jutty

Average Debian system update experience:

All packages are up to date.
Summary:
  Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0

Just fiddled with it to see how it works. And sorry, I’m not aware of any reviews to recommend.

https://radicle.xyz/ fits your description

Yes, Fossify came precisely as a continuation for the Simple apps. The https://github.com/FossifyOrg org and the website https://www.fossify.org/ are linked from the F-Droid metadata so they should be legit as well.

See also: https://f-droid.org/2024/01/04/twif.html

I think the ethos of open source flips this thinking. You should not trust. Microsoft may not be noting down your banking details, but you actually don’t and can’t know if it is. What it is doing is storing other personal data, because that is in its policies. Now, to what extent it takes advantage of this capability and permission, it is again unknown and unknowable.

Microsoft may be a big corp, but some distros are the backbone of highly critical systems, and collectively they run the vast majority of servers.

You don’t “trust” your distro. Or your laws. Everything being done is in the open, so you can see for yourself. If you lack the knowledge to do that, there are others who are doing it and many are sharing what they find. You will “trust” on some level, because of its reputation, how established it is, but trust here means something very different from letting a huge blob of unknown code do whatever it does because I trust you.

what even was that about freedom zero? as if freedom zero meant all free software must be accepted in all repositories?? you are still free to run it regardless

I got number two on LibreWolf, last spotted five seconds ago

That’s the best, safest way. By the way, you can do the same thing from a flash drive too, if it has enough space to hold the system. I don’t mean as a live temporary system, I mean you can just point the installer to a second flash drive as the install disk and it won’t care.

in this thread, as a twist on the more common meme “is this AI” or the more accusatory variant “this is AI”, we doubt human intelligence instead

I’m disheartened by comments stating “whats the point?” just because it’s hyper realistic. I do prefer less realistic art too, but the amount of dedication it must’ve taken this person to develop these skills and then the work on each painting, it speaks volumes beyond just being a replacement for a picture… You’d hang it on a wall and tell every visitor “this is a painting” and then each and every one of them would go NOOO

For Debian there’s Preseed, for Arch there’s archinstall, for a Fedora/RHEL there’s Kickstart, for Alpine there’s setup scripts, for distros with fully manual installs, you could just write a script?

Automating your install is something any sysadmin and mainly any distro developer will quickly reach towards, so it is something almost certain to exist.

Though, if I understand you, you’d want that to be “sourced” from an existing system, yes? I can see the use of that… NixOS is likely the closest to what you want, since you are always defining a full declaration of your system.

The PC itself as in hardware? Hardly… Your data is at risk. So ignoring updates for both Mint and Windows will put you at a more vulnerable position from a security standpoint.

If you are asking if not updating Windows will make your Mint system insecure, the answer is no. At least to me an exploit leveraging an unmounted Windows partition is unheard of. It will of course make your Windows system less secure for the 2% of the time you do use it. Another side effect of updating it is that it may break your dual booting.

While another comment covered the matter of security updates, another point that is safer about repositories is the security of the binary and the transaction. Meaning, the place you get your software from and how this transference is accomplished are also security sensitive.

When you get the software from a repository, you typically have some assurance that (a) the binary you are getting was compiled from the source that is published (b) the source from which you are downloading is known and trusted © the method through which you are transferring is somewhat secure (e.g. TLS) (d) the changes made were inspected by at least one more independent party (depends on the repository’s policies).

Repositories will also have criteria for inclusion, which can bar you from software you want, but still could also mean software with bad security practices never reached you to begin with. Being included in the repository might also mean it’s up to more scrutiny, as it may be removed depending on what security events happen in the future.

Say that instead we were to get the software directly from the original source. How will this source transfer the software to you? If they publish it on a website, that adds one more attack surface where, if an attacker tampers with files, hashes and/or links, you are now no longer getting it from the source. Say instead you get it from a Git forge such as e.g. GitHub. Is the binary being built form source in CI? Or is it uploaded manually? Does it provide a hash? How can we know the manually uploaded binary, even if it has a hash, was compiled from the publicly available source? There is no trusted, independent third party involved to confirm that.

I can think of a few other reasons unrelated to security, such as repositories, particularly distro/OS-specific repositories but not only them, will tailor the software to your OS, resolve dependencies for you and add niceties such as init system integration, shell completions, man pages and sample configuration that is specific to your OS.

If you see yourself facing this often, you can also use a browser extension to make it easier to see the post you are at in your instance.

For Firefox and derivatives, the simplest one is Lemmy Link, which places a Lemmy icon next to links such as the sibebar’s !community link in the instructions for logged out users to find the community in their own instance. It has not been updated in two years, but still works.

Another option is Kbin Link, which does the same thing and has seen recent updates but tends to trigger “this extension is slowing down…” notifications.

A third one I found is Instance Assistant, which instead adds a “Find in my home instance” button to the sidebar. It does have some additional features, but I couldn’t get them to work. This one is also available for Chromium-based browsers.

basically I never follow any feed (be it Mastodon, RSS, Lemmy, newsletters, whatever) that is too high volume. If something is sending too much content I’ll just unsubscribe/unfollow. So for instance Lemmy communities for news are soo overwhelming, I’d rather sign up for a newsletter with a selection of five or so important news for the day.

Yeah, sorry! I realized that after sending the comment, but I guess I was too late to delete it. I’d also like to find a Mastodon app that does that

deleted by creator

I think you really miss the point. It’s as if your suggestion that romanization methods have imperfections dismisses the actual reasons why people will refuse to make the effort to learn how to pronounce a name from a language other than their own, which go far beyond whether or not the spelling “makes sense”.

The comic gives a very concrete example of that. It wouldn’t matter if the letters exactly mapped to a perfect pronunciation, the mere fact it does not roll of the tongue, i.e. “sounds foreign”, coupled with the underlying xenophobia+racism combo is what’s at work there.

I use PDF Arranger a lot for that

https://github.com/pdfarranger/pdfarranger

I switched recently from neomutt to aerc and yes, if you want less complicated configuration, it’s a great pick. I find it less buggy and just best designed overall.

I never tried Gmail or Exchange on it, but this should have some helpful info on that: https://man.sr.ht/~rjarry/aerc/providers/