In case any PureOS people are reading this, consider making the info on PureOS security in your wiki easier to find.

You say in your blog post to "See the PureOS wiki to learn more about the extensive security features in PureOS." You link to your wiki's front page[1], but the word "security" is nowhere to be found on that page.

And if you click through to the only page that seems like it might have section on security, the "Overview and some general information about PureOS" [2], the word "security" is nowhere on that page either.

I'm still not clear where in the wiki this info is, but the security features and defaults are one of the most interesting things to me about an OS.

[1]:https://tracker.pureos.net/w/

[2]:https://tracker.pureos.net/w/pureos/

Searching for this on Google give back 5 results, with only 1 that is semi-relevant[1], which is their FAQ page. They don't have a question specifically about security, but they talk briefly about it while answering other questions.

    inurl:tracker.pureos.net/w/ "security"

[1]: https://tracker.pureos.net/w/faq/

Thank you, I've updated the link. Let me know if you'd like to hear more about the security features and I can get Kyle (security) and Jeremiah (PureOS) to jump into this thread.

Instead of having Kyle & Jeremiah elaborate on it in this thread, which will quickly disappear into the aether, probably better to elaborate on it in your wiki. PureOS’s main customer base are techies and hackers who will be very curious about security, and a thorough writeup on it could be a strong selling point.

There's also Talkyard, https://www.talkyard.io — sort of a cross between Slack and StackOverflow and Discourse. It's open source, I'm developing it.

This looks really interesting—I could see our team using this for internal support and discussions around our services!

Couple questions:

- It does OpenAuth right now, and mentions enterprise auth as an advantage for StackOverflow. Is enterprise auth (e.g. LDAP) on your radar as a future thing you just haven't been able to get to yet, or not considered part of the product at this point?

- Is there a capability in the product to disable specific components? For example, the discussion and StackOverflow/Quora-like features look great, but we're already using a messaging system so we don't need the Slack-like functions. Is there a way to not present those so users don't stumble into them thinking they're going to be used?

Thanks for all the work you're doing--this looks really interesting!

> Is enterprise auth (e.g. LDAP) on your radar as a future thing you just haven't been able to get to yet

Yes it is

> Is there a capability in the product to disable specific components? [...] we don't need the Slack-like functions

Yes, there's an admin area "Features" tab, with a checkbox for disabling the chat.

(Someone else also wanted to disable it; they were using Slack already.)

Thanks you too for the questions

Awesome, thank you! I'll make a note to keep an eye on it as it grows. Good luck!

It seems to be hugged to death at the moment so I cannot read it but it seems like a great idea.

I cannot see how Stack Overflow still has no real competition after all they've done to encourage people to find other solutions :-/

It's at GitHub too: https://github.com/debiki/talkyard

(What OS do you use? Sometimes the website won't load in iPhone, although works for me in my iPhone 7)

Hi, Just wanted to say thank you for sharing this information. It will help, especially for the small shops and teams which are only now having to adopt these feature for the immediate future.

A bit outside of the "work" domain, but I've found BigBlueButton to be a really powerful tool for hosting webinars and online teaching [1]: https://bigbluebutton.org/

Yesterday I discovered Jamulus for playing music together online. It has very low latency and is available on Windows, Mac and Linux.

The time for sound to go from your instrument to the ear of the other participants should be 30ms at most (equal to standing 10 meters apart).

I think low latency would also help make video conferences less tiring.

any recommendations on remote desktop? I was using Anydesk and now it freezes every 10 seconds on a lot of my instances the past few months. Need to move to something else.

I am an Arch Linux laptop user. Plain RDS through Remmina works great for Windows machines. When not usable, I found AnyDesk to work fine-ish (but it changes system keyboard settings, which is annoying). I can't use TeamViewer which still doesn't support Wayland.

Now I understand the grey screen under sway.

I have no recommendations that are free-as-in-speech.

NoMachine[1] is free-as-in-beer[2] and it works nearly flawlessly across linux/windows/mac.

1: https://www.nomachine.com/

2: It's freemium with the following note: "If you need to create virtual Linux desktops on demand, want to limit the logins to SSH, or are using NIS, Kerberos or other enterprise functionalities, you need one of the NoMachine Enterprise products you can download"

Does nomachine work if my computer is behind a firewall?

If you can forward the ssh port, yes.

I've been using Parsec, it's marketed as a game streaming service but it just streams your whole screen at a very good rate. It works perfectly for me.

