kixik

I see, I didn't dig into the cause, being sort of a buffer overflow. Indeed that would be prevented by other languages, sorry for my misinterpretation. Other vulnerabilities unintentionally introduced by developers on logging what shouldn't are not dependent on anything other than auditing them, but that was not the case then.

True, the logging is part of the library, but it's totally centered on what the developers are logging. It's a bad practice to log sensitive information, which can be used by someone with access to the logs for sure, but that doesn't mean the library is broken and has to be replaced. The library's logs need to be audited, and this as true for glibc as it is for musl, no exception, and it's not a one time thing, since as the libraries evolve, sensitive information can be introduced unintentionally (perhaps debugging something required it on some particular testing, and it was forgotten there).

BTW, what I meant with the language, is that no matter the language, you might unintentionally allow some sensitive information in the logs, because that's not a syntactic error, and it's not violating any compiling rules. It's that something is logged that shouldn't.

Also, the report indicates that the vulnerability can't be exploited remotely, which reduces the risk for several systems...

That's why I said library or language (someone else suggested rust).

Using wayfire (disabling the fancy resources eating plugins) + waybar + plus a bunch wlr utilities (some from sway).

I'm using integrated intel gpus. There's a laptop with both the integrated intel gpu and a nvidia discrete one, but I had to configure the bios to only use the inegrated one, both the binary nvidia drivers, and the open source nvidia drivers fail to set fbdev=1 (the external hdmi monitor is the one associated to the nvidia gpu, and it gets a blank screen), which is required for enabling KMS, which is required for wayland, so no luck. Nouveau actually works, but it's not stable enough, after some time of use the monitor turn off and there's no way to turn it back on, and it feels slow or lagging compared to the intel gpu, although it should be the opposite. So I gave up on nvidia on that laptop, and any other box only has the integrated intel gpu anyways. I've read of successful stories with nvidia, both with the binary and the open drivers, but I think it's not a generic thing that all nvidia gpus will work well on wayland with nvidia drivers. The noveau drivers are the only ones working for some gpus, but not stable enough. So I stick with the recommendation to stay away from nvidia if using wayland...

I guess although WM still applies, on the wayland jargon they're called compositors, and the wayland compositors are not as light as the Xorg WMs, since there's no Xorg server, and part of the responsibility of the server goes to the compositors on wayland...

There's labwc, which is the compositor I would have chosen, but the developer decided to stick with xml configuration equivalent to the the openbox one, and also with the openbox themes/styles, which I never liked. On Xorg I used fluxbox + tint2 + ..., and I tried openbox, but totally disliked it compared to fluxbox... But other than config and theming, I like its idea of being a light compositor.

Actually by disabling the plugins I am on wayfire, it's pretty much labwc but with new decent config (I really like its config BTW), and using the gui toolkit theming, so no specific wayfire theming at all, which is nice, as opposed to the labwc own theming... Still, labwc is also an option for some.

Wayfire and labwc are not tiling compositors as most of all others, :)

I like the SMS gate app from f-droid suggested.

A different approach to read SMS from other devices, for example your PC, would be using kdeconnect. It's supposed to allow you to read current messages, receive messages, and reply to messages, even send messages I believe. So perhaps an option, though not a syncing tool to keep SMS messages somewhere else, and I can't tell about the encryption involved...

I'll take a look at iosevka fonts, thanks !

It looks like, though OTB (opentype bitmap fonts) are different than plain bitmap fonts, and are actually supported by pango. Alacritty allows me to use Terminus OTB fonts for example. There are other true type fonts which are also sort of my plan B, which are not supported by kitty either, as mentioned, I wanted to see if there's a way not just to select between the list kitty offers, which is sort of limited. At any rate if not Terminus, I don't really like much my plan B true type fonts much...

For those kitty users, have anyone been able to use fonts not in the list kitty support? I only use Terminus (OTB) fonts on terminal, and when trying kitty out, I found no way to get it to use Terminus (I could only select between those supported by kitty).

Alacritty (with screen if I need a multiplexor)

f-droid -> expert mode -> privileged extension (turned on)

But you need to install f-droid with privileged extension, which is easy on LOS and derivatives/forks, but not sure on things like grapheneOS/calyxOS/pure android...

Thanks !