Magiilaro

LXQT or KDE I just like the QT look and feel.

GNOME is great in general but not for me, it is too much MacOS alike and too limited for my liking.

If you want to take that from my text then feel free.

To test this you need an external observer who can register every quantum outcome and therefore can see/measure in every quantum reality. How else would you get verifiable and reproducable data?

We are very far away from such a possibility, we don’t even know for sure if quantum theory (or which one of the many specific quantum theories) in general or the many worlds interpretation in speciality is even correct or not.

It is a nice thought experiment though.

Tinkering, in my personal definition, would mean installing third party repositories for the package manager (or something like the AUR on Arch) or performing configuration changes on the system level… Just keep away as most as possible from accessing the root user (including su/sudo) is a general a good advice I would say.

My Arch Linux setup on my desktop and my servers are low-maintenance. I do updates on my servers every month or so (unless some security issue was announced, that will be patched right away) and my desktop a few times a week.

Nearly anything can be low-maintenance with the proper care and consideration.

For your constraints I would use just use Debian, Alma Linux or Linux Mint and stick with the official packages, flathub and default configuration on the system level. Those are low-maintenance out of the box in general.

I only bind applications to ports on the Internet facing network interfaces that need to be reachable from outside, and have all other ports closed because nothing is listening on them. A firewall in this case would bring me no further protection from external threats, because all those ports have to be open in the firewall too.

But Linux comes with a firewall build in, so I use it even if it is not strictly needed with my strict port management regime for my services. And a firewall has the added benefit to limit outgoing network traffic to only allowed ports/applications.

Yeah, that’s why I am against Microsoft Keys on my systems

I fail to see the positive side of that…

Loading BPF code from user space is, I hope, only possible with root access to the system. That would mean that an attacker needs root access to exploit BPF, but if an attacker has root access what stops him/her to do anything they want? At this time the system is lost anyway.

Or am I missing anything?

Yes I can. But I am a Linux system administrator with 20 years of experience. This should not be the level of measurement for stuff like this. 😉

What I meant was: Don’t put a Microsoft master trusted authority in the Kernel, unless one chooses to install a Microsoft distribution. And don’t go the SSL/TLS way with the huge number of default authorities that get installed on every system. It would be a pain to be forced to always build my own Kernel again just to keep Microsoft or any other institution/company that I find untrustworthy out of it.

I hope we will learn from the SecureBoot debacle and not give Microsoft the primary signing keys and infrastructure for this again.

Das ist keine Linux Distribution, ReactOS ist ein Projekt um ein 100% Windows kompatibles Open Source Betriebssystem zu erschaffen. Die Kompatibilität umfasst alle Bereiche, also auch z.b. Windows Treiber, nicht nur die Möglichkeit Windows Programme starten zu können. Und was den Look aus den 90ern angeht: Es gibt ein Windows XP Theme, der Look ist also durchaus im Jahr 2001 angekommen 😎😉

Making errors and analysing them to figure out what went wrong and why is a huge part of learning. You can only learn so much from theory, some things can be learned best by trial and error and the experience gained from it.

When I started with Linux I did choose to use Gentoo Linux because it was the most complex and complicated option, so I had the most opportunities to learn something by ducking up!