I use LUKS-encrypted LVM volumes to store everything (and transfer via SSH or HTTPS), but would use GPG if I needed to encrypt individual files.

I've been using it for years and I think it's great. Currently on a 6 Pro. It's true that some apps don't work without Google Play services, but GrapheneOS has the option to install the google stuff in a sandbox, so you shouldn't run into any issues if you do that. Personally, I don't use Play services unless I need to, and use Aurora store for any apps that aren't on F-Droid.

In any case, you can always revert to stock or try another OS

Edit: as faede has pointed out, it appears that Google Wallet has issues. Also, the usage docs mention issues with banking apps in general, so that's something to consider

I would look into Gentoo's Hardened + SELinux profile if you want good security in a standard system, but as others have mentioned QubesOS is probably the most secure option OOTB (but it is very limiting). SELinux is pretty difficult to use but it's really effective, and there is good information about it on the Gentoo wiki. Not sure what exactly goes into their hardened profile but I know it implements at least some of the suggestions listed on that site (like hardened compilation flags). Also it's probably more vulnerable to 0-day attacks than Qubes, since it uses up-to-date software. But it's really flexible, and learning SELinux is useful

As a Vim/NeoVim user my number one reason is speed. There's a pretty steep learning curve, but it doesn't take long to see noticeable improvements.

Aside from terminal applications generally running faster than GUI ones, there is a tremendous amount of flexibility that it offers when it comes to actual text editing. For example, you learn how to type things like _f(vi(cfoo _f(ci(foo^†^ which goes to the beginning of the line, finds the first open parens, selects everything inside of the parens expression, then replaces that text with "foo". After a while these kinds of inputs become second nature, and you can start using them to construct macros on the fly that can be applied to different places in your code.

One major downside is that it can take some configuration to get working the way you want it, especially if you want an IDE-like environment. NeoVim comes with a built-in LSP interface, which I've been able to get working pretty well for all of the languages that I use the most, but it's still kind of a pain to configure.

I'm sure Emacs is similar, but I've never used it. I don't think many people use Nano unless they need to edit something in a terminal but don't know how to use Vim. On that note, being comfortable with a terminal editor means that you'll have no problem if you're SSH-ing into a server or using the TTY console.

^†^ _f(ci(foo avoids an unnecessary mode change, see comment below

Yes! Awk is great, I use it all the time for text processing problems that are beyond the scope of normal filters but aren't worth writing a whole program for. It's pretty versatile, and you can split expressions up and chain them together when they get too complicated. Try piping the output into sh sometime. It can be messy though and my awk programs tend to be write-only

Congrats! It's great software. OsmAnd~, Unexpected Keyboard, OpenLauncher, Arcticons Dark, UntrackMe, and Mull are a few of my favorites. Aurora Store also, but I try not to use it unless I absoutely need to (I don't have sandboxed Google services/Play installed)

Edit: OpenLauncher might be a bit out of date

mpd + ncmpcpp

I usually use Awk to do the heavy lifting within my Bash scripts (e.g. arg parsing, filtering, stream transformation), or I'll embed a Node.JS script for anything more advanced. In some cases, I'll use eval to process generated bash syntax, or I'll pipe into sh (which can be a good way to set up multiprocessing). I've also wanted to try zx, but I generally just stick to inlining since it saves a dependency.

Great list. Customizing the font is definitely a priority. I recommend one of the Terminus fonts. Also zellij multiplexer + helix editor is a great combo that works well in the tty.

One thing to add is that it took me a while to create a decent 16-color theme for helix and vim, and while they're okay by default you can actually get a pretty nice looking IDE if you spend some time tinkering with the colors

For vegetables I throw everything into a big stew with a lot of different things (kale, broccoli, cauliflower, onion, potato, mushrooms, tofu, garlic, beans), lots of hot sauce, seasoning, olive oil, etc. and eat the same thing every day, for the most part. I don't eat enough fruit but I do have a handful of dried fruit with oats every day

Maybe try programming? It's incredibly exciting once you get the hang of it. It can be frustrating at times but it's really rewarding. Since becoming my hobby/job its given me an endless source of things to do at home. Plus it can open up new career paths :)

Had the same issue with Plasma Wayland in QEMU but I never found a solution. Toggling anti-aliasing sometimes helped, temporarily

With a decent CPU the kernel compiles pretty fast. I'm using a default configuration with modules disabled (compiled in) and various settings enabled/optimized for my hardware, and this is what I get:

make -j24

real 2m16.357s
user 38m36.133s
sys  4m26.449s

fl0w.cc- single user; the domain is meant to be part of my username :)

Out-of-box security configurations supported by the organization (SELinux, hardening)

Personally, I've relied on an OnlyKey for a few years (with backups and an extra fallback device) and haven't needed to type passwords since. This doesn't help with the number of prompts, but it does make them easier to dismiss.

I do use autologin, but I don't use a system wallet (only KeePassXC, which I do need to unlock manually). Autologin with system wallets can be tricky, but I've had some luck setting it up in the past. You might want to check out this wiki for PAM configuration.

Excellent package and dependency management with a wide variety of up-to-date software

Try going down the page and looking for the categories with more than a few bits of identifying information. I'm running LibreWolf with just uBlock Origin and Dark Reader (which I don't think influences results) and I'm able to get nearly-unique, instead of unique (but I do get unique on default settings). TBB gets non-unique, which is a good set of results to compare to.

In my case I noticed that my fonts were really unique so I set browser.display.use_document_fonts = 0. Also I use my WM to set my page resolution to 1920x1080, which seems to have a better fingerprint than the default LibreWolf floating resolution of 1600x900 (and even the letterboxing resolutions, from what I can tell).

I just spent some time testing again and checking for anything else. RFP does force a generic user agent, but unfortunately it keeps the version information and I can't figure out how to change it with RFP on. Would be nice to set it to the ESR version used by TBB (which has lower bits), but I'm not sure if that would lead to a more unique fingerprint (if, say, a feature was detected that is available in later versions but not ESR).

Edit: just tried Mullvad browser, and it's non-unique! Might be the best option.

I was able to get it running from source on Gentoo (without docker). Building from source is an option but you need to manage the dependencies and daemons yourself. This is my first comment! Good luck with your setup

I learned by watching a bunch of cppcon videos, reading cppreference, and writing a lot of programs. Learning how to understand the error messages is also really important