preparing for multi-container support to "go away"

preparing for multi-container support to "go away"

I am using 3 containers. I have been aware that multi-container support is going away.

I have started receiving the following message upon starting up any linux container.

> NOTICE: multi-container support is going away

> Recently it has become necessary to deprecate some features of crostini,including:

> * UI-based installation of .deb packages. Installation via aptitude is the default path, but there are also visual package managers which may be used.

> * UI-based Debian release upgrade. Please refer to release notes for the release in question for upgrade instructions.

> * Multi-container support.

> info

> * For the most up-to-date news, please visit

> * https://developers.google.com/chromeos/app-development/develop/news

> (this message will be repeated 2 more times).

My preparations:

  • I have moved my files and applications from my secondary containers into my penguin container

My questions

  1. is there anything else I should be doing to prepare? (I have no ability to remove the abandoned containers through the settings, because container management was removed from settings)
  2. will my penguin container remain intact?
  3. when will this change occur?
u/Sweaty_Astronomer_47 — 7 days ago

accessibility popup on android

Background - I do not grant accessibility permissions to any apps on my android phone. (I have my reasons, that's a different discussion).

The following bitwarden popup occurs after a recent update

> Bitwarden offers an optional autofill method that uses android's accessibility service to detect login fields in apps and websites. If you choose to enable it, Bitwarden will identify the appropriate fields and enter your credentials when a match is found. We do not store any information observed by the service, and we do not control any on-screen elements beyond credential entry.

I note the presence of the word "optional", which is fine with me.

There are two buttons underneath: accept and cancel. Cancel closes the app and does not allow you to enter. There is no choice to use the app without pressing accept. That does not seem consistent with the word "optional"...

QUESTION 1 - Is it truly optional, or is it mandatory? (If optional, then why am I forced to press accept)

I did press accept because I wanted to access my bitwarden app.

Then I went to look at Android accessibility settings and I observed that Bitwarden had NOT been granted any accessibility permissions. That's fine with me, but it's still unexpected. It leads me to ask another question...

QUESTION 2: what exactly is the significance of pressing accept, if not to grant android accessibility permission?

PS - On the surface it appears the answer is that it is optional and that pressing accept does absolutely nothing (at least on my phone). But I don't like to assume things, and I'd like to hear if there is some other explanation for this very odd popup experience.

EDIT - ANSWERED (in a way that I could understand) by response from u/Mastacheata:

> Apps can advertise themselves as an Accessibility Service, but they cannot enable themselves - that second part is something the user has to actively perform themselves.

> Bitwarden cannot run without you accepting that it advertises itself as an Accessibility app - that's listed in the App manifest and not something the developer can turn on/off on demand, therefore you have to accept that Bitwarden is now available as an Accessibility option or you cannot use the app. Again, the enabling part is manual and that is enforced by the OS.

reddit.com
u/Sweaty_Astronomer_47 — 19 days ago

ddg extension is fingerprintable

I use the DuckDuckGo Search & Tracker Protection extension with the brave and chrome browser (don't judge, I use different browsers for different purposes)

If i VISIT https://browserleaks.com/chrome I see

> Detected 1 of 5000 Extensions

> ✔DuckDuckGo Search & Tracker Protection

This occurs whenever the extension is enabled, even if the extension has not been granted access to https://browserleaks.com/

I believe it means there are web-accessible resources within the extension that the website uses to detect the ddg extension.

Is it possible to redo the extension to remove web-accessible resources?

u/Sweaty_Astronomer_47 — 1 month ago

why is vaultwarden so much more discussed than bitwarden lite

I'm thinking of dipping my toes into self hosting just out of curiosity, and maybe a learning experience (I would still keep local copies of encrypted vault exports for backup purposes, and take precautions to prevent circular lockout).

Bitwarden Lite I think used to be called Unified when it was in beta. It is no longer in beta, and described here:

Let's talk about computing resources:

> * Bitwarden lite requires: > * RAM: At least 200 MB > * Storage: At least 1GB > * Docker Engine: Version 26+

That's not very demanding specs for a server. I have google cloud always-free compute engine (E2 I think) with 1GB ram and 250gb storage. I currently access it via tailscale for a few small projects. Thinking about getting an oracle always-free arm vps as well since it comes with an option for more ram.

Let's talk about complexity to install. I see one extra requirement for bitwarden lite:

> * "Because Bitwarden lite databases are not provided by or collocated with the application container, database maintenance, including updates, maintenance, and backups, must be fully managed by you."

... that doesn't seem too challenging to install sqlite3 and adjust environmental variables to point to it. Are there other challenges setting up bitwarden lite that don't apply to vaultwarden?

