Good catch - I should have said that it’s closer to Windows-style ACLs rather than implying that it’s actually the same.

Windows perms are pretty locked down though. Sometimes I can’t delete my own files because I need permission from “Administrator” :/

You can actually use Windows-style permissions (ACLs) on Linux via setfacl.

some malfunction in systems around the world only supporting max 9 digits

That’s not how computers work, though. They use binary so they care more about binary digits (powers of two: 1, 2, 4, 8, 16, 32, etc) rather than decimal digits (powers of 10: 1, 10, 100, 1000, 10000, etc).

Very old systems store numbers with a fixed number of digits, but those systems don’t use Unix time.

KDE still has some of the most popular effects built-in, including wobbly windows, desktop cube, magic lamp when minimizing/maximizing, blurring semitransparent windows, “exploding” windows when you close them. They’re built in with no extra software required - just go to the “Desktop Effects” settings.

you immediately tie the permanent accessibility of your local files to you retaining access to a cloud account?

The Microsoft account holds a backup of the recovery key, which you need to use to restore access in if you do something like significantly change the hardware or move the drive to a different system (which are effectively the same thing).

You don’t need it for day-to-day use of the system, and you can also just get the recovery key and print it out or write it down somewhere, which is usually how it’s handled on systems that don’t use a Microsoft account.

Say, Veracrypt is churning away in the background. Why would one leave Bitlocker activated?

That’s a good point.

You have different opinions on TPM and the prevalence of evil maids than me, fair

I work at a big tech company so have to be vigilant even with my personal systems :)

the premise of the thread

Some of the things mentioned in the OP don’t actually happen in real life, though. Bitlocker is only automatically activated if you use a Microsoft account to log in, and why wouldn’t you know the account credentials if it’s what you use to log in?

doesn’t rely on TPM and secureboot silliness

TPM is optional (but recommended) for Bitlocker. Practically every computer released in the past 10 years has TPM support.

Secure boot is needed to ensure that the boot is secure and thus it’s okay to load the encryption key. Without it, a rootkit could be injected that steals the encryption key.

You generally want to use TPM and secure boot on Linux too, not just on Windows. You need secure boot to prevent an “evil maid attack”

You can install Dropbear into your initramfs and configure it to allow entering the encryption key via SSH. Example guide I found: https://www.cyberciti.biz/security/how-to-unlock-luks-using-dropbear-ssh-keys-remotely-in-linux/

You do have to have an unencrypted /boot, but the rest of the system can be encrypted. This uses a separate authorized_keys file embedded within the initramfs.

I know, I just meant why would someone willingly disable Bitlocker?

It sounds like you’re complaining about both approaches.

If Microsoft doesn’t have the key: You can’t recover your files if you lose it.

If Microsoft does have the key: An attacker could get in and take it (unlikely if you have two factor auth though) and you need to trust Microsoft.

And Micosoft stores that key in plain text.

How do you know this, though? It could be encrypted using your account password as a key or seed.

But it also has the superior option which is to turn it off.

Why would you not want to encrypt your files? My Linux systems are encrypted too.

I wonder why they didn’t go with something more supported, like a Realtek chip. They’re not the best (I’d prefer Intel or Aquantia), but they’re cheap and widely supported. The Framework’s Ethernet expansion card uses a RTL8156 which is supported practically everywhere.

I think OP means “just work” as in the OS is preinstalled. Framework do support Linux but they don’t preinstall a distro for you.

Having said that, I’ve got a Framework 16 and it’s very nice.

What Ethernet chip do they use?

I’ve got a Framework 16 and all components work on both Fedora and Debian without installing custom drivers, so I’m surprised it’s still an issue for some laptops.

Haven’t watched the video yet, but in theory you can do anything in Excel on Windows since it can load COM/ActiveX components written in C / C++ / whatever language you want.

That works, but why do that when you could just do apt install ./package-file.deb?

Or a long time Debian user from before the apt command!

apt and apt-get both use dpkg internally, but these days it’s essentially seen as an implementation detail that regular users don’t need to know about.

dpkg doesn’t resolve dependencies (that’s a feature of apt) which means that if you install a Debian package with dpkg, you’ll have to manually install all dependencies first, and they won’t be marked as automatically installed (so autoremove won’t remove them if they’re not needed any more). Using apt solves that.

The web suggests dpkg because either the articles are old, or they’re based on outdated knowledge :)

These days, apt is for humans whereas apt-get is for scripts. apt’s output is designed for humans and may change between releases, whereas apt-get is guaranteed to remain consistent to avoid breaking scripts.

apt combines several commands together. For example, you can use it to install packages from both repos and local files (e.g. apt install ./foo.deb) whereas apt-get is only for packages from repos and you’d need to use dpkg for local packages.

I’d recommend avoiding aliases that conflict with regular commands, and there’s a standard Linux command called install. https://man7.org/linux/man-pages/man1/install.1.html

If you’re going to always pass the -y flag then I’d add --no-install-recommends too.

mostly supersedes apt-get/apt-cache/etc tools,

Except for in scripts. Debian guarantee that the output format of apt-get will never change and thus it’s safe to use in scripts that parse the output, whereas they don’t have the same guarantee for apt, which can change between releases.