Where did you get this idea?

I didn’t knew about Microsoft taking over the fsf either, and I am getting concerned about the real freedom behind my beloved Linux.

I think you are confusing FSF with the Linux Foundation, and you can see MS as part of the platinum LF members. Was that it, or you really meant FSF?

Interesting.

Though there are misconceptions, like the andriod/aosp xmpp clients being pay-to-download model. They are on the official google playstore (google play), but they are FLOSS apps, and you can find them at no cost (of course one can contribute the developers or f-droid devs as well):

https://f-droid.org/en/packages/eu.siacs.conversations

https://f-droid.org/en/packages/de.monocles.chat

https://f-droid.org/en/packages/com.cheogram.android

https://f-droid.org/en/packages/org.snikket.android/

And some other ones. No matter the country, people would do themselves a favor if they start using f-droid, where there’s an infrastructure in place and build artifacts trying to detect and get rid of non FLOSS component, which in general are not good privacy wise.

I think I don’t get the snikket route, you don’t get both a client and a server at the same time, do you? Also, if you self-host your own server that’ll be better for you, snikket or not, I don’t see how that is related particularly with the snikket route.

And actually I wouldn’t recommend quicksy, why providing your phone number, and why looking for phone numbers xmpp addresses, I don’t thing that plays nice with privacy.

wow, I had no clue ! That might have been it. It’s weird, but they actually get something eventually, but very dated… I hope this works, I have already selected a couple of languages besides undetermined, which seems to be a must as well.

Thanks a lot !

If you have installed wlroots, that’s why. Wlroots has a hard dependency on libseatd, which is provided by seatd. Labwc also directly depends on it. Sway as well can use seatd as both documented by sway itself, and its arch wiki, but for some reason it doesn’t directly depend on it, though it depends on wlroots, :). This is not a problem on arch since the seatd service can co-exist with logind/systemd, and on arch you can use the seatd service combined with libseatd for software build on top of libseatd, and users on arch can then choose between seatd or policy kit on that software. On other non systemd distros like artix, the seatd daemon is in conflict with logind (on artix it’s extracted from systemd), precisely because you can get away without logind as long as you use acpid to provide some of the functionality logind also provides besides session administration. Not sure if besides wlroots on archthere’s additional software depending on seatd. Several wayland compositors are based on wlroots, which attempts to somehow offer a standard for compositor and applications developers.

So it might be xdg-desktop-portal behaves differently for sandboxed apps such as flatpak ones than regular apps, hmm. So I’d still like to know how required d-bus is…

Thanks a lot !

Ohh, good to know about multi language. I guess that would restrict what I read to only the languages I select (be more restrictive), whereas “undetermined” should allow me to see everything, or so I understood. BTW, I’m not blocking anything, since I haven’t found the need to do so, with that, I’d guess the more one blocks, the more restrictive one becomes, but that’s not my case. That’s why a was a bit surprised that my settings could be the cause for me to see less up to date stuff, :( In my mind, my settings are the least restrictive possible.

Have you explore hyprland, niri (scrollable, not dynamic, but it’s sort of dynamic then) or sway (static tiling though, but offering tabbed layout and dynamic stacking/floating, plus hugely customizable)? Did you discard them because not close enough to bspwm? Just curious, not to judge your decision or anything like that.

Being an artix user, are you using logind (the official default), or just seatd, or the new logind alternative turnstile (not supported by all init systems, looks like only dinit which I use and openrc, tough void has it working with runit I believe)? I’m wondering what’s really required on wayland. I like the approach of just seatd, but I don’t know what one would lose and what are the wins, but if not seat alone then turnstile which actually require seatd. Also I would like to drop calling d-bus, but I’m not sure if that would prevent the compositor to work, but further if screen sharing with webrtc, electron apps like slack or teams-for-linux would stop working. I guess not using d-bus would not affect mako. But any ways, I’m curious of what would be you choice for your wayland experience if/when you get into it. The official and default way is just logind plus d-bus plus polkit. For such sharing xdg-desktop-portal is required, which fundamentally seems to be plumbing of d-bus, but I’m not sure…

BTW, from the blog post referenced, dudemanguy is also the mpv developer, so that requires quite a lot of effort (mpv specially on the support side of things, besides the developing effort, particularly to support wayland, and mpv does for some time now) together with artix effort. I’m glad he’s back writing, :)

Hey, sorry to take adantage of your answer, perhaps you can help me out though.

Is dbus actually necessary for xdg-desktop-portal? I understand from this flatpak post that xdg-desktop-portal is actually a bunch of d-bus interconnections, which of course make d-bus fundamental for xdg-desktop-portal, but wanted to confirm. xdg-desktop-portal is a must on wayland if one wants to share screen through webrtc, or electron apps like slack or teams-for-linux (probably zoom which is Qt as well). But I’ve read some people (this for example) start sway from console without d-bus, without logind/systemd, just seatd on the background (wlroots and sway support seatd). So perhaps those people are not interested on sharing screen, I don’t know. Or perhaps such d-bus plumbing is only required for flatpaks apps, which are sandboxed, thus requiring all that interconnection to access resources and such, and then I’m not sure about a thing…

Thanks !

