Quoting: CyrilGuys, I'm very curious... what do you think of the Ğ1 ("June"), then?
https://duniter.org/ [External Link]

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: LoudTechie

Quoting: tuubi

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

I know, you come from a different angle. My example was mostly about the traders. But both groups (and I'm not talking about you, specifically) want to talk to me about money/currency, or how I'm using it wrong, or maybe how I should use this or that tech to get around the system.

Sorry that I kinda grouped you in with the cryptobros. In my defence, you compared me to Windows and WhatsApp users, which is way worse in my opinion. 😁

Quoting: Pyrate

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

Yes, but this is a solution looking for a problem, or rather a solution to someone else's problem, as far as I can tell. And this isn't a disagreement you can fix by explaining. It's not intellectual laziness or lack of understanding on my part, and even less about giving up privacy for convenience. I wouldn't have been using Linux for ~25 years if that was the case, and I'd probably have owned an Android or Apple mobile device at some point. Or caved in and got on WhatsApp or LinkedIn or whatever social media I've been cajoled to join over the years. As I said, I like my privacy, but not everything privacy-related is equal in importance.

I don't mind that Monero exists, but if it's ever accepted as a mainstream currency, its use needs to be regulated and monitored, losing many of its apparent benefits.

Quoting: Pyrate

Quoting: LoudTechiealso relevant to this discussion.
Valve will never accept monero, because it's anonymous and decentralized.
The scammers for which they sacrificed their own gift cards would exploit exactly this decentralization and anonymity to hide their activity.

Even though I can't imagine how that could happen, (just like how I cant believe peoole sfill fall for gift card scams), you're probably right. I wonder when this stops being about a problem with gift cards and currencies, and more about people not thinking clearly when falling for these scams.

People will always fall for scams. That's not a problem that'll ever go away. Which is why we need governments, laws and regulations to protect the vulnerable. Of course governments do that with varying success and enthusiasm, but that's a political and social problem that doesn't have a technical solution.

On the anonymity thing
Anonymity from the bank is still achieved.
Only the regulator gets access to this information this way.

Also anonymity is valuable for everybody, because its a big part of our shield against oppression. In transactions and in communications. It's all the same.
Nothing to hide is a myth(kinda).
In this case for example you wouldn't be comfortable sharing your transaction details with me(don't do it please) proving there's at one person you want to hide this data from.
You don't know who [External Link]your bank is sharing it with(maybe I'm it) or what [External Link] they're using it for.
Also anonymity is a herd immunity thing. Only when we're anonymous together are we truly anonymous(simplest case, when I know Monero has only one payer and one payed all transactions can easily be traced).

On the regulation thing.
I disagree that finance needs to be regulated on the current level.
It needs to be limited on the current level.
If crypto wants to succeed it must find a way to implement the currently centralized controls in a decentralized manner.
So not by sacrificing transaction anonymity, so the centralized police and banks can take care of it.
No by, building those controls in the system itself.
First start by copying the features of a good banking app.
MFA, double naming, transaction tagging, daily limits, blacklists, geoblocking, etc.
From that moment it can at least call itself a real decentralized alternative to banks.
If it wants to become an alternative to financial regulators.
It needs to obtain dedicated Big Fish controls, trusted judgement, sanctions, white listing, public minting, etc.

So contrary to you I believe Monero like crypto has great potential. Contrary to Pyrate I think it's not there yet.

I simply no longer take "I have nothing to hide" people seriously. Maybe in time they'll realise how naive a statement that is.

Yeah you seem to have a low view of the naive.
I think naivety is a great good.
It's trust the glue of our society.
People assume that it will be alright and don't look in that direction, because someone they trust handles the issue.
They believe they've nothing to hide, because they believe the things they want hidden are already hidden.
I'm simply a security engineer. It's my passion to patch the distance between trust and trustworthiness with cold hard logic, so society can get used to an even more trustworthy world.

Edit:
In a way the naive are just like the hardasses they show us how our society should be.

Forgot to reply to this, sorry. I like your perspective, I find it interesting. I do feel like going deeper into this though is well beyond the topic here and this is not the place.

