We keep it out of habit and because the Government bribes us.

Some people probably get good value out of it but not us. There is a lot of faith healing stuff on their policies and those practitioners rely a lot on over-servicing for their income so the people into that shit likely make claims. Partner went into hospital once and I said why didn't you use the card to get a room upgrade with nicer wallpaper and its basically not worth the effort. I'm not complaining because if they were offering value it would be at the expense of the public system and peoples health. They overcharge for policies that are basically useless and never get claims but as long as they can lobby politicians it keeps them in business anyway. They should let people add their pets to the family policy, then we might find some use for it.

There is no simple answer. Its is almost entirely dependent on implementation. All systems are vulnerable to things like supply chain attacks. We put a lot of trust in phone vendors, telcos and Google.

If you are going to compare to something like termux you need to compare with an equivalent sandboxed environment on regular linux, like a docker/podman container with appropriate permissions. As far as I know they use the same linux kernel features like cgroups and namespaces under the hood.

Traditionally Linux desktop apps run with the full permissions of the user and the X window system lets apps spy on each other which is less secure than Android sandboxing by design. There have been attempts to do better (eg flatpak/flatseal, wayland) but they are optional.

Having comprehensive unicode language coverage on a free OS is amazing. I wish the font system was smart enough to hide Noto variants in creative apps but leave them available for browsers. There is a workaround to do that but its a huge pain. I wouldn't delete any files managed by the package system. They will just keep coming back anyway. There are smaller collections of noto fonts in AUR that will satisfy the noto-fonts dependency which should keep KDE Plasma happy. They should be a straight swap if you are comfortable with an AUR dependency for a functioning desktop. The newer one is noto-fonts-main updated this year or there is an older noto-fonts-lite. Not tried either. Usual stuff about backups and taking advice from strangers on the internet.

Segoe might benefit more from the embedded bitmap or autohint settings than the regular open source fonts I am likely to use. Microsoft would optimise the hell out of it to take advantage of their proprietary, patented font rendering system. I wouldn't be surprised if it rendered poorly with distro defaults. Its the kind of blind spot a lot of open source devs and packagers could easily have. Its probably packed full of embedded bitmaps for small sizes and proprietary hinting stuff that linux won't understand.

I don't doubt you. Linux font rendering has been good enough for so long now that its surprising when people say its worse than some other system but I think it is still a reasonably common complaint so there has to be something to it. A lot of distros probably don't have a very good font selection installed out of the box compared with proprietary systems and I am sure that plays a role.

My desktop has a 38" ultrawide and the pixel density is a lot lower than your dual 4k monitors so I want to do everything I can for font rendering and your post has got me asking questions. I am in the process of configuring a minimal, low distraction tiling wm setup for a bit of fun (also another nvim conf spring clean). I hadn't considered changing the font rendering defaults.

I think I have all the fonts you list installed except for Hack. Inter is also a good one for UI. I don't use Fira Code anymore for code/terminal but I keep it around. It is a nice code font with ligature support but it didn't have an Italic variant and I like subtle use of italics in code and docs. Currently using Iosevka for mono but next week it might be something different.

This post is fascinating. Most distros have good defaults for font rendering now and I haven't used hacks like infinality to fix font rendering on Linux for years. That project doesn't even exist anymore. I would be really interested to know which setting made the difference for OP and why.

I am writing this on a little HiDPI laptop with over 200dpi and to be honest hinting and sub-pixel rendering are invisible to my eyes on this device. Apple dropped sub-pixel rendering ages ago when all their products moved to retina displays. But its still really useful on low dpi displays and I thought it generally worked well enough out of the box.

A file almost identical to the local.conf has been posted to forums in the past but back then fontconfig often shipped with outdated defaults. My distro defaults have aliasing, slight hinting and sub-pixel rgb enabled out of the box.

Arch has these defaults. Bookworm lacks the sub-pixel-rgb (its just a link away) but my guess is Ubuntu derivatives probably include it:

• 10-hinting-slight.conf
• 10-sub-pixel-rgb.conf
• 10-yes-antialias.conf
• 11-lcdfilter-default.conf

The differences I see are the last 3 options in local.conf:

• disabling embedded bitmaps. I think this would change rendering for old MS Office fonts. And perhaps break some emoji fonts. I have Noto Color Emoji but I don't have any old MS fonts. This seems like it would have limited impact.
• enabling autohinting. If you have slight hinting enabled and the font contains hinting information it should automatically use it. So I thought it made no difference if you have good fonts installed. I might be wrong. But again if you use good fonts I am not sure this has an impact.
• setting font weight to medium. This is an odd one. Does this mean that every font query returns a medium weight or that if you don't give a weight you get medium? Fattening up thin fonts might be a user preference but you can also select desired font weights in your desktop settings and apps.

Fontconfig is a compiled database for font queries, it doesn't do rendering. Whatever you put in fontconfig, an app like kitty will not implement sub-pixel rgba rendering for performance and implementation reasons but many other terminals will. I think gtk4 might be heading the same way. Depending on variations in colour vision and displays people tend to disagree on the value of sub-pixel rgb but it looks like it is a common distro default anyway.

The local.conf file should work on any distro. It's an opinionated override and might not be ideal for everyone but you can use the settings as a starting point to research further. Don't modify the other files in /etc/fonts as they will be updated by the distro. Claude's other suggestions apart from selecting some better fonts generally do nothing as far as I can tell. I connected to one of my debian machines and the symbolic links Claude gave to /etc/conf.avail are a debianism as I suspected. If you don't install or use bitmap fonts and you override the rgb aliasing in local.conf I don't see the point of either of those symbolic links but whatever meatbag wrote them in a stackoverflow or reddit post intended them for a debian distro.

