Running everything under a single user is possible, but it also means an issue with a single app could wipe everything. It's better practice to add each user to a media group, and set *arr and qbittorrent to use this group and allow write permissions for users in the same group (e.g. 775 instead of 755). This means all users (plex, qbit, *arr) in the group media can access and modify files owned by media (or use the GID).
Chewy7324
joined 1 year ago
Yes, third party app stores were a pain for a long time, until Google allowed other stores to update apps unattended. A user having to comfirm each individual update was a terrible user experience.
Google and other pre-installed app stores circumvented the issue by being installed with system privileges to install any app unattended.
Any third-party store who'd want to do the same would either have to pay other manufacturers to be pre-installed, or require their users to root their phone. Or they were annoyed by updates and use the Play Store instead.
Yes, since Android 12 app updates doesn't require user confirmation for updates through the store which installed an app originally. This came at a similar time as the Epic lawsuits, so it might be a concession to prevent losing a lawsuit about their anti-competetive behaviour.
Google did pay manufacturers to not include third-party app stores [1], but I they can't force other stores to pay them any fees. It's bonkers to me that Apple wants to charge other app stores for providing apps to their consumers, who paid Apple to own their device.
[1] https://www.theverge.com/2021/8/19/22632806/google-epic-premier-device-program-lg-motorola-hmd
Someone pedantic: It's source-available, because it doesn't grant the necessary freedoms to e.g. redistribute and modify the code.
I was oblivious to some context in the thread.
Agreed, a single physical copy can easily be lost.
Making physical copies often requires cracking/piracy. E.g. in my jurisdiction it's illegal to circumvent "functional" copy protection, even though the right for a private copy is written in law. The problem is courts consider DVD's long broken copy protections functional.
This is why in my opinion physical copies and piracy/cracking go hand in hand. The former isn't possible without the latter.
E.g. I bought Lego Star: TCS again on Steam, because it was less work than getting rid of the copy protection on the disk.
Like any media/data you want to store indefinitely: build/buy a NAS with enough storage.
Luckily Steam will keep Duck Game in my library, but I dread the moment Valve leadership changes. Steam has existed for 20 years, and I naively hope I'll still be able to play my games in 40 years on my Steck Deck.
The hardware attestation feature is part of the Android Open Source Project and is fully supported by GrapheneOS. SafetyNet attestation chooses to use it to enforce using Google certified operating systems. However, app developers can use it directly and permit other properly signed operating systems upholding the security model. [...] Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS.
https://grapheneos.org/usage#banking-apps
My banking apps work on GrapheneOS, so I guess they are using hardware attestation instead of SafetyNet. LineageOS won't pass hardware attestation because it doesn't support locked bootloader.
Altough features like Top Shot (short video while taking pictures) and face retouching are available in the Pixel Camera app (from Play Store), they can't be configured unless Google Photos is installed. For advanced editing features (magic eraser) GPhotos has to have internet permission.
The pre-installed GrapheneOS Camera isn't as good as official Pixel Camera, but Pixel Camera works without any internet permission.
Imo there's no point in using GrapheneOS while using Google's internet-assisted editing features.
Where I live there's a single ISP which doesn't use Jibe. RCS is largely Google, and this likely won't change with iPhones supporting RCS.
The global IPv6 address is usually not directly reachable from the internet for incoming traffic. There's still the router with a firewall which blocks all incoming connections, so having an IP for each device doesn't make a difference for security.
With IPv6 ports still have to be forwarded on consumer routers by default, the main difference is that it doesn't have to be translated to a different IP.
This also means I can have multiple hosts on my home network listening on the same ports, because their public IP's are different.
You're right, media could still be wiped. Other data owned by users would be protected (e.g. configs).