I agree with the critics, the Unix permission model is too basic. I’ve run into this myself doing the very difficult operation of “reusing an ext4 USB drive on another computer” because all the files were suddenly owned by a user that didn’t even exist on my laptop.

NTFS fixed this issue by having the OS generate user IDs across systems rather than reusing the same IDs and making the administrators match everything up. I don’t think selinux can fix that, though.

I welcome the extensions bringing Linux’ permission model to the 21st century, but the way they’ve all been implemented independently does cause some weird edge cases that clearly nobody has tested.

To the millions of girls in college in Afghanistan, I do think society has collapsed. They’ve been thrown back into the dark ages. If it weren’t for the extreme brevity of democratic Afghanistan, I would call the takeover by the Taliban societal collapse for sure.

Not all cities are still there. The ones that died out don’t appear in stories and ended up being swallowed up by the ground. Farms were deserted, cities disappeared from maps, entire civilisations vanished.

Just because humans still exist doesn’t mean society didn’t collapse. Humans existed before society did, and humans will continue to exist even if society doesn’t, until new societies will be formed by the survivors.

Societal collapse can happen; it happened to us in the Bronze age, several times in fact. War and famine causing enough chaos to destabilise and destroy cities or empires that took centuries to recover, if they recovered at all.

I don’t know what the Sea People event of the modern era would be. I do know that bombing a handful of factories around the world will set us back a couple of decades when it comes to computers and integrated devices. A second COVID hitting us right now while the world is still recovering would probably do a number on the world as well. Plus, nuclear war would ruin civilisation as we know it pretty quickly.

Unless Putin or Trump start launching nukes, I don’t expect any sudden collapses within one lifetime, but societal collapse is something that can happen eventually.

Could be hardware (chips desoldering themselves, data cable shorting out when heating up, broken RAM), could be software (driver issue, IOMMU configuration, etc).

I would start with testing the memory chips. If those pass, I’d try a much newer/older kernel to see if that makes the problem disappear. If that doesn’t, maybe try running the OS that came with the laptop and verify that it’s a hardware issue. If it doesn’t happen on another OS, it’s probably some form. Of software issue; in that case you’d need to catch the crash somehow, like by plugging a USB-to-serial converter into a USB port, dumping the kernel output to that, and having a second machine monitor the kernel output while you try to trigger the crash.

If all operating systems have the issue, reseating RAM and perhaps any important cables may also help.

I don’t think the European second hand market is quite as prolific as the American one. Prices stay up as a result.

Many of these marketplaces are also full of companies putting their ads up, often offering new/nearly new products which will bring in significantly more than second hand stuff.

Many countries have their own ebay alternatives as well, and in some places Facebook is the only place to get any deals on second hand stuff. Google suggests bolha.com is where Slovenians go for second hand stuff, for instance. Here’s a second hand ThinkPad for a much more reasonable price. Local second hand sites will often refuse to ship internationally, though, that’s something I’ve only seen done for expensive stuff (i.e. the price you were quoted). Personally, I see eBay as a website I would only ever visit if I wanted to import something cheap from the USA or maybe the UK.

Another issue with laptops specifically is that many European countries have specific (non-US) keyboard layouts, reducing the supply. Compared to all ThinkPads sold, only a small amount of them have a dedicated Đ/đ key, so the price can stay up for longer than you may expect. Newer, faster hardware is nice, but it’s rather useless if you can’t type your name on it!

Having used secured SELinux enterprise code, I’ve learned that Linux permissions can be even more complicated than Windows’ when multiple permission models suddenly overlap. There’s an endless supply of special bit flags, security contexts, and sandboxing features that all overlap.

I’ve run into very complicated Linux permission issues when combining SELinux (properly configured, not just neutered and standby) and system services in some specific configuration. Once you start applying the permission systems that Windows comes with by default in Linux, you get the same problems (or worse ones, as Linux has a multitude of permission systems stacked on top of each other).

On Windows, I recall one particularly messed up drive from another computer that not even NT_AURHORITY\SYSTEM was allowed to alter the ownership of. Luckily Linux happily stripped out all the permissions for me because Linux can plainly ignores ACL if you’re root and provide the right flags. Probably a terrible way to break ACLs in a managed environment, but this time it was a feature!

That’s exactly what the guy in the opening post was told to do, and at least to him that’s a big problem.

Andrew doesn’t know how file system permissions work. He complains that computers demand he keeps up, but these ACLs have been a thing since Windows XP (for consumers, much longer for older NT versions) so clearly the 14 years he had to catch up weren’t enough.

I’m not sure why he brought up moving to 64 bit (guess he came from XP, perhaps?), I don’t think thats relevant to anything here.

He doesn’t seem to know what an administrator account is (so his normal account probably is an administrator account) and rants something about “owners” as if that means anything to a computer.

He also concludes that this needs to be done for every file (it doesn’t) and then gets mad about that.

Fixing ACLs sucks, it takes forever and the UI isn’t very good for novices, but this guy’s anger seems to be misdirected towards his own misunderstandings about how Windows works and has worked for over a decade at the point he came to the forums.

None of this is because of “changes”, if anything his problem is exacerbated by the fact Windows still has the Win2000 permissions dialog on ACLs to this day.

It’s a seven step process if you include steps like “log in”.

The problem isn’t the steps themselves, it’s that very few users understand file system permissions.

These errors occur when you’re trying to access a profile folder of a user from another install. Most folders don’t have restrictions like these. However, going into a user folder and changing ownership isn’t something you want someone to do accidentally (because you can easily break a second user account that way).