Freetype2, fontconfig and cairo are going to be pulled in as dependencies when you install just about any desktop app/library eg firefox, gtk so this is a no-op. Same for installing the jre and fontconfig again. Its pointless. The freetype2.sh line is commented out because that has been the default setting for the last 8 years so it makes no difference. The gfx.webrender.all setting in firefox is an override to force something it is most likely already doing based on the detected environment. If you check about:support the chances are you are already using hardware rendering. And its a performance and not quality setting. Half of this makes no sense.

Installing nicer fonts is always a good idea and also setting your desktop and application default fonts.

Some of the local.conf settings could potentially makes a big difference if your desktop environment defaults/user settings aren't good. Don't know a huge amount about freetype settings but I suspect using assign in there might override desktop environment settings which some people might not want. I set mine in a gui like the monkey I am.

My conversation with any llm tends to go, "you got a, b, c wrong, it should be d, e and f" and it says "sorry, ofcourse it should be d, e and f, my mistake, here it is with d, e, f, g and h". Then I say "g and h are wrong it should be i and j". And it keeps going. In the end I write it myself. Huge time wasters.

Edit: didn't pick up on it immediately but the two symbolic link commands are suss (they are for debian based distros). Endeavor is arch based and fontconfig on arch has the configs in /usr/share/fontconfig and the ones in the conf.default directory should already be linked into /etc/fonts/conf.d. 10-sub-pixel-rgb is in /usr/share/fontconfig/conf.default so that is already linked for me so attempting to do another link without deleting it would be an error - another no-op. I don't like rgb sub-pixel rendering so its overridden in my desktop settings. It shouldn't be necessary on high dpi IMO. The proper path for 70-no-bitmaps is in the /usr/share/fontconfig/conf.avail directory if you want to link it properly. If you use the wrong path as Claude suggested, its another no-op. If, like me, you don't have any bitmap fonts installed it won't make any difference anyway. Also /etc/fonts/conf.d is created by the fontconfig package so that is another no-op.

Edit 2: The setting's name might be inaccurate but Cleartype is the name of Microsoft's proprietary font renderer and isn't available on Linux. So possibly gfx.font_rendering.cleartype_params.rendering_mode was picked up from some StackOverflow discussion about Firefox font rendering on Windows. I won't say it doesn't work without reading the Firefox source code and/or trying it but I suspect a setting with that name would not have any effect on Mac or Linux.

I isn't even a Linux vs Windows thing but a competent at your job vs don't know what the fuck you are doing thing. Critical systems are immutable and isolated or as close as reasonably possible. They don't do live updates of third party software and certainly not software that is running privileged and can crash the operating system.

I couldn't face working in corporate IT with this sort of bullshit going on.

Anti-viruses are a scam and always have been. They aren't much more than security theater and box ticking. Don't get into the mindset that you can outsourse security to a single product. Security is something that happens in depth. The more intrusive av software can itself become an attack vector as it often runs with lots of privileges.

Distros operate with webs of trust and cryptographically signed packages. Your distro installer verifies the integrity of the package. There is no need to check a third party signature database. It adds no value. Even well audited software could contain hidden vulnerabilities so increasingly we are running software with less capabilities via systemd, flatpak/brwrap or in containers. The environment is very different to the origins of av software on Window 9x where people would download random unsigned executables to a system with no privilege restrictions.

There are lots of challenge for the FOSS community. We love features and freedoms and those features and freedoms sometimes make security more complicated. We need to show more restraint packaging software like ssh and not add so many patches and additional dependencies. We also need to show more restraint in the typical rust, go or javascript project where adding dependencies is so easy we end up sometimes including hundreds of them for stupid crap like coloured messages or being able to handle a dozen config file formats. I don't care about your garbage collection or advanced compile time checks, if you include hundreds of crates from other developers you are no better than npm and I would put more faith in a 20 year old c library.

Most of these platforms make no money but have taken huge amounts of VC funding which they have burned through. For the VCs to unload it and cash out they need to show the product can be monetised and them try and shift it before the users leave the platform. Idiot users want all the features of a product developed by lots of talented full time paid staff but don't want to pay for it themselves so they leap from startup to startup then complain when the inevitable happens while dismissing open source alternatives as inadequate for their needs. Why should we care? I don't.

All reddit did was unmask themselves a little but only for those with their eyes open. Social media is close enough to a cult operation utilizing addictive behaviors and conditioning to control people. People are scared to leave their church and be shunned. Reddit is just another exploitative techbro run business. It isn't a social enterprise or open source community and it is weird that volunteers invested so much of their time and effort propping up shareholder value instead of contributing to real communities.

Plenty of independent thinkers left and found federated alternatives or walked away. The predatory and manipulative nature of social media was bad enough when it was all about controlling and manipulating the masses but now it is also a huge machine learning harvesting operation. The only people who really benefit are the ultra rich.

I bought a Framework DIY. I live in regional Australia and being able to order parts to install myself and extend the longevity of my system was decisive. The Framework was a compromise on specs and wasn't my first choice but nothing compares for sustainability and serviceability. I sourced ram and nvme locally and installed Arch.

System76 are a bit of a fantasy for me. I looked at them for years but I don't want to pay a premium then deal with international RMA on a rebadged Clevo. I always bought whatever looked good in locally available Windows laptops instead before Framework.

Now I am in the ecosystem I very selfishly want Framework to succeed and guarantee my access to upgrades and parts. I respect System76's mission and understand why people would wish to support them, particularly when their own laptop designs start shipping. System76's focus on North America and dependence on white box laptops hasn't delivered as well in my opinion, at least for my needs.

System76 have tried hard to improve openness and repairability but their laptops are still disposable at end of life while Framework have made a huge leap with upgradability that has the potential to reduce ewaste and I want to see how far that model can be pushed.