It’s also super locked down. You are only allowed to use it if Google or Apple says that your device is authorized. So no root, no custom ROMs. Unless your phone is owned by a corporation and that corporation is blessed by Apple or Google you are out of luck. (There are currently ways around this but the gaps are slowly being closed as older devices are phased out.)

I’m also not familiar. But my understanding is that the package maintainers should prevent this situation. Because otherwise even if there are package version dependencies (I don’t actually know if pacman does this) it would just block the update which results in a partial update which isn’t supported. For example if your theoretical unmaintained Firefox blocks the update of libssl but Python requires new functionality you would be stuck in dependency hell. Leaving this problem to the users just makes this problem worse. So the package maintainers need to sort something out.

It is a huge pain when it happens but tends to be pretty rare in practice. Typically they can just wait for software to update or ship a small patch to fix it. But in the worst case you need to maintain two versions of the common dependency. In lots of distros very common dependencies tend to get different packages for different major version for this reason. For example libfoo1 and libfoo2. Then there can be a period where both are supported while packages slowly move from one to the other.

IF no dependency tries to update too. Off course in that case I would stop. Without pacman -Sy, I never do that anyway, only -Syu.

That’s all you need to know. As long as you always use pacman -Syu you will be fine. pacman -Sy is the real problem. The wiki page is pretty clear about the sequences of commands that are problematic https://wiki.archlinux.org/title/System_maintenance#Partial_upgrades_are_unsupported.

Right? What i don’t understand is, when I uninstall with pacman -Rs firefox, delete the cached firefox package (only that file), then the system is in the same state as before I installed it. Then -S firefox should be okay, right? And it even looks up the new version.

This isn’t correct. It won’t look up the new version. Assuming that the system was in a consistent state it will download the exact same package that you deleted. The system only ever “updates” when you run pacman -Sy. Until you use -y all packages are effectively pinned at a specific version. If the version that gets installed is different than the one you removed it probably means that you were breaking the partial update rule previously.

But that is my point. Just running pacman -S firefox is fine as long as you didn’t run pacman -Sy at some point earlier. It won’t update anything, even dependencies. It will just install the version that matches your current package list and system including the right version of any dependencies if they aren’t already installed.

But that means if you already have Firefox installed it will do nothing.

I think you are a little confused at the problem here. The issue is that partial updates are not supported. The reason for this is very simple, Arch ensures that any given package list works on its own, but not that packages from different versions of the package list work together. So if Firefox depends on libssl the new Firefox package may depend on a new libssl function. If you install that version of Firefox without updating libssl it will cause problems.

There is no way around this limitation. If you install that new Firefox without he new libssl you will have problems. No matter how you try to rules lawyer it. Now 99% of the time this works. Typically packages don’t depend on new library functions right away. But sometimes they do, and that is why as a rule this is unsupported. You are welcome to try it, but if it breaks don’t complain to the devs, they never promised it would work. But this isn’t some policy where you can find a loophole. It is a technical limitation. If you manage to find a loophole people aren’t going to say “oh, that should work, let’s fix it” it will break and you will be on your own to fix it.

Focusing on your commands. The thing is that pacman -S firefox is always fine on its own. If Firefox is already installed it will do nothing, if it isn’t it will install the version from the current package list. Both of those operations are supported. Also pacman -Rs firefox && pacman -S firefox is really no different than just pacman -S firefox (other than potentially causing problems if the package can’t be allowed to be removed due to dependencies). So your command isn’t accomplishing anything even if it did somehow magically work around the rules.

What is really the problem is pacman -Sy. This command updates the package list without actually updating any packages. This will enter you system into a precarious state where any new package installed or updated (example our pacman -S firefox command form earlier) will be a version that is mismatched with the rest of your system. This is unsupported and will occasionally cause problems. Generally speaking you shouldn’t run pacman -Sy, any time you are using -Sy you should also be passing -u. This ensures that the package list and your installed packages are updated together.

Of course nixpkgs has it. It was added a few years ago, I can’t vouch for if it is up to date or still working.

Actually I would pick GIMP.

1. Says what it is, an image editor.
2. No popups and random interruptions.
3. Not only AI editing examples which makes me thing the tool is AI only.
4. An overview of the variety of major features it has rather than just AI editing.
5. Links to helpful documentation rather than endless marketing pages that say nothing.

