if you run into a platform-specific issue
Well that’s of course possible but in theory (which is so different from practice, I get that) if it relies on protocols or specifications rather than vendor specific implementations, e.g. OTP, TOPT, HOTP, U2F, OpenPGP, WebAuthN, etc then it should be fine.
Secure against whom?
If it’s from a random thief, both are about equality secure, they rely on proven cryptographic methods.
If it’s from somebody powerful enough to make an ISP bend the knee, then they are equally insecure because those cryptographic methods assume you trust the underlying infrastructure. If you do not though, then yes using a VPN will help as you are adding your own level of encryption on top.
CopyParty https://github.com/9001/copyparty + PartyUp https://f-droid.org/packages/me.ocv.partyup/ (upload only, not sync)
Could try https://f-droid.org/packages/com.phpbg.easysync/ for sync proper.
More WebDAV Android client options https://github.com/fstanis/awesome-webdav#android but anyway my suggestion is to rely on a protocol, not an app.
So far nobody provided a good answer (if I missed it, I apologized, please do share) so I’m going to assume it’s the typical “Nobody ever get fired for buying from IBM” mindset, namely rely on what is the most popular, confirm it works well while ignoring viable alternatives IMHO, e.g NitroKey.
I use Yubikey Bio and NitroKeys.
Edit : to expand a bit, for the YubiKey it’s for the convenience of just pushing my thumb on. I use it on the Web and to su locally. For NitroKeys I’ve discovered them via https://nlnet.nl/project/Nitrokey-3/ and thus appreciate the OSHW side, e.g https://certification.oshwa.org/de000007.html or https://certification.oshwa.org/de000008.html
FWIW https://gitlab.com/pdftk-java/pdftk works well. Sure it hasn’t been updates for a couple of years but maybe it’s not really needed.
Sorry I don’t know enough but here is an interesting articles about other kind of gnomes :P https://www.businessinsider.com/anti-tech-rally-apple-iphone-elon-musk-tesla-luddite-movement-2025-9
With pleasure. I discovered kdialog just recently too as until now I used notify-send but as you are using KDE this gives you a lot more options.
If you are into this kind of things check also dbus or KWin, there are a LOT of fun and powerful ways to interact with KDE.
FWIW if it users WebDAV might want to check copyparty then as it also provides that, and a WebUI, and… a lot more.
It also has kdeconnect-cli with e.g. kdeconnect-cli --share myfile.txt so don’t think you are stuck with a GUI to use KDEConnect.
I imagine dbus-monitor should work with cron but probably if starting once DBUS is actually running (so not sure @reboot would be sufficient)
1-liner would be something like watch -n 10 "pgrep konsole || kdialog --msgbox 'konsole no running'"
namely :
watch to repeat a command at interval, e.g. every minute (could also be crontab)pgrep to check if a process is runningkdialog on KDE to send a message to the current user (plenty more ways)Thanks, it’s quite interesting but again IMHO it relies on bad practices. If you’ve been compromised and you “restore” (not in an sandboxed environment dedicated to study the threat) then you are asking for trouble. I’ll read a bit more in depth but the timeline I see 1987, 1998, 2017 show me this is a very very niche strategy, to the point that it’s basically irrelevant. Again it’s good to know of it, conceptually, but in practice proper backups (namely of data) remains in my eyes the best way to mitigate most problems, attacks and just back luck (failing hardware, fire, etc) alike.
12 years ago I took “Malicious Software and its Underground Economy: Two Sides to Every Story” and it was quite interesting not so much for the technical aspect (which was still nice) but for the economical aspect that is often underappreciated. The core idea was that scammers or hackers might be doing it for fun, as you did, or learning, as I did… but the ones who keep on doing it sustainably make money out of it, consequently they are predictable. Namely they need repeatable methods that scale or that target a specific group. I really recommend taking a similar class but anyway, the big picture here is sure, maybe AV would miss such things and yet it wouldn’t really matter because nearly nobody does that and/or it wouldn’t propagate much.
That doesn’t make much sense to me, one backup data, not executables or system. Even if they were to be saved in the backup then they wouldn’t get executed back.
Anyway, that’s still conceptually interesting but it’s so very niche I’d be curious to hear where it’s being used, any reference to read on where those exist in the wild?
Funny but that’s the entire point of a digital “life” if you want to use analogies : your backup is you.
Nothing needs an antivirus if you backup your data properly.
PS: I’m getting downvoted for this so I’ll explain a bit more : if you backup properly, you can restore your data. Sure your system is fucked… but who cares? In fact if you care for your OS installation then right away it shows you are NOT in a reliable state. You install another OS and start from there. Maybe it’s not even due to a virus, maybe your hardware burns in fire, same situation so IMHO a working backup (and by working I mean rolling, like TODAY it’s done without your intervention) then you restore. Also please don’t tell me about ransomware because even though it is a real threat, if you do your backups properly (as in not overwritting the old ones with the new ones) then you are still safe. It can be as basic as using rdiff-backup. It’s fundamental to understand the difference between what’s digital and what is not digital.
Still watching it but this shouldn’t be surprising.
The whole point of US politics was to isolate China out of the “AI revolution” by depriving it to top of the line chip.
Meanwhile China has been building the entire World electronic ecosystem bar few very specific high end components, leaving these to TSMC, ASML, etc or design mostly to the US.
Even before tariffs and sale bans (due to dual use concerns) China already had a chip independence plan dating back from at least 2000. Since then close to the entire World move production there, at least assembly, and most deals to do so included, or tried to, include IP transfer and at the very least learning with the partner, if not more but that’d be just speculation, to add industrial espionage on top (even though plenty of news on the topic).
So… sure, it’s happening. Now the question though I asked on such thread countless time is basically : what’s the yield?
Because producing 1 board to send to a tester is already an incredible feat but that doesn’t mean thousands or even millions can be produced. If they can, that also doesn’t mean they can be produced economically efficiently, regardless of subsidies.
PS: most interesting book on the topic IMHO : https://en.wikipedia.org/wiki/Chip_War
It’s not just for Linux but :
It’s fundamental because instead of saying “It doesn’t work!” and get no useful help, people must think of it as an investigation (or whatever get them going) looking for clues. Until you get the right message and can provide the right context (e.g. what computer are you using, what OS version, etc) then you get generic help which is like looking for a needle in a haystack. Sure it’s not entirely impossible if you are both lucky and patient but you are doing yourself and others a huge disservice.
Before Linux maybe they were used to black boxes but here, nobody is intentionally trying to hide away anything from you!
PS: bonus, notes are basically free. Jolt down notes about anything and everything you are learning. Don’t just “use” a computer, LEARN how to use a computer.
Unless I see reports about keys premature end of life I’d put that under FUD.
Anyway as you did ask few times about this I believe it’s important, and you might be aware of this so apologies if sound condescending, to see keys as something NOT precious. Of course keys are important and they are not cheap… but also you might, in fact :
… so what’s IMHO crucial is to have a backup. If you lose your 1 key and you are locked out of your stuff, this is terrible. If you lose your key but you have a backup in a well known to you and secure location, then you login, revoke the other one, move one. Maybe you lost 50 bucks but that’s much better than either being compromise or hours and hours lost in trying and failing to find back the 1 key.
TL;DR: keys are important but not precious. If they are precious you are doing something wrong.
Edit: also not for now but keys will inexorably deprecate. You might want post-quantum schemes and even though it is arguably not pressing at the moment maybe the hardware you currently have will not support this. So again, keys are important but should be disposable and replaceable.