Like I already wrote, I fully know that it is collecting data, thats why I’m giving it some bogus ones (like for example fake location), and some other valid one (like for example my device id and IP when I use it) that I did agree to give in exchange for protecting my bank account from being hijacked and other.

Other than that it collects nothing more at least nothing active. Why do you ask? Because bank app have background internet access denied so it can only connect to internet when it is in foreground. Yes, it could run some periodical task in background, store that data on disk and send it only when active but that’s something that facebook would definitely do. While I agree that a lot of shitty apps do that, I doubt that bank will try to risk gdpr breach (that would hurt them monetairly in many ways) over some useless data that they could access.

On top od that I have have network traffic monitor always on screen so I see when something is using network and howuch, ans that it stays flat 0 when I use offline apps, that gives me confidence that nothing is actively sending data to network.

And yes, I already once closed my bank account because of a shitty app, so I know what I’m saying.

Those plastic rectangles doesn’t have any security against range extend attacks so they can steal money from you and you would be plain unaware and defenses. While phone or watch will only enable contactless payment on demand making it way safer. And you can pay with contactless payment everywhere in Poland while you sometimes can’t pay with inserting physical card on some automated devices as there is no where to insert that card, you can only use contactless feature of that card.

Not to mention those plastic rectangles cost yearly or sometimes even monthly, while app is 100% free. And if the app at any point in time do anything that I didn’t agree in the agreement and/or bypass any permissions I didn’t grant them there will be hell to pay for them.

But maybe I’m wrong, I don’t know…

I use bank app for contactless payments. But the bank app have no other permissions, even location is fake.

Not moved anywhere, so born and live in Poland, due to job and entertainment I speak and think both in Polish 🇵🇱 and English 🇪🇺. But more and more I catch myself thinking in English.

In case of f-droid, it’s follow more the Linux distro phylosopy, where the binaries are build and offered to you not by the developer but by distro/repository maintainers people.

You can add your own repository or use your friend repository or use f-droid ones.

In case od f-droid repository, to get app published your app need to adhere to rules one of them is that the code need to be public so the repo maintainers can build the app from it.

Comparing it to play store where the app is build and sign by the developer without making the code public, in turn making it almost impossible to know and follow what the app is doing.

So its a matter of trust.

For some apps I would rather install them from f-droid as I have higher confidence that someone looked at it if the app is not harmful or leaking my private data. For other apps like Banking apps I would rather install them from Aurora store where I dont know what the app is doing but I trust more to protect my money than some random dude on internet. And if bank does something bad I will sue them or just stop using their service.

Based on screenshots - the status in Process tab is useless in most cases IMHO. Better telling would be CPU℅ telling proportion of sleep&running.

But overal nice looking, having tabs like flatpak and such that sounds useful.

“There are only 10 types of people in the world: those who understand binary and those who don’t.”

https://www.exploringbinary.com/there-are-10-types-of-people/

Matrix

Funny :)

Hard to be sane with so many broken hardware implementations… 😅

Cudos for the Linux developers!

In the last I had very little success rate of those uninstall tools to actually do their job in full. A lot of time they delete some data but almost always they leave some trash behind.

And in the first place, I stopped trusting those external uninstall binaries, they could be designed to remove not only app data but remove your personal data, steal data from your PC or infect it (even if just to investigate why you are uninstalling).

One of the reason is that apps can place their files in any place they want so the app manager is not aware of those locations.

Even if it would know then the user still would need a way to remove the app without deleting data, imagine installing Developer IDE or chat app and uninstall process would remove your chats or projects. Imagine app dev accidentally set the “directory that store app data” to /home, it would be bad.

I not once uninstalled app to install different (for example older) version due to bugs in new one.

Having the logic allowing to optionally delete data would introduce additional complexity so most old package managers never introduced that feature.

But I agree that we should slowly introduce a way to to that. Some app managers that manage flatpaks now allow to delete user data after uninstalling app, this now could be done universally because apps installed using flatpak store their data in their own separated/dedicated directory that flatpak engine know about so (unless you give permissions to access other location) thw manager know where the app store data so can offer easy way to remove it.

Container is just a term for a set of isolation solutions bundled together.

Like file system isolation (chroot), network isolation, process isolation, device isolation…

One of them is ofc chroot, yes container use exactly the same chroot functionality.

So to answer your question, no, you don’t need full isolated container. You can use only chroot.

You just need to pass all required devices ( and match the driver version running in kernel with your files in container and (avoid) more than one app having full unrestricted access to GPU as that would result in issues (but dont know the details so can’t help you with that)).

You can use wayland in container but the easy way probably would require to give whole GPU to the container (but my knowlwdge is limited)

What I do know that this project is doing that: https://games-on-whales.github.io/

That also came up in search results that could help: https://unix.stackexchange.com/a/359244

The only reason ssh client would “hang” without any output is when it’s waiting for external key storage to allow access. It’s designed that way to give user some time to approve access to key storage.

It sometimes happen that the installed key storage is broken in a way that it fails to show user modal, for any reason (showing on wrong screen, wrong desktop, wrong activity, wrong framebuffer, …)

One solution (that you already did) is to change the SSH agent env variable to point to different key storage.

Another would be (if possible) to uninstall the broken key storage if you don’t use it. But it is sometimes needed/used by other apps.

It’s overall good to notify/open bug on your distro issue tracker to notify that some packages are missconfigured (maybe have missing dependencies) or conflicts with other ones.

I move unsubscribed emails to different folder, so next time they send me email I don’t feel bad in any way as I can confirm that I did tell them not to send me emails.

I only regret I can’t flag it as spam double time.

Gauguin - Sudoku-like game for Android (on F-Droid)

The instructions are not clear at first so it’s better to start the game a new with lower difficulty.

Yes, user should (at least try to) provide their own message, if not and it just post links to (their own?) pages then account should be marked as Bot IMHO.

CVEs found at: https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/

Details of vulnerability: https://github.com/IAIK/SLUBStick

Immich

Wanting to spin-up but constantly delaying…

You can go to /var/log/apt/ and read the history.log as it will contain every single package that you did install/remove.

Based on that you can just restore it to working state by manually undoing the changes (removing installed, installing removed)