Most Linux users never use anything CLI

Indeed but I’m not talking about “most users”.

Why would Linux phone users use CLI?

You want to automate something with a script or want to create some workaround for something.

But (what I said is that) all of that you can get in various Linux distros too

Sure, but these distros aren’t the go-to choice of tinkerers. As I said for the normal Ubuntu user LineageOS is completely fine. “Proper” Linux phone’s target audience are Arch, Gentoo, Void,… users.

the basic difference for devs is Google/Android SDK

For devs sure but “tinkerers” aren’t always devs. They can just start as someone who just “pokes” into their system and eventually dives deeper, or stays forever at the “fix a thing here and there” level. In my opinion you don’t get this granular spectrum of skill. You either are an Android developer (be it Android app or Android system developer) or Android user. Maybe that isn’t true but the original topic was “why Linux phones when AOSP forks exist” and I think “tinkerers” might think this way about Android.

I honestly did not give much thought to the difficulty of pulling such attack off. With “not sophisticated” I just meant that it’s not complex to grasp. “You just have to pretend to be a different person”. I guess yeah that is pretty difficult.

Yeah I mean it’s often said that any second factor is better than just password so it’s probably not a big deal. My issue is mostly that it’s an attack vector that could easily be eliminated. For example if banks allowed third party 2FA apps. I think I’ve read somewhere, that some banks even only allow hardware keys for business accounts which is honestly absurd.

I stated why OP is painting a misleading picture about xbps-src in my other reply but I guess the only thing you missed is xi. xi is tool that allows you install both source and binary packages. So it’s kinda like yay with the caveat, that there is no central place for user submitted packages.

xbps-src is both a tool to build official packages from source and a way to install Void’s “official AUR packages”. Meaning packages that are maintained by Void/Arch devs but for whatever reason do not belong to the main repository. That’s the only way it’s comparable to the AUR.

But saying that xbps-src is like the AUR is very misleading because it lacks the “U” part. Official AUR packages are only a small part of the AUR.

The difference between Android and “proper” Linux? You said it:

Android is a semi-immutable (heavily modified and basically owned by Google) distro that runs app in sandboxes.

That is not what “tinkerers” want. They want access to the system. I have not tried it but can you even run an android app from the command line? I guess you can somehow but that just brings me to my other point. You kinda have to be an Android dev to tinker with Android, while on “proper” Linux the learning experience is more granular.

edit: indeed running Android apps from CLI is not very tinker-friendly:

https://stackoverflow.com/questions/6613889/how-to-start-an-android-application-from-the-command-line

It’s nothing sophisticated. You just steal someone’s phone number by calling their phone service provider pretending to be them. I don’t know how serious this threat is but for this reason SMS is not considered secure in the “security circles”.

https://www.howtogeek.com/358352/criminals-can-steal-your-phone-number-heres-how-to-stop-them/

https://www.fcc.gov/consumers/guides/cell-phone-fraud

The issue is that the banking app is often the only way to get 2 factor authentication. The other way is to use SMS but that can be hijacked by social engineering attacks so it cannot be considered secure.

I worded my comment badly. I was not talking about supply chain attacks, rather the ability to tinker on “proper” Linux which you don’t get on Android.

The “know it better” is, I think, a big argument, that’s imo often a bit overlooked. Android does not have that much “tinkers” as “proper” Linux has. For the average Gnome DE @ Ubuntu user, Android forks are fine. But if you’re the kind of person, who optimizes their Arch system with cool scripts from Github, you won’t get the same experience on LineageOS. I know Termux is a thing but that feels more like a workaround.

Edit: Had to reword the comment, because people thought I was talking about malware and supply chain attacks.

Edit2 to clarify my point: I think big downside of Android is that if you want to tinker with it, you basically have to be an android developer. With “proper” Linux the barrier to entry is smaller and the learning experience is more granular. Hence why we think “we know ‘proper’ Linux better”.

It does not matter how powerful the phone is as long as the drivers suck. The original Pinephone would have been fine if it had proper standby mode. If this makes it to production, it’s going to be ewaste. Judging by the fact that they don’t mention software challenges and only focus on privacy/foss buzzwords and le epic HW specs.

