I’m honestly baffled. These are two companies that are clearly past their best days, largely because of a string of controversial decisions in recent years that have pushed many users toward alternatives that feel more reasonable and do not attempt to re-educate users’ behavior.

On point 👌

You don’t need a cert authority to self-sign. You can do it once and be good to go.

That’s why tools like keepass allow you to require more than just a password to decrypt.

Yup thanks for the heads-up!

Yup piper is a good option. install:

• extra/speech-dispatcher
• aur/piper-tts-bin
• aur/piper-voices-common
• aur/piper-voices-…-…

Then configure speech-dispatcher according to arch wiki and enjoy TTS via command line spd-say or in firefox directly (switch to reading mode for a website).

You should not store your privates keys unencrypted. In fact by default your keys are stored password protected just as if you’d store them in keepass.

There is indeed a big difference between requiring a specific password vs. requiring a specific device or software to be able to use the service. Keep in mind that big tech can very conveniently leverage this technology to lock you in. For example think about Apple, Google and Microsoft requiring you to use passkeys, and then later require you to use your certified phone and app. Most people will not be able to “go elsewhere”.

You seem to be falling for what the author was writing about. Only because you could technically try to use keepassxc to store passkeys, that does not mean that it will work. You see passkeys were build in a way the service you’re trying to login to can decide if they accept your keepassxc for passkey storage or not. It looks like you are in control when you are actually not.

Correct, I use Kast on the desktop, works nicely

If you’ve got a nextcloud somewhere, you already have everything you need running. Install required extension and login in antenna pod. Works nicely, can recommend it.

Just don’t use flatpaks. Let your distribution handle updates like it is supposed to do.

I would contradict you. The internet is not overreacting, Mozilla and parts of its community try to downplay the issue at hand.

Kudos to Niccolò for openly speaking about his mistake of incorrectly stating his video was not sponsored. However I think he made a second mistake which is more serve. As a content creator he must pay more attention to what companies he’s accepting sponsorship from. Given the track record of malibal, this should have been a red flag in the first place.