you should enable suspend-then-hibernate instead. laptop suspends normally and if not woken in, say, an hour, the RTC hibernates it to disk.

I mean, OK, it’s a vulnerability and there are interesting implications, but this is hardly significant in any pracitcal sense of the word.

the potential victim has to run their system without a firewall, has to print to the printer they’ve never interacted with before and then the attacker can run shit with whatever the printing system’s user id is, which shouldn’t be an issue on any reasonably modern distro.

I routinely remove cups and friends from any system I run because I have no need for printing and it bothers me to see it constantly during every system upgrade.

https://github.com/morgant/mlvwm

I wanted to write the same thing. have the notes app do the notes thing and handle encryption elsewhere.

as to apps, I suggest QOwnNotes. it’s markdown, highly configurable so you can make it minimalistic AF, stores notes in invidual files and folders. it also has a bunch functionality like syncing to nexctcolud and such, but I’d advise against it, just use it as a notes editor. you don’t have to selfhost anything, make it use the e.g. Documents/Notes folder and you can use syncthing to securely replicate it to other devices.

because things moved forward in the last decade or so and it’s not viable. the same way matrix and element and those ridiculous things aren’t viable and never will be. can you use it today? absolutely. can you convert normies to it and make it an actual widely used comms platform? no. fucking. way.

this is coming from a guy running their own prosody instance and utilizing rocketchat on two separate client instances. yeah, I know how to set it up and deploy it; but the amount of absolutely credible complaints I get from normies forced to use it staggering.

to me it looks and feels like shit, compared to Durov’s spyware it’s like a PoC from 2015 looking for funding. fine demo you got there, now bring us the real thing.

but, to practical things, I lose/sell/buy/switch devices frequently. with telegram, I can lose all my devices, log on from a fresh one and all my shit is there - a decade+ of convos with 100s of people with valuable info. no juggling around with the crappy electron desktop app that doesn’t give me access to convos or the inane procedure to replace a lost device and restore chat history… the other day, I successfully retrieved a piece of info from a convo from a decade prior.

I realize there are people out there that need that sort of security, but I don’t. I just want Telegram with an OTR plugin (OMEMO nowadays) that prevents any nascent mass surveilance and LLM ingestion and I’m golden. but that shit’s explicitly against Telegram’s ToS; the only logical conclusion is they’re adamant about leaving all your shit unencrypted in the cloud for some specific reason.

I can’t think of any such reason that’s not malevolent.

regarding its UX, nothing close exists; when it comes to converting normies, so you have someone to actually talk to, then there are no alternatives. that’s a pretty shitty state of affairs for something that shoulda been solved a long time ago.

lesson learned, I guess, don’t put all your eggs in one basket and have multiple fallback solutions. I’ve begrudingly moved to Signal and I’m cursing it out at least once per day, can’t believe the navel-gazing, self-righteous cluelessness behind it; but that’s the best there is at the moment. it’s beyond shitty that we’re having trouble achieving what we had in like 2012 by way of XMPP and friends, let alone surpassing it.

any way to read this without a telegram account?

I’m trying to utilize a couple of core 2 duo macbooks for the same purpose and it’s not going great. I have twice the cores and RAM but they’re stuck at 800 MHz, because of no batteries.

anyhow, very slow and issues with a lot of codecs I throw at them. try mpv without a DE/WM.

air tags function by utilizing the ad-hoc network all Apple devices create - if you run an Apple device, you’re involuntarily part of this P2P network, even when your device is supposedly off. otherwise, said tags wouldn’t be able to send you status reports from the other side of the planet. that’s just how they and find-my-shit apps work, there are no alternatives to global availability.

all that’s kinda antithetical to the whole privacy thing, so you’ll have to balance the good with the bad and determine how much spyware you will tolerate to gain this sort of convenience.

superb write-up. yeah, the price tag is absolutely eye-watering levels and the classic car is an apt analogy. if you’re not an tinkerer/enthusiast, don’t even think about something like this. I got a T14 Gen1 AMD with a busted screen for $100 even, with original battery, that thing runs circles around this Ivy and is like half the heft, despite 14" > 12".

I’m sorry for being slightly off-topic, but ONE THOUSAND clams for an easily breakable/losable thief magnet is just bonkers to me. my desktop, laptop, tablet and phones cost way less than that in total.

you sure you separated your “needs” from your “wants”?

this is a nothing-burger. the same “article” from days ago, rehashing the same bullshit, quoting a totally unknown security researcher firm (that, conveniently, also sells some turd that’s gonna rid you of this scourge) with zero details, followed with less than zero fact checking from arse technica, like how did they establish the 1.3 milsky number, the “infection” vector and other similarly “unimportant” shit.

portals like the mentioned arse thing are hungry for content and are willing to publish any old thing that even resembles quality content. keep your eyes open, your wits about you, and question everything.

from a bot farm “news” site, linking to the shallowest description from a “Dr Web” antivirus of which I’ve never heard before.

zero details as to how those devices got compromised or how they got to the 1.3 MM number.

searching for anything resembling a reputable source reveals nada.

try usbcore.autosuspend=-1 kernel switch.

my god… thank you GloriousEggroll for all your hard work, but please find someone else to write the documentation. it’s hella confusing and explains nada, despite your best efforts.

the parts are cheap, the prices are low

recently I got me a pair of Soundpeats Air4 Pro; initially wanted to repurchase a pair of Air3 HS Pro that I had and was very satisfied with the sound but lost one earpiece and found out that replacing it is nigh impossible. so, Air4 was like $5 more and I wanted to try the ANC part of it. none of those models are in-ear headphones, I’m done with shoving things in my ear canals.

so the sound is OK to me (I have tinnitus and don’t hear that well to begin with, so I’m not an expert on judging these things) but the ANC is not what I expected it to be. to me, what it does is just flood my ears with bass. the music i listen to and the occasional podcast sound OK to me but I don’t perceive any noises to be “cancelled”, i still hear all irritants (buses passing me by, dogs barking, people talking, etc.) but they’re somewhat droned out by the bassy sound.

the way I understand ANC, it uses multiple mics to generate an inverse sound that cancels out the ones reaching the microphones. so this should work without music, i just turn ANC on and I “hear” silence. nothing close to that is happening.

anyhow, both of those have some app that you need to get from google play and I haven’t done so for either of them. judgging by the screenshots the app doesn’t do anything of value, so you’re safe to run it without.

edit: I just checked and it appears I was the victim of wanting things to be true; the website lists the feature as “Hybrid ANC” (emphasis mine). I’m not even gonna bother with reading up what their definition of it is, so I guess it was a con job from the start.

if they run hardware that’s not cutting edge, by all means, that’s the best solution as a first distro.

ubuntu is important as a stepping stone. myself and everyone I know that’s on Fedora et al started with Ubuntu. we learned what’s what and how to go about doing things and after hitting the ceiling one too many times, we tried other stuff, found better havens and finally abandoned it forever.

so I’d caution against any action aimed at hurting it. leave it be and know that it’s still the most user-friendly solution out there and the one that’s most likely to “just work” for most people. it’ll convert people over, whether from Windows or MacOS. once they’ve crossed over, they’re more likely to wander further.