I agree about the risks in terms of the way some sources present the AUR as just extra packages. But I don’t think you can object to the AUR more than any other place on the internet where anyone can upload software; unfortunately, the onus is going to be on the user to verify what they install. The AUR is moderated by volunteers and it wouldn’t be fair to expect them to vet all of the high volume of commits to the AUR. Possibly they could vet new maintainers or new packages or newly adopted packages, but nothing would stop someone from initially uploading a genuine package and then replacing it with something malicious. Or they could require identity verification to be an AUR maintainer but then far fewer genuine packages would be on there because people don’t want to give their real identity to contribute (I maintain some AUR packages, and would stop if required to verify my IRL identity).

I can totally understand if the AUR is not for you; it’s more time-consuming as you have to read PKGBUILDs (I always do). But that doesn’t make it bad that it exists at all. I think there should be more warnings about it for new users, and possibly some more moderation, though like I said above there’s no perfect moderation solution that would simultaneously forgo users’ responsibility to check and keep the AUR as large as it is today. Ultimately the option should still exist for users who want it. If it didn’t exist, I’d have to hand-package every program that’s not in the official repos, and that’s even more time-consuming than pulling and reading through a PKGBUILD that someone else already wrote and shared.

It’s just a repository of user-contributed packages. It’s no different malware-ability-wise to, say, GitHub. If you are running code you found from a stranger on the internet then you are liable for it, and you need to do your due diligence in checking that you are not running malware. It is a good thing that the AUR exists because it means Arch user packages are all in one centralised repository instead of scattered across GitHub, Sourceforge, Codeberg, Pastebin, forums, whatever. If you are just installing random AUR packages then that’s on you. It’s basic internet safety to not automatically trust random scripts you find on the internet.

What an annoyingly uninformative title. Better title: a lot more compromised AUR packages have been found since our last update.

“A lot worse” is intentionally vague to get people to click.

I mean the ELI5 for the uninitiated is that X11 is older, and Wayland was made as the successor to X11. It aims to address issues that a lot of people had with X11. X11 is not in active development whereas Wayland is, and for support for modern tech, it’ll be added to Wayland but not X11. These days I’d advise to go with Wayland unless you either have hardware that doesn’t place nicely with it or you have a specific use-case for X11, i.e. Wayland unless you have a reason not to. Although most “beginner” distros choose for you without prompting you to pick, in which case go with the default (it’s probably Wayland anyway).

If you mean to explain the debate, basically some people have particular things they want to do, or they want to do something a certain way, and it’s not supported by Wayland, usually by design due to things like security concerns or philosophical differences with X11. X11 will continue to work for a long time but it’s not getting new features, so if these issues are a concern with you, you could stick to X11 for the foreseeable future.

The average user is not supposed to notice a difference (apart from maybe QoL differences like performance, screen tearing, etc)—that’s the goal of both projects. It should just display your desktop.

Maybe block on your router and save your router password such that you need to jump through several hoops to unlock it, eg password saved in one password manager DB whose master password is in another DB whose password is in another DB, etc. If you have to unlock like 10 password databases to get into your router, you’ll probably give up on whatever bad habit you were trying to do as it’s too much effort.

Do you have the skills to self-host? If so, you can host any number of cloud storage services: Nextcloud, Immich, Cryptpad. You could even host a Forgejo instance (the software Codeberg runs on) although it’s really not intended for storing the kind of images you’re talking about.

I am guessing, though, that you are probably not a very technical person, and self-hosting might be out of the question for you. In which case unfortunately your options are a fair bit more limited. There are free hosted Nextcloud instances—Disroot hosts one. Or you could go with something like Proton Drive. If you’re open to proprietary options then there’s several very widely used options like Dropbox, Google Drive, Mediafire, etc. But if you’re posting here, you probably don’t want those.

If you want to learn more then do LFS. I don’t think Gentoo teaches you much more than a manual Arch install. But very few daily drive LFS. It’s hardly practical. Gentoo is daily drivable but if you don’t care about compiling all your own packages then I don’t think it’s for you.

I’d say just do LFS on an old laptop or a VM.

Yay

I only use flatpak for one Python program because it has a lot of runtime dependencies I don’t want to bother with. I generally wouldn’t use flatpak.

I don’t agree. LLMs are by design probabilistic. Chainsaws aren’t designed to be probabilistic, and any functionality that is probabilistic (aside from philosophical questions about what it is possible to be certain about, YKWIM) is aimed to be minimised. You’re supposed to be able to give the same model the same prompt twice and get two different answers. You’re not meant to be able to use a chainsaw the same way on the same object and have it cut significantly differently. You’re inherently leaving much more to chance by using LLMs to generate code, and creating more work for yourself as you have to review LLM code, which is generally lower quality than human-written code.

Not comparable at all. Power tools work deterministically. A powered chainsaw is not going to have a 0.1% chance of chopping a completely different tree on the other side of the forest. Of course accidents happen; your hand can slip. But a proper comparison would be if you got a computer to look at a large number of powered chainsaws and then generate its own in CAD based on what it’s seen, and then you use that generated power tool. Which, for something as potentially dangerous as a powered chainsaw, you most likely wouldn’t want to do, and would want to have careful human oversight over every part of design.

Had no idea Qt had 3D rendering… GUI designers get more creative. Let’s see a 3D email client.

Is there any evidence that they would go after random FOSS projects that aren’t hosted or developed in the relevant jurisdictions? Don’t comply in advance.

Conversations move through different topics.

The origin of inefficiency as resistance comes from people in concentration camps deliberately doing poor jobs at forced labour as a form of resistance. If you’re posting on Lemmy right now you can do a lot more than inefficiency. The people who had to resort to inefficient slave labour as resistance could only dream of what you can do.

Omg I never knew about ctrl+L. Life saver. I have no idea why Linux file pickers/file browsers don’t seem to have an editable (and copy-pasteable) path field.

Not anything concrete. Windows is kind of nostalgic for me as I only used it as a young child. But there’s not a specific “I wish X was on Linux”.

Do you live in a city? If you do, there is something of the sort in most cities; you just need to know the right people or look in the right places.

If not, yeah, rough, you could try travelling in to a city though.

Before anyone says anything, no my city is not huge, no I am not in the US. The political left is active pretty much everywhere on earth, sometimes more or less underground depending on the conditions, but they’ll have some sort of spaces for themselves.

I use Notesnook and I’m happy with it. They have a flagship instance with free accounts if you don’t want to self-host.

If you want something more lightweight and are up for using syncthing, just a bunch of markdown files synced with syncthing also works. You can encrypt them with your pgp key if you want encryption, but that doesn’t encrypt metadata like file names, directory structure, or when files were last edited.

In my own experience, runit is much faster to boot than systemd. Perhaps your experiences differ but I know a lot of people say the same.

I agree start-up time is not a big deal. I just mentioned it as it’s the only real performance difference I’ve noticed between OSes.

I don’t think Arch is the distro I would go for if I just wanted speed. I suppose it depends on speed of what—generally systemd Linux will boot noticeably faster than Windows, and non-systemd Linux boots noticeably faster than systemd Linux—but once you’re booted up, I don’t think there’s a significant performance difference. Arch is a Linux distro that uses systemd so it’d be the middle option if you’re wanting fast boots. There are other minimalist distros too, some of which end up in arguably faster systems, but Arch is probably the easiest of the minimalist distros due to being well-documented and supported. But the reason for going for a minimalist distro is usually customisability, not performance. On modern hardware the performance difference is negligible. On very old hardware, you should be looking for another distro made specifically for old hardware (I don’t think Arch even supports 32-bit).