- Instructional (non-tech how-to books)
- Manuals (for actual household items, vehicles, etc.)
- Programming (tech books)
- Books (everything else)
thayer
joined 2 years ago
There are too many differences for me to list here, but unlike mobile operating systems, Windows and most Linux desktops do not provide sandboxed environments for userspace apps by default. Apps generally have free reign over the whole system; reading/writing data from/to other apps without restriction or notification. There are virtually no safeguards against malicious actors.
Mobile operating systems significantly restrict system-level storage space, making key areas read-only to prevent data access or manipulation. They also protect app storage, so one app can't arbitrarily access or modify data stored for a different app.
Mobile operating systems also follow an image-based update model, wherein updates are atomic. System software updates are generally applied successfully all at once or not at all, helping to ensure your phone is never left in a partial or unusable state after a system update.
For desktop users, macOS, and atomic Linux distros combined with Flatpak are the closest comparisons.
Most operating systems will require your desktop password upon resume, and most thieves are low-functioning drug users who are not about to go Hacker Man on your laptop. They will most likely just wipe the system and install something else; if they can even figure that out.
Yeah, I'm sure there are a lot of variables there. I can only say that in my experience, I noticed zero impact to gaming performance when I started encrypting everything about 10 years ago. No stuttering or noticeable frame loss. It was a seamless experience and brings real peace of mind knowing that our financial info, photos, and other sensitive files are safely locked away.
No, the average user will never know the difference. I couldn't tell you exactly what the current performance impact is for hardware encryption, but it's likely around 1-4% depending on the platform (I use LUKS under Linux).
For gamers, it's likely a 1-5 FPS loss, depending on your hardware, which is negligible in my experience. I play mostly first and third person shooter-style games at 1440p/120hz, targeting 60-90 FPS, and there's no noticeable impact (Ryzen 5600 / RX 6800XT).
It does help greatly in general though, because all of your data will be encrypted when the device is at rest. Theft and B&Es will no longer present a risk to your privacy.
Per-app permissions address this specific threat model directly. Containerized apps, such as those provided by Flatpak can ensure that apps remain sandboxed and unable to access data without explicit authorization.
While it would certainly be nice to see this addressed, I don't recall Signal ever claiming their desktop app provided encryption at rest. I would also think that anyone worried about that level of privacy would be using disappearing messages and/or regularly wiping their history.
That said, this is just one of the many reasons why whole disk encryption should be the default for all mainstream operating systems today, and why per-app permissions and storage are increasingly important too.
Jeez, thanks for that invitation down the rabbit hole lol. Prior to your comment, I'd never come across any studies on boiled vs filtered coffee and its effects on hypertension and overall cardiovascular health. I've since read several and I'm now questioning my life choices. Seriously though, thanks for tip, and I'll definitely be doing my own experiments soon.
The beauty of Fedora Atomic is that anyone effected by the recent update (including me) could simply rollback to the previous image and boot as normal in order to troubleshoot. This is exactly why nearly all of my devices are running Silverblue or Kinoite now.
I think it's worth mentioning that significant bugs happen across all major OS platforms.
Recently, Microsoft pushed a patch requiring effected users to manually resize their EFI recovery partition. Shortly after that, it was announced that all Apple Silicon Macs suffered from an unpatchable vulnerability which can defeat encryption. These are just a couple of examples from recent memory...there are many others.
To truly avoid serious software vulnerabilities or bugs is to avoid software entirely. Operating systems are highly complex, multilayered software, and shit happens.
I recently posted about setting up my new Brother HL-L5210DW printer under Fedora Atomic, which was also having issues with duplex printing when using the brlaser driver. Maybe this will help you too:
https://lemmy.ca/post/23695569
If yours is networked, I think you just need to select the IPP option mentioned in my post, and enter the path as ipp://<printer-ip-address>
Mind if I ask what you don't like about French Press coffee? I ask only because we've been FP-only when at home for more than 10 years now. I can enjoy a cup of coffee from just about anywhere when on the road, so I'm definitely not a picky drinker but I do enjoy homemade FP the most.
I write everything in markdown, and I mean just about everything. Tech notes, recipes, work procedures, shopping lists...everything. If you check my comment history from today, you can see a quick example of the kind of tech notes I keep (firewalld in this case).
I keep all of my plain text files synced across multiple devices using Syncthing. For desktop editors, I use mostly vim and VSCodium (though Kate is nice too), and I use Markor on Android. This workflow has been highly efficient for many years now, and I no longer waste time constantly reviewing the latest note-taking app.