make a meaningful and easy to remember mnemonic out of a numeric password. That is WHY a purely numeric password is bad for anything that needs security. They are great for 2fa but the unique key should still be the other device.
And all of your good codes are similarly easy to social engineer out, are screwed the moment it is compromised once, or are literally reading off a sticky note.
Which gets back to these kinds of devices largely being security theatre. Because there is no good use case for them that wouldn’t also involve encrypting the data/volume after you pin in. At which point… why waste money on something conspicuous with an easy to crack code?
Didn’t use ironkey specifically but you can totally boot from an apricorn. Basically involved plugging it in, rebooting the machine, and VERY rapidly entering the unlock code before the bios finishes starting up and gets to the “so which drives are bootable?” phase.
It was hellish but it was also corporate policy to not use any USB storage devices that did not have a keypad for encryption. And DVDs were strongly controlled by the IT department (who were about as stupid as you would expect to have signed off on a policy like that).
It still drastically narrows down the search space and makes social engineering a LOT easier.
Because you tend to have one of two sources for any password that people need to remember.
- Randomly generated with no rhyme or reason. And written down on a sticky note as a result
- Something with meaning to the user
And it is the latter where this becomes an issue. Because let’s say they are a 50 year old and 1, 4, 6, 7, and 9 are heavily worn. Well, they were born in the 70s so let’s verify exactly when. Hmm, May. No 5 means it probably isn’t their birthday. Wait… their partner was born on April 7th, 1976. No luck. Oh, but what if they were clever and it is actually 197647 instead of 471976? Boom, in.
What is your use case for this?
- Confidential files in a public setting? Don’t fucking bring confidential files to a public setting. But if you must, a big bulky laptop with (good) FDE is a lot more sequre than a flash drive someone can pickpocket.
- Border crossing? Guess what? You paint a MASSIVE red flag on your back and get to learn that you don’t actually have all that many rights in the time between stepping on foreign soil and being admitted by customs. Congrats, you gave them the wrong code three times and it got wiped. They are going to break your face and put you in a black site.
- Hiding sensitive/highly illegal content in the event of a police investigation: Yeah… if you are at the point where there is a warrant (or black van) out for your arrest than it really doesn’t matter if they can see whatever you were looking at last night.
At my old job we required these for “thumb drives” and all they ever did was make reformatting machines pure hell.
I am glad you had fun writing that blog post but, for any purpose that matters: Yes, it is possible. And we are already seeing the pathway to it
- Increasingly build a narrative that encrypted communication is for CSAM. The tor crowd are already doing a good job of providing fuel for this.
- Argue “terrorism” for the rest. “Fortunately” people have realized the mess in Israel/Palestine is a lot more complicated, but it is only a matter of time
- Strongly pressure/incentivize the major app/social media companies either disable it at the app level or maintain internal keys to decrypt messages (effectively disabling it)
End result? Only “tech savvy” people will know how to set up their own entirely parallel “internets” (similar to tor). And then the phone and OS app stores increasingly lock down on third party apps for “security”. Hell, I can even see a world where Redhat and Ubuntu strongly discourage these tools from being allowed in any official repositories because they want the government contracts for their premium OSes.
Will e2e truly be “banned”? No. But the only people doing it have insanely janky phones and linux.users with laptops. Which means it is nigh useless for the vast majority of whistleblowers and that “secretly being gay or a woman” becomes a huge mess where the vast majority of people will never understand how to protect themselves.
No. You came into a discussion of why it is important to support good news outlets with “Well, Philosophy 101 taught me that there is no such thing as an unbiased or good news outlet” and continue to not understand the difference between “8000 civillians have been killed in the retaliatory bombings over the past few weeks”, “8000 people died as a result of the Hamas terrorist attacks in the past few weeks”, and “The root cause of World War 2 is…”
It is an inherently bad faith argument coming from a position of ignorance, at best. So maybe I don’t know your background, but I very much can make informed decisions on what your expertise, or lack thereof, is and can see strong indications that you are doing your best to not scream “fake news, fake news”.
Again, you are comparing a historical discussion to reporting on current events. They are very different situations with different expectations.
I get that you are happy that you learned something interesting in philosophy class. And that is a very important thing to understand. I love discussing the nuances of history and the motivation behind different wars (and understanding those would help a lot with current conflicts…). But it has very little to do with the nightly news or being aware of current events.
It isn’t a “critical discussion”. It starts from a fallacy (if perfection can’t be reached, why bother?) and continues to completely misrepresent the purpose of news media.
Because going back to your “When did World War 2 start?” non sequitor:
The nightly news has little to no reason to even have a stance on that. In fact, if Anderson Cooper were to get on screen and say “World War 3 started today”, it would be immediately followed with “The fuck? Okay, Fred is drunk again and I need a new script… sorry for cursing, I hope we bleeped that.”.
What the news WOULD report on is “Israel has begun a bombardment of Palestine in retaliation for a string of terrorist attacks”. A GOOD outlet would then say “This is one of many flash points in a decades long conflict going back to the foundation of Israel in the late 1940s”, an explanation of the open air prison that is Gaza, and possibly a deeper piece on the ongoing terror attacks from both sides.
As for a longer form documentary or article: Again, what matters is “fair” comparisons.
- If an article is insisting that the evil Americans bombed Japan to oblivion because they were bored: I would think less of them because that is not what happened. And likely make a note to never watch that outlet again.
- If an article pushes the argument that the bombings of Hiroshima and Nagasaki were primarily posturing and a threat to Russia: I would still be a bit disappointed, but that is a commonly held theory with a lot of supporting evidence. The main thing that it ignores is what Imperial Japan was doing to Asia and what they were trying to do to Hawaii.