For Microsoft, the three options seem to be “add a magic button that probably breaks something”, “disable ACLs by default”, or “guide users through the advanced interface”. I think they’ve made the right call here, this is an issue a tiny sliver of their user base will ever run into.

chown won’t alter the ACLs set by setfacl (which is much closer to the permission model Windows follows).

On Windows, you can use takeown /f "path" /r to recursively set the owner on a directory. Powershell can do more fine-grained control if necessary.

The problem with this and your proposed Linux solution is that most normal users don’t know any command line tools and just want a button to access their files. Windows does have this, but it doesn’t always work reliably. On Linux it depends on the file manager, but I don’t think any of them support setfacl-style permissions.

Librewolf would need to ask permission to a folder (for the standard downloads folder for instance) or it would need to show two save prompts when downloading two files (isn’t that what it does already?)

The “two files” thing only applies to applications that ask access for one file (say, an mp4) and also want a second file in that same directory (say, a matching .srt). That can be worked around by selecting multiple files in the file picker, but that does pose for an annoying restriction. I don’t see how a browser would be affected by this, though, as browsers don’t tend to also send secondary files when you upload something.

but if I want to use it to open a file that isn’t in “downloads” I have to use flatseal to give it extra permissions

There has been a portal to prevent this issue for years now. The fix isn’t to patch around issues in Flatseal, it’s for developers or Flatpak packagers to fix their security policies and code.

As an added benefit, KDE users get thumbnails in their file picker because they’re no longer stuck with the old GTK one but instead can use their native file picker portal. A win for everyone!

I think they’re a move in the right direction.

Just looking at the weird scaremongering around Signal from the past few days ("a chat app stores keys as files that you can read) shows a trend that I’ve been seeing more the past years: people have gotten so used to the Android/iOS sandboxing system that they’ve either never been taught or have forgotten how normal programs work.

Flatpak and the necessary desktop portals are very much a work in progress when it comes to user friendliness, but they’re what the world has been moving towards for a while now.

I don’t know why a journaling app needs full system access and access to system settings, and the permission Flatseal requests is a dangerous one if you pay attention to these things. Looks like they’re doing their job to me.

I think this is the more worrying part if true. The backend is licensed under the AGPL, so this would technically be a violation of their terms

The AGPL doesn’t require you, the author, to do anything. As the copyright holder, you decide the license your code falls under. You publish code with a license so others can use it. You can always do with your own work on your own computers as you wish, assuming you don’t also use other (A)GPL code that forces you to release your own.

Many companies sell GPL software this way; the (A)GPL version is free to use, but if you don’t want to share your alterations and any code you integrate the (A)GPL code with, you pay money to get a non-AGPL licensed copy. Qt does this, for instance, so car manufacturers can design their closed source vehicle dashboards and open source projects can use Qt to build a Linux desktop.

Phones come with pretty easy encryption APIs that use hardware encryption stores to do the encryption work. You can copy the entire data folder to the same phone after a factory reset, but the messages won’t decrypt. It’s a useful extra encryption feature that’s pretty tough to crack (as in, governments will struggle) but trivial to implement.

Desktop operating systems lack this. I believe Windows can do it through Windows Hello but that requires user interaction (and Windows isn’t sandboxed anyway so it doesn’t protect you much if you’re running malware are the same time). Don’t know about macOS, but I assume it’s the same story. Linux lacks support for security hardware entirely and doesn’t even try (see: the useless Keychain API copy).

What desktop operating systems do protect you from, though, is offline attacks. Someone needs to know your password to log in and grab the keys, even if they know your disk’s encryption key. Not even your Bitlocker recovery key will suffice to get your keys out of a locked Windows Hello key store. Linux can implement this ad well, in theory, but nothing seems to actually implement any of it.

Leveraging modern key store mechanisms would protect Signal on macOS and Windows. On Linux you’d still be in the same shitty situation, though if they were to implement the key store API, someone could at least eventually make something secure in the future.

Ah, in that case I would definitely recommend taking a look at Tailscale!

If you use the .local syntax, and the device name stays the same, I think the domain name based fingerprint should prevent the “do you trust this fingerprint” problem.

If you want to avoid the question all together, you could set up an SSH certificate authority (quick guide here, less dense guides are available on the internet). By signing the servers’ host keys, you can prevent the trust on first use prompt entirely, even for servers you may not have logged into before.

The value for the end user, the way Apple and Google do it, is that it works on every phone. It was always intended to be the next generation of MMS messaging. RCS, as designed, never had companies like Google run their own servers, but Google had to because many carriers never bothered to set up RCS in the first place.

Who benefits today? Everyone sharing chat groups with iMessage people. I avoid iMessage but millions of people are stuck with text messaging or ostracised for breaking group messaging (because SMS and MMS are terrible).

Furthermore, RCS isn’t just text messaging. The standard also contains digital payments and video calls. It’s an open (to carriers) alternative to iMessage that has features ready to go that Signal doesn’t even implement yet.

Communication is literally what phone numbers are for.

Yes, because other federated protocols (email, XMPP, Matrix) don’t have the same features modern messengers have and don’t interoperate with other protocols well. I don’t think XMPP OTR or OMEMO are RFC standards either, they’re just extensions on top of XMPP.

Some XMPP people are part of the conversation and Matrix is already moving to adopting MLS, so clearly “just use x” wasn’t an option, even for them.

Authy just leaked a list of phone numbers. No actual 2FA data was breached. Even if it were, attackers would need your backup encryption password to access any 2FA keys.

You may get more phishing texts, but that’s about it.