Neptr

In addition, on that website under "Manual>Troubleshooting", the manual states the following:

Bwrap error on initialization (Ubuntu)

If Nyxt crashes on start due to bwrap, then disable or configure the apparmor service.

This vague wording is terrible advice. Disabling AppArmor outright destroys Snap sandboxing and the general security of your operating system. Configuring AppArmor is a better option, but a specific should be given as an example.

For example, from the readme file on Cromite's Github repo:

""" 1. Creating an apparmor profile for cromite

Create /etc/apparmor.d/chrome, and write:

abi <abi/4.0>,
include <tunables/global>
profile cromite /home/user/cromite/chrome-lin/chrome flags=(unconfined) {
userns,
include if exists <local/chrome>
}

replacing the cromite binary path with where you have placed cromite.

Now, run sudo apparmor_parser -r /etc/apparmor.d/cromite to apply the changes.

2. Disabling the restriction until next reboot

sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

3. Disabling the restriction permanently

Add kernel.apparmor_restrict_unprivileged_userns=0 to the file /etc/sysctl.d 60-apparmor-namespace.conf. Create the file if not exists. """

EDIT: I hate trying to get Lemmy to format multiline code blocks.

Currently only supports WebKit and Blink (experimental) as underlying browser renderers. The description of the browser starting with the words "Nyxt is a browser with deeply integrated AI [...]" is a turn-off for me. If it is for powerusers, call it what it is. It could be a LLM or some algorithm, idk.

I may check it in a year. For now, for Blink (Chromium) engine use Cromite browser + uBlock Origin Lite, for Gecko (Firefox) use Librewolf or Mullvad browsers.

The browser app is the only program where (to me) Security/Privacy fully supersedes any concerns customizability and usability.

Nice

YouTube is a monopoly. The reason no one really uses multiple platforms to upload videos at the same level as YouTube is because it was run for a long time at a lose to push out all competition. I have no simpthy.

They do other things than just hangings. I wouldn't suggest that executive punishment is a solution to crime rates, just look at the USA.

Yes, but Plasma doesnt protect against screen recording. The Devs expressed interest in protecting against arbitrary screen capture, still work in progress. See this issue: https://invent.kde.org/plasma/xdg-desktop-portal-kde/-/issues/7

Flatpak is installed on basically every Linux distribution. Literally all I do to install Steam is go to the Software Center and search "steam" and click install. It takes 2 clicks.

Cinnamon with Wayland is still in testing. X11/X.Org is unmaintained software and is less secure than Wayland. GNOME is the only desktop at the moment that actually protects the screen from arbitrary recording by applications. Just food for thought.

I don't like Snaps either, but it isn't a that big of a deal. Ubuntu is still vastly more private than Windows. I do prefer Fedora much more because it actually sandboxes system services with SELinux polices. Snap creates a better sandbox for applications than Flatpak, but it is slower to launch applications, depends on AppArmor (which is less secure than SELinux), and uses hard coded package repo (centralized design).

On Linux, you can install Steam inside a sandbox for better security. Easy to do with either Flatpak or Bubblejail. This makes it so that Steam does not have full file system access.

Disabling unnecessary background services, disabling telemetry, removing preinstalled adware. Easy to do with WinUtil by Chris Titus Tech.

Fuck Bluesky