Right, I was starting to think “Oh yeah and maybe I could fzf history…” then wait, I already do that reverse-i-search then edit. If I use that often enough, alias in ~/.bashrc or even function to make it composable.

As others suggested the backend is probably already installed on most computers but not setup, namely :

• ssh to manage passworldless across multiple computers (you need that for data to be safe)
• scp/rsync/rdiff-backup to actually copy the data thanks to ssh keys

One could imagine a dedicated user per machine that is for read-only of data (maybe after some encryption, limited to very specific directoriess) and another for storing only of data (with no access except to write on disk and with a maximum quota).

What this highlight though is that the centralized managed cloud model is challenging to replicate as purely p2p at home, namely backing up your phone to your desktop might be find but the other way around, probably not. Maybe even more challenging, what do you actually backup? I would argue your home directory but… clearly not your e.g. Steam games (humongous) or other backups or video files downloaded from the Web. So… probably a select set of directories in home then, but which ones? ~/Documents only? This specific part implies some decision from the end user.

Anyway I believe all the tools are there, but I think what most people lack is to view the result and for that maybe some equivalent of https://gitlab.com/ikus-soft/rdiffweb/ which shows when was the last backup done, how big it was, etc basically some form of visual to feel safe.

Finally to skip the CLI key management part the closest I know, for end users, is KDE Connect https://kdeconnect.kde.org/ which I discovered after building my own https://git.benetou.fr/utopiah/offline-octopus kind of equivalent, namely a way to use devices on LAN. Backup is not a default feature though but could be.

why not bc then?

better than bc ?

Ah! Isn’t it wonderful when we discuss to learn rather than be right? :D

44 %

Very interesting, thanks for sharing. That number is of course way too high. I won’t point fingers but… OK I will, I would argue, naively, that a lot of that frustration comes from corporate exploitation. I bet a lot of that comes from maintainer who noticed big number of downloads on CDN but no PR because somehow a paid for tool (so not blaming just BigTech here) relies on their work… and they don’t see a cent for it.

I doubt most people who have a quirky side project, say something about how to use Lego controllers for their model train on the weekends with kids, really mind. Sure they’d love to see a bit of money from it but whatever.

Anyway I’ll dig into that report a bit more, thanks for sharing!

FWIW I’m donating every month to CodeMirror author, donates to Vim, etc. I’m not saying they are wrong, nor right, solely that implying (but maybe I misunderstood the comment) that somehow open-source and getting paid are antagonist is IMHO damaging to FLOSS broadly.

I wholeheartedly agree. But, I prefer the capability to donate to the open-source software developers that I love to support.

Right indeed, not sure why it was implied that open source software couldn’t be a financially viable option for developers too.

On the one hand, it’s a shame that it’s not open-source, but on the other hand, developers have to make a living from something.

I’m pretty sure most people here, at least I hope, who use open source and free software directly money donate to developers. I know of plenty of developers who do get paid writing open source through such donations or via funding, e.g. NLNet or grants. Maybe I’m misunderstanding your statement, are you saying Sublime Text isn’t open source because they believe those ways are not appropriate for them?

I use ffmpeg to record only the top left corner of my screen but I don’t have any visual for it.

I used https://github.com/ftorkler/x11-overlay/ in the past for another tool, maybe this could help you.

FWIW and even though that’s not what you implied Android is far from perfect either, just reading https://www.zeropartydata.es/p/localhost-tracking-explained-it-could right now and… even though Google does try, other, arguably not malware (very arguable!) do manage to go through anyway.

a majority of their computer experience is probably in the browser, with an office suite and maybe an email client.

Exactly, and for whatever is left there is

• Web based equivalents, e.g. NextCloud, ProtonMail
• LibreOffice
• Gimp
• Inkscape
• Kdenlive
• Blender
• Cura
• OBSStudio
• Lutris or Steam with Proton
• Audacity
• VLC or mpv

and finally, the most important “etc” namely you can have a poster on the wall with post-its where they write what they miss, you write down a matching post-it in front. You might not get 100% coverage but I’d be shocked if you don’t have 99%. You can also “seed” that poster with existing ones, e.g. https://trustonteachestech.blogspot.com/2017/06/open-source-alternatives.html

My hope is actually that standard compliant (that’s the important bit) hardware keys and passkey, e.g. WebAuthn, get more broadly accepted. This way open source and hope hardware solutions, e.g NitroKey, would allow anybody on any OS supporting those standards (which does include Linux without proprietary blobs AFAICT) to work.