This is how I would ideally like the equation to be: the people should always be critical, hard-ass, and pick on the smallest things when it comes to their governments. Meanwhile governments should stop what I can only describe as "everyone gets punished and treated as a criminal" with the increasing regulations, and instead return to this naive and trust-based outlook on society.

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

I'm not paranoid and this isn't about paranoia. Speaking for myself for example, I recognise what is a real and what is a more theoretical danger when I'm constructing my threat model, but most of the time, I use privacy tools out of principle more than out of immediate need. This is something I feel is lost for many people recently, at least that's what I'm getting online. Recently I keep recalling that one Luke Smith youtube video about in projects like Linux, how users are slowly abandoning the freedom hard lines started with Free Software and GNU etc. I think we need more hardasses, the Stallman type, so we don't drift away in convenience and complacency.

On the hyped up cryptobro part.
You're not being treated like a cryptobro. You're experiencing something even more frustrating:
"I've nothing to hide."
A cryptobro would get fundamental disbelief in the promises they make, not in their value.
"crypto is decentralized": except for all the exit scams.
"crypto is the future": except for all the exit scams.
"crypto can do anything": you don't know what you're talking about.
"crypto ...": I'm done hearing about these scams.

As to why this is frustrating,
a. because it devalues other people's needs.
b. because it undercounts one's reliance on fundamental rights.
To say it with a quote I got from schneiers website, but attributed to someone else.
Saying you don't need privacy, because you've nothing to hide is like saying you don't need free speech, because you have nothing to say.

About the complacency part.
I disagree kinda.
Users are going to the centralized semi-free options, because they come from fully proprietary systems and are used to thinking that way and have become to love the strengths of the existing systems.
In general it's going in the right direction.
Just not in the jumps hardliners and early adopters believe in.

Also even a little extra freedom helps a lot.
If Redhat sufficiently fucks up systemD we can fork it with a patch. Would this be a lot of work, yes. Would this be less work than the entire Wine project(which tackles the Windows equivalent) easily, because we have the source code.
Do proprietary kernel modules render your system less free and give root to dangerous parties, absolutely. Still I can patch the interface to limit their power and repair their mistakes For Windows and Mac that requires a jailbreak.
Do locked bootloaders illegally, but unrepentant limit consumer choice. Undeniably, but they still can't sue you under the DMCA for a jailbreak.
Or an example from this forum. If our proprietary electron program botches their testing we can still patch electron without any license problems.

Hardasses are important they remind us how we can improve the world, but they're too blinded by their rage to see the the individual value of the incremental improvements.

I think it's an issue of balance. Taking the SystemD example, when is it that the community draws the line ? Personally, the comically-fast and instant compliance with age verification fiasco a month or two ago was it for ne. I'm sort of coerced to continue to use SystemD currently, even though that was the final straw for me and I'd rather use something else now.

So it's like a continuous battle to balance out the hardass-ness with the complacency. I tend to lean more on the former (even though I don't at all feel like I'm doing a lot of work in doing so, it just seems to me everyone else is so lazy and quick to sideline what they claim to believe in). But as long as the right people don't go all the way and they don't lose the plot, you're right in that fighting back is possible.

Also, about regulations being a necessity etc etc, I get it. But I really won't play along if any countermeasure gets implemented ends up chipping away at one of the rights that were once given, that's in brief my angle on all that 'the system is important, actually'.

On the age gating fiasco.
That was a reaction to a passed law.
Yes, it's problematic, but the reason they can get away with it is that the government is backing them.
Anyone who wants to make that fork has to fight the law and we know the law often wins. [External Link]
Most distros also include an Api for handling USA crypto export controls.

It was more about how fast they jumped on that. I remember within the same newsfeed that day, I read how System76 CEO advising open source devs to hold on for a bit because he was exploring exclusion for FOSS OS's, and shortly after SystemD implements the thing.

And sure, they would've eventually had to by law, it still counts as a redflag for me.

