kyub

• Tor browser for anonymous/private regular browsing (without logging into personally-identifiable accounts)
• Vanadium (GrapheneOS' Chromium-based browser, maybe it's usable on non-GrapheneOS as well?) in combination with a good crap-blocking DNS server
• Brave is decent but has some bad default settings, can probably be configured to behave well (similar to regular Firefox)
• Firefox + forks are generally not that great (at least on Android?) because their sandboxing capabilities (and maybe other security features) are weaker compared to those of Chromium-based browsers. See also: https://grapheneos.org/usage#web-browsing
• Proprietary browsers like Chrome, Edge, Opera, and so on all contain loads of on-by-default-spyware and should never be used

This might not matter anymore, unfortunately, because there might be no meaningful future elections (at best - fake ones where Trump always turns out winning). He will just keep ruling and then define that everything's always great with his rule, no matter how it is in reality. To have him win this past election was a historic mistake that will be extremely costly. Of course, no king rules forever, but the damage during his rule as a criminal king will be massive (not only caused by him alone of course, but enabled and accelerated by him).

While this is stupid, it's also minor and doesn't really deserve such clickbaity titles. You'll only be locked out for 24 hours, which is not long, and you'd have to switch Proton versions 5 times within 24 hours for this to happen, which should be very rare to begin with.

I play exclusively on Linux/Proton for years now and at the MOST I've switched Proton versions like 3 times within 24 hours, 99% of the time I switch them never (because 99% of the time it just works) or just once (e.g. switching from regular Proton to Experimental or GE-Proton, which might help wth very new games). That means I would probably never be affected by this.

I"m not trying to defend this, this limitation should not exist, but I'm trying to position this correctly because the titles are misleading clickbait, they suggest you'll be locked out permanently.

Yep. There's always been spying from foreign governments' intelligence services on allies (especially from the US and the UK because they have such vast surveillance capabilities and budgets), and there's always been commercial spying (e.g. Google, Apple, MS, and others collecting vast amounts of data on everyone using their proprietary software), which then could also be bought by intelligence services to expand their data mountain. It's really nothing new at all. Also, this was all basically part of the infrastructure already. Of course it's going to keep running.

Also, there were these thin excuses of "data protection" agreements between US and EU like "Privacy Shield", which were on incredibly shaky or non-existent legal grounds the whole time (some of them also got taken down already because they were such a joke to begin with), only to sort of "legitimize" and "make legal" the vast amounts of sensitive data that are flowing from EU to US when using US software and services, despite EU laws stating that many of those data transfers aren't actually legal. Basically, to protect their own institutions as well as tons of EU businesses who are trapped in, for example, the Microsoft software ecosystem, so that they can continue to use these software products containing spyware and not feel too guilty about it because it sort of got defined as being lawful.

So all of this, including the hypocrisy behind it, is nothing new at all. In theory, we have all these fancy data protection laws, but in reality, almost everyone either ignores them or doesn't get it.

What's new is only that before Trumps' 2nd term, this sort of stuff was "accepted" as either "necessary" (in regards to the intelligence services spying, because this always was excused with "national security" reasons, which has been the favorite universal wildcard excuse for any sort of mischief by government institutions) or simply as "irrelevant" (in regards to everything concerning data flowing somewhere where it shouldn't be flowing to at all) by a majority of the population including politicians and other entities which could hit the brakes on this stuff. And it is only now when people realized that Trump's 2nd term might turn the US into a fascist rogue country, that there is some kind of regret suddenly growing about the own previous mindset. But only now. As long as the US was interpreted as being our friendly ally, it was never officially considered to be any sort of problem, maybe even considered beneficial. Except of course by experts in the area, but who listens to experts, right?

Right-wing extremism is always anti-science, anti-education, anti-establishment, anti-constitution, anti-human-rights, anti-globalism, pro-nationalism, pro-traditionalism, pro-religion (but only the religion they themselves believe in), pro-authoritarianism, pro-discrimination, pro-genocide. Trump's administration is doing exactly what the Nazis did during 193x-194x. Except the neo-Nazis of today hate it when they are compared to Nazis. History doesn't repeat itself in every detail, but it rhymes.

