My main OS (debian) ssd started throwing Io errors this Friday night and I had to work Saturday, only image I had laying around was Fedora Kinoite. So that's what I'm running until I order a new drive. I'm getting my wife a new laptop soon and was considered silverblue (she's a Mac user but very quick with tech in general).

Anyway after using it a few days, I think when I get my new drive I might just go ahead and put Kinoite on it. I'm used to running my dev stuff in containers anyway and toolbox makes it super easy. Rpm-ostree is a breeze (though it takes a minute to build on this ancient USB hdd, I'm replacing my dieing SSD with an nvme so I don't foresee the ostree builds as being an issue).

I think immutable is absolutely the way forward, especially for less computer literate folks. It will keep them more protected and if they do mess up something the rollback is a breeze.

I'd suggest one of the fedora atomic installs, maybe even get a couple renewed Thinkpads all set up, one with kde and one with gnome and let them play with them for a few days. I was the only engineer in my company that ran Linux and the bosses only concession was that I carry a windows PC too when he was onsite with me so he'd understand what I was doing, but he provided a nice one for me so I never complained.

No offense taken we all have different knowledge and background. I have a general understanding of podman, but now I'm going to go play with it a bit at some point and get more familiar with it.

Docker is Apache 2.0 licensed. It is open source. Or at least all of the important parts. I'm not sure about docker desktop. It's partly that I just have a lot of experience with docker, and partly just that it's what is supported in most projects' documentation. The fact that a lot of the Linux foundation training uses docker is another reason I've got more experience with it.

As far as what you are talking about people have been trying for years. The Pirate Bay wanted to develop a new method of being entirely decentralized. Odysee is working on something like blockchain/torrents combined that is very interesting. We have I2P and TOR which have some of the features you mention. I'd love to see it happen where the big companies didn't control things.

There is progress though. https://letsencrypt.org/ is non-profit, and there are a variety of open source projects using this to automate TLS certificate signing.

Check out https://www.sigstore.dev/how-it-works and pay special attention to Fulcio and Rekor. It's not for web certs, but it's still a very interesting take on a certificate authority.

There's no technical reason what you are saying couldn't work. It just comes down to how do you trust it, and if you can't at all, it doesn't do much good anyway. That's the problem to be solved. You could compromise somewhere in the middle but then you have to work out what is acceptable. I suppose the level of trust could be configurable, with different nodes earning a different level of trust, and you could configure your accepted levels for DNS or CA. It's an interesting idea.

gofumpt and gofmt are the best. One of the reasons if I have a choice I'll code in go. I heard rumblings that rust was working towards having rustfmt be a standard crate.

I know I know. If you wanna install certbot another way feel free. Share it with me I'm sure it'll take up less space. I only did it that way because it's the certbot official©®™ instructions. That and I had issues with the other method I tried.

My site is on a rented server at digital ocean. Some providers do more or less to protect you themselves though. I don't think digital ocean does much monitoring or protecting, I've had servers on there compromised in the past that would have been caught by my current setup. It can't hurt in any case.

I also run crowdsec on my home setup but I don't have any open ports at home and never get alerts. I had suricata running and plugged into crowdsec as well so it would handle blocking for both, but suricata never got to get any action with crowdsec blocking malicious activity, so I disabled it to save resources.

I remember when Ubuntu came out I was working in a PC repair shop. Not gonna give any opinion on this but the standard procedure for people wanting a fresh XP but didn't have a license key was "well it's $90 for a fresh install, or we can put a pirate pro corporate on it". I e-mailed canonical and they sent me a whole stack of Ubuntu CDs in nice branded sleeves. I kept it by the register and started offering that as an alternative to piracy for people that didn't have a license key and didn't wanna fork over the cash for one, Not many people chose that option, but I had a lot of good talks with people and plenty of people took a CD to try the live Ubuntu. I hope some of them ended up making the switch. I'm kinda disgruntled with conical these days but I'm an old greybeard who grew up in Slackware. I still recommend Ubuntu to beginners along with fedora.

I would second any Thinkpad that has USB C charging. That's what I'm looking to get next. Renewed ones are <$300

Everyone needs to hear this. But most people don't even know about it.

Haha I love it. c++ is definitely super useful. I never got that deep with it but I've certainly benefited from many things written in c++. Wrote small things and I've had to debug it on occasion just to get something working. It usually ended up being a compiler flag I had to set. I ended up going into web and network related stuff after college. Perl was my goto back then but I'm loving these newer languages and the thought put into some of it. For example the struct, interfaces, and type systems in go could probably replicate a lot of what you would use the classes and objects for.

I used c++ in college, and I think it's useful to know c because so much relies on it. That said if I'm going to do something that needs performance I'll look to go first, then rust if go isn't a good fit, but that's mostly because I know go better. Both are excellent languages.

If I just need something functional quick and easily I'll turn to Python. If I need a net service quick node.js is great.

VIM for the win. I really enjoy the built in file browser accessed by the command :explore

I also code in go frequently and go-fmt and go-lint etc work flawlessly. You can use whatever LSP you want so you get your code tips and autosuggestion etc.

The tabs and split window functions are nice too. Plus if you learn Vi well it's on almost every system in existence. Nano not so much