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

I'm not paranoid and this isn't about paranoia. Speaking for myself for example, I recognise what is a real and what is a more theoretical danger when I'm constructing my threat model, but most of the time, I use privacy tools out of principle more than out of immediate need. This is something I feel is lost for many people recently, at least that's what I'm getting online. Recently I keep recalling that one Luke Smith youtube video about in projects like Linux, how users are slowly abandoning the freedom hard lines started with Free Software and GNU etc. I think we need more hardasses, the Stallman type, so we don't drift away in convenience and complacency.

On the hyped up cryptobro part.
You're not being treated like a cryptobro. You're experiencing something even more frustrating:
"I've nothing to hide."
A cryptobro would get fundamental disbelief in the promises they make, not in their value.
"crypto is decentralized": except for all the exit scams.
"crypto is the future": except for all the exit scams.
"crypto can do anything": you don't know what you're talking about.
"crypto ...": I'm done hearing about these scams.

As to why this is frustrating,
a. because it devalues other people's needs.
b. because it undercounts one's reliance on fundamental rights.
To say it with a quote I got from schneiers website, but attributed to someone else.
Saying you don't need privacy, because you've nothing to hide is like saying you don't need free speech, because you have nothing to say.

About the complacency part.
I disagree kinda.
Users are going to the centralized semi-free options, because they come from fully proprietary systems and are used to thinking that way and have become to love the strengths of the existing systems.
In general it's going in the right direction.
Just not in the jumps hardliners and early adopters believe in.

Also even a little extra freedom helps a lot.
If Redhat sufficiently fucks up systemD we can fork it with a patch. Would this be a lot of work, yes. Would this be less work than the entire Wine project(which tackles the Windows equivalent) easily, because we have the source code.
Do proprietary kernel modules render your system less free and give root to dangerous parties, absolutely. Still I can patch the interface to limit their power and repair their mistakes For Windows and Mac that requires a jailbreak.
Do locked bootloaders illegally, but unrepentant limit consumer choice. Undeniably, but they still can't sue you under the DMCA for a jailbreak.
Or an example from this forum. If our proprietary electron program botches their testing we can still patch electron without any license problems.

Hardasses are important they remind us how we can improve the world, but they're too blinded by their rage to see the the individual value of the incremental improvements.

I think it's an issue of balance. Taking the SystemD example, when is it that the community draws the line ? Personally, the comically-fast and instant compliance with age verification fiasco a month or two ago was it for ne. I'm sort of coerced to continue to use SystemD currently, even though that was the final straw for me and I'd rather use something else now.

So it's like a continuous battle to balance out the hardass-ness with the complacency. I tend to lean more on the former (even though I don't at all feel like I'm doing a lot of work in doing so, it just seems to me everyone else is so lazy and quick to sideline what they claim to believe in). But as long as the right people don't go all the way and they don't lose the plot, you're right in that fighting back is possible.

Also, about regulations being a necessity etc etc, I get it. But I really won't play along if any countermeasure gets implemented ends up chipping away at one of the rights that were once given, that's in brief my angle on all that 'the system is important, actually'.

Quoting: doragasu

Quoting: Liam Squires-Hand

Quoting: Breizh

the Arch Linux AUR (Arch User Repository) needs some better security and package checks […] for some improvements to the packaging processes to prevent this from happening in future.

Well, there is no check at all currently. The AUR is just a way for user to share what they use personnally, it shouldn’t be trusted.

People that use AUR recipes without checking them before can only be angry against themself, it’s like getting a random script on GitHub and running it blindly…

Of course, cleaning the AUR as it’s going now is a good thing, but Arch could simply close the AUR and ask people to share their PKGBUILDs elsewhere instead.

That's my point though - it *needs* some checks. Otherwise, the people responsible for keeping the AUR online become responsible for helping to spread malware. Just telling people to check whatever code or recipe isn't going to cut it.

While you are rising a valid point, I don't see how that could happen. AUR packages can pull sources from anywhere and run any kind of script, and thus automated checks do not seem possible. And if they manually check them, well, they would just not be AUR packages, they would be normal packages.

IMO they should implement a system to report packages, but other than that I think there's little they can do other than closing AUR entirely (and IMO that would be a great loss, I am currently using 54 AUR packages on my system, and I maintain 14 of them: https://aur.archlinux.org/packages?SeB=m&K=doragasu [External Link]).