Before I tried Windows Remote Desktop and TeamViewer and had issues with both. I specially had issues with the mouse not being replicated properly so 3D software bugged out.

We’re about to roll out remote work for our small office using chromebooks and chrome’s Remote Desktop. I’ve had success using chrome Remote Desktop personally, so hopefully it works as well for my users.

Have not used it in a couple years but GoToMyPC worked pretty well when I was using it.

Is the best, free (not necessarily open source), email desktop client still Thunderbird?

If you don't need a calendar, PGP support or [censored list of broken features so that the trolls don't descend], then it's certainly one of the most popular ones. But how would you even quantify "best"?

I personally migrated to Evolution at a particularly frustrating moment relatively recently, and it's been less painful for a lot of things. It has built-in calendar and PGP support, which certainly help. Unfortunately searching through message bodies is unusably slow.

I don't know whether my standards are unreasonably high, but several colleagues have expressed similar views on both.

Not trying to troll but I use Thunderbird for calendar (synced with phone and family via my radical server) and PGP (for the one friend who has a public key). Are you saying these need to be built in and not provided as plugins?

I find the search in Thunderbird to be amazing. I have archives going back 20+ years and it searches them instantly.

Self-hosting email with dovecot, if that makes a difference.

Thunderbird supports email encryption.

I switched to Evolution from Thunderbird recently and I must say, it is way more pleasant to use than Thunderbird.

Dealing with exchange is a pain. OWL or something charges like 10 a year to get it to work with a 30 day trial. Works flawlessly but I just can't be bothered to pay for it right now. I may hit a point though where I I just will do it.

Also a unified calendar is out of the question.

I'm using davmail + thunderbird to access my O365 emails + calendar. Works flawlessly for me but does mean you have to have a separate application running to provide the gateway. I run mine on the same machine as my email client but you could easily host it on a server and connect via that.

Evolutions-EWS provides good support for exchange. Not perfect, but fine for most day-to-day use e.g. mail and calendar.

I've been happiest with KMail, FWIW.

Yeah, I'll second this. Thunderbird was missing many features, Evolution was always slow, KMail was featureful and fast.

Claws is what I've been using for ages. Works great. Infinitely configurable and scriptable, too.

Both evolution and claws are better IMO.

Any recommendations for some party games ? We tried https://jackbox.tv/ with some colleagues yesterday evening, that was pretty fun.

My sister is managing a project aggregating ideas and resources around connecting midst pandemic remotely here http://bit.ly/virtualhugideas and there's a page for games https://sites.google.com/view/virtualhugs/games?authuser=0

We did an online pub quizz yesterday, actually worked well!

- One general hangout, where everybody's muted except the quizz master - One hangout per team to chat - Google doc to fill in the answers (make sure everybody starts from a template, to easily count points) - Google slide for the questions

Lots of fun! I think the quizz master role is more lonely, as you don't really hear anybody (we had 2 masters, I think it helped)

My group played the card-based Snake Oil[1] over Zoom last Friday. The game is out of print, but you can probably find it on eBay, and I believe you can find the list of cards online with some googling. We had one person virtually dealing the cards and everyone was responsible for maintaining their set. It worked very well over a virtual venue.

I think this would work reasonably well for Cards Against Humanity and Apples to Apples as well. Pictionary and Charades should also work.

[1]: https://www.snakeoilgame.com/

Depending on the group taste, these suggestions might help!

- Drawful 2. Free on Steam. https://store.steampowered.com/app/442070/Drawful_2/

- Pictionary clones. I like https://sketchful.io/

- Local coop games via Steam Remote Play. https://store.steampowered.com/remoteplay

- Virtual scape rooms.

I find that Minecraft always works, for all kind of people!

No, I passionately hate Minecraft and his looks

What do you use for back-office things, like accounting, inventory, etc?

Take a look into erpnext or odoo. Two different products, Python/web based, paid support, and a a lot of users.

Gnucash or Kmymoney.

I used to hate gnucash but I have basically become an accountant with my own life. For businesses it can definitely be used for minimal crm tracking and invoices.

I love Gnucash but I am not sure that it is the best tool for remote/distributed work since it cannot be used by multiple users concurrently without corrupting data.

I understand the allure of it, but why would you want multiple people manipulating an accounting like file at the same time? That seems like something complicated enough that you wouldn't want multiple people in it at once.