What CPU do you have? Have you enabled hardware accelerated virtualization in the BIOS? Did you do any tweaking when running the VM? I had a Windows 10 VM on a 2013 laptop, so what you are describing might just be bad configuration.

Enabling virtualization in the BIOS is required for usable performance. Tweaks are optional but I highly recommend them because out of the box Windows VM feels pretty sluggish mainly because of bad graphics configuration. For that I use Quickemu which is a script that automatically sets up your VM for optimal performance. (Works for MacOS VMs too but I have not tried it) Finally you can try debloating your Windows 10 installation with Chris Titus’ Winutil, which btw also includes some useful Windows tools like a GUI for package manager.

CLA is basically a requirement for any larger scale open source project. It would be mental to add a “this single edited line is licensed under X license” to every tiny commit. Microsoft’s CLA does not tranfer rights btw, it just licenses your contribution to M$ under “basically BSD 0 clause license” terms.

I guess sure they could do a ragpull but it does not make much sense. Reasons:

1. they have open sourced it themselves

2. It’s made by M$ for M$. They don’t have competition in the Windows space, so there is no point to hide the code.

Also what would be the worst thing that could happen if they did that? You would either use a fork, because WSL2 is basically feature complete at this points, or you would be have to use a proprietary app on a proprietary OS. Imo the licensing of WSL specifically is the least of Windows’ issues.

I actually do know what I’m talking about. See https://www.gnu.org/philosophy/selling.en.html

Many people believe that the spirit of the GNU Project is that you should not charge money for distributing copies of software, or that you should charge as little as possible—just enough to cover the cost. This is a misunderstanding.

Though I advise you to read the whole article. They for example explain why you should charge “substantial fee” for redistribution of Free Software.

But you posted an image of Stallman with “absolutely proprietary” written inside said image. You can imply whatever you want but it’s weird to add that image when Stallman would be completely fine with “pay-walling a free OS”. Rather he would probably even encourage it.

The official python installer uses wpa_supplicant if it doesn’t find NetworkManager. On my debian I was using wpa_supplicant for eduroam only because it could not “find” NetworkManager on my machine.

Ignoring Red Hat which according to the Software Freedom Conservancy organization are GPL violators.

But with Ubuntu it depends on whether you consider paid repositories features or support. Sure you can just compile it yourself but that’s kinda the same thing Zorin is doing: https://lemmy.world/post/29546682/17016426

Stallman’s usual take is “Yeah sure you can sell it, as long as you respect the 4 freedoms.”. So I don’t think selling Free Software is against the spirit of FOSS. The issue is rather that the Free Software is against the spirit of selling because realistically you can sell it to one entity which can then just make 7 billion copies of said software. At that point it’s no longer financially viable to sell it for you.

I also think that the majority of people creating Free Software would be fine with someone else selling it. Remember how much permissive-licensed software is out there. If authors really cared, they would have licensed the software under GPL, but instead they even allow it to be used with commercial licensing. Obviously I’m not taking away your opinion, but I don’t think your opinion represents the majority of FOSS.

According to this comment

https://lemmy.world/post/29546682/17016426

it’s not absolutely proprietary. It’s just Free Software they are selling, which is approved by Root Mean Square.

they don’t

https://lemmy.world/post/29546682/17016426

I know what kind of projects you are talking about, I just think it’s kinda pointless to talk about “shifting focus” when 99 % of focus has already been shifted since forever. The projects you listed are really just hobby projects. It’s kinda like saying people should stop working on “alternative” init systems and they should instead work on systemd. People working on hobby project won’t suddenly shift to professional projects, because that would kinda ruin the hobby.

I see so many people here on Lemmy who are desperately waiting for Linux phones to replace their iPhones or Android phones

In my opinion it’s similar situation with the users. I think people waiting for Linux proper phones aren’t really waiting for a replacement for their Android phone, rather for a niche alternative for hackermen, like alternative init systems to systemd or Gentoo to Ubuntu. It doesn’t have to be a drop in replacement, it just has to do the job (calls, sms, internet, camera, usable battery life). Right now it does not even do the job.