Alternative solution: Since YouTube disabled all ads in Russia, you can just use russian vpn/proxy for the most effective YouTube adblocking possible.
Alternative solution: Since YouTube disabled all ads in Russia, you can just use russian vpn/proxy for the most effective YouTube adblocking possible.
As a guy from Russia, I must admit that vpns are not a big problem for censors. They can be easily blocked, including self-hosted ones by protocol detection. And DNS would not do much with IP and clienthello-based blocks. And most users are not enough tech-savvy to constantly switch to new protocols as old ones get blocked.
I would say, that from most important to least important components are:
Ukraine use ads for anti-putin propaganda. So the russian goverment told Google to moderate ads, or all Google services will be banned. Google decided to just disable ads in Russia completely.
Basically, if you do not see any reason to switch from systemd then you should not. The thing with systemd is that it is really big and complicated. If you just use defaults of your distro systemd works just fine, but if you want to (or have to) change something fundamental, then dealing with this monstrosity becomes a bit of pain. You basically end with the situation where you are in a war with your own PC. After some time of this, dealing with an init system that does exactly what you tell it to do feels refreshing. There is also the part, where some init systems (sysVinit and runit) boot faster then others (openRC and systemd), but it is not that significant. I use runit BTW. With my setup I spend much less time dealing with runit then I used to with systemd. That being said I still miss some of systemd features.
Thank you for your work, but why not just use ff2mpv?
I mean "something out of ordinary about it affects your experience with this distro the most".
If Mozilla gets blocked, people would just install some other browser (probably, something from Russia). I do not see how this helps anyone but the government itself. And departure of hundreds (if not thousands) of western companies did nothing to the Russian government, some problems with a browser with almost non-existent userbase would have the same effect. It should be quite clear by now that such tactic simply does not work.
VPNs are not categorically banned in Russia either. Just 95% of them. Categorical ban is not actually required here. Government can just create licensing procedure and license only those VPNs, which follow "rules". I do not see how this is different from ISP bans.
Sorry for giving a rather useless advice. Of cause, you know about native packages, but since you are asking about flatpak, you, probably, have a reason to chose it. So, my original message was mostly intended as a joke, for which I am sorry.
Does it have a separate add-on store?
Void was created just for testing xbps. Without xbps there would be no Void.
If you want serious optimizations - then Gentoo is your choice. But seriously, there won't be any serious difference between distributions. What really matters here are DEs and browsers. I would recommend some kind of lightweight window manager like i3 or dwm. If you do not want to configure everything yourself, then your choice is lxde/lxqt. Also, you can use distros without systemd (void, artix, devuan, gentoo etc), but that does not matter that much.
It is easy to install another shell indeed, but it is quite difficult to configure it. While installation of DE is usually done with just one command. And you can use linux without DE, but not without shell. Many distributions even do not install DE by default at all.
Most C binaries usually do not contain everything needed for their execution. It would make them too platform-specific. What most c programs do is that they use standard c library from platform for low-level things and communication with the system like memory allocation or stdin/stdout things, for example.
Gentoo users? Void users?
Distrobox will introduce a startup lag of it's own. I would rather recommend (seriously this time) something like nix (it is officially supported for your distro) or junest.
I, personally, use Void Linux, which is a 'flagship' runit distro. But if you want a bigger package repository, then devuan is also a good choice.
WSL?
Various mint apps come preinstalled.
By the same logic they should not be able to force ISPs to ban sites, but here we are. If they can enforce bans with ISPs, why can't they do the same with VPN providers?
From what I understand, their own domains are not actually decentralized. Each of them has it's own "authority" that can control what is or is not allowed to be registered. Emercoin domains look more promising, but I am not knowledgeable enough about them to say that they are actually decentralized. I would say that the closest thing to fediverse is DNS system in I2P, there different DNS providers federate with each other and share their records.
Maybe, I do not use bazzite and cannot check. But it used to be a feature. You can, of cause, start distrobox at startup, but literally running almost two operation systems might not be the best for performance and RAM usage.
Well, it's up to you to decide if advantages of a distro are more significant to you then disadvantages.
I would argue that the best part about void is not actually runit and xbps, but minimalist dependencies.
I wouldn't care about unofficial status of hyprland package, since it is unofficial in most distros.