Hmm, ok, it should pretty vanila, meaning I have barely touched it… Here are some fields:

• Interface language: browser default
• Language: undetermined
• Theme: darkly (I chose it so long ago)
• Type: subscribed
• Show NSFW: true
• Blur NSFW content: true
• Auto expand media: false
• Show scores: false (just turned it on, though I have no idea what that is)
• Show upvotes: true
• Show downvotes: true
• Show upvote %: false (just urned it to true)
• Show avatars: true
• Bot account: false
• Show bot accounts: true
• Send notifications to email: false
• Open links in a new tab: false

I imagined if I had specified a language that would limit thinks, as warned by the setting itself, but I haven’t. BTW, we’re missing having the option to add as many languages as one might understand, that would make the field more useful. Limiting to just one language might make people never use it at all, :) But I can’t think of any of these settings preventing me seeing up to date federated communities…

Thanks again for answering !

BTW, just in case, not only the system configs are inmutable on Guix, the root/system directory is also read-only making it an inmutable distribution. So the argument that the Guix system is not inmutable is not correct. There are many places clearly stating that, but the itsfoss 12 inmutable linux distributions is one of them, and by its definition of inmutable:

An immutable distro ensures that the operating system’s core remains unchanged. The root file system for an immutable distro remains read-only, making it possible to stay the same across multiple instances.

So Guix is actually an unmutable distribution. But moreover, it’s much more than that.

Thanks a lot for taking a look !

Now, perhaps I don’t understand how it works, se how the xmpp community looks on lemmy.lm

Now see how it looks on slrpnk.net

In my mind, and it might be only in my mind, what lemmy.ml shows is pretty out of date. And I’ve noticed this not only on community contents, also when people from other instances comment on something I post or comment myself. Most of the time, I can’t see their post on the original post, and I might need to see the context, since I might have forgotten what the reply or what I get in my inbox is talking about, so context might be important. So that and the communities contents make me think, perhaps just me, that there’s something going on with syncing or federating. But perhaps I just got it all wrong.

Thanks !

I second xmpp + omemo, and would caution that as far as I can remember matrix leaks significant metadata when syncing between instances/services.

As a personal decision I got away from signal (molly in fact) more than a year ago.

I’m also keep jami working with my family, particularly for things not requiring immediate response. It’s a different beast, since it’s p2p, but there’s no server associated to it, no matter if decentralized or not. It’s easy as well, just not as responsive, in particular if looking for immediate responses… I like and keep both, hoping jami improves.

Ohh, I understand now what you’re saying. LOS (upstream) finally allowed uG to work on their images, though not pre-installed with them, it’s mentioned on LOS4uG FAQ, see question Why do we need a custom build of LineageOS to have microG? Can’t I install microG on the official LineageOS?, the answer includes a couple of references to LOS MRs. I was not aware of that, and that makes all derived ROMs inherit such ability from upstream LOS, including divestOS, so now I see what you were talking about. The answer in that FAQ doesn’t indicate that the official F-Droid client can be installed, and even better neither it or it’s lighter official client (that one never supported privileged extension) require privileged extensions to install apps in the background, so no need to install such extension through adb, and once installed the F-Droid client, one can add the microG repo to keep the uG apps up to date. Therefore no need for LOS4uG actually.

The sad thing is that divestOS images/ROMs are no more, since divestOS is dead. I hope LOS ports divestOS’ boot locking/unlocking mechanism from the still available divestOS repos, that would make LOS even better.

The other sad thing is that as LOS4uG signs with its own keys, different than the LOS ones, once you start with such images, unless you can backup everything, apps, apps settings and contents, LOS settings, and so on, without a google account, you’ll have to keep using it, until you change phone, or you are OK with a factory reset and having to set everything again, since moving to LOS implies different signatures and keys, which in turn implies factory reset and further cleanup to make the image work, :( That holds true if wanting to move to divestOS images as well.

Sorry I didn’t understand what you were saying. I’ve been using LOS before it was named like that (cyanogen), and as far as I can remember when uG showed up, LOS decided it didn’t want to support it, and it was until early last year that it decided to finally allow it, though not helping a bit providing it pre-installed, which is fine, because then the user can get to it, or rather Gapps. So I never read back about LOS criteria changing…

What do you suggest? If they get forced to use something encrypted, they won’t choose XMPP for sure, most probably something like whatsapp or telegram.

Being forced to use non standard protocols, and specially non federated ones is also a concern. Where I live, it’s assumed that all clients/users must use whatsapp, so they don’t answer your questions, you can’t ask them anything, you can’t share any doc with them if in need for support, it it’s not through whatsapp. And everyone seems happy with it.

e2ee by itself is not enough for privacy, metadata counts, and on proprietary communication systems one doesn’t even have a clue what data is mined by the company/owners or even worse if they have non disclosed mechanisms to do that or even worse to introduce back doors.

If I’d suggest something, that would be a standard and federated protocol with e2ee like xmpp + omemo. But again, I’d be naive to assume that’s a possibility, if forced to do something corporations will choose what’s more convenient to them not to the user, and that usually translates into proprietary abusive mechanisms.