An easy analogy that common users can understand is e-mail. E-Mail is also decentralized, everyone has an e-mail address but everyone uses a different e-mail host (the domain name after the "@"). So e.g. "john.doe@gmail.com" has an account at gmail.com but "jane.doe@mailbox.org" has an account at mailbox.org. Both are completely different, yet they can communicate with each other. There's not one company controlling or storing every single e-mail account or inbox. It's spread out and everyone can choose the mail provider they like or trust the most.

Then you use that as a bridge to explain Lemmy, or Mastodon, or other Fediverse social media platforms. And remind the listener that single companies having full control over everyone's accounts is generally bad and opens the door for all sorts of abuse and manipulation or arbitrariness.

Sure.

• https://www.scss.tcd.ie/doug.leith/apple_google.pdf
• https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pdf ... and when you use for example Samsung, Xiaomi, Huawei made mobile OSses, it's even worse of course, because then their own telemetry comes on top of that from Google as well. They want to have pieces of the cake too.
• https://www.kuketz-blog.de/google-play-services-die-ueberwachungswanze-von-google/ (you might have to translate that page. That guy is a well-known privacy and data protection researcher, white hat hacker and also a data protection official in a federal state in Germany. He's very objective)

Just for reference, this is what the Google Play services app transmits roughly every 20 minutes to Google if it has network access:

Phone #
SIM #
IMEI (world-wide unique device ID)
S/N of your device
WIFI MAC address
Android ID
Mail Address of your logged in Google account
IP address

And that is when you have disabled ALL telemetry in ALL of the options, even the most hidden ones. So this is the minimum amount this app is always gathering from every Android user using the Google Play services app, no matter what you selected. Other Google apps (like the Play store app) could then contain additional telemetry on top, this is just the common base of all Google proprietary apps. Or the minimum amount of privacy violations you get when using proprietary Google apps on your phone, no matter what.

If you use GrapheneOS, I'd recommend not installing/using ANY Google apps at all (not even Play store or Play services). To get apps, you should use (roughly in this order of priority): 1.) GrapheneOS's app store for the built-in apps 2.) Accrescent app store (has several good open source apps, is intended to be more secure than F-Droid) 3.) Obtainium (for getting open source apps directly from their source repos) or if you really can't get into Obtainium, use F-Droid instead 4.) Aurora Store (for getting apps from the Google Play store without sending too much data to Google. Only do this if there is no open source app available for doing the same thing).

To fully mitigate the removal of the Play services app, you also should probably install/configure something like ntfy to get battery efficient push notifications and ideally use apps which also use that, e.g. the Molly fork instead of Signal. It's quite easy to do, just something to be aware of. Otherwise your battery drain might be a bit higher. Then you're also independent from Google's push notification infrastructure. But you need a ntfy server to go along with it, either self-hosted or use a public one. There are some privacy friendly ones public ones out there.

It's going to get a lot worse because now they know that they are able to deport/jail literally anyone without facing any resistance. If a case gets too big on the media, they can shift responsibility around in a circle, e.g. USA says it can't do anything, El Salvador has to do something. And El Salvador says sorry can't do anything. And so nothing is done, both USA and El Salvador get what they want and the justice system and the victims can't do anything.

This will soon become routine because they will expand their list of "unwanted" persons constantly. First "gang members" and "criminals", then sexual and other non-criminal minorities, then non-criminal political opposition, then potentially everyone who's not super loyal to the fascist administration (aka cult).

What worries me is how fast it descends into madness. Any innocent American citizen should probably sooner, rather than later, be prepared to fight for themselves and their loved ones against injustice, because there might be no one left in the system doing it for them when the system itself has become unjust and/or dysfunctional. I hope that you somehow manage to turn the wheel around but when looking at the speed of Project 2025 and the Trump administration becoming increasingly more vile, I don't think there's much time left. Fascism is growing at insane speed, fueled by disinformation/propaganda and fake news on the web and social media, and backed by obscenely rich oligarchs who never really liked the previous government and laws anyway.

And this is all happening in a time when humanity should work together, rather than continue fighting among themselves. Instead, humanity chose the worst path forward possible, the path which accelerates the problems and has no solutions at all. So now we don't have anything against climate change and this will cause massive problems and completely new wars world-wide over land, food, water. And it's not far out. If you're young today, you'll probably live to experience it. It's probably the right time to prepare for the worst and adjust to a pre-apocalyptic mindset. Because we're definitely not solving this if we can't even solve fascism in Western democracies in 2025.