- Similarly, if an article argues that Imperial Japan were pure evil (they were) and that the nukes were justified: I would still give a LOT of side eye because that is likely propaganda.
- But if the article discussed the context of the Japanese atrocities, the struggle for every inch of land on previous islands, and the political statement of being the first to use these new horrifying weapons: That is a good article. I don’t even necessarily care whether they have an opinion of “good” or “bad” or “It is not our place to have one”. The key is they provided information so that others can better understand what came before.
Nah. I think they just assumed more people remembered the ad campaign by (if memory serves) The New York Times where they more or less showed every step used to investigate and verify a story before reporting. Also, I would be amazed if that was actually the NYT’s campaign which… probably sums things up.
Before they were mismanaged to the shadow realm, Vice was similar. The idea that they very much were “good news” and ACTUAL freedom of speech/the press in contrast to “I want to say all the slurs”
If we are playing “who got here ‘first’ 50 years ago” then I think we all best get to stepping so that the US Military has all the pipes.
Like I said: Look in to fine grain blocklists. Block ALL the tracking cookies because fuck that shit (and if you think ticking “don’t give me curated ads” does anything…). But consider permitlisting the better ad sources so that the internet isn’t completely run by profitable hate groups… like we see happening.
Bias will always exist. That is a given
But many outlets have learned to make clear demarcations between editorial and reporting. It isn’t always obvious if you aren’t looking at it, but it is the idea that actual data is reported “honestly”.
For example: Take a look at how most outlets report on the Israel/Palestine war. Some will list IDF casualties for Israel and civillian casualties for Palestine which introduces immense bias (I want to say Al Jazeera does this?). Others will use verbiage like “N Israeli citizens were killed. N*100 Palestinian civilians died” which introduces bias on the other side. A good outlet will use the same verbiage and data for both sides.
And that is immensely useful. Because, again, to harp on that war: There is so much FUD out there that it is REALLY hard to know what is true or not. And sure, social media is a lost cause. But so are a LOT of news outlets and that is why the hospital bombing immediately entered “jet fuel can’t melt steel beams” territory.
And no, I am not going to list an “objective or unbiased” outlet. Because that never leads to a good discussion. It always results in “Yeah, well here is an example of them not being perfect. Checkmate” and, more importantly: People who understand the need to care about this should learn how to evaluate for themselves. Rather than rely on some rando on a message board to tell them how to think.
Its a bad marketing campaign because it is easily turned into threads like this. Also, I have no idea if USA Today is good or not (I genuinely have never even thought about it).
But it is worth understanding. News outlets need to get funding from somewhere. Some are state funded and I should not need to explain why that introduces biases. Others take massive sponsorship deals from companies and ensure that John Oliver will always have something to talk about. And others run ads to varying degrees of curation.
The last option is subscriptions and those are few and far between.
Its more or less the same thing we saw with ads in general over the 00s. More and more people learned how to block ads so more and more websites needed to add obnoxious flash based ads and insane uses of javascript and so forth to get any impressions. And fewer and fewer “good” companies wanted to advertise to adblock heavy audiences which led to more and more trojans and so forth. Which leads to more and more ad blockers and…
In the case of news media? We mostly see this manifest as less investigative journalism and more listicles and “clickbait” articles because those at least get the facebook crowd to click.
So it is very much worth looking in to more permissive blocklists and even permitlists. Block tracking cookies because fuck that shit. But permit sites that you “trust” to have reasonable ads and look in to finer grain blocklists that still allow the actual ads to be displayed, even if they aren’t the ones based on Amazon figuring out you have a foot fetish.
I can’t speak to their Password Management as I use Bitwarden for that
But I am slowly but surely migrating myself away from gmail to (my own email at my own domain routed to) Proton. The webmail is very much comparable to gmail and, if you communicate with like minded people, it has decent support for signing and even encrypting email both to other proton mail users as well as to complete randos with just a password that you can send later. My only real complaint is that (… for some really good reasons) there is no easy to use exchange server and I need to run their mail bridge to use a desktop client like Thunderbird to send and maanage and (one day) back up emails.
VPN? I switched over to this around the same time I decided I wanted to “take control” of my email and it works pretty well. Very easy to get some openvpn credentials that I can plug into whatever setup I want. And no extra fee for port forwarding unlike SOME providers. That said, my main complaint is that the port is semi-randomized which doesn’t play the nicest with my totally legit linux iso torrenting setup… But a quick
docker psanddocker logsand then updating the config is pretty trivial and I only have to do it maybe once a week?The big elephant in the room is that, as you rightfully understand, you are still putting a LOT of trust. But that is actually why I like Proton. Because other companies pretend they are going to knife fight the CIA and the US Government on your behalf all while actively not acknowledging anything until we get a post mortem. Proton are VERY open about just how far they are willing to go to protect you (not very) and what YOU can do to mean that Proton can’t provide much useful information once the appropriate paperwork and legal actions have been filed.
I wouldn’t trust a paid account with anything more sensitive than what really innovative stuff a friend did with a bun in the dumpster behind the Wendy’s the other night. But, hypothetically, if I needed to send an anonymous email? Third party VPN/Tor, clean hardware, and a free Protonmail account works great and I do trust Proton to give the absolute bare minimum in that case.
And just for a bit of context. My “grand plan” is to migrate the vast majority of my correspondence and accounts to email addresses tied to one or more of my own domains. Currently I plan to use Protonmail for the mail server because I don’t want that smoke. But the point is that I control the email address so I can get my Heat on and walk away in 30 seconds (actually more like a few hours but…).
Which is why the other aspect of that is that I want to back up the emails I actually want to save (rather than just EVERYTHING like those of us with older gmail accounts do) via a local client that I then archive to an encrypted volume on my NAS and (REDACTED) after that.