Really think only thing I would like to see is some screenshots and examples of using the tool, rather than just info on what it does. But the Photoshop page barely has this, just a few examples of the AI tools.

Is the limit 2 VMs or two macOS VMs? I thought it was technically a “licensing” restriction.

It’s definitely an option. It will do the things that you want (as long as your phone is online, but that is the same for any other solution).

sending Signal messages with it would be less secure

Yes, this is because Beeper converts the Signal protocol to the Matrix protocol and vice versa. In order to do this it needs to access the messages. So it needs to decrypt the messages, then re-encrypt them on the other side. This means that the bridge (in this case operated by Beeper) has access to your messages. This is often referred to as “end-to-bridge” encryption, as it isn’t end-to-end anymore.

This is going to be true of any bridge you use that is hosted by a third party. You are always adding one additional trusted party into your communication.

the recommended bridge instructions sends me over to Beeper, since I don’t have my own server

Yes, to practically operate a bridge you need your own Matrix server. This is because the bridge will create a new Matrix user for every remote participant (every phone number you communicate with in this case). Doing this with regular mechanisms would be difficult (as signup is likely restricted in some ways) and inefficient (as each account would need to be checked for new messages separately). Beeper runs their own homeserver so that they can operate their bridges. However Beeper’s bridges are only available to users on the same homeserver (this is not a protocol limitation, just their choice). So in order to use their bridges you need to make an account with them (which you can, it is free IIUC). Beeper also offers custom clients which have special features for interacting with their bridges (for example making it easier to start a conversation with a new phone number).

The alternative would be to run your own server and bridge (or hire someone to it on your behalf).

Yeah, this is basically how it goes. It depends what country you grew up in. Canada is the same way, almost everyone who grew up in Canada can swim (not necessarily well, but able to manage). This is partly due to the number of lakes that exist near populated areas so swimming is a common passtime and boating accidents are a fairly high cause of accidental death. There are some countries where it is much more rare.

Nice. There were a few comics that I followed on Twitter due to lack of them posting other places. But it is nice to know that if I find another account that I am actually interested in I will be able to get a feed.

This is my strategy. If I can’t bank on the website I find a new bank.

It would be nice if there was a shortcut to go “back to previous site”. Because on one hand using back to navigate around map moves is often very convenient, but sometimes I want to go to the site before the map. Having a two-level history with page and site would be super useful.

That isn’t what that document says. It says that they can impersonate you in non-E2EE scenarios. The clients I use warn me when a message isn’t properly encrypted so someone without E2EE keys can’t impersonate someone in an E2EE room.

That being said the general concept is a problem. I would love to see progress where all events from a user are signed by a device key and non-forgable. There is some thinking about this with portable identities (such as MSC2787) where you server is basically just storing and forwarding events but the root of trust is your identity and keys that you control. But none of this will land soon, not for many years.

Probably yes, it depends on your threat model.

If you are using E2EE on a matrix.org account then your message content, attachments (images) and most other traffic isn’t accessible to anyone but the people in the chat. However Matrix isn’t the most private option, it has a number of leaks such as reactions and chat topics (these are being worked on but aren’t close to happening).

For most people Matrix is a very private and secure option and the fact that it is federated is a huge plus. If you want something more secure you are probably looking at Signal (which you don’t want to use and isn’t federated) or Simplex Chat (which doesn’t have multi-device support).

Closed-source software that sends home tons of information about your system without consent. All communication accessible to a VC funded company that has huge pressure to make as much money as possible.

I’ve been doing this from Firefox forever…

But “with audio” is actually a new feature. Previously I was manually sending the audio through my voice channel which worked pretty well but it would be nice to have a separate stream for the streaming audio.

Probably not enough for me to install the spyware though, I’ll keep using Discord via Firefox.

those disks were not spinning for maybe 3 weeks total

This is actually a good thing for longevity. Start up and stopping is the hardest part of a drive’s life. So you will see more failures on a personal PC that you turn off every night than a server drive running 24/7. Laptop drives will typically fare the worst as they may be power cycled many times a day, often fully stop when idle for power saving and get shaken much more than other drives.

Tumblr blogs all have feeds.

Yeah, I don’t think there are many benefits when keeping the key on the same drive. Other than a bit of obfuscation. It does still help with erasing, as you can wipe the keyslots (rendering the key useless) but with modern storage media deletion is fairly hard to ensure. But still better than unencrypted.