That’s definitely a factor to consider, but running binary blobs that you don’t have the source for is also a risk. It comes down to what threat vectors you think are important and what risks you’re willing to take.

It’s probably because they use busybox instead of gnu utilities so it’s not technically GNU/Linux, but yeah.

Short answer is Trisquel if you like Ubuntu/Debian, Parabola if you like Arch, and Guix if you like frustration.

The libre kernel is a bit of a pain regarding wifi and bluetooth, and depending on your graphics card the drivers aren’t going to run quite as well. You might need to get new a wireless card/usb, since there’s only a few modern chips that work with it.

There’s a list of distros on gnu.org that use the libre kernel by default, if you want to look at more options. PureOS is based on Debian focused on privacy and security. Hyperbola is based on Arch with 32 bit and BSD options.

Personally I use Guix, which is an amazing abomination with awesome features that most people don’t care about. I wouldn’t recommend it for most people unless you are coming from NixOS, know a lisp dialect, and/or are willing to put in a lot of effort.

Looks good. I’ve always found it annoying that lemmy doesn’t do this by default.

I’m not sure about the license though. Creative Commons recommends against using their licenses for software, since it doesn’t include terms regarding source code, doesn’t handle patents, and it’s usually incompatible with free software licenses.

Identities are somewhat decentrallized, but it’s pretty different from ActivityPub. People can host user data separately, but it isn’t really an instance. It is technically possible to have other relays (basically instances), but requires handling all the data on bluesky to connect to it. It would cost probably 50-100k USD/year, and that number will go up as more people join or if there’s more relays.

The biggest thing is probably non-destructive editing, so you can do stuff like apply filters without them changing the underlying image. Gtk3 should add better support for tablets and wayland. There’s also better layer tools and font support. A lot of it was on the backend, which should eventually allow for using other color spaces like cmyk natively.

It’s too bad that GLIMPSE fork never took off.

They’ve been working on porting it since back in 2012, and didn’t want to redo a bunch of the porting work before they even released it.

There’s a list of people that have agreed to block it at https://fedipact.online/

There’s Anki which is one of the most popular flashcard apps. Kiwix is pretty great for having tons of offline content from websites like Wikipedia, StackExchange, and Khan Academy, but I’ve run into a few bugs with it. I believe the current version isn’t on F-Droid but they plan to remove the non-free build tools in the next version. There’s the translation dictionary QuickDic. There’s some language specific apps like Der Die Das and Starke Verben for learning German, Kakugo, Fun with Kanji, and Kanji Dojo for Japanese. There’s several language specific dictionaries like Nani?, Nheengaré and a PReVo. For learning numbers/time there’s the Nanji clock widget that can show the printed time in several languages.

It can also happen with apps from the main repo. If the app is reproducible (about 5% so far, most new apps) then F-Droid will use the developer signature.

It depends. Many addons have effects that can be tested for and fingerprinted, but it’s not always straight forward. There’s a way to detect any specific chrome extension, but doesn’t work on firefox because it uses unique extension ids per person.

With addons like CanvasBlocker, they generate random values for a bunch of apis like canvas. So each time you will look unique, but it changes every time so you’re not easily tracked. I’d assume it’s similar to what Brave does, but I haven’t looked into the details. Some stuff isn’t randomized by default, so they can get info like timezone and languages, but probably not enough to give you a unique identity.

There’s CanvasBlocker for Firefox that can do fingerprint protection.

Riseup is run by activists entirely on donations, so I don’t think that ‘you are the product’ really applies. Be a bit cautious anyway though, because they have given info to the FBI before. Of course Proton has handed over IP logs to Swiss law enforcewent too. There’s only so far you can really trust any VPN. I still think they’re more trustworthy than most other ‘free’ VPNs though.

I think they just have multiple test instances to test federation between them.