Thanks for doing that.

IMHO it’s show, don’t tell. I’m assuming you have few laptops laying around here but ideally :

• have a working Linux computer and let them play with it. You can have few documents on the desktop to help kickstart the process, few browser tabs opened with e.g. ProtonDB to show that most games do work, etc. A little “trick” you can do is have an email client (Web based or not) opened so that they can (if they want) email to themselves a message like “I wrote this on Linux!” and a link to some documentation your wrote online about the event.
• have another one where you can do an installation live (or play in loop a few minutes video recording where disk formatting, package download and installation, are sped up, easy to do with a VM)
• have yet another one where … they can install themselves! I’d suggest a VM there so that they don’t fear they would wreck your computer

Few “gotcha” I would warn people who are genuinely interested in (as I wouldn’t waste time with this for people still doubting) :

• backup your data (documents, family photos, work, etc but NOT games, music, downloaded movies) on a USB stick before you do anything!
• you might have to tinker with BIOS settings but that is not scary BECAUSE you backed up your data
• there are plenty of distributions, even though that’s beautiful, … just pick a popular one at first because that’s how you get help more easily
• peripherals are not all made equal, even though the vast VAST majority do work with Linux, they don’t have little stickers to help customers buy them so rely on standards (like BlueTooth or WiFi) AND if it’s something expensive or bulky, do check online reviews with product name + linux in a search engine like DuckDuckGo.

Now… the actual argument I usually share with people is the browser. Most people don’t use their computer, really. They use their browser to connect to the Web THEN do their “work” or entertainment. In that case then it should be no problem because browsers are properly cross platform. I would let them potentially use Chrome (sigh) or Chromium just to show how familiar it is and hope that, as they learn more about freedom, they do consider other browsers, like Firefox or WaterFox, Pale Moon, etc but just like with distributions, starting with whatever is popular and they feel comfortable with.

I would consider that VERY sophisticated. One needs to basically conduct identity fraud, so have enough information to port your SIM via your phone company. I imagine that if you do not call your phone company with your existing number they have a few extra steps to allow anything to happen.

Anyway, beyond that, which as you shared (thanks for taking the time to put those links) is indeed not infeasible (but still requires targeted work and skills) this is only 1 step out of 2 for authentication against a bank. One still needs to know the bank and the login/password pair the Website requires.

Even once that’s done, I believe most banks do not allow large transfers, e.g. above 10K EUR, without another verification. Typically transfers have a daily and weekly limit that can be modified temporarily.

So… IMHO it’s sophisticated (in the sense that a “script kiddie” or scammer without technical skills can’t do it) and has limited economical value.

I will remember it (again, thanks for pointing it out) but I won’t lose sleep over it.

PS: I’m wondering what’s the consumer law on this actually because arguably some steps, e.g. no limit transfer or SIM porting would be on failure on the side of companies, not consumer. I wouldn’t be shocked if companies had insurance for that and might have to pay back whatever amount would be stolen. Obviously this would be regulation dependent.

Linux applications can access your entire home folder

That’s the default because that’s what most people want, or at least expect.

You can perfectly start an application within a container or even a dedicated user.

Nearly nobody does this not because Linux does not permit that, it does, but rather because most people believe (rightfully or not) they do not need this level of separation.

use SMS but that can be hijacked by social engineering attacks

Can you please share an example? I’d be curious how that would work, especially if it works while understanding how it works.

Android does not have that much “hackers” as “proper” Linux has

It’s hard for Android to have hackers precisely because Google and manufacturers are trying their best to prevent that. They do not allow rooting, they blocks features on rooted devices, etc. So they do their absolute best to keep on exercising control despite collaborating on open source software.

Absolutely but even their high end model has just a RK3588S 8-core 64-bit with a Mali-G610 MP4 … and that’s not exactly a powerhouse if you check benchmark with like an i7 which would already be several years old, not even high end.

This is not a “fair” comparison and yet, in practice if you sit down with that setup and you start to use Blender and Firefox with a tutorial running in the background, it’s going to feel sluggish quickly IMHO.