Original article is 404, so probably a fake or other error.

Its popularity.

Thanks, didn’t know. It’s indeed a well-established myth then. Corrected my post.

It’s inherited from a historic convention from the UK. Historically the rationale was that the month was more important than the year, so they put it first, although this has no useful consistency or order to it.

Unfortunately, kind of dumb decisions from the past tend to stick and keep existing for an unnecessary long time because people get used to them and then never change them. Popularity or habit can beat reason, objectivity etc…

• Tor browser for anonymous/private regular browsing (without logging into personally-identifiable accounts)
• Vanadium (GrapheneOS’ Chromium-based browser, maybe it’s usable on non-GrapheneOS as well?) in combination with a good crap-blocking DNS server
• Brave is decent but has some bad default settings, can probably be configured to behave well (similar to regular Firefox)
• Firefox + forks are generally not that great (at least on Android?) because their sandboxing capabilities (and maybe other security features) are weaker compared to those of Chromium-based browsers. See also: https://grapheneos.org/usage#web-browsing
• Proprietary browsers like Chrome, Edge, Opera, and so on all contain loads of on-by-default-spyware and should never be used

An easy analogy that common users can understand is e-mail. E-Mail is also decentralized, everyone has an e-mail address but everyone uses a different e-mail host (the domain name after the “@”). So e.g. “[email protected]” has an account at gmail.com but “[email protected]” has an account at mailbox.org. Both are completely different, yet they can communicate with each other. There’s not one company controlling or storing every single e-mail account or inbox. It’s spread out and everyone can choose the mail provider they like or trust the most.

Then you use that as a bridge to explain Lemmy, or Mastodon, or other Fediverse social media platforms. And remind the listener that single companies having full control over everyone’s accounts is generally bad and opens the door for all sorts of abuse and manipulation or arbitrariness.

Sure.

• https://www.scss.tcd.ie/doug.leith/apple_google.pdf
• https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pdf … and when you use for example Samsung, Xiaomi, Huawei made mobile OSses, it’s even worse of course, because then their own telemetry comes on top of that from Google as well. They want to have pieces of the cake too.
• https://www.kuketz-blog.de/google-play-services-die-ueberwachungswanze-von-google/ (you might have to translate that page. That guy is a well-known privacy and data protection researcher, white hat hacker and also a data protection official in a federal state in Germany. He’s very objective)

Just for reference, this is what the Google Play services app transmits roughly every 20 minutes to Google if it has network access:

Phone #
SIM #
IMEI (world-wide unique device ID)
S/N of your device
WIFI MAC address
Android ID
Mail Address of your logged in Google account
IP address

And that is when you have disabled ALL telemetry in ALL of the options, even the most hidden ones. So this is the minimum amount this app is always gathering from every Android user using the Google Play services app, no matter what you selected. Other Google apps (like the Play store app) could then contain additional telemetry on top, this is just the common base of all Google proprietary apps. Or the minimum amount of privacy violations you get when using proprietary Google apps on your phone, no matter what.

If you use GrapheneOS, I’d recommend not installing/using ANY Google apps at all (not even Play store or Play services). To get apps, you should use (roughly in this order of priority): 1.) GrapheneOS’s app store for the built-in apps 2.) Accrescent app store (has several good open source apps, is intended to be more secure than F-Droid) 3.) Obtainium (for getting open source apps directly from their source repos) or if you really can’t get into Obtainium, use F-Droid instead 4.) Aurora Store (for getting apps from the Google Play store without sending too much data to Google. Only do this if there is no open source app available for doing the same thing).

To fully mitigate the removal of the Play services app, you also should probably install/configure something like ntfy with UnifiedPush to get battery efficient push notifications and ideally use apps which also use that, e.g. the Molly fork instead of Signal. It’s quite easy to do, just something to be aware of. Otherwise your battery drain might be a bit higher. Then you’re also independent from Google’s push notification infrastructure. But you need a UnifiedPush server to go along with it, either self-hosted or use a public one. There are some privacy friendly ones public ones out there.

