SpaceCadet

There was a short period of time when enlightenment was the default window manager for Gnome, later to be replaced by Sawfish. It was a hideous experience by the way.

Early Gnome was weird. The Gnome File Manager was also originally based on the terminal program Midnight Commander.

True that. Hadn't thought of that as it's not my typical VPN use case.

I'm not sure what a VPN provider could do about that though, they don't control the operating system's networking stack. If the user or an outside process that the user decides to trust (i.e. a dhcp server) adds its own network routes, the OS will follow it and route traffic outside of the tunnel.

The defenses I see against it are:

• Run the VPN and everything that needs to go through the VPN in a virtualized, non-bridged environment so it's unaffected by the routing table.
• Put a NAT-ing device in between your computer and the network you want to use
• Modify the DHCP client so that option 121 is rejected

Edit: thinking about it some more, on Linux at least the VPN client could add some iptables rules that block traffic going through any other interface than the tunnel device (i.e. if it's not through tun0 or wg0, drop it). Network routes can't bypass iptables rules, so that should work. It will have the side effect that the VPN connection will appear not to work if someone is using the option 121 trick though, but at least you would know something funny was happening.

Don't you control your dhcp server?

It was a bit rocky coming over from Plasma 5, but settled in nicely now.

Oh and don’t forget to take backups of your /home. Thats good practice for every desktop environment.

The config files of the major desktop environments have become a mess though. Plasma absolutely shits files all over ~/.config and /.local/share where they sit mingled together with the config files of all your other applications and most of it is thoroughly undocumented. I've been in the situation where I wanted to restore a previous state of my Plasma desktop from my backups or just start with a clean default desktop and there is just no straightforward way to do that, short of nuking all your configurations.

Doing a quick find query in my current home directory, there are 57 directories and 79 config files that have either plasma or kde in the name, and that doesn't even include all the /.config/* files belonging to plasma or kde components that don't have it in their name explicitly (e.g. dolphinrc, katerc, kwinrc, powerdevilrc, bluedevilglobalrc , ...)

It was much simpler in the old days when you just had something like a ~/.fvwmrc file that was easy to backup and restore, even early kde used to store everything together in a ~/.kde directory.

apt purge nano is one of the first things I do on a new Debian installation. Much easier to remember than having to use update-alternatives, select-editor and the $EDITOR variable to convince the likes of vigr,vipw, visudo,crontab -e,... that I really want to use vim as my primary editor.

Not really, because you're now going to make it do more, i.e. incorporate the functionality of sudo and expose it to user input. So unless you can prove that the newly written code is somehow inherently more secure than sudo's existing code, the attack surface is exactly the same.

The attack surface will be a systemd daemon running with UID=0 instead, because how else are you going to hand out root privileges?

So it doesn't really change anything to the attack surface, it just moves it to a different location.

We are talking about LTS distros, not about bridges. The context is pretty clear.

That's a you problem. Your interpretation is wrong.

Quoting from the Debian Manual:

This is what Debian's Stable name means: that, once released, the operating system remains relatively unchanging over time.

Stable means unchanging in this context.

Just go Debian.

Ubuntu used to bring a bit of spit and polish at a time when most Linux distros lacked that. Nowadays it brings nothing worthwhile to the table anymore, it's just brand recognition, but what it does bring is aggravation for experienced users.

I had this realization a few years ago when I found myself fighting against 20.04 and I asked myself: what exactly is Ubuntu doing for me that plain Debian can't? The answer was nothing really, so I moved all my Ubuntu VMs over to Debian Bullseye and never looked back.