https://apnews.com/article/israel-hamas-war-news-12-21-2023-7d9718b32bf0d308c44c7c9e3c4e0deb

To add to this, you arguably cant have privacy or anonymity without security first.

If there are any vulnerabilities or design flaws for your device or its OS, you shouldn’t fully trust your device to handle sensitive tasks.

https://openwrt.org/docs/guide-user/network/wan/multiwan/mwan3

Security concerns can vary between traditional Linux distributions and rolling release distributions.

Traditional Linux Distributions:

1. Stability: Traditional distributions like Ubuntu LTS tend to prioritize stability over the latest software updates. While this can reduce the risk of new software vulnerabilities, it may also mean that security patches for certain software components are not as up-to-date as in rolling releases.

2. Delayed Updates: Security updates for software packages may take longer to reach users in traditional distributions because they go through a more extensive testing and validation process. This delay could potentially leave systems vulnerable for a longer period.

3. Predictability: Traditional distributions have predictable release cycles, making it easier to plan and apply security updates. However, this predictability can also make it easier for attackers to anticipate when certain software versions will be in use.

Rolling Release Distributions:

1. Up-to-Date Software: Rolling releases like Arch Linux or Manjaro provide the latest software updates as soon as they are available. While this ensures access to new security features and patches quickly, it can also introduce new bugs and vulnerabilities.

2. Frequent Updates: Rolling releases typically require more frequent updates, which can be time-consuming and potentially introduce compatibility issues if not managed properly.

3. User Responsibility: Users of rolling releases have a greater responsibility to stay informed about security updates and apply them promptly. Failure to do so can leave systems vulnerable.

4. Testing: Rolling releases often have a testing phase where updates are evaluated by the community before being rolled out to all users. This helps catch issues, but it can still result in occasional instability.

In summary, the main security concern with traditional Linux distributions is the potential delay in receiving security updates, while rolling releases offer up-to-date software but may require more user vigilance and can occasionally introduce instability due to frequent updates. The choice between them should depend on your specific use case and your willingness to manage updates and stability.

Not yet…

Its a rolling release, so will always have the most up to date and patched packages the fastest. That concept is the antivirus.

Can’t infect your machine if the vulnerabilities are already fixed.

Honestly, the best antivirus for Linux is Arch.

Awesome. Now leave it there and don’t let anyone touch it 😁

Its going to get more and more difficult to be flexible as this company locks in their entire development pipeline into a single browser.

It will probably be more expensive to move away from Chrome if you DONT develop for other browsers now. All it will take is the company that owns Chrome deciding to exercise their Terms of Service and Privacy Policies to the best of their abilities. If you sprinkle in support for other browsers now, it wont take as much work when the huge overhaul is needed later.

The money guys are blinded by the dollar signs though.

If we keep having to justify any development for other browsers, well end up with Chrome having all the market share!

You could ask them when they are going to support uploading through a modern browser like Firefox.

This is relevant to giving apps “root access”. How is that not relevant?

Its called the principle of least privilege, or principle of minimal privilege, or principle of least authority.

Its a philosophy learned by anyone who is serious about information assurance. Its a very basic, yet fundamental security concept.

Notably, there is a difference between admin and root.

One has checks, the other can run scripts, change permissions, move files, delete files, hide malware, install rootkits, install ransomware, exfiltrate data, alter your OS, change hardware voltages, etc all without so much as a prompt.

It doesn’t matter if you’re a beginner or a seasoned veteran with handling root, it can cause some heavy damage to your system when you or another application mishandle it.

Rule of thumb is to remain in user mode for the entirety of your sessions. Only use admin rights when you need to make a system change. Most well-designed applications should not need to be run as admin, and definitely not root.

Rooting Android is one of the most insecure things you can do to your Android phone.

Does XMPP allow e2ee group video calls?

Desktop app works fine tbh.

Phone numbers required for now. Usernames potentially on the horizon per sms removal update.

Server side code is open source and available at Signal Server Github.

Also available on iOS. Android has an apk download so you dont need Google Play.

obligatory xkcd standards

This is solid advice.

Only thing I would add is if you use a different OS that doesn’t support secure boot during install, go ahead and disable it. After you install linux, then go through the sbctl setup, and it’ll tell you when you should re-enable secure boot.

You can leave on secure boot nowadays if you install and configure the sbctl package. It can use the Windows secure boot method, and you’ll have a successful dual boot deployment.