What are your thoughts about pros and cons of these two self-hosted options or any compelling reasons to prefer one solution over the other (vaultwarden vs bitwarden lite)?

u/Sweaty_Astronomer_47 — 2 months ago

google accessibility services block may impact quicktile use for android users with advanced device protection

Android 17 blocks non-accessibility apps from the AccessibilityService API | anonhaven.com

> Google added an accessibility API lockdown in Android 17 Beta 2. When Advanced Protection Mode (AAPM) is active, the system prevents any app not classified as an accessibility tool from receiving AccessibilityService access. ...

> ... Apps must declare isAccessibilityTool=true in their service metadata to pass the check. Screen readers, voice control systems, and switch-based input tools qualify. Automation apps, custom launchers, notification customizers, password managers, and antivirus software do not [qualify].

Bitwarden uses accessibility services to support the quick action tiles.

autofill from android app | Bitwarden.com

> Quick-action tiles use the Android accessibility service to make autofill actions available from your notifications pull-down's settings menu.

I'm not sure when this change might come into effect. The article mentions Android 17 Beta 2, so I think (?) it might come to standard android when we get Android 17 which is supposed to be in June or July.

It seems like this might affect certain users if they have android's advance device protection active and they use bitwarden quicktiles.

u/Sweaty_Astronomer_47 — 2 months ago
▲ 1 r/brave

finding my per-site exceptions to "forget me when I leave this site"

I am loving that Brave gives me the control to establish strict global protections and relax them on a per-site basis for sites that I trust and visit frequently.

Here's how I'm planning to do that for javascript:

  1. GLOBALLY turn on javascript blocking (settings / shields / block scripts / on)
  2. ON A PER-SITE BASIS, disable javascript blocking for sites I want to trust (click the Lion and turn off block scripts)
  3. PERIODICALLY REVIEW my setup (settings / privacy and security / site and shield settings / javascript / scroll down to "customized behaviors" and review sites "allowed to use javascript"

I have an almost comparable workflow in mind for "forget me when I leave this site":

  1. GLOBALLY turn on "forget-me-when-I-leave-this-site" (settings / shields / forget me when I leave this site / on)
  2. ON A PER-SITE BASIS, disable forget-me-when-I-leave for sites I want to trust (click the Lion and turn off forget me when I leave this site)
  3. PERIODICALLY REVIEW" which sites I have previously trusted by disabling "forget me when I leave this site"... HOW DO I DO THAT?

Steps 1 and 2 are completely parallel in the settings but I can't seem to find how to accomplish step 3 for forget-me-when-I-leave-this-site. Is it hiding somewhere else in the settings?

reddit.com
u/Sweaty_Astronomer_47 — 2 months ago
▲ 177 r/Bitwarden

Decryption error... Contact customer success to avoid ADDITIONAL data loss.

I tried to log into the chrome extension using my yubikey.

First attempt failed in some way (I'm not sure if I got an error message, but I assumed I had typed my pin wrong and tried again).

Second attempt succeeded, except I get this error message warning me about ADDITIONAL data loss (which means I already have data loss?!?)

It includes 12 sets of hex strings (each wrapping to 2 lines like the one shown).

I have no idea what particular data may have been lost in my vault. I don't see anything obvious. Neither do I know how I can associate these hex numbers with my entries (does anyone know that?).

Trying to decide whether the next action is going back to my last backup or not.

I will be contacting support, but also posting here for any suggestions.

u/Sweaty_Astronomer_47 — 2 months ago

I have Debian 12. After running sudo apt update, uname -r tells me that I have kernel 6.6.99 which apparently is not yet patched for copy-fail and therefore vulnerable to local privilege escalation under certain conditions.

I'm trying to figure out what would be the steps to rectify the situation. I see some discussion here:

Debian Linux Patched Copy Fail (CVE-2026-31431) Vulnerability - OSTechNix

It seems to require more technical knowledge than I have.

Can anyone provide suggestions to update the kernel or make the system safe until the update arrives?

u/Sweaty_Astronomer_47 — 2 months ago

Two things I noted:

  1. Is there any way to eliminate trust in ancient X11 from this app?
  2. Is it still requiring an outdated version of org.gnome.Platform? When I perform flatpak update, I get the error message:
  • Info: (pinned) runtime org.gnome.Platform branch 48 is end-of-life, with reason: The GNOME 48 runtime is no longer supported as of March 24, 2026. Please ask your application developer to migrate to a supported platform.
    • I think this error originates from OnlyOffice but I'm not positive. The only other flatpak I have installed is flatseal

EDIT - The following item appears related to X11 on the flatpak

u/Sweaty_Astronomer_47 — 2 months ago