• 1 Post
  • 85 Comments
Joined 2 years ago
cake
Cake day: October 28th, 2024

help-circle
  • I think the issues are more likely to happen if you update less frequently. I used an Arch distro on my secondary PC for a few months. I admit I never ran into any major breaking issues, but every week or so when I did an update it sure felt like I would run into an issue since the updates were massive. I didn’t even have that much installed. Also reading through PKGBUILD and changelogs was annoying, but if you didn’t do it and ran into an issue the forums would just blame you for not reading them.

    So while I didn’t run into any major issues myself, I could sense that maintaining it was more work than I wanted. And later on I read this lemmy post which validated my decision: Realizing Arch isn’t for me after updating broke VLC.

    Compare this to the update process of Bazzite. It happens in the background, and automatically applies when you reboot. You don’t even need to be aware of it. You can easily rollback if something breaks. And it’s pretty guaranteed to be stable because all Bazzite users have the same base, so it’s well tested before being released.




  • Fair enough. It’s a device small enough to keep on your body or close by, so physical security isn’t too big a worry I guess. Just be aware that if somebody does get access to it, they could just pop the microsd card out, write malware to unencrypted partitions, and extradite your sensitive documents once you unlock the LUKS partition. These are the kinds of “evil maid” attacks that secure boot and verified boot were meant to protect against, but unfortunately most SMBCs don’t have those capabilites (only ones I’m aware of that do, are RPi5 and most x86 SMBCS).

    As for the firewall, could you use a VPN or tailscale to access your services? Then you could just point the DNS to your private IP. The services would be completely secure from the outside and you wouldn’t have to use a firewall.