Sure, here are some:

http://security.stackexchange.com/questions/259088/ddg#270934

https://en.wikipedia.org/wiki/Digital_signature

The main feature would be that if flathub (or a hacker with access to flathub) acted maliciously, digital signatures would prevent them from issuing malware infested updates to flatpaks. Only the software’s originator would have the cryptographic key needed to sign releases of the software.

The risk of dependency vulnerabilities is real.

Also, flatpak packages are not digitally signed, unlike apt and all other major Linux distro package managers.

I think that wormhole.app page is different software from magic wormhole (and warp). It just has a similar name. wormhole.app does appear to be proprietary.

Thanks. I think I found its homepage, is it the same as this? That looks like part of Gnome, so should be open source too. (It’s maybe available in your operating system without needing a flatpak, if you would prefer it that way)

I’m not familiar with warp, and couldn’t find it with a search. But I did find magic wormhole, and it appears to be MIT licensed, so it is open source. I also searched packages.debian.org and found it, so definitely open source.

As for firewalls: it might only block incoming connections, or has an exception for LAN hosts. I’d have to see the configuration to say more.

I’ve done this with Debian before, and it works fine. Linux usually mounts the root filesystem based on its UUID, so it doesn’t matter if changing the motherboard caused a change from /dev/sda to /dev/sdb .

If you use the proprietary Nvidia driver, make sure to update it to a version that supports the new video card. If you use the open source Nvidia driver, you should be fine even if it’s old, because it will at least support starting up in an unaccelerated mode.

I love that these have borders around the buttons. I wish more interfaces would do that. It used to be standard.

Yeah, try pressing Alt+[PrintScreen, F] to invoke the OOM killer. It kills the memory-hoggingest process, usually the web browser.

Fedora documentation says this sysrq functionality may be disabled by default. You can enable it once by typing at a terminal: echo 1 | sudo tee /proc/sys/kernel/sysrq or permanently with echo 'kernel.sysrq = 1' | sudo tee /etc/sysctl.d/90-sysrq.conf

If it turns out that memory overconsumption is the problem, you can sometimes fix this lag by disabling swap. 16GB is easily enough RAM to do all normal desktop things.

Have you imported the tails-signing.key yet? Usually you can double-click on that to import it using whatever graphical gpg frontend is set up on your system. It may ask you how well you trust the owner of the key. You can answer that question however you want without affecting this verification process.

Next, it looks like you run the instructions from this page: https://tails.net/install/expert/index.en.html#verify

Some of those command line parameters look a little paranoid. The basic command you want to run is: gpg --verify somefile.sig somefile.img

NTFS is considered pretty stable on Linux now. It should be safe to use indefinitely.

If you’re worried about the lack of Unix-style permissions and attributes in NTFS, then getting BTRFS or ext4 on Windows may be a good choice. Note that BTRFS is much more complicated than ext4, so ext4 may have better compatibility and lower risk of corruption. I used ext3 on Windows in 2007 and it was very reliable; ext4 today is very similar to ext3 from those days.

The absolute best compatibility would come from using a filesystem natively supported by both operating systems, developed without reverse engineering. That leaves only vfat (aka FAT32) and exfat. Both lack Unix-style permissions and attributes.