My guess it is zip’ping the directory in memory to send it as single zip file, hence use a lot of memory. Better to zip/tar directory yourself and send that file over.

Based on screenshots - the status in Process tab is useless in most cases IMHO. Better telling would be CPU℅ telling proportion of sleep&running.

But overal nice looking, having tabs like flatpak and such that sounds useful.

Just go to the settings, apps, Tusky app and click “open defaults” or something default dont know how its called in English. It will unset all default targets of that app.

Best to buy phones that you can relock your bootloader, from memory I can only think of 2 phone manufacturers that allow that: Fairphone and Pixel phones that allow you to relock bootloader.

I bought Fairphone 5 with Degoogled /e/ OS from Murena to avoid that annoying cat and mouse game. I bought from murena website to get my phone already with degoogled firmware flashed.

In my case bootloader is locked with google attestation so 99,9% apps works, including Banks apps with TAP to pay. Bank payments that dont use google pay but implent NFC directly works (so except for google pay other pay method should work).

Both my bank apps works with tap to pay, But Your milage may vary.

Im happy with my phone. Due to all that, not a single app had issues with “valid OS checks” because it actually is valid, it did came directly from seller and never got unlocked/flashed.

It is locked but I should be able to unlock bootlader, flash different firmware version and lock it back up making the attestation valid again but didn’t do that yet so can’t be 100% sure.

assuming that Google is not malicious

Previously they would need to push malicious code to your device to steal your login data, that is a risk that someone would do reverse engineering on that and expose it, now they will have the data on their servers and they can abuse it any time they want, I doubt they will use it to login as you, but they will use it as metadata to connect all your accounts for marketing.

proper authentication protocol do not send your password to Google to authenticate

That is not true for 99% services including google. Google have a plain text password at the time you are logging in, they just store hashed+salted version in storage.

(Almost) No website (or app) is hashing the password before sending it to server, so if you hack the login screen you can dump RAW passwords anytime.

No thanks, sounds like security and privacy nightmare.

The part about “no user interaction required” doesnt feel right secure.

Especially as it is stored at google servers, it says it is encrypted but it is encrypred using keys that google has access to as they are unlocked with you logging in into google account.

Chromebook V2?

Funny :)

Hard to be sane with so many broken hardware implementations… 😅

Cudos for the Linux developers!

In the last I had very little success rate of those uninstall tools to actually do their job in full. A lot of time they delete some data but almost always they leave some trash behind.

And in the first place, I stopped trusting those external uninstall binaries, they could be designed to remove not only app data but remove your personal data, steal data from your PC or infect it (even if just to investigate why you are uninstalling).

One of the reason is that apps can place their files in any place they want so the app manager is not aware of those locations.

Even if it would know then the user still would need a way to remove the app without deleting data, imagine installing Developer IDE or chat app and uninstall process would remove your chats or projects. Imagine app dev accidentally set the “directory that store app data” to /home, it would be bad.

I not once uninstalled app to install different (for example older) version due to bugs in new one.

Having the logic allowing to optionally delete data would introduce additional complexity so most old package managers never introduced that feature.

But I agree that we should slowly introduce a way to to that. Some app managers that manage flatpaks now allow to delete user data after uninstalling app, this now could be done universally because apps installed using flatpak store their data in their own separated/dedicated directory that flatpak engine know about so (unless you give permissions to access other location) thw manager know where the app store data so can offer easy way to remove it.

Container is just a term for a set of isolation solutions bundled together.

Like file system isolation (chroot), network isolation, process isolation, device isolation…

One of them is ofc chroot, yes container use exactly the same chroot functionality.

So to answer your question, no, you don’t need full isolated container. You can use only chroot.

You just need to pass all required devices ( and match the driver version running in kernel with your files in container and (avoid) more than one app having full unrestricted access to GPU as that would result in issues (but dont know the details so can’t help you with that)).

You can use wayland in container but the easy way probably would require to give whole GPU to the container (but my knowlwdge is limited)

What I do know that this project is doing that: https://games-on-whales.github.io/

That also came up in search results that could help: https://unix.stackexchange.com/a/359244

The only reason ssh client would “hang” without any output is when it’s waiting for external key storage to allow access. It’s designed that way to give user some time to approve access to key storage.

It sometimes happen that the installed key storage is broken in a way that it fails to show user modal, for any reason (showing on wrong screen, wrong desktop, wrong activity, wrong framebuffer, …)

One solution (that you already did) is to change the SSH agent env variable to point to different key storage.

Another would be (if possible) to uninstall the broken key storage if you don’t use it. But it is sometimes needed/used by other apps.

It’s overall good to notify/open bug on your distro issue tracker to notify that some packages are missconfigured (maybe have missing dependencies) or conflicts with other ones.

Yes, user should (at least try to) provide their own message, if not and it just post links to (their own?) pages then account should be marked as Bot IMHO.

CVEs found at: https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/

Details of vulnerability: https://github.com/IAIK/SLUBStick

Immich

Wanting to spin-up but constantly delaying…

You can go to /var/log/apt/ and read the history.log as it will contain every single package that you did install/remove.

Based on that you can just restore it to working state by manually undoing the changes (removing installed, installing removed)

I use to split personal and work stuff.

Mostly just change desktop wallpaper, have different pinned apps, and have some apps forced to start on specific activity using kwin rules.

And I sometimes also on top of that use workspaces, for additional split if different set of work/personal activities like switching between projects or leaving chat on one and IDE on another.

So it’s almost like a simple 2x2 workspace grid but with additional window/taskbar rules.

…