Thinkpads have long had first tier linux support, in fact many models have shipped with linux for at least a decade (?), checking that is a really good way to be sure, but you’re going to be fine with W, P, T, X lines, many enthusiasts make light work. They were deployed (might still be) to Red Hat kernel devs for a long time, which helps things along. Fingerprint drivers tend to be proprietary and hit or miss, but passwords work.

Honestly learning to install linux yourself, and configure it to your liking, is actually, imo, a really important path to learning and you’re likely doing yourself a disservice avoiding it. It’s part of the avoidance of vendor lock in you want. Installation is surprisingly easy now, start with something simple, Mint is often recommended these days, find a decent, recent, youtube and you’ll probably be up and running in an hour. Find the apps you need for your workflow (which will take considerably longer). Get familiar with the terminal. Best thing you can do after that is burn it down and install a new distro, leaving any mistakes behind, keeping your list of apps. Arch if you want to get really deep into it, or Fedora / Bazzite are good choices and very stable. Best of luck.

I replied to @[email protected] and understood the question like “Is distrobox as secure as QubesOS?”, which I replied with “No”.

Ahh, fair cop. Good point on Secureblue, but my threat model doesn’t take me there.

Eh, it’s fedora under the hood with SELinux enabled, and immutable, better than most security wise, I didn’t say much more.

Bazzite is the better distro because you install things in a distrobox. Muck around, break things in there, but your main distro stays safe, secure and stable.

Perhaps not saved, but I’d venture the most significant nail in the coffin of the scientific publishing mafia so far, pursued with integrity and honor. The rise of open publishing that followed is very telling, and in my mind directly attributable to Alexandra’s work and it’s popularity, they know they need to adapt or (probably and) die.

Still need to work on the publish or perish mentality, getting negative results published, and getting corporate propaganda out of the mix, to name a few.

Yeah, I have a broader view of the phrase, which includes complacency (not actively working at alternatives) as well as just voting, seems most agree with you.

Valid point.

many people believe that “funding” something equals to “controlling” it.

Pretty much the definition of soft power, which an awful lot of politicians believe in.

US funding having been a toxic source of dependency, and it being better in the long run to get money elsewhere.

Yup, pretty much my intent, that and the insecurity it engenders, rather surprised by the reaction.

How could you read it that way ? I’m saying eventually they were going to conflict with the interests of the US (oligarchs and techbros) and lose funding. Shocker, it happened under cheeto.

Not a good thing, just an inevitable one, as they conflict with the interests of the US (oligarchs and techbros).

Oh No ! Leopards Ate My Face.

Better off in the long run.

Fair enough, I got the wrong impression with the post (which I did read) finishing with

It is not impossible to circumvent these issues, for instance by paying for a jmp.chat phone number with monero XMR. In this case you don’t actually have the sim, but rather access it remotely over XMPP. If you do this over Tor very little can be used against you.

and so on, which I found wanting from a privacy perspective at the implied threat level. No phones (or perhaps faraday bags, or aircraft mode, if tested, depending on threat model) is a much more astute take home, hence the spycraft suggestion.

Anyhow, best of luck.

Agreed, and now I’m whistling.

So, your key takeaway seems to be getting an untraceable phone number. From an opsec point of view I see a few problems.

First, this is implicitly aimed at going against state level actors, which is a whole other game than random internet services. With that in mind…

You assume TOR is actually anonymous, but it has been shown that with enough compromised exit nodes that fails. It’s also a NSA project originally, which may or may not be relevant, the code may be good and is open and has had eyes on, but at the least shows they are intimately familiar with it.

You assume acquisition of Monero is uncompromised and untraceable. Perhaps cash at a machine might be pretty good, but a camera could easily invalidate it, or the machine itself be compromised, wouldn’t be hard to imagine a profit motive or false flag driving that.

What’s the security implications of the XMPP protocol ? Just using TOR may not be enough (I don’t know, just asking the questions). What about the other end of the phone call?

One approach, especially for local efforts, is just using old school spycraft, dead drops, one time pads etc.

You asked for feedback.

Until next week, sigh.

Huge kudos to Freetube, I love it. Just the opposite to Alphabet, go on, be evil again.

Seems like data integrity is your highest priority, and you’re doing pretty well, the next step is keeping a copy offsite. It’s the 3-2-1 backup strategy, 3 copies, 2 media (used to mean CDs etc but now think offline drives) 1 offsite (in case of fire, meteor strike etc), so look to that, stash a copy at a friends or something.

In your case I’d look at getting some online storage to fill the offsite role while you’re overseas (paid probably, but a year of 1 or 2 Tb is quite reasonable) leaving you with no pressure on the selfhosting side, just tailscale in, muck around and have fun, and if something breaks, no harm done, data safe.

I’ve done it for what seems like forever and I’d still be worried about leaving a system out of physical control for any extended period of time, at the very least having someone to reboot it if connectivity or power fails will be invaluable, but talking them through a broken update is another thing entirely, and you shouldn’t make that a critical necessity, too much stress.

OP: I knew what I was wishing for…

Bastard.

I say go for the desktop for grunty work and pick up an older thinkpad for the mobile use case or just remote in with your macbook. I have a T580 (last of the dual batteries, infinite battery life baby), works an absolute treat on linux and next best build quality to a macbook but with a repair manual and massive upgradeability.

Would’ve sworn Potatohead/Voldemort was a caretaker and they’d switch for the election. Instead the shit stain is neck and neck (according to Murdoch polls). Wtf is wrong with this country, we see Trump and go ‘hold my beer’. May not be the worst timeline, but it ain’t good.