Fedora gives you a secure and functional desktop distro out of the box while with Arch, you can get that as well but have to invest more configuration time, since you have to configure things like Secure Boot, SELinux, disk encryption, firewalls, AppArmor and other security stuff by yourself, it’s not going to have all that jazz by default, since Arch is a minimalistic and modular DIY-like distro, so it’s up to the user to configure this. Arch doesn’t put obstacles in the way of the user but also doesn’t just preconfigure this stuff. But it’s all there if you need it. Arch also offers a linux-hardened kernel variant which uses various hardening patches of the GrapheneOS project for the kernel (not sure if Fedora offers this as well). Experienced Linux users tend to like Arch’s approach because of more flexibility, modularity and minimalism while still offering everything necessary, but the less experienced of a user you are the more you probably will have problems with this approach, and the more you want more things to be pre-configured out of the box, so that you as the user have to configure less stuff. The more you view it that way, the less suitable Arch is for you.

But both are excellent and modern distros. Fedora is generally for people who want to generally spend less time configuring their desktop distro. Arch is for people looking for either a more universal distro or something more modular, technically simple and customizable.

The RedHat backing of Fedora can be a blessing (lots of great stuff came from RedHat so far) but also could become a curse soon due to IBM’s influence (which bought RedHat some time ago, and IBM isn’t such a great company, and this can negatively impact RedHat as well) and current US politics (it’s a US-based company). Arch, on the other hand, is even more independent than Fedora is and it’s a fully community-run distro, and from all community-run distros, it’s of very high quality, similar to Debian. Both Debian and Arch are also quite democratic in nature. If IBM hadn’t bought RedHat, and US wouldn’t be like it is today, I’d maybe view this differently but as it is I’d rather use a community-run distro than a US-corporation backed one. Even if Fedora is still very independent as a project, or so it seems.

If you’re very well familiar with Arch there’s really no need to switch to Fedora, but it can save you some time or configuration trouble overall in some cases, while it could also mean more potential trouble with major upgrades than with Arch with its frequent but lightweight updates all the time and never a big major version upgrade because Arch has no versions at all, it’s purely rolling, whereas Fedora is a mixture of rolling and point release. That said, if you update your Arch very infrequently (e.g. only once every couple of weeks), you will also have a higher chance of update troubles (though these are often easy to solve for an experienced Arch user, but can be crippling for a newbie). To benefit from Arch’s update mechanisms, you have to update frequently, as in every couple of days, at the very least once a week. And you really should set up a fallback mechanism, e.g. via filesystem snapshots, so you can revert an update which went wrong. Although so far, one of my Arch installations here is like 7 years old and there were only very minor update issues during that whole time, all of which were solvable via downgrading a specific package, waiting 1-3 days for the fix and then upgrading that package. So I’d say Arch is much more stable than its reputation, but still, even objectively small update issues can be devastating for you if you don’t know how to solve them, so it again depends on the user.

Another factor is probably going to be whether the AUR or Fedora’s community repos have more of the additional packages that you need for your use cases, from the packages that aren’t in the default repos.

Which of the two distros makes more sense depends highly on the user, the user’s familiarity with Linux basics, the user’s available time, and general use cases. I’d say both choices are excellent for a desktop distro, and Fedora would immediately become my daily driver if I ever became unhappy with Arch. Which so far hasn’t happened.

Another option if you still can’t decide between those two excellent distros would be an Arch derivative like EndeavourOS or CachyOS, which pre-configure more of Arch for an easier desktop use out of the box. So they are more like Arch of course (based on it) but trade away some of Arch’s subjective “weaknesses” for Fedora’s subjective “strengths”. I say “subjective” because those weaknesses and strengths can be different for each user and use case. Sometimes this gets forgotten in discussions like this. It’s not a clearly defined drawback if your distro doesn’t preconfigure most stuff out of the box. Whether that is a drawback or not depends on the user. However I’d assume that most users probably prefer more pre-configuration. But still, one size doesn’t fit all.

Well this got longer than intended but I hope it helps for decision making.