I never use flatpaks and am doing just fine. I don’t want my packages to be installed from a bunch of different places; I want it all managed by one package manager, which for me is my distro package manager. I’ve never noticed a problem arising out of not using flatpaks; everything I want is either already packaged for me, or I can make a package myself.

You can set qBittorrent to only use a certain interface, and set that to the wireguard interface of your VPN.

I don’t do deniable encryption on my root drives, just on external drives, and store the headers on my (non-deniably encrypted) computers. But if you want to deniably encrypt your root drive, Arch Wiki has some info:

https://wiki.archlinux.org/title/Dm-crypt/Specialties#Encrypted_system_using_a_detached_LUKS_header

You would still ultimately need an unencrypted header somewhere in order to boot your computer, so if it’s your main daily computer you’d likely carry around the USB stick all day and therefore it wouldn’t work against a state adversary who would obtain the USB stick with your header when they arrest you, if it’s on your person.

Also, it’s much more plausible that an external drive is genuinely just random data with no encrypted contents than that the drive installed into a computer has no data. I do have some USB sticks etc with genuinely nothing on them because I wiped them with /dev/urandom at some point, and they’re lying around waiting for me to need an unused USB drive. The average person doesn’t have an “unused computer” with nothing on it, just random data on the drive. Especially if you are an activist/organiser, if the state finds your computer with just pure random data on it and no encryption header I think they will assume it is deniably encrypted.

Ah lol sure. It depends on what level of state repression you’re looking at. Regular cops will just not bother trying to decrypt a drive if they don’t have the password and you don’t freely give it up (you have the right to refuse to provide a password here, it’s under the same kind of principle as having the right to not incriminate yourself), but I’m sure military intelligence etc will go to the wrench technique. Also deniable encryption for anything particularly sensitive is good for the old wrench technique.

It’s off at the moment. I turn it off whenever I’m not using it for security reasons, and also just noise reasons so the fan doesn’t bother me. It boots relatively quickly so I’m unbothered.

I don’t want to say where I live for anonymity reasons, but I will note that it’s fairly standard for political dissidents to be raided by any government so it doesn’t actually particularly narrow down my location.

What’s the wrench technique?

I encrypt all my drives. Me and the people I know get occasionally raided by the police. Plus I guess also provides protection for nosy civilians who get their hands on my devices. Unlike most security measures, there is hardly any downside to encrypting your drives—a minor performance hit, not noticeable on modern hardware, and having to type in a password upon boot, which you normally have to do anyway.

Maybe? I remember I have used it to read optical discs before (on Linux too) and I don’t think I’ve unplugged anything

Afraid I don’t have a /dev/sr0. Tbh I built this PC yonks ago, I don’t remember how I plugged in my optical drive. I assume SATA would be the sensible and most likely option.

I’m on Artix Linux with runit if that matters at all?

I mean, it doesn’t matter to me whether or not I can eject my optical drive with a command, but at this point I’m just curious as to where the drive is on the filesystem lol

Edit: I tried loading sr_mod with modprobe sr_mod (which wasn’t loaded for me) but still not seeing any sr* or cdrom in /dev. Again, not too bothered about this, but I’m kinda curious.

I still have a disk drive but eject doesn’t seem to affect it since for some reason I don’t have a /dev/cdrom. I just checked with the physical eject button on the drive and it is at least still physically working—the tray ejects! I don’t have any optical media to test if the drive still works to read CDs though

Because it’s so simple, a good default config can be a one-liner. For similar functionality to default sudo:

permit persist setenv {PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin} :wheel

Allows members of wheel to run commands as any user (if you just run doas <cmd> it will default to root), and “persists” for 5 minutes, ie if you run doas then for the next 5 minutes in the same session you won’t have to enter your password to run doas again, similar to default sudo settings.

https://wiki.archlinux.org/title/Doas

What problems were you having where you couldn’t get it to work?

Very useful for shell scripts that need to do maths as well. I use it to make percentages when stdout has values between 0.0 and 1.0

I don’t want all these fancy schmancy features. I’m very happy with foot in its current form. The only additional feature I would like is ligature support, but otherwise foot already has the features I want in a terminal emulator, and more that are optional for me (e.g. sixel support; although I do use sixels for my lf previewer, it is not necessary for me). I also don’t want my terminal emulator to have tiling, because rivertile does that for me, or whatever your window tiler is. Same for tabs. You can use i3 tabs, sway tabs, Hyprland groups, etc instead of having tabs in your terminal emulator.

I prefer to do it clean and manually transfer files, because I usually don’t want a copy paste of my previous setup. For files that are just, for lack of a better way of putting it, personal storage (ie the files that are not dotfiles in my home directory, eg pictures and documents etc), they are on a Nextcloud.

What makes you use bitmaps as a system font?

I like the aesthetic of bitmaps. Personal preference

Gohu Font Nerd is a nice small bitmap font I’m fond of. Only issue is the size for high DPI monitors, but the JetBrainsMono nerd font is a nice vector font that’s easy on the eyes (quite stereotypical/cliché, but that’s for a reason).

Considering “the Linux system” is literally anything you throw on top of the kernel called Linux, it can be a development environment or anything you want it to be.

I’d just like to interject for a moment…

configuring vim from blank state is an art itself and requires quite some time and dedication.

Not really sure where you got this from. It’s quite simple to me. The default vim config works completely fine for me if I’m eg in a VM and I don’t want to copy all my vimrc and plugins over, if it’s a machine I’ll be using more long-term then it’s quite quick to configure a few settings to be how I prefer them to be. Main changes I make to a default config is enabling line numbers (idk anyone who wouldn’t want line numbers tbh) and setting them to be relative, set scrolloff=9999, use 4 spaces for indent, enable line and column highlighting, set a theme, and a couple odd scripts, but again the default is perfectly usable and the tweaks in my vimrc are just to my personal taste.

Oh you mean without downloading the files. I thought you just meant cloud sync. Yeah I have my entire Nextcloud downloaded and the folder is synced by the daemon, so I do just use the files as normal local files. Never tried without downloading all the files

Nextcloud works that way for me. I access my Nextcloud files at ~/nextcloud without any hitch, and changes sync immediately. You do have to self-host, but I’m sure there are also some public instances you can use. I know Disroot hosts one.