A fascist-run country does not care about allies or friends. In doing so, it becomes vulnerable and disadvantaged.

"AI" is good for pattern matching, generating boiler plate / template code and text, and generating images. Maybe also translation. That's about it. And it's of course often flawed/inaccurate so it needs human oversight. Everything else is like a sales scam. A very profitable one.

Fedora gives you a secure and functional desktop distro out of the box while with Arch, you can get that as well but have to invest more configuration time, since you have to configure things like Secure Boot, SELinux, disk encryption, firewalls, AppArmor and other security stuff by yourself, it's not going to have all that jazz by default, since Arch is a minimalistic and modular DIY-like distro, so it's up to the user to configure this. Arch doesn't put obstacles in the way of the user but also doesn't just preconfigure this stuff. But it's all there if you need it. Arch also offers a linux-hardened kernel variant which uses various hardening patches of the GrapheneOS project for the kernel (not sure if Fedora offers this as well). Experienced Linux users tend to like Arch's approach because of more flexibility, modularity and minimalism while still offering everything necessary, but the less experienced of a user you are the more you probably will have problems with this approach, and the more you want more things to be pre-configured out of the box, so that you as the user have to configure less stuff. The more you view it that way, the less suitable Arch is for you.

But both are excellent and modern distros. Fedora is generally for people who want to generally spend less time configuring their desktop distro. Arch is for people looking for either a more universal distro or something more modular, technically simple and customizable.

The RedHat backing of Fedora can be a blessing (lots of great stuff came from RedHat so far) but also could become a curse soon due to IBM's influence (which bought RedHat some time ago, and IBM isn't such a great company, and this can negatively impact RedHat as well) and current US politics (it's a US-based company). Arch, on the other hand, is even more independent than Fedora is and it's a fully community-run distro, and from all community-run distros, it's of very high quality, similar to Debian. Both Debian and Arch are also quite democratic in nature. If IBM hadn't bought RedHat, and US wouldn't be like it is today, I'd maybe view this differently but as it is I'd rather use a community-run distro than a US-corporation backed one. Even if Fedora is still very independent as a project, or so it seems.

If you're very well familiar with Arch there's really no need to switch to Fedora, but it can save you some time or configuration trouble overall in some cases, while it could also mean more potential trouble with major upgrades than with Arch with its frequent but lightweight updates all the time and never a big major version upgrade because Arch has no versions at all, it's purely rolling, whereas Fedora is a mixture of rolling and point release. That said, if you update your Arch very infrequently (e.g. only once every couple of weeks), you will also have a higher chance of update troubles (though these are often easy to solve for an experienced Arch user, but can be crippling for a newbie). To benefit from Arch's update mechanisms, you have to update frequently, as in every couple of days, at the very least once a week. And you really should set up a fallback mechanism, e.g. via filesystem snapshots, so you can revert an update which went wrong. Although so far, one of my Arch installations here is like 7 years old and there were only very minor update issues during that whole time, all of which were solvable via downgrading a specific package, waiting 1-3 days for the fix and then upgrading that package. So I'd say Arch is much more stable than its reputation, but still, even objectively small update issues can be devastating for you if you don't know how to solve them, so it again depends on the user.

Another factor is probably going to be whether the AUR or Fedora's community repos have more of the additional packages that you need for your use cases, from the packages that aren't in the default repos.

Which of the two distros makes more sense depends highly on the user, the user's familiarity with Linux basics, the user's available time, and general use cases. I'd say both choices are excellent for a desktop distro, and Fedora would immediately become my daily driver if I ever became unhappy with Arch. Which so far hasn't happened.

Another option if you still can't decide between those two excellent distros would be an Arch derivative like EndeavourOS or CachyOS, which pre-configure more of Arch for an easier desktop use out of the box. So they are more like Arch of course (based on it) but trade away some of Arch's subjective "weaknesses" for Fedora's subjective "strengths". I say "subjective" because those weaknesses and strengths can be different for each user and use case. Sometimes this gets forgotten in discussions like this. It's not a clearly defined drawback if your distro doesn't preconfigure most stuff out of the box. Whether that is a drawback or not depends on the user. However I'd assume that most users probably prefer more pre-configuration. But still, one size doesn't fit all.

Well this got longer than intended but I hope it helps for decision making.