Also note that IMO this problem is not that big for power users using Arch, but for users of Arch derivatives that incorporate tools that automatically install and update software from AUR without the user understanding the risks. On standard Arch, for you to install an AUR packages you have to follow the wiki to manually build at the very least an AUR helper, and understand the risks.

Quoting: TriciaPearsonI used to use it on Windows in the past. I've seen the news on the Linux_Gaming reddit a few days ago, but I've also seen negative comments regarding the lack of open source code visibility (code is dated 2023 on their Github) but most specifically other malwares / bad surprises / bloatware contained in some Windows versions, so I'm really concerned now that I'm switching to Linux, about my security and a bit unsettled by the Reddit posts.

I want to be happy given that I've waited this news for a while, but I may just wait another more transparent program that does that, I'm not sure where to place myself, I want to have good security practices and not download anything that could have like naughty surprises inside. Anyway I'm not planning on paying a Patreon so I need to wait regardless so that's a non question atm for me.

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

I'm not paranoid and this isn't about paranoia. Speaking for myself for example, I recognise what is a real and what is a more theoretical danger when I'm constructing my threat model, but most of the time, I use privacy tools out of principle more than out of immediate need. This is something I feel is lost for many people recently, at least that's what I'm getting online. Recently I keep recalling that one Luke Smith youtube video about in projects like Linux, how users are slowly abandoning the freedom hard lines started with Free Software and GNU etc. I think we need more hardasses, the Stallman type, so we don't drift away in convenience and complacency.

On the hyped up cryptobro part.
You're not being treated like a cryptobro. You're experiencing something even more frustrating:
"I've nothing to hide."
A cryptobro would get fundamental disbelief in the promises they make, not in their value.
"crypto is decentralized": except for all the exit scams.
"crypto is the future": except for all the exit scams.
"crypto can do anything": you don't know what you're talking about.
"crypto ...": I'm done hearing about these scams.

As to why this is frustrating,
a. because it devalues other people's needs.
b. because it undercounts one's reliance on fundamental rights.
To say it with a quote I got from schneiers website, but attributed to someone else.
Saying you don't need privacy, because you've nothing to hide is like saying you don't need free speech, because you have nothing to say.

About the complacency part.
I disagree kinda.
Users are going to the centralized semi-free options, because they come from fully proprietary systems and are used to thinking that way and have become to love the strengths of the existing systems.
In general it's going in the right direction.
Just not in the jumps hardliners and early adopters believe in.

Also even a little extra freedom helps a lot.
If Redhat sufficiently fucks up systemD we can fork it with a patch. Would this be a lot of work, yes. Would this be less work than the entire Wine project(which tackles the Windows equivalent) easily, because we have the source code.
Do proprietary kernel modules render your system less free and give root to dangerous parties, absolutely. Still I can patch the interface to limit their power and repair their mistakes For Windows and Mac that requires a jailbreak.
Do locked bootloaders illegally, but unrepentant limit consumer choice. Undeniably, but they still can't sue you under the DMCA for a jailbreak.
Or an example from this forum. If our proprietary electron program botches their testing we can still patch electron without any license problems.

Hardasses are important they remind us how we can improve the world, but they're too blinded by their rage to see the the individual value of the incremental improvements.

I think it's an issue of balance. Taking the SystemD example, when is it that the community draws the line ? Personally, the comically-fast and instant compliance with age verification fiasco a month or two ago was it for ne. I'm sort of coerced to continue to use SystemD currently, even though that was the final straw for me and I'd rather use something else now.

So it's like a continuous battle to balance out the hardass-ness with the complacency. I tend to lean more on the former (even though I don't at all feel like I'm doing a lot of work in doing so, it just seems to me everyone else is so lazy and quick to sideline what they claim to believe in). But as long as the right people don't go all the way and they don't lose the plot, you're right in that fighting back is possible.

Also, about regulations being a necessity etc etc, I get it. But I really won't play along if any countermeasure gets implemented ends up chipping away at one of the rights that were once given, that's in brief my angle on all that 'the system is important, actually'.