In a bigger environment you'll have more than one person handling payments, contracts, commitments, ...

Ahh yes now I get what you mean. I guess I didn't think about it like that. I was just thinking like a simple small business.

Ledger

I'm glad to see Mastodon is gaining commercial acceptance.

It's like Twitter to me when it first launched. What honestly is the allure of it? It's really just real time Twitter with chat functions but I am probably really naive to it's uses

My very personal opinion is that the allure is mostly to people with PR/Marketing/Comm tendencies. It's basically crack for individuals or roles who thrive on attention & engagement with others (or the illusion of it, if we're going to be cynical).

But thats every social media site. Mastodon feels more like a techy or "in the know" journalist oriented of a site...and apparently hookers too.

Each instance tends towards being an echo chamber for a particular niche group. This had advantages and disadvantages.

Another free tool for setting weekly goals with your remote team: https://teamsuccess.io/

Does anyone know how to maintain permanent chats in mumble?

It's wonderful software for audio but for text it's rather useless. A quick disconnection means losing everything.

Don't bother, use something else like Matrix for text chat. Mumble is primarily designed for voice chat.

For reference, there is an open feature request for this, but nobody is working on it at the moment. https://github.com/mumble-voip/mumble/issues/2560

The developers fully embrace the "do one thing and do it well" philosophy.

We've also been using team.video - its a new free video conferencing tool for remote teams that has a built in collaborative doc feature.

No mention of Jitsi for video conferencing?

There's a free to use hosted service or host your own via a 10min install including https setup (runs fine on a $3 2GB Ubuntu VPS)

https://jitsi.org/

They do mention Jitsi. From the article: > At Purism we use Matrix for team chat, 1 to 1 calls, video conferencing via Jitsi (open source video conferencing), adhoc file sharing and all our community chat channels.

Also, missing open-source Restyaboard as Trello alternative.

Why does everyone look for "free"? Doesn't anyone want to support the tools they use and that help them? There are developers, teams, people behind all of them.

I think that free in this context has to be interpreted as "free as in freedom" and not as "free as in free beer".

You can still support the authors by donating and/or buying licenses, services/consulting or support.

This is "Free" as in "Libre" / "freedom".

Free as in freedom. Not price. You can ask any price for distribution of the software. You can ask any price for support. The software just has to come with the 4 essential freedoms.

Free as free speech not free beer.

> I find much better, simpler and successful to get started with.

It is a trap. Traps are especially effective and harmful in panic mode when everyone catches the first bait. In the long run, free software (not as in beer) is much better for everyone. Especially in panic it is essentiel to think thoroughly through your decisions.

Especially zoom which is insecure spyware. Not long ago there was an exploit that allowed any website to grab your webcam feed from zoom. Even if you had uninstalled zoom because the app leaves behind a web server service listening on localhost so the malicious website can just reinstall zoom and grab your webcam.

Actually the iOS app send your data to Facebook even if you don't have a Facebook account. (https://news.ycombinator.com/item?id=22693792) Pretty rogue behaviour imho.

Wow. This kind of crap is one of the reasons I just hate windows. I still don't understand why installing and uninstalling stuff isnt as simple as it should be.

This was an issue on macOS too: https://news.ycombinator.com/item?id=20387298

Slack and Zoom have the advantage of being in FedRamp. I hope some free software competitors bother to go through the process one day, but I'm not going to wait around for it.

You're right. Unless you value "freedom" higher than "simpler, better, and successful".

Some people/organisations definitely do. (I would leave a company that decided to use Facebook For Work, and I wouldn't join a company that uses it.)

Purism additionally pretty much _have_ to take this stance for branding/reputational reasons, even if they didn't believe in it (which I'm 100% certain they do. This is _the_ moral imperative that is the core of their business.)

Setting aside the fact that this is not about a "free tier", what do you do when you have a team of 10 people and you surpass 10,000 messages? "Sorry, we're using the free tier, so that information is gone." That's not a serious solution. (Granted, it works just fine to coordinate lunch plans.)

Using Discourse, GitLab, Phabricator, WordPress, NextCloud, Jitsi etc is hardly fiddling. These are really well tested tools and work nicely.

"free software" in the freedom open source sense. Not money

I'd have no problem with funding bits of OSS if there was a guarantee on it's lifespan. Although Linux it's generally rarely an issue. Mac it almost always is if a dev stops developing and suddenly apple makes a change that just invalidated your purchase.