You can run docker rootless too. On local machines running docker with root is a risk that for many is acceptable. On servers and publicly exposed hosts, rootless.

Our starting point for design is longevity, which means making our devices more repairable, a very different approach to the electronics industry standard. To support maximum longevity and because of the IP rating, Fairphone 4 does not feature a headphone jack. In the end, it comes down to how we make a product that lasts for at least five years. We needed to eliminate as many vulnerabilities as possible, and the headphone jack is subject to dust and water ingress over time.

Again, you might disagree, you might know better, I don’t know. But this is their motivation when it comes to longevity and hence sustainability. To me, it seems a reasonable idea: if the jack helps reducing the consumption of batteries in headphones but decreases the lifespan of the phones, it seems a bad tradeoff.

They have literally an explanation for this on their website. You might disagree, but saying “it makes no sense”…makes no sense.

Also, they discontinued the earbuds and still no jack on FP5, so the idea that “they wanted to sell their own buds” doesn’t seem to be likely.

I want to add a small bit of info that might be useful in the future. Your script doesn’t need really to be run with root privileges. Your backup script likely needs access to parts of the filesystem which are only readable from root but that’s all it needs. The root privileges are essentially a combination of capabilities (see man capabilities) attached to processes. In your case, what you want is the CAP_DAC_READ_SEARCH, which allows read access to every file. You can for example add this capability to rsync (or more likely, to Borg,restic or rustic - which are backup tools I recommend you look at! They do encryption, deduplication etc.) and then you can use that binary as a low-privileged user, but having that slice of root privileges. Obviously, there is a risk in this too, but can be compensated in other ways as well (for example running the backup job in a sandbox etc. - probably out of scope for now).

While in this particular case it might not be super relevant (backups are executed often as root or as a backup user which has read access), it might be useful in the future to know that very rarely full root privileges are needed, and you can run tools only with the specific capability needed to perform that privileged action. You can check setcap and getcap commands.

Of course, but I assume elderly people getting familiar with a completely new technology need anyway some kind of personal support and introduction from someone close. I don’t think anybody would plan to throw a Mac at some elderly person and say “if any issue call Apple support”, right?

I get your point though, and I am just saying that there are situations where Linux might work totally fine.

Also, the used market for apple product is not that big where I lived. Nobody in the family had a Mac also, which means she wouldn’t have had anybody to ask for support at all. It’s a specific situation, but my point is that having an official support is not going to help that much in some cases.

I find Mac to be extremely unintuitive in how things are organized tbh, but that’s just me.

Anyway, you are right, but she wanted to spend just 3-400 euros for a laptop, which is incompatible with Apple prices. Obviously this means being there to support if something goes wrong, but with a minimal install and Linux being stable, it doesn’t happen often (I also have my mom’s laptop running mint). I do have a reverse tunnel script configured that allows me to SSH in their machines using a “panic” icon on their desktop.

My great-aunt asked for a PC when she was 85 and her grandchild moved abroad. I installed Linux mint with a few scripts and shortcuts to ease her life, and she picked that up (check email, Skype, nothing super sophisticated ofc). I guess if it’s a new thing, windows does not the advantage of being already familiar, and Linux is more stable in my experience, which leads to less random errors.

Oh yeah, this makes absolutely sense. I do use simplelogin only for things I don’t really care about, but it is definitely a good point what you are saying.

I am not sure I understood your comment. I am using protonmail (ultimate) and they do have free simplelogin integration (I think proton bought SL). Definitely catchall is my way to go for reputable sites, but SL is great for trash “register once” sites so that I don’t even disclose my domain!