Now about nerds using gnuPG/openPGP keys, ohh well, thunderbird chose what to me is the wrong path of not using gnuPG underneath (now by default all keys are exposed unencrypted, unless you choose to use TB’s master password for example, between several other limitations, the good thing is that there’s sequoia-octopus-librnp to the rescue), but that path allows them to offer a really easy way for users to interact with openPGP keys. On Android K9, now a days Thunderbird, has made it really easy as well to use gnuPG/openPGP keys when accompanied with openkeychain for example. There’s nothing obscure neither truly complex about current gnuPG/openPGP usage these days. I would agree like 15 years back one really needed to learn how to maintain the gnuPG keyring, how to add and manage public keys and how to manage your own private keys. But even then there was Enigmail, which after TB chose that path turned into just a shell to help move from Enigmail to the chosen TB’s librnp way, and Enigmail made it really easy to do all that gnuPG stuff. Besides thunderbird, which I wouldn’t say is a nerdy thing, there were/are several other easy alternatives to use and handle gnuPG/openPGP keys. So, not really nerdy, I’d think just willing to go a bit beyond what the corporations offer you, for “your own convenience”. But how many people even care? I’d say we’re a sleepy society, accepting everything imposed to us, even when there’s no need to, because of the hassle to look for truly privacy respectful, security respectful (from the user perspective, not just the corporations perspective), and also really important user liberties/freedom respectful, which Today’s corporations with the help of some communities and the banning culture we all embraced, have been successful in convincing us that’s unnecessary in favor of more “practical” alternatives, including proprietary ones…

Well, I think you already mentioned the key thing about encrypting disks. It’s not about protections when the block device is already decrypted and the filesystem already mount. At that point your disks are decrypted and anyone with or without physical access to your device, if gaining any access to it you’re toast. That’s true, but that’s not what disks encryption help you with, and you already mentioned. If you turn off your device, and someone steals it, or gains access to it, they can’t look at your contents, that’s it. That wouldn’t prevent malicious people, to instead plant something through UEFI for example, and you are right about that case. And if you never turn off your computer, and just do sleep to memory, then you depend on how strong your password is, or any other authentication mechanism you have…

Can you explain why if someone get access to your encrypted disk, they would have access to its contents?

Phoenix is not a browser, is it? AFAIK it’s a similar user.js to Arkenfox… They claim to be better, and have their on comparison, but I don’t know:

https://codeberg.org/celenity/Phoenix/wiki/Comparison

Arkenfox has been like the default user.js for privacy… Perhaps phoenix already is better…

Maybe @fishonthenet@lemmy.ml or @mickie@jeremmy.ml. BTW I remember about !librewolf@jeremmy.ml but I think it didn’t survive, and on lemmy instances this is the only Librewolf community.

Well it’s a bit confusing. On Guix’ wiki General features you can read:

Guix keeps track of these references automatically so that installed packages can be garbage collected when no other package depends on them - at the cost of greater storage requirements, all upgrades in Guix are guaranteed to be both atomic and can be rolled back.

The roll-back feature of Guix is inherited from the design of Nix and is rarely found in other operating systems, since it requires an unorthodox approach to how the system should function (see MicroOS).

And then on its wiki Guix System (operating system) Roll-back you can read:

This is accomplished by a combination of Guix’s functional package manager, which treats each package and system configuration as an immutable and reproducible entity,[58] and the generation system which maintains a history of system configurations as “generations.”

So the system configurations on a Guix system are actually immutable, as opposed to regular gnu+linux distributions, which can change the system configuration on the fly. What else is immutable on Guix, I can’t tell, but at least you can not change its system configs. What is atomic is the upgrades.

I’m not sure, but as Guix borrowed these properties from Nix, I’d think this applies to Nix as well.

In other words, at least the Guix system has immutable components. And further, the system config which is immutable, is also declarative. Combining those two things might be intimidating, since it’s not like on the fly one can go and change the system config, which might be required when debugging some misbehavior, and it’s what most distros document, then one needs to learn about guile, and a bit about functional programming I guess or at least their basics… Deploying systems might take advantage of such declarative configurations though…

It’s been a while since extensions need to be signed for FF to enable them. Not sure if Librewolf build scripts do something about it, but the config is not configured by default:

% grep xpinstall.signatures.required /usr/lib/librewolf/librewolf.cfg
%

and if you look for it on about:config, it’s enabled. So far it’s functionality is mainly to sort of not allowing dangerous extensions, though that promise can’t really be fulfilled, and besides, and it’s true the feature can be abused, but it’s not something new for FF, not sure why that petition is showing up just now, hmm. For the apps I use, this hadn’t posed a problem on Librewolf so far.

But it’s been a while I don’t see Librewolf devs around this community and the other lemmy one I know !librewolf@jeremmy.ml seems abandoned. Perhaps someone is familiar with Librewolf build scripts…

Regarding omemo, dino is getting there, see its closed issue 1609. Not sure why it has taken them too long for a new release, but they have the stuff already merged.