If switching browsers is too much, install a browser extension that blocks these trackers. I asked Disconnect and DuckDuckGo to help with this article because they both make tracker blockers, but there are other options, including Privacy Badger and Ghostery. Certain ad blockers also block some data harvesting, including AdBlock Plus and uBlock Origin.
I have been using Privacy Badger for a while. Glad to see it mentioned here.
If you don't trust your distro packages, you should not use that distro. In my mind Arch Linux maintainers are way more trustworthy than a random guy maintaining the Flathub version.
I currently run it in Kubernetes but I just translated my existing Docker setup to it. I recommend setting up PostgreSQL and Redis if you can for the best performance, but SQLite and no-cache-approach is also fine for the beginning (you just run a single container).
That being said, I think Nextcloud is not very cloud-native. I set up Redis just so I can do rolling updates with zero downtime (filesystem locks are kept in Redis' memory instead of the app's own), but I still get some server errors for a brief moment during updates (for less than 10 seconds).
While that's the case for the Workstation (GNOME), in KDE Plasma version the desktop environment is a rolling release. It shouldn't take more than a a few days, considering their previous Plasma releases.
It is Hollow Knight. I played it before I knew about Dark Souls and even the word "soulslike". It was the first game I have ever played that required significant brain-usage and practice to beat. Its art direction is also impossible to love. Before this my idea of high quality games were things like Grand Theft Auto. And now only FromSoftware games I haven't played (and gotten all achievements in; yeah I am pretty passionate about games I like 😁) are the PlayStation exclusives. Luckily ShadPS4 exists, so I plan to try those very soon as well.
That's not what a supply chain attack is. No part of Arch Linux or derivatives depend on AUR and you don't have to use it.
The attack simply highlights oversights in adoption of orphaned packages and those need to be addressed for sure.
I have always tried to keep my AUR packages to a minimum (a few packages at most), and always read their PKGBUILDs and updates to them. Today, I don't use any AUR package as all the ones I need are now packaged in official repos.
AMD is losing a lot goodwill recently. At this rate, I am willing to only buy their GPUs because their drivers works the best on my OS of choice. Sad to see.
While I like the premise, I don't think the advantages of running a stripped down kernel warrants the tedium necessary to do it. If it was simply a package that you could update with your package manager, then I guess it would be worth it.
While VLC is great, I have had cases where it failed me regarding hardware accelerated decoding.
mpvhas never let me down with this.