The new repo has two releases in it now. These releases are not signed with the original key as far as I can tell. Further, GitHub is silently redirecting to the new repo, even in Obtainium, meaning it’s possible that if you had this previously installed via Obtainium and updated now, you may have unsigned apks installed that may or may not contain the changes in the repo.

This is a mess. I deleted the repo from Obtainium (luckily I don’t auto install updates) and will wait to see what happens over the next few months. Might just save my notes in a network share instead of using syncthing from my phone. Idk, notes are all that I was using it for.

Watch for spicy pillows… they’ll light your stuff on fire.

Well, yes, but that is not exclusive to Pixels, and in fact, most phones (other than the latest iPhones) are more vulnerable. Pixels, especially the latest devices, have the best hardware security features of any Android phone (unfortunately). You’re focused on Pixel, but that’s only because of the recent leaks which specifically focused on Pixel because of their breaching difficulty. Here’s the full matrix from last year (which hasn’t leaked as recently):

https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation

GrapheneOS, even now, is not vulnerable for several reasons, most of which tie into the hardware features of the Pixel. There’s a reason Graphene only works on Pixel.

All I’m saying is that it’s entirely misleading to imply that only Pixels are vulnerable. This is not the case, even for iPhones.

I’m also not sure why you seem to be trying to say I disagree on the fact that Google is happy to leave vulnerabilities wide open, when that is exactly what I said in my original comment. Their new release schedule allows them to leave these vulnerabilities open for an even longer time, making Cellebrite’s job easier.

The law enforcement angle is exactly the point, yep.

I prefer my PC off when I’m not using it, that way it’s encrypted.

My local Lowe’s and Home Depot have the only Flock cameras in my county (for now, anyway).

Containers are better than any other option, so of course they’re being used! I’m gunna use containers even harder!

They’re making their own phone now. It’s not going to die, at least not in that way.

Do you have the exploit compatibility mode enabled in the settings? Under Apps > [Your Banking App]

Hmm, strange that the config file didn’t work - that’s actually how I do it (but with Mullvad and wireguard). No installation necessary if you can figure out why it’s not working.

Totally fair - you gotta find and use what works for you!

Ah, yeah, if your VPN only provides a run script you may need to try it in distrobox and see if it works there. It’s probably trying to put libraries in immutable portions of the install. Good work figuring Linux out, I know it can be a bit daunting at first but you’ll get the hang of it!

That’s what immutable means in this case. You can’t modify outside of your user directory, at least not directly, on immutable distros. The files outside of your ~ home path are read-only. You can override that a few different ways, however. If your VPN has a flatpak, that’s the easiest way to get it up and running. If you don’t care about more space (minimal, if you only do it for your VPN) being used, you may be able to follow your VPN’s fedora instructions, replacing dnf with rpm-ostree. That will likely allow you to install as you can in other distros.

Feel free to ask any questions if you have any, I’m happy to help.

For real, full AMD on Fedora is incredibly stable and smooth.

You keep saying this, but then do not elaborate very much. A lot of your comments in this thread have been something about Bazzite being bad/complicated/slow. Bazzite is not necessarily more complicated, it’s actually a lot less complicated in most ways and is difficult to break by design, as are other immutable distros. This is precisely why it is pushed to new Linux users. It’s a good starting point to have something that just works and not have to worry about much. I think a lot of long time Linux users are used to having full control over every piece of the OS, and have (like yourself) come to expect all distros to work that way. That’s fine and I totally understand that, but you should also consider that those who have not built the same habits from non-immutable might prefer a more hands off approach. I’ve used Linux for almost two decades, and I daily drive immutable because it’s so stable. I’m able to scratch the itch of wanting to mess with stuff by using distrobox, and if I’m really messing around, just using rpm-ostree. Sure, it’s different than normal distros, and it’s not for everyone, but it got my partner to use Linux on their own without any issues.

It’s okay to suggest other options for sure, but don’t get snarky when people are suggesting what works for them. The main benefit of Linux is that you have a choice in the first place, and you aren’t going to be stuck with whatever distro you’re using if they decide to do something catastrophic.

There is no such thing as a one-fits-all distro.

I’ve never had an issue with any community tools on an immutable distro. Especially distros that have distrobox, but for the most part, the community tools I’ve needed use lutris or flatpak and do not require compilation. Do you have an example of some of the tools you’re talking about? I’m not necessarily doubting you, I just haven’t encountered it before. You can also still install things (at the cost of image space) with rpm-ostree.

Did you set up secure boot during setup of Bazzite, out of curiosity? It has the ability to function with it and should prompt you if I remember correctly.

Cachy won’t necessarily be a magic bullet for Nvidia drivers, especially for older GPUs.

It’s a good option though, I just wanted to set expectations.

People suggest Bazzite because it just works and is difficult to break or otherwise have things to wrong. I’m not sure what you mean by “struggles to keep up”, can you explain?

Also, you know about rpm-ostree and distrobox, right?

They think line won’t go up if they don’t shove it down every user’s throat. They’ve put most of their eggs in that basket.