And about the lack of some software. There is a thing, called xdeb, that allows you to automatically convert any deb package to xbps package (with correct dependencies). You can even automatically install them from any deb repository via xdeb-install tool.
You are probably right. It is probably even more important than kernel.
Https does not actually make difference here. You can still detect VPN usage by unencrypted clienthello, encryption-inside-encryption, active probing, obscure libraries that vpn protocol depends on, etc.
At first, please, be a little bit more patient and no, I am not a LLM.
All https traffic is https-encapsulated by definition. And you can look inside https just fine. The problem is that most of data is TLS-encripted. However, there is so-called "clienthello" that is not encripted and can be used to identity the resource you are trying to reach.
And if you are going to https-encapsulate it again (like some VPN and proxy protocols do) data will have TLS-encription on top of TLS-encription, which can be identified as well.
And about libraries: VPN protocol Openconnect, for example uses library gnutls (which almost no one else uses) instead of more common openssl. So in China it is blocked using dpi by this "marker".
It is going to show the censor that you are trying to reach different banned websites (and, probably, google, facebook, etc), all hosted on your server. Your beautiful website is all fine, but in clienthello there is still google.
It is not necessary fingerprinting of clients, you can fingerprint the server as well. GnuTLS for this particular purpose is used only by Openconnect and that is just an example. This tactic is very effective in China and Russia and collateral damage is insignificant.
And various western anti-censorship organizations wrote articles, that such methods are not possible in Russia as well, but here we are. China's yesterday is Russia's today, American tomorrow and European next week. Here it all started in the exact same manner, by requiring ISPs to block pirate websites. And between this and blocking whatever you want for the sake of National Security (for example, against Russian hackers) is not such a long road as you think it is.
Native packages? Sorry.
It is extremely fast and simple. Also, it has its own "aur", called xbps-src. But nowadays void is not just xbps, it is also defined by runit (which is also extremely fast and simple) and minimalist dependencies (you will have to manually install many things, that other distributions ship reinstalled, in case you need them. By the way, if you prefer GUI package manager, there is octoxbps (not an advantage of xbps, but you might want that when you try void linux).
Or just install gdebi.
The lag would be noticeable when you launch Firefox with stopped container (for example after reboot or manual stop).
Fortunately, it does not usually cause high load, but it still exists. The only thing I can recomend here is to always check if the dependencies of any package you install in container require to run in the background and avoid those which do.
Same design, different technologies. LXDE was dropped in favor of lxqt. In terms of performance both are almost the same, but in the future, when all of old code will be dropped from lxqt, it would be lighter. Also lxqt looks more modern compared to lxde.
If you want sane defaults, try lxqt. It is still a huge improvement in performance after cinnamon, but you don't have to manually configure everything like in WMs.
Guy, I visit yandex.ru every day. It is my homepage.
It seems to me that you did not read my message, so here is the repeat:
Here is even some proof of that: https://www.reuters.com/markets/europe/russia-tightens-grip-media-yandex-sells-homepage-news-rival-vk-2022-08-23/
Toolbox is effectively the same thing as distrobox. It is a linux distro inside docker-like container. They even use the same images.
I'm talking about encapsulating traffic in an encrypted tunnel.
As I I have previously mentioned, if you are encapsulating all traffic in an encrypted tunnel, then most of the data would have two layers of encryption. This can be detected, and, in fact is being detected in China and, experimentally, in Russia.
The beautiful website I've imagined for a situation where some DPI robot will, say, visit it to check that there really is a website there.
That is a good protection against active probing, but active proving is not the only detection method, available for censors.
You also seem to be mixing up such entities as VPNs, proxies and encapsulation.
How did you come to this conclusion?
BTW, I'm using VPNs in Russia from time to time. Something doesn't work, something does.
What are you trying to say here? What does work? What does not?
I'm describing a specific kind of encapsulation.
What I understood from you is that you are talking about encapsulating TLS-encripted traffic in https, TLS-encripting it again. If I understood you wrong, please correct me. There are countless software solutions for that, but they are not panacea, because double layer of encryption can be detected and your beautiful website does not need encryption-on-top-of-encryption. It is obvious that you are reaching something else.
Please explain how are you imagining that
I do not have right now links to articles about that exactly, but here is an old article about somewhat similar tactics that China uses to block encrypted proxy protocols like shadowsocks, for example: https://gfw.report/publications/usenixsecurity23/en/
If xmpp and matrix are included, why not include email?