> JS also dramatically improves security

How so?

Sorry I somehow left out the key word 'Disabling JS'.

Why not tails in a VM?

because your host might be compromised

IMHO they are not. Using the shortcodes via () works okay-ish, but open the emoji menu is just awfully slow, it takes a solid 5-8 secs for it to show the emojis not recently used. It's absolute garbage.

If the layers of a stack have a disjoint set of reviewers things are viewed in separation which might lead to issues if there is no one reviewing the full picture.

That is why your forge will show that these two things are related to each other, and you may have the same person assigned to review both. It can show you this particular change in the context of the rest of them. But not every reviewer will always want to see all of the full context at all times.

They have some kind of story and buildup, the thrill of doing something morally objective, sometimes the "getting caught" aspect

... or so I have heard

Spiegel recently did a video on them: https://www.youtube.com/watch?v=HuwRrqM6H1M

Can confirm. We are required to test all of our stuff on a bench, but no one really trusts this, because everything is mocked anyway (RSI).

Once the new Poettering startup took off you won't get any choice. SCNR.

I have all the choice I need, I can build Linux from source and I'm old enough to know this stuff will outlast me.

F*ck Poettering. Want to bet that once he's done the damage his company will be acquired for a large amount of money by Microsoft? This is just another Nokia for them.

If you're unaware, the new Pottering company is about bringing Secure Boot and remote attestation to Linux. If you don't run approved systemd Linux, you won't be able to access banking websites. Now that's a real slippery slope.

The JetLag The Game guys would love this, because they have been Deutsche Bahn'd quite a few times :D