fossisfun

Actually it is the same story with TLS 1.3 and TLS 1.2. A bunch of sites still doesn't support TLS 1.3 (e. g. arstechnica.com, startpage.com) and some of them only support TLS 1.2 with RSA (e. g. startpage.com).

You can try this yourself in Firefox by disabling ciphers (search for security.ssl3 in about:config) or by setting the minimum TLS version to 1.3 (security.tls.version.min = 4 in about:config).

Until a couple of weeks ago I used Fedora Silverblue.

Then, after mostly using GNOME Shell for about a decade, I (reluctantly) tried KDE Plasma 5.27 on my desktop due to its support for variable refresh rate and since then I have fallen in love with KDE Plasma for the first time (retrospectively I couldn't stand it from version 4 until around 5.20).

Now I am using Fedora 39 Kinoite on two of my three devices and Fedora 39 KDE on a 2-in-1 laptop that requires custom DKMS modules (not possible on atomic Fedora spins) for the speakers.

Personally I try to use containers (Flatpaks on the desktop and OCI images on my homeserver) whenever possible. I love that I can easily restrict or expand permissions (e. g. I have a global nosocket=x11 override) and that my documentation is valid with most distributions, since Flatpak always behaves the same.

I like using Fedora, since it isn't a rolling release, but its software is still up-to-date and it has always (first version I used is Fedora 15) given me a clean, stable and relatively bug-free experience.

In my opinion Ubuntu actually has the perfect release cycle, but Canonical lost me with their flawed-by-design snap packages and their new installers with incredibly limited manual partitioning options (encryption without LVM, etc.).

My whole infrastructure is designed so that my homeserver is expendable.

Therefore my most important tool is Syncthing. It is decentral, which is awesome for uptime and reducing dependance on a single point of failure. My server is configured as the "introducer" node for convenience.

I try to find file-based applications, such as KeePassXC or Obsidian, whenever I can so that I can sync as much as possible with Syncthing.

Therefore there is (luckily) not much left to host and all of it is less critical:

• Nextcloud AIO: calendar, contacts, RSS, Syncthing files via external storage
• Webserver: Firefox search plugins (Why is this necessary, Mozilla?!), custom uBlock Origin filter list, personal website

So the worst thing that can happen when my server fails is: I need to import my OPML to a cloud provider and I loose syncing for some less important stuff and my homepage is not accessible.

Since I just rebuilt my server, I can confirm that I managed a whole week without it just fine. Thank you very much, Syncthing!

Linux Mint nowadays supports release upgrades, but you have to follow their blog to know when a new major Mint release is out and you have to manually install mintupgrade and do the upgrade.

So it is definitely not caused by technical constraints, as Mint has implemented the difficult part (providing and testing an upgrade path) already. Notifying the user about a new release upgrade shouldn't be too difficult? E. g. in the most simple form you could probably preinstall a package that does nothing at first, but receives an update once the next Mint release is out to send a notification to the user to inform about a new Mint release.

When it comes to elementary OS, I think they could support in-place upgrades, as they properly use metapackages (unlike Mint, which marks most packages as manually installed and doesn't really utilise automatically installed packages and metapackages in a way that you would expect on a Ubuntu-based distro), but they probably don't want to allocate / don't have the resources to test an official upgrade path.

But again, I don't understand why it is so difficult for elementary OS to at least provide a simple notification to the user that a new version is out. Even if the users have to reinstall, it is critical to inform them that their OS is about to become end of life. You know, people do things like online banking on their computers ...

It's the first thing I check with every distribution and if it doesn't have an EOL / upgrade notification, it is immediately out.

This has always been the case with Ubuntu. Ubuntu only ever supported its main repository with security updates. Now they offer (paid) support for the universe repository in addition, which is a bonus for Ubuntu users, as they now have a greater selection of packages with security updates.

If you don't opt-in to use Ubuntu Pro, nothing changes and Ubuntu will be as secure (or insecure) as it has always been. If you disable universe and multiverse you have a Ubuntu system where all packages receive guaranteed security updates for free.

Please note: I still don't recommend Ubuntu due to snapd not supporting third-party repositories, but that's no reason not to get the facts right.

Debian has always been the better choice if you required security updates for the complete package repository.

Personally I have my doubts if Debian actually manages to reliably backport security updates for all its packages. Afterall Eclipse was stuck on version 3.8 for multiple Debian releases due to lack of a maintainer ...

There are plenty of reasons to get rid of Ubuntu, but this isn't one of them.

Before Ubuntu Pro, packages in universe (and multiverse) were not receiving (security) updates at all, unless someone from the community stepped up and maintained the package. Now Canonical provides security updates for universe, for the first time since Ubuntu has been introduced, via Ubuntu Pro, which is free for up to five personal devices and paid for all other use cases.

Debian is actually not that different (anymore). If you read the release notes of Debian 12, you'll notice that quite a few package groups are excluded from guaranteed security updates, just like packages in universe are in Ubuntu. Unlike Ubuntu, Debian doesn't split its package repository by security support though.

It misses one important choice: "I want to get notified of new releases of the operating system and want to have a graphical upgrade path."

Otherwise people just run their no longer supported OS until something stops working (I've seen this countless times ...), as very few people follow blog posts or social media feeds of their operating system.

This rules out lots of supposedly "beginner friendly" distributions, such as elementary OS or Linux Mint, as they don't notify users about the availability of a new distribution release. Elementary OS doesn't even offer in-place upgrades and requires a reinstallation.

Your're right, ideally wear reduction should probably be done by the display itself. But considering how little manufacuters often care about OS-agnostic approaches, it might be necessary to have software workarounds?

Variable refresh rate (VRR), HDR, OLED (e. g. I'd like the panel to become grey and move items around a bit to lessen burn-in) all involve GNOME for hardware support.

Outside of that the toolkit's file picker is used, as the system doesn't seem to provide one (via the portal), so the only reasonable fallback is to show the file picker that you know is there, which is the one of the application's toolkit.

I actually like to use Comic Neue for personal stuff. https://comicneue.com/

Ubuntu is another nice font, which I like to use for more serious documents. https://design.ubuntu.com/font

For system fonts I use whatever comes preinstalled. I don't modify the font defaults in any way.