The point is also to minimize potential damages caused by a bug in the software. Just this year there have been multiple data-destroying bugs in publicly released software. If the app runs as a server it’s usually trivial to have it run as a dedicated user, with just enough permissions to do its job.

It’s just good practice, even though the risks might be low why risk it at all?

I read your comment before the article and I thought you had made the second quote up lol, unbelievable. And people are throwing money at these guys?

OK so this is most likely by design, impressive.

Does the timer “jump” to the correct time after you dismiss the window ? It’s also possible that they didn’t bother testing the app when logged out, and that the popup blocks the UI thread while it’s displayed. In short it could be bad coding and QA instead of intentional enshittification.

That’s because he planted a backdoor into GIT, and now he reviews your bad commits every night.

Same as Windows and MacOS, really. You can follow best practices and conventions, or just install your software wherever you want.

“School” starts at 3 in France. But it’s more like a kindergarten for 3 years, then you enter primary school at 6 where you learn reading and writing.

Their own solution is actually better than a VPN for this use case. It’s an encrypted proxy which anyone can download and run, so it’s much harder to block.

Yes the Steam deck FS is ext4.

Why ext2 on Void?

Yes that’s the case under GNOME, KDE and sway.

Wireguard, like all VPNs, definitely does E2E encryption. What would be the point of an unencrypted VPN?

It’s not new, it started when they released GNOME 3.

As it seems nobody’s linked it yet, have you read Jellyfin’s hardware selection page? They go into great details about which HW features are required/desired.

In my case I’m running it on a NUC with an i3 8109U + 16GB RAM, it runs great with 2 or 3 transcoding jobs at once. Media are stored on 5400-RPM HDDs.

I haven’t tried it but the website lists ydotool as an alternative.

From NVIDIA, really. AMD and Intel GPUs work out of the box.

BoringSSL is not a drop-in replacement for openssl though:

BoringSSL is a fork of OpenSSL that is designed to meet Google’s needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don’t recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

I don’t think the goal is to lock you into their browser, since you still can change it through the GUI. It seems to be part of the recent push to block software which changes hidden settings. The end goal being to lock down the OS and prevent users from disabling features MS wants to push onto them.

Do you know if blacklisting nouveau actually disables the dGPU? It’s a work laptop so the iGPU is more than enough so I figured I wouldn’t bother with bumblebee or whatnot, but the battery life is shit :'(