first off, I have serious doubts that any one dude - or even a group of those for that matter - can ascertain the security of such a complex system; a browser is essentially an operating system, with all the layers and complexities that entails.
even if you’re somewhat successful in such an endeavor, I don’t really care if it potentially is. chromium comes from those shitmakers and I’m not willingly using anything they had their nasty fingers in. they threw one shovel of shit too many on the heap and they are now forever on my ignore list. if that means that I don’t get to access certain domains, sites, and/or apps - so be it, I’ll make do without.
fucking edgelords… IA has trouble staying on its feet without this sorta crap.
this has “kicking puppies for palestine” energy - not sure where I’ve read this but it’s an apt analogy.
you can still run both tools, I do so on my main workstation. they stay in the status bar and don’t bother you none. when you’re done working and recline on your sofa, you can send e.g. youtube videos to the rig and they play fullscreen by way of mpv.
I’ve gone the other way - there is no interacting per se with the media PC; instead, it’s a dumb sink that plays back everything you send it, by way of macast and jellyfin-mpv-shim. you use android apps to send it stuff (e.g. newpipe share to allshare which connects to macast and jellyfin android app which connects to JMS) and to control playback (pause, skip, change subs, etc.). so, all media selection and playback control is done from the mobile device, no need to touch the media PC doing the playback.
not sure this will fit into your use case because of spotty internet, but that should prompt you to install jellyfin post-haste. then you have two options, the mentioned android app + JMS or just the jellyfin media player which can run in TV mode with a pared down controller (up/down/left/right/enter/back) - I’ve successfully repurposed an ancient Apple Remote that has just those six keys.
can you run it on multiple devices and have them all synced? how about chat export in a readable format?
hey E., tell Sloane I said “What up”
good messenger for what?
if you want a solution for you and a bunch of your henchmen to coordinate and discuss totally-not-crimes with ephemeral comms, practically any E2EE solution will work; once the not-crimen is done, burn your accounts and toss the devices for good measure and you’re scot free.
if you want a secure messenger that’s part of a widely used communication platform where you can also do normal people shit and also convert normal people to actually use it (think getting contact deets from cute boy/girl at a bar or giving yours to a business correspondent without an elaborate powerpoint presentation on how to use it) and you want to enjoy the fruits of 20+ years of continuous IM development, like having top-notch UX, battery efficiency, network resiliency, quality voice/video calls, etc., without being spied on then such a thing doesn’t exist.
how come? meredith baxter recently stated that it costs signal $50MM/yr to run their infra. that money has to come from somewhere. if there are no advertising dolts dumping cash on spying on your social graph and convos, the remaining avenues for financing are few and far between.
in closing, there aren’t any super awesome messengers you weren’t aware of, everything is shit.
not to trample on your experiences, but you can make it work. it’s true it’s super cumbersome and involved though.
I’ve had/got it working on a T420s, T480s, T14, MBPr 2012, on debian, fedora, and arch. it helps if it’s not your primary/only workstation so you can tweak it without pressure. keep at it, it’s worth it, I can’t imagine using my laptops any other way.
maybe do I write-up one of these days.
you should enable suspend-then-hibernate
instead. laptop suspends normally and if not woken in, say, an hour, the RTC hibernates it to disk.
correct, no idea how I managed to do that.
you’re overcomplicating it. get a separate $20 SSD and install the OS to it, dicking around with wine and tools within virtualbox is a headache you don’t need. set it up as desired (I recommend using flatpak versions of lutris and friends because of freshness) and then install the games one by one, followed by transferring the game data/settings/etc. you can experiment to your heart’s desire because you always have the fallback solution of your original drive.
then, when you know what’s what and where’s what you can make the transition. good luck!
I mean, OK, it’s a vulnerability and there are interesting implications, but this is hardly significant in any pracitcal sense of the word.
the potential victim has to run their system without a firewall, has to print to the printer they’ve never interacted with before and then the attacker can run shit with whatever the printing system’s user id is, which shouldn’t be an issue on any reasonably modern distro.
I routinely remove cups and friends from any system I run because I have no need for printing and it bothers me to see it constantly during every system upgrade.
I wanted to write the same thing. have the notes app do the notes thing and handle encryption elsewhere.
as to apps, I suggest QOwnNotes. it’s markdown, highly configurable so you can make it minimalistic AF, stores notes in invidual files and folders. it also has a bunch functionality like syncing to nexctcolud and such, but I’d advise against it, just use it as a notes editor. you don’t have to selfhost anything, make it use the e.g. Documents/Notes folder and you can use syncthing to securely replicate it to other devices.
friend should nuke this crapware and use syncthing for such activities. if they happen to run jellyfin, they can use it to serve books as well, and by utilising the OPDS plugin it would allow compatible readers (e.g. Librera) to directly download books/comics to the device in a shop-like interface.
because things moved forward in the last decade or so and it’s not viable. the same way matrix and element and those ridiculous things aren’t viable and never will be. can you use it today? absolutely. can you convert normies to it and make it an actual widely used comms platform? no. fucking. way.
this is coming from a guy running their own prosody instance and utilizing rocketchat on two separate client instances. yeah, I know how to set it up and deploy it; but the amount of absolutely credible complaints I get from normies forced to use it staggering.
to me it looks and feels like shit, compared to Durov’s spyware it’s like a PoC from 2015 looking for funding. fine demo you got there, now bring us the real thing.
but, to practical things, I lose/sell/buy/switch devices frequently. with telegram, I can lose all my devices, log on from a fresh one and all my shit is there - a decade+ of convos with 100s of people with valuable info. no juggling around with the crappy electron desktop app that doesn’t give me access to convos or the inane procedure to replace a lost device and restore chat history… the other day, I successfully retrieved a piece of info from a convo from a decade prior.
I realize there are people out there that need that sort of security, but I don’t. I just want Telegram with an OTR plugin (OMEMO nowadays) that prevents any nascent mass surveilance and LLM ingestion and I’m golden. but that shit’s explicitly against Telegram’s ToS; the only logical conclusion is they’re adamant about leaving all your shit unencrypted in the cloud for some specific reason.
I can’t think of any such reason that’s not malevolent.
regarding its UX, nothing close exists; when it comes to converting normies, so you have someone to actually talk to, then there are no alternatives. that’s a pretty shitty state of affairs for something that shoulda been solved a long time ago.
lesson learned, I guess, don’t put all your eggs in one basket and have multiple fallback solutions. I’ve begrudingly moved to Signal and I’m cursing it out at least once per day, can’t believe the navel-gazing, self-righteous cluelessness behind it; but that’s the best there is at the moment. it’s beyond shitty that we’re having trouble achieving what we had in like 2012 by way of XMPP and friends, let alone surpassing it.
any way to read this without a telegram account?
I’ve set up a local mail archive with just dovecot + imap plugin. you don’t need the full mail server with postfix and whatnot, as it’s not intended to send anything anywhere, or even receive anything for that matter. it just sits there ready to be searched with thunderbird, no need for other complex solutions you’ve mentioned.