I think I’ve tried nearly every monospace typeface over the years and I’ve finally settled on JetBrains Mono for more than 2 years now, though IBM Plex Mono is a close second.

Looks great! I’ll definitely give this a try!

I don’t use RCS myself, but there are recent posts on the GOS forums and it appears to be working fine once all of the prerequisites are installed.

Sure, like I said above, GOS doesn’t at all prevent you from rooting the device. They only discourage it from a security point of view. Regarding MicroG, I’ve never had need for it myself but I’ve read many other posts over the years from users who have installed it on GOS in lieu of Graphene’s own implementation.

I would argue that overall GrapheneOS provides more control over the OS than some other Android-based operating systems.

They don’t.

You can root GOS like any other Android-based OS. It’s just highly discouraged, completely unsupported and, in the opinion of the GOS devs, you will no longer be considered to be running GOS since you are compromising the core OS by doing so.

You’ll need to provide specifics if you want solutions to many of these issues.

• What exactly isn’t working with your Yubikey?
• Which bank apps? Did you check the compatibility list maintained by GOS?
• Which apps aren’t working without Google Play?

For the keyboard, there are several FOSS keyboards which support spacebar navigation, but you can also install Gboard and simply disallow any permissions, including network access.

Regarding Signal, this would be a reality for anyone with a non-Apple device. You may need to find a compromise and simply use SMS, RCS, or even just email when dealing with certain people.

There will always be one-off features available only on other devices or platforms. Only you can decide whether they are worth the cost of security and privacy.

Craigslist is still superior in the PNW, at least in my experience.

See my follow-up post elsewhere here. Sounds like you might not have an always-online device to keep others always synced, and/or the devices you’re using to add entries aren’t online when you do. Might consider using a designated device for database modifications.

That used to happen to us before we started using SyncThing (and before we had data plans on our phones).

By the time we migrated to it, we had a home server running 24/7 and this ensured that at least one device in the chain was always online, had the latest version of the database, and pushed it to other devices as they came online. Our phones also have data plans now, so things generally sync in realtime which helps avoid issues.

If you don’t have at least one always-online device, I think the next easiest way to avoid sync conflicts is to modify the database from one designated device. That way even if a conflict does arise, you’ll know which device is always correct.

For resolving the conflicts, I would open both databases, sort by modified, and review the latest changes in each.

KeePass, and more specifically the KeePassXC (desktop) and KeePassDX (Android) ports.

My wife and I have shared a single KeePass database for about 15 years now and I couldn’t imagine switching to anything else.

My reasons have remained the same over the years:

• Free and open source
• Offline (but supports cloud sync)
• Lightweight
• Cross platform
• Supports autofill

I would never entrust the management of my credentials to a 3rd party online service. They’re an easy target (it’s only a matter of when, not if they are breached), and they could go out of business at any time.

We don’t use cloud storage for anything these days, but we keep the KP database (and many other things) synced across more than 7 devices using SyncThing, another amazing FOSS project.

I haven’t experienced that personally but Reddit’s Imgur has also cracked down on VPNs and many hosted pics and gifs will not load, depending on your selected server.

Stealth works as well.

Almost any basic web host will allow you to create unlimited email addresses and/or aliases for your domain. Most will offer this service with even their cheapest “shared hosting” plans. And if all of the aliases are going to same person, just enable the catch-all mailbox. Why bother with an email-only service at that point?

There are too many differences for me to list here, but unlike mobile operating systems, Windows and most Linux desktops do not provide sandboxed environments for userspace apps by default. Apps generally have free reign over the whole system; reading/writing data from/to other apps without restriction or notification. There are virtually no safeguards against malicious actors.

Mobile operating systems significantly restrict system-level storage space, making key areas read-only to prevent data access or manipulation. They also protect app storage, so one app can’t arbitrarily access or modify data stored for a different app.

Mobile operating systems also follow an image-based update model, wherein updates are atomic. System software updates are generally applied successfully all at once or not at all, helping to ensure your phone is never left in a partial or unusable state after a system update.

For desktop users, macOS, and atomic Linux distros combined with Flatpak are the closest comparisons.

Most operating systems will require your desktop password upon resume, and most thieves are low-functioning drug users who are not about to go Hacker Man on your laptop. They will most likely just wipe the system and install something else; if they can even figure that out.

Yeah, I’m sure there are a lot of variables there. I can only say that in my experience, I noticed zero impact to gaming performance when I started encrypting everything about 10 years ago. No stuttering or noticeable frame loss. It was a seamless experience and brings real peace of mind knowing that our financial info, photos, and other sensitive files are safely locked away.

No, the average user will never know the difference. I couldn’t tell you exactly what the current performance impact is for hardware encryption, but it’s likely around 1-4% depending on the platform (I use LUKS under Linux).

For gamers, it’s likely a 1-5 FPS loss, depending on your hardware, which is negligible in my experience. I play mostly first and third person shooter-style games at 1440p/120hz, targeting 60-90 FPS, and there’s no noticeable impact (Ryzen 5600 / RX 6800XT).

It does help greatly in general though, because all of your data will be encrypted when the device is at rest. Theft and B&Es will no longer present a risk to your privacy.

Per-app permissions address this specific threat model directly. Containerized apps, such as those provided by Flatpak can ensure that apps remain sandboxed and unable to access data without explicit authorization.

While it would certainly be nice to see this addressed, I don’t recall Signal ever claiming their desktop app provided encryption at rest. I would also think that anyone worried about that level of privacy would be using disappearing messages and/or regularly wiping their history.

That said, this is just one of the many reasons why whole disk encryption should be the default for all mainstream operating systems today, and why per-app permissions and storage are increasingly important too.