I stand corrected, thank you. I’ll have to try that out.

The biggest issue I’ve had with I2P so far has been lack of content.

postman.i2p only permits torrents which includes its tracker in the torrent file, which means popular torrents from 1337x, TPB et al can’t be uploaded there (at least not without changing the infohash). Torrent clients like qBittorrent and BiglyBT can cross-seed on I2P and clearnet networks which is a recent development since libtorrent 2.0 came out (software packages take a while to bump to.the latest library), but from what I’ve tested nearly all of the infohashes I put into my client from “clearnet” torrent sites have stalled, probably because I2P is a little too bespoke at the moment.

The potential is definitely there IMO, but unless you’re just watching mainstream movies and TV it’s not a replacement for clearnet/VPN.

If I’m missing something I’d like to know :)

You can absolutely download apps from F-Droid on GrapheneOS, what makes you think you can’t, and how did you conclude that LineageOS is more private and secure?

I never said that GrapheneOS couldn’t download apps from F-Droid. I didn’t mention GrapheneOS being able to use F-Droid in my dot points but that was just an oversight, not intenttional.

GrapheneOS doesn’t ship with any Google services by default. We do provide an easy and safe way to install the Google Play components if desired, they are run under the same sandbox and constraints as any other ordinary app you install.

The problem with this is that so many apps use Google Play Services. If I didn’t want a phone that used Google, I wouldn’t use an OS that bent backwards to make it work.

The sandbox model is OK in theory, except when your bank app asks for permissions for microphone, camera, contacts and files, and refuses to start without them.

The app model is a bit broken IMO and GrapheneOS both enables and perpetuates it.

LineageOS is pretty commonly behind on updates. As an example, it seems that LineageOS 21 (based on Android 14 QPR1) came out in February of this year. You cannot ship the full security patches without being on the latest version of Android, which is Android 14 QPR3 now.

I might be being a bit naïve here, but Android 14 came out in October, 4 months prior to LOS 21, which is not particularly long. Android 13 is still supported by upstream. This sounds a bit like running RHEL or Debian vs bleeding edge Arch, no? It’s a common debate whether RHEL systems are constantly out of date, the counterargument being that vulnerabilities are often found in new software versions. Without real statistics about security vulnerabilities over time it’s difficult to make an informed decision about software version policies.

LineageOS does make connections to Google by default, as does AOSP. GrapheneOS changes those connections while LineageOS doesn’t.

That is excellent, I’m glad to hear GrapheneOS is changing some of the defaults to be a bit better.

Lineage is kinda bad privacy and security wise, from the little I know its not fully degoogled

My understanding is kinda the opposite:

• GrapheneOS ships with a sandboxed, FOSS Google Play Services which can optionally do a bunch of Google things (use their APIs, login to Google etc.) plus they have some hosted services that can substitute Google services (like geolocation).
• LineageOS basically doesn’t ship with any Google Play style API/frameworks at all. It’s a pure AOSP experience. Any apps on F-Droid work but third party apps (like ones found on Google Play) are hit and miss. If you can just use F-Droid for all of your apps then LineageOS is probably a much more private and secure offering.
• LineageOS for microG is an unofficial fork of LineageOS which includes a FOSS Google Play Services compatibility layer, a bit like GrapheneOS. As far as I know it doesn’t have the same level of sandboxing as Sandboxed Google Play on GrapheneOS.

Both GrapheneOS and LineageOS publish monthly updates with upstream security patches for all supported devices.

Both GrapheneOS use network-provided DNS by default.

Apparently both GrapheneOS and LineageOS connect to connectivitytest.gstatic.com via http as a Captive Portal test by default,althoughh this was as of 2019-2020 and both might have changed since then.

It will use tons of public sector resources and attention regardless if it’s PPP or a state asset.

Just look at the recent Logan/Gateway Motorway upgrade (Logan Enhancement Project) which Transurban financed for $512M. There was least $30M of government spending directly afterwards on an adjacent road, and likely more than $100M to come.

No doubt a $7b tunnel will similarly result in $100Ms or even billions in adjacent road spending.

There are different types of cycling. I would always wear a helmet to work because I live 6km away and it’s a decent ride. There are hills and I often get to a reasonable speed.

Compare that to someone living in South Brisbane commuting to the CBD, or someone going for a leisurely bike stroll on the riverwalk - they may not go fast at all. We don’t wear helmets whilst walking or jogging, but why is it mandatory for a slow ride?

The big reason helmets can be offputting is because they can mess up your hair. If the city wants to encourage people who live relatively close to their jobs to ride in, more flexibility on helmets could be a good thing.

FWIW I do think helmet safety should always be encouraged. Riding down a hill? Going more than a leisurely stroll? Wear a helmet. Makes sense. But it’s really not that necessary for people who are riding slow.

You can definitely work in an office job, bring your clothes in your bag and get changed at work.

