Ich kann dir nur das aktuelle Interview der Lage der Nation mit Baerbock empfehlen. Es werden die Waffenlieferungen kritisch angesprochen. Ich finde es wichtig, ihre Position zu diesem Thema zu hören, um so die eigene Meinung besser bilden zu können. Hier der Link zur Online Version, falls kein Spotify genutzt wird.

The discussion around this isn’t differentiated enough. Germanys foreign Minister has explicitly stated that what was exported, is stuff whose purpose is defensive in nature, e.g. Ground to air missiles. I can’t say if that is true, though there is some corroborating material. Nevertheless arms exports is too general as a category in my opinion.

Totp for login to Bitwarden is in the free tier. Totp codes for other accounts saved in bitwarden are not. There is a separate free totp app by bitwarden though.

Yubikeys have a Totp functionality as far as I remember. You will find more information on their website. (Edit: this should be the needed instructions)

Never tried it but I am guessing, this is the way it should work: it‘s the same as any other TOTP authentication app, just that the string from which the totp is derived, needs to be stored on the yubikey. On Bitwarden you would use their free Totp tier, which should provide you with that string.

Honestly, i would pay the 10$/y to use WebAuthn, support Bitwardens development, and make my own life easier

The dual root partitions we described in Deepin 20.5 are gone, but version 23 still sets up a moderately complex partitioning scheme, including an EFI system partition, a 1.5 GB /boot partition, a swap partition, and a 15 GB root partition, and the rest of the disk given to a partition labeled _dde_data. All are in plain old ext4 format, but there’s some magic being done with the data partition that we didn’t have time to trace. It appears to be mounted at multiple places, including /home, /var, /opt, and a mount point called /persistent beneath them all. We’re not sure exactly how it’s been done, but the distro has some kind of atomic installation facility with rollback.

Lack of proper documentation by Deepins Devs is enough of a red flag for me to never consider trying it.

I will say it again: The way i read it, it sounds like the companies will get some general data if their ads work, without a profile about you being created. I am fine with that.

Just imagine what a boon it would be for the “normal“ less tech savvy, if advertisers switched to a more privacy respecting technology like this.

If more privacy focused people don’t like it, they can simply disable it by ticking one box, without negative consequences (unlike content blockers and similar techniques where a website can penalize you, turned off PPA is not detectable).

It has no downsides as far as I am concerned. It doesn’t give advertisers additional data that they wouldn’t already be able to get, it just creates the option of measuring their ads in a privacy respecting way.

Does anyone know why they switched to this new packaging format, especially since they, as far as i can tell, were using flatpak before? I cant find any explanation on it in blog posts or release notes. In general i find the information they provide on implementations (atomic updates etc.) rather minimal.

Some SATA and NVMe devices support hardware encryption (TCG OPAL2 standard) and with the latest cryptsetup LUKS devices can be configured to use hardware encryption to encrypt the data either by itself or together with the existing dm-crypt software encryption. Support for this feature was added in the latest cryptsetup upstream release and we’d like to provide an option for users to use this feature when installing Fedora with disk encryption.

As this is an expert option, it will be available only through the kickstart interface. […] There will be two new options to select either hardware encryption only or hardware encryption in combination with software encryption (analogous to the --hw-opal-only and --hw-opal options used when configuring hardware encryption with cryptsetup).

It‘s not only about using the tpm to unlock the FDE, you should be able to do that on every distro with systemd-cryptenroll. The part that is new, is the the measuring of the systems integrity. It’s a way to ensure that the firmware has not been tampered with, the boot loader is the one that was installed and has not been replaced, that the kernel is exactly the one that comes from the distribution, that the kernel command line is the one that we expect, and that the initrd that is used does not contain any extra binary that we do not control.