Automatically patch is another solution.
Of course it's difficult on the tech side. You can do something like failover/high availability, and then auto update one and it fails over if something breaks.
Or just read distrobox configs and copy what you need to docker.
99% of cybersecurity news is what I call "cyberslop" and probably actively harmful to consume.
The vast majority of it is either so trivial that somebody else handled it, and you don't need to do anything. Like they often overhype a malware that doesn't do any novel techniques to get onto your systems and has already been added to the antivirus database anyways.
Or it's so grand in scale that you can't do anything, like nation states doing nation state things. Interesting yes, but it's ultimately a waste of my time to consume because it's not actionable.
Only a tiny fraction of news is actually actionable. It's usually stuff like cve's or zero days and the like. I just only really pay attention to those and ignore everything else.
Better, is probably to subscribe to an actual vulnerability feed so you don't have to go through the news cycle.
Thankfully distrobox is just an open source wrapper around podman/docker, so you can make it more isolated if you want.
Use distrobox. https://www.mulle-kybernetik.com/weblog/2023/steam_in_distrobox.html or similar steps
Adjust distrobox's sandboxing from the working setup it will give you to something more secure, since it gives access to the entire home directory and other stuff you might not want.
Or just read distrobox configs and copy what you need to docker.
I use nix to get many cli apps (on arch/cachyos), but the flakes and non flakes split makes things very tough, and causes this annoying documentation split. And then certain things can only be done via flakes and vice versa.
I try to limit my use of nix to using home manager to ONLY install packages, but even then there are annoying things.
Like for example, many users may gravitate towards nix-env for installing packages, not understanding that oops, you aren't actually supposed to use nix-env. nix profile install is better and more supported, but it's flakes only. Flakes are off by default, and must explicitly be enabled because they are still "experimental" despite them being extremely popular. The official documentation is often hesitant to touch flakes because of this, so there is this horrific documentation split where a bunch of different unofficial docs cover flakes in varying manners.
Or, another thing is that nix apps on non nix distros have no gpu access/hardware acceleration. I have a home manager config to enable that: https://github.com/moonpiedumplings/home-manager/blob/main/home.nix#L32
And then I couldn't figure out how to make that work on aarch64 (asahi) so I just had to disable it,
But it is something that is insane to make someone learn how to do for just installing programs. But the latter issue doesn't affect nixos.
Anyway, I like nix. I use home manager, but for packages only, and I use it for my development environments.
Maybe. But they, and many others overestimate the amount of size flatpaks take up.
Flatpaks use a "runtime", a shared set of libraries and programs flatpak apps use. With one flatpak app, there is just one runtime. But with 2, 3, 10 flatpak apps, there are still only going to be 1 (to 3) runtimes on the system. This is not the same for something like appimage.
In the blog, they compare the size of deepin calculator across formats. But this is not a fair comparison. A more fair comparison would involve comparing the app size without the runtime, or comparing many apps installed.
In addition to this, if you are on btrfs, further deduplication and compression is done. This (and symlinks) won't show up in many disk and space usage analysis tools. To get a more accurate measure, use compsize instead of traditional tools. It will show you how much transparent compression (when btrfs compresses files but you can stilll access them normally), symlimks and the like are saving space.
Anyway, I am interested in more cross distro package managers though. Flatpak, docker, and nix cover a lot of things but have their annoying edge cases and paper cuts, especially in comparison to snap in some ways for some apps.
Edit: linglong appears to reuse system libraries, which would probably lead to significanr space savings at the cost of portability across distros
I currently use joplin, but I also mentioned jotty which I tried but didn't like. Jotty doesn't have an android app.
I sync joplin to a self hosted s3 via garage. The big thing I like about this setup, is that sync is near instant, as opposed to waiting for syncthing to sync.
I do use syncthing for pretty much everything else though, like keepassxc or exported backups of my joplin notes. But, I onlu activate it occasionally since it's a battery hog.
I hope we get something that's not distro specific. Docker/podman work for a lot of stuff, but some apps/services aren't available via them, and I really would like an alternative to snaps, which often can ship those apps.
Also, these and the fedora one mentioned in the other comment appear to target immutable distros. Snaps work on any distro.
.
Joplin: https://joplinapp.org/
But:
Hmmmm I was gonna say they have no web app, but it appears they do:
Jotty: https://jotty.page/
But:
It's self hosted, and has no android app. You can do the browser app thing tho
Anpther solution (but no web app) is signal which can send a message to yourself. That's whay I use when I just need to get a url or something like that over quick.
Show is better than tell:
Often, when viewing images, firefox "caches" the image in order to be able to load it faster when visiting that site again. Left unchecked, this cache (of images and other assets) can pretty much infinitely grow. Many other apps also have big caches.
Bleachbit actually is useful. Instead of hunting through your system and accidentally rm -rfing the wrong folder and losing all your precious firefox profile data, it enables you to quickly nuke all caches, freeing up a significant amount of space. I would probably free up 15gb+ if I ran it based on these images.
EDIT: just ran it. I freed up 6gb of space. Not 15gb. Huh. Still, pretty good though, and if you are space starved (I used to use a machine with only 32 gb of storage TOTAL), then it's useful to keep things slim.
Other fun answers:
This site is: https://youraislopbores.me/
This site is a "fake chatgpt" where you can pretend to be chatgpt or ask questions to people pretending to be chatgpt.
How many devices and of how many types do you manage with how many people?