I replied to @muntedcrocodile@lemm.ee and understood the question like “Is distrobox as secure as QubesOS?”, which I replied with “No”.

Ahh, fair cop. Good point on Secureblue, but my threat model doesn’t take me there.

Eh, it’s fedora under the hood with SELinux enabled, and immutable, better than most security wise, I didn’t say much more.

Bazzite is the better distro because you install things in a distrobox. Muck around, break things in there, but your main distro stays safe, secure and stable.

You’ll be wanting sudo ostree admin pin 1 seeing as 0 was broken. Double check with rpm-ostree status.

Proceed to rpm-ostree update, if that does nothing it means 0 is up to date, personally I’d just wait for a new update using the working deployment, but you can blow away 0 and get it again if you’re keen.

Just use multiple database files (e.g. one for unimportant, one for important) and automate the syncing with syncthing or something so the lazy doesn’t matter…

What is the Matrix?

A viral advertising campaign in 1999…

I’ve always thought that it should be the relevant ID issuing organisation, with whom the damage to privacy has already been done, might as well leverage it.

wut? I VPN all the time (for niche stuff Lemmy’s not there yet with).

Thought it was something like that, hence needs must when the devil drives

Check here Personally wouldn’t piss on it if it was on fire, but needs must when the devil drives.

Pretty sure it’s in google services which you can turn on, personally think that waters down the point of Graphene if you leave that on, to the point of pointlessness, but some countries seem to live on whatsapp, more’s the pity.

For what seems to be your use case, it should be good or better (AMD helps) and everything you need is in the tin. There are a couple of gotchas, and the doco could be better if you’re a dev, but if you’re just gaming you’ll be fine.

Try to avoid using rpm-ostree install (it’s dog slow and slows updates, you’re building an OS image after all) instead first try flatpak and then create a fedora distrobox (or arch or whatever, but fed is most in line with the base install) and dnf install from inside that (and then export to the main OS, keep it clean and it’ll be stable).

ujust update rocks, but it updates automatically in the background (there’s at least two OS images at all times, so in the unlikely event it breaks you just revert), so don’t forget to reboot every now and then, weekly at least for security reasons.

Go here for questions, there’s a discord too if you like that sort of thing. Have fun!

Aye, to each their own. I went the other way, Arch -> Fedora -> Immutable Fedora, because I was sick of tinkering and wanted stability ;}

TLDR:

Skip to today, and Big Tech is pursuing the same approach, often in the same states.

They too have funded front groups, hired an armada of lobbyists, donated millions to campaigns, and opened a firehose of lobbying money to replace real privacy laws with fake industry alternatives as ineffective as non-smoking sections.

I’ve had a couple of things mess up, usually nvidia related (egregiously sleep, and I like sleeping my desktop), but because it’s immutable I just revert the entire OS and come back to current in a few weeks, and it’s good (not the best security-wise, but my use-case is pretty sanguine). That’s one of immutable positives. Bazzite natively supports 6 months reversion, or in a pinch you can go back to Silverblue/Kinoite.

It’s pretty easy for 80 (90)+% of competent computer users, get an old Macbook for that stuff (it’ll probably be better) and switch your main to linux. The real problem is less competent computer users.

Evil isn’t the real threat to the world. Stupid is just as destructive as Evil, maybe more so, and it’s a hell of a lot more common. What we really need is a crusade against Stupid. That might actually make a difference. - Jim Butcher

Screw you guys, immutable fedora. Currently, bazzite, but I can, and have, change on a whim.

Depends a lot on who you’re talking to, and your, and their threat models. For many, signal provides pretty good protection, which brings us to a salient point, anything that actually provides good security will attract plenty of negativity, often from state level actors who feel (are) threatened. If you’re playing at that level, adam_y is right, dead drops and one time pads. Presuming lesser threat, signal beats telegram and FB etc. Email is plaintext unless proton to proton, encrypted email is fine (look at PGP) and indeed if you encrypt at home before sending it’s pretty much a dead drop anyway, as long as the other party has a key, and I’m wandering off the beaten path.

Seems you want a secure messenger that works and are scared by random crap because you don’t have the relevant knowledge to decide (spoiler, very few do, and it’s insider knowledge, the world is imperfect), fair enough, but don’t let perfect be the enemy of good. As long as you’re willing to give up your phone number, Signal is well regarded (exchange privacy for security, you decide). But yeah, no perfects, world imperfect, trust hard, deal ;)

As it should be, don’t do that.

Doctor, when I do this it hurts…

Also, you’re creating a disk image…

Pass it on…