You can’t just throw a 30 minute youtube link and expect people to watch it. At least give a gist of your point, and provide the video as extra context/depth.

very cool, I’ll have to look more into it

And they already do. Their mail service is more private than the other options. It would help if you outlined what you want

what remote desktop protocol do they use?

what security stuff?

I think either Bazaar or GNOME software center does tell you if an app asks for more permissions, I forgot which one though

So you thought this meant they would break the law? Nobody else expects that. There are more reasonable ways to interpret the messaging

from the start I asked for a company that obstructed court order. Show me where I moved goalposts

sounds like they complied with the court orders? Proton also doesn’t log IPs, unless ordered by court. I’m willing to bet that if a court ordered Mullvad to start logging all traffic, they would comply, at least until they were able to move jurisdictions or something

source? I have heard good things about Mullvad but I’m pretty sure they would not break laws

Very cool. I personally use a double wireguard network: a wireguard vpn at home for all my services, and then since my home network is behind a double NAT and impossible to access publicly, I use a second wireguard tunnel to a VPS, to forward traffic to my internal wireguard network. The only thing the VPS can see is encrypted wireguard packets.

Edit: it seems like this service is more for public or shared services (like a public blog), rather than private personal services, so wireguard is less of an option

fair enough, I do agree that depending on what you’re solving the cost can very much be worth it

If you’re a developer I recommend the stepsecurity article, a detailed breakdown of the attack. Some highlights about the nx-console attack:

• the malicious version of the extension was only up for 11 minutes before getting detected and taken down, but apparently that was enough to compromise a developer at Github
• portions of the malware were hosted on nx-console’s public Github repo, though hidden in a dangling orphaned commit
• data was exfiltrated through 3 channels, including using a victim’s Github credentials to publish the data on their own repos
• the malware looked for credentials like Github and AWS tokens, likely for future supply chain attacks, and may be the first to steal AI credentials (in this case Claude API)

From the bleepingcomputer article:

“As always this is not a ransom, We do not care about extorting Github, 1 buyer and we shred the data on our end, it looks like our retirement is soon so if no buyer is found we will leak it free,” the cybercriminals said. “If you are interested. Send your offers to the communications below, we are not interested in under 50k, the best offer will get it”

The stealing of AI credentials reminds me of a lemmy post from last year: the first ai agent worm. Imagine a virus that uses AI agents to dynamically probe systems and evolve to spread through infrastructure, meanwhile stealing AI credentials to pay for the tokens that the agents are consuming, a self-funding AI virus!

this is great advice and I try to follow it too, but it’s worth noting that all the examples you gave cost a fair amount of money

name a VPN company that obstructed a federal court order

All the power to you! For me personally, what I’ve learned in the past few years of using Linux, is that installing things is just half the battle. The other half is discovering them and deciding whether they are worth the time and effort. And I found out about so many useful tools from the Fedora and Bazzite teams that I decided I’d rather let them make the choices for me. Things like pipewire, wayland, fzf, ptyxis, btrfs, podman, distrobox, bazaar, and so much more.

When I want to configure a declarative environment like people do on Nixos, I just use a container, devpod, or distrobox. These are all included on Bazzite DX. But for the base system I prefer to delegate trust to others to save me the time and energy. The maintainers test each tool, and make sure they are stable and work with the rest of the system, so that I don’t have to. And in the future if I decide I don’t like the direction that Bazzite is going, the rpm-ostree rebase system lets me use a single command to switch to a different distro maintained by a different team.

Though to be honest, I wouldn’t be surprised if Nixos had a similar system, and if they don’t right now they probably will in the future. Things are changing fast!

I imagine that this also means it’s your own responsibility to research and manage upgrades that the rest of the Linux world are making. For example, X11 -> Wayland, PulseAudio -> Pipewire. One of the benefits of using distros like Fedora or Debian is that you can trust them to make these changes for you. Reproducible is nice, but immutable distros give you a reproducible desktop that also evolves over time, without any effort from you.