NaN

Encrypt them before they’re ever put there. One example I can think of is in resilio sync, which has the option for sharing a folder to an encrypted peer. Other peers encrypt it before sending anything, that peer doesn’t have the decryption keys at all.

Yeah, I want my passwords unencrypted in the browser, where they belong!

Remainder that Tails is an NSA PRISM targeting keyword. Congrats on making the list, folks!

They are logged, but swatting people get around it. They are suspicious “looking” calls, but so are bomb threats.

Swatting is pretty much always a blocked number to a non-emergency line. If they are traced it is typically one of those free online voip services. It takes work and access to really get from A to B, which is why it only happens when there are awful results.

In the US at least, 911 gets special access and calling it will always get you to your local dispatch (unless you have voip with the wrong account address). Non-emergency is just a normal phone number. If someone wants to call from out of the area or hide their number, non-emergency is how they have to do it. This is suspicious because in a real situation like “I just shot my dad” or whatever they say, nobody is taking time to look up non-emergency.

It has activation issues as the license is tied to hardware. If you have a retail license tied to your account it will prompt you to transfer from another machine, OEM does not. Nowadays people don’t even get a key, although it can be extracted from the firmware.

Most people are running Windows OEM licenses that don’t transfer to VMs. A retail license you can move around.

It’s probably something most people could learn a bit more about. On Red Hat or Fedora you don’t have to get too far out of vanilla before SELinux starts breaking things (oh, you wanted your custom systemd service to run that binary from that directory? Tough! Figure it out!), in comparison AppArmor on Ubuntu and Debian seems to get in the way a lot less. I’m not sure if that’s due to how it functions as a product or upfront work to configure it to be less intrusive.

Specific configuration is an implementation, as are hooks they may add to their own software to leverage features. Both Debian and Ubuntu also build their own profiles.

Thats why they said “Ubuntu’s AppArmor implementation”, as in how they configure and integrate it.

OP didn’t state their wife’s age but it is a safe assumption they are old enough to sign up for an email address.

Do you sideload extensions in Chromium browsers often? No browser makes it especially easy, auto-updates are hit and miss (uBo has a zip from GitHub, does that auto update?), and it’s extremely likely that many authors don’t bother with special niche development when the vast majority of their user-base is gone (he doesn’t build an XUL version anymore either).

It’s, in fact, some kind of problem even if it isn’t for you.

It’s effective for probably most typical users (set it and forget it), especially if you “up” the permissions. Downside is the filter rules have to be bundled in the extension, so it doesn’t update dynamically.

The problem with most of them, is they don’t host their own extension repositories, so their support doesn’t really matter unless you side load all the time.

Somewhat. One, a system can be bootable without the entries because they are just pointers to the actual bootloader, so even if windows does the stupid and deletes them it isn’t the end of the world. It does depend on your specific firmware though.

Also two, you can write them again with a single line in efibootmgr, they’re just saying “if I click Fedora load the shim from the EFI system partition on disk 1”.

This is very different than the old world where windows would delete your bootloader entirely and the MBR couldn’t be easily explored. They live in the efi system partition instead - or at least the shim does- and typically every OS leaves the other ones alone (even Windows, except in this case, although it didn’t touch the shim itself).

The initial comment was about the bootloader and really only applies to MBR partitions.

Bash is still in MacOS.

XNU is the kernel in Darwin, XNU is an Apple product derived from BSD and Mach. Darwin has a lot of FreeBSD in it.

Apple shares that code though. It’s on GitHub. There used to be Darwin distributions.

Your Android example doesn’t make very much sense either. The largest Android issues are typically hardware lockdown. Nothing about the GPL prevents someone building an ad platform that spies on you, it just makes them share the source code for it. Google’s licensing choices means they don’t share the source code for the Google pieces they put on top of AOSP, the entire project means people can build the alternatives though.

The lawsuits were about AT&Ts proprietary license. BSD and similar licenses are not that.

386BSD was not available until some months after Linux was released, so you had GNU with no working kernel and BSD not yet available on the hardware he had, hardware a lot of normal people had. I think the GPL also felt more philosophically right to many of them, and it limited how much they needed to re-do work that someone else had already done but kept secret.

The AT&T lawsuit definitely hampered BSD growth just as it was ported to the 386, but it was filed after Linux was already a thing.

Marktext is another. Pretty lightweight and more permissive license than Obsidian.

Obsidian should not be suggested for general use without the disclaimer that you have to pay if you use it for any work in most cases (unless you work for a very small place or a non-profit). I think their license is probably one of the most unintentionally violated around, kind of can’t believe they’re on flathub.

Commercial use means using Obsidian for revenue-generating or work-related activities within a for‑profit organization that has two or more employees. Government departments and agencies are considered commercial use, unless registered as a non-profit organization.

Gnome boxes and libvirt do it automatically for their VM directories… it works and a normal user doesn’t have to know a bunch.