If that’s not your thing, catch PT. Nobody’s saying you have to do the cycling thing. But plenty of people ride into offices for work and wear their smart clothes just fine.

I ride all year round in Brissie. I find my comfort level depends on when I ride, distance, speed and my bike setup.

First, I ride to and from work in the morning and arvo when it’s cooler, not in the middle of the day.

I ride 6km each direction which is manageable. In winter I barely break a sweat. In summer I have a shower on each side. I can and sometimes do get away without showering by riding slowly. Or I just catch PT if I’m going somewhere else after work.

The other thing I noticed is that not wearing a bag helps a lot with reducing sweat on my back. I have a basket on the back of my bike and just throw my bag in. A lot of other people use pannier bags.

Everywhere that I’ve worked so far has had an End of Trip facility except for my supermarket job as a teenager.

Something that often gets missed is the difference between packaging conventions between distros.

For example, Debian has Apache httpd packaged as “apache2” and has wrapper scripts for enabling sites. Fedora/RHEL has “httpd” and includes conf.d from the main conf. Arch also has “httpd” but doesn’t have a conf.d out of the box. Of course you can pretty much configue Apache to your heart’s content and have an identical setup between all three distros.

From what I’ve read, Debian tends to patch and change software to fit more into their overall system whereas Fedora and Arch tend to be more upstream.

RPM and Arch both have group packages and metapackages. Debian just has metapackages AFAIK. Debian also has “recommended” and “suggested” levels of soft dependencies, the former which is enabled by default. RPM has the capability for weak dependencies but AFAIK most RPM distros don’t use it. Arch doesn’t have soft/weak dependencies AFAIK.

When you install a new system daemon on Debian, it’s generally enabled and started by default, whereas RPM-based and Arch don’t do that.

When I think of the base of the system I tend to think of some of those more subtle idiosyncrasies that tend to spread around the ecosystems, like Ubuntu and Debian behave quite similarly for instance.

I much prefer Librewolf. They are a little more transparent about it is, an independent, open source repackaging of Firefox with Arkenfox(ish) patches applied to it, rather than an entity which signs up for deals with other businesses.

Same guy who talks about woke greenies attacking his “way of life”. The more I hear from that guy the less respect I have for him.

Meanwhile I’ve been arguing with council about getting bike racks at a new-ish shopping centre (a few years old) that is legally required to have one.

(Technically they do have a bike rack, but it’s on B2 of the carpark hidden behind a car wash and completely unsigned)

Bash scripts will only get you so far and I can wholly recommend Ansible for automation.

Basically the main advantage of Ansible is that its builtin tasks are “idempotent” which means you can re-run them and end up with the same result. Of course it is possible to do the same with bash scripts, but you may require more checks in place.

The other advantage of Ansible is that there are hundreds of modules for configuring a lot of different things on your system(s) and most are clear and easy to understand.

You could use HAProxy on the client side to load balance apps in multiple locations, but it really depends on the application.

I like to manage my software with Ansible but Docker stack files might make it simple enough for you.

Yeah, sorry it was a long time ago (like 10+ years) but I checked and it would’ve been the --overwrite arg.

The manpage for the older ntfsclone command has it:

Clone NTFS on /dev/hda1 to /dev/hdc1: ntfsclone --overwrite /dev/hdc1 /dev/hda1

Moral of the story was to RTFM 😂

ntfsclone /dev/sdc /dev/sdb

/dev/sdb was a blank filesystem and /dev/sdc was my Windows filesystem.

ntfsclone man page

It ran for less than a second and didn’t take me long to figure out what happened. That’s the story of how I stopped using Windows.

Yeah, too frequent and too buggy. It got annoying having to do upgrades every six months and have to deal with all the new bugs that came with it.

Basically give me Debian-style biannual releases or Arch-style rolling releases.

There’s also dotnet (.NET Core) available on most distros which is an open source subset of .NET by Microsoft

See https://fiodar.substack.com/p/differences-between-mono-and-net-core

I use Debian at home on my homeserver and a mix of Debian and Arch for my workstations. Most of my stuff is managed with Ansible to make rebuilding easier and most workloads in podman containers.

Personally I don’t overthink the distro thing. I recently started using Arch and quite like it. I’ve noticed packages that are available in Debian but not Arch and vice-versa. Debian Stable is nice because it’s just, well, stable.

Fedora has an annoying release cadence IMO. I have experienced desktop bugs in the early GA releases before which put me off. If I wanted instability I would sooner go with Arch (and I am yet to have many issues with Arch yet).

If I were to go with a BSD for a home server it would probably be OpenBSD or FreeBSD. OpenBSD has vmm and a bunch of tooling around it, and FreeBSD has bhyve and jails. I haven’t taken the plunge because Linux works and it’s what I know.

These days I hear about people using proxmox on their homeserver with LXC containers and/or VMs.