The community doesn't draw lines or circles.
Everybody makes their own choices, which is why we need these hardasses and early adopters. We need these people to test the waters and show how the world could look like.
Other less hardass people use that information to judge their own stance.

On the "it costs me little effort" thing. As a technical person you're probably familiar with the phrase, "but it works on my system". With the retard: "we're not shipping your system".
Remember that people are different in many ways. Things that are easy for you can be hard for others.
A good sobering measure could be measuring how often you either open the terminal or are configuring a translation layer.

On the rights thing.
What are those rights according to you?
Anonymity, clear.
Decentralization, clear.
The ability to easily spend and hold large amount of assets? Unclear.
Speedy transactions. Unclear.
etc.

One big thing I personally have an issue with is being able to spend X amount of money however I like. Sometimes sending funds to a family member or even my own self through another bank account in my name and the transaction gets picked up by the bank's shitty and probably AI based AML system and now my funds, depending on the bank, could be frozen for up to 24 hours. So the freedom to transact however the hell I want and to whomever I want (without Visa dictating if they're cool or not with the product you're buying). The banking system in this regard is atrocious. So that's in UK banks. Locally, I also have an issue with banks being unreliable in general in online shopping (would rather not share which country) but recently the Central Bank itself got hacked and terabytes worth of database were put up for sale, so I guess that's another thing to add.

What about speedy transactions.
X=X^2+C spending, where X is the amount of money spend in the current Y blocks and C is a constant.

Edit:
On the hackability of confidential info.
You're going to be so dissapointed if you follow my scumbag links.
Someone found a way to publicly trace individual transactions, while they're still in an incomplete block.
Building a non-hackable system is a great ambition and cryptography is the strongest tool we possess for that, but I think you're putting a little too much faith in it.

Fast transactions are of course nice. Admittedly this is something I'd like Monero to improve in, currently it's 10 blocks or about 20 minutes until any received funds can be spendable, they show up on your wallet instantly but you can only use them after the aforementioned block confirmations. Apparently academics found it's possible in the future to develop 0conf, so funds are useable instantly, but it sounds like that's something more far ahead for now.

Someone found a way to publicly trace individual transactions, while they're still in an incomplete block.

Can you be more specific here ? Haven't heard about this.

Quoting: ROllerozxa

Quoting: mattaraxiaIt seems the issue isn't that npm based packages got compromised, but rather npm was added to packages that don't generally need it. They are using npm *IN THE BUILD STEP* not adding it to your system.

For the malicious packages I saw, the "npm install" was put into a .install file that bundles a hook in the package that gets run after installing a package. So just by looking at the PKGBUILD itself, it's completely fine apart from that addition (and there are packages that do need legit post-install hooks!), and nothing malicious happens when you build the package with makepkg, typically not as root.

It's only when you try to install the package with pacman that it runs the post-install hook... Which happens to run as root! Quite insidious, and I would say this is really clever from the attacker, but in reality it was probably devised by some AI agent with access to the Arch Wiki's packaging documentation...

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: LoudTechie

Quoting: Pyrate

Quoting: tuubiI view people who get very passionate about crypto the same way I view enthusiastic small-time stock traders. They keep talking my ear off about how they make (or save) money with it and everyone should do it, and I indulge them to a point because I'm nice and patient like that (in real life more than online), but I just don't find any of it interesting. Money is a necessity and I've never been wealthy enough to ignore it. It's just not something I could ever get passionate about.

Im sorry, but point to me where I did this here, where did I talk about making or saving money, market price, hype and all that wall street crap ?

Monero would protect my financial activity from heavily regulated banks and my government, which I'm a lot less concerned about. Some communities have excellent reasons to hide this activity, but most of us do not.

Only if you choose to. You can disclose your transactions for taxes or any other reason. I could explain how it works but I'm getting fed up with still being talked to like a crypto bro, I'll just share that optional transparency is a built-in function into a Monero wallet for auditing and taxes etc.

I'm not paranoid and this isn't about paranoia. Speaking for myself for example, I recognise what is a real and what is a more theoretical danger when I'm constructing my threat model, but most of the time, I use privacy tools out of principle more than out of immediate need. This is something I feel is lost for many people recently, at least that's what I'm getting online. Recently I keep recalling that one Luke Smith youtube video about in projects like Linux, how users are slowly abandoning the freedom hard lines started with Free Software and GNU etc. I think we need more hardasses, the Stallman type, so we don't drift away in convenience and complacency.

On the hyped up cryptobro part.
You're not being treated like a cryptobro. You're experiencing something even more frustrating:
"I've nothing to hide."
A cryptobro would get fundamental disbelief in the promises they make, not in their value.
"crypto is decentralized": except for all the exit scams.
"crypto is the future": except for all the exit scams.
"crypto can do anything": you don't know what you're talking about.
"crypto ...": I'm done hearing about these scams.

As to why this is frustrating,
a. because it devalues other people's needs.
b. because it undercounts one's reliance on fundamental rights.
To say it with a quote I got from schneiers website, but attributed to someone else.
Saying you don't need privacy, because you've nothing to hide is like saying you don't need free speech, because you have nothing to say.

About the complacency part.
I disagree kinda.
Users are going to the centralized semi-free options, because they come from fully proprietary systems and are used to thinking that way and have become to love the strengths of the existing systems.
In general it's going in the right direction.
Just not in the jumps hardliners and early adopters believe in.

Also even a little extra freedom helps a lot.
If Redhat sufficiently fucks up systemD we can fork it with a patch. Would this be a lot of work, yes. Would this be less work than the entire Wine project(which tackles the Windows equivalent) easily, because we have the source code.
Do proprietary kernel modules render your system less free and give root to dangerous parties, absolutely. Still I can patch the interface to limit their power and repair their mistakes For Windows and Mac that requires a jailbreak.
Do locked bootloaders illegally, but unrepentant limit consumer choice. Undeniably, but they still can't sue you under the DMCA for a jailbreak.
Or an example from this forum. If our proprietary electron program botches their testing we can still patch electron without any license problems.

Hardasses are important they remind us how we can improve the world, but they're too blinded by their rage to see the the individual value of the incremental improvements.

I think it's an issue of balance. Taking the SystemD example, when is it that the community draws the line ? Personally, the comically-fast and instant compliance with age verification fiasco a month or two ago was it for ne. I'm sort of coerced to continue to use SystemD currently, even though that was the final straw for me and I'd rather use something else now.

So it's like a continuous battle to balance out the hardass-ness with the complacency. I tend to lean more on the former (even though I don't at all feel like I'm doing a lot of work in doing so, it just seems to me everyone else is so lazy and quick to sideline what they claim to believe in). But as long as the right people don't go all the way and they don't lose the plot, you're right in that fighting back is possible.

Also, about regulations being a necessity etc etc, I get it. But I really won't play along if any countermeasure gets implemented ends up chipping away at one of the rights that were once given, that's in brief my angle on all that 'the system is important, actually'.

The community doesn't draw lines or circles.
Everybody makes their own choices, which is why we need these hardasses and early adopters. We need these people to test the waters and show how the world could look like.
Other less hardass people use that information to judge their own stance.

On the "it costs me little effort" thing. As a technical person you're probably familiar with the phrase, "but it works on my system". With the retard: "we're not shipping your system".
Remember that people are different in many ways. Things that are easy for you can be hard for others.
A good sobering measure could be measuring how often you either open the terminal or are configuring a translation layer.

On the rights thing.
What are those rights according to you?
Anonymity, clear.
Decentralization, clear.
The ability to easily spend and hold large amount of assets? Unclear.
Speedy transactions. Unclear.
etc.

One big thing I personally have an issue with is being able to spend X amount of money however I like. Sometimes sending funds to a family member or even my own self through another bank account in my name and the transaction gets picked up by the bank's shitty and probably AI based AML system and now my funds, depending on the bank, could be frozen for up to 24 hours. So the freedom to transact however the hell I want and to whomever I want (without Visa dictating if they're cool or not with the product you're buying). The banking system in this regard is atrocious. So that's in UK banks. Locally, I also have an issue with banks being unreliable in general in online shopping (would rather not share which country) but recently the Central Bank itself got hacked and terabytes worth of database were put up for sale, so I guess that's another thing to add.