They don’t seem to give a shit about security. I think the well is poisoned.
Nah, I wouldn’t go that far. That’s like way too dramatic.
Best to just use apt
I will whenever apt doesn’t (majorly) rely on backports for its security updates AND actually sandboxes its own packages. Zero Trust, FTW!
Ah okay, thanks for the clarification! I haven’t delved deep into that aspect yet. But I’ve recently become aware of this unaddressed attack vector. And it is definitely something to worry about.
Unsure if it’s solved anytime soon. But, if it is properly addressed and solved at some point in the future, would that (completely) redeem Flatpak’s security model? Or, at least make it superior to what’s found elsewhere?
Hehe :P , thanks for sharing your experiences!
Uhmm…, please allow me to elaborate upon my first question, as I don’t feel it’s quite answered yet.
You noted the following in an earlier comment:
Edit: I’m leaving it
Which led me to believe that you left Bluefin for some reason. But after reading your great wall, it doesn’t seem as if you actually left it. So…, I’m mostly confused at the moment :P . Would you mind elaborating in hopes of (at least) alleviating this confusion?
Obligatory insert Manjarno.
It’s simply reflective of how Steam publishes those numbers on its own platform. For some reason, Fedora isn’t explicitly accounted for while it’s very likely to possess a huge chunk of the “Other” category.
To illustrate this point, we’ll look at Boiling Steam’s latest report. It uses ProtonDB’s data to give us (possible) insight on what’s found within “Other” (that accounts for 23.27%). Before I delve further, it has to be said that ProtonDB’s data contrasts Steam’s in significant ways. It’s not a huge departure, but one definitely notices a slight discrepancy between the numbers.
FWIW, as per Boiling Steam’s report, we find the following numbers for Fedora (and related derivatives):
Which (together) amounts to 18.4%.
If we would scale this down, as Boiling Steam’s report doesn’t include SteamOS Holo[1], we’d get:
Totaling to 12.7% this time. And thus, it('s at least likely to) constitute the majority of the “Other” category.
I’ll assume its share is 30.95% based on Steam’s own numbers. ↩︎
But how is it a security nightmare? Or did you mean “distraction”, but chose to use “nightmare” for -I suppose- exaggeration (or similar/related reasons)?
doesn’t matter if you downloaded malicious code
Hmm…, please help me understand: say, I installed a flatpak that included malicious code. But, it required some permission to enact upon its maliciousness. Which, it never received. And thus, if my understanding is correct, it couldn’t enact upon its maliciousness. How didn’t Flatpak’s security model not matter in this case? Apologies if I sound obnoxious (or whatsoever)*, but I’m genuinely trying to understand your case.
Thanks for sharing your experiences! As much as I absolutely love and favor ‘immutable’/atomic “Doritos” distros over their traditional counterparts, I can’t but accept the reality that it’s not (prime-time) for everyone (yet). Though, I do wonder what put you off (specifically). Would you mind sharing it?
Anything needing deeper access or only available in package form, I’ve been able to run in boxes.
I assume you’re referring to distroboxes and not to (GNOME’s) Boxes used for running VMs.
Its a security nightmare
How so? Doesn’t its sandbox offer superior security (under most circumstances) over most other solutions? Even in its relative infancy*.
Didn’t islam have to have special religious scholars for figuring out tiny things?
At least in theory, Islam is traditionally adhered to as an all-encompassing lifestyle. As such, it’s unsurprising to find rulings on the minutia of affairs.
FWIW, deriving new religious verdicts and/or refining the old is a continuous effort as new issues/situations arise.
I feel like I remember them having to be called in to issue a special ruling through the Quran that a religious building could be entered temporarily by the police to end a siege between them and some other group.
Perhaps you are referring to issuing a so-called ‘fatwa’, which is basically understood as a religious ruling derived by an Islamic jurist on a (pressing) matter.
Apologies for my ignorance, but what’s OST?
As the person in question has remained silent, I do wonder if I could perhaps help out instead. Would you be so kind to vocalize your question(s) as elaborate as possible? Afterwards, I’ll try to answer them to the best of my abilities.
I want my apps to be able to talk to each other. So flatpak is just in the way.
This is (at least somewhat of) a legit concern. But is mostly directed towards Flatpak’s limitations in its current implementation.
Also, I don’t see the point of immutable distros. I could boot off of btrfs snapshots years ago. Immutability gives me absolutely nothing of value either
Have you ever wondered why openSUSE started working on (what would eventually become) Aeon while they had previously pioneered the BTRFS + Snapper workflow with Tumbleweed? I believe you may find the point of immutable distros in there 😉.
Your reply is much appreciated, fam! Unfortunately, I wasn’t able to return right away. I thank you for your patience! Btw, I’m not native. So, if I misuse any terms/words/phrases or whatnot; my apologies. Usually, I put in some significant effort to alleviate this. Sadly, I didn’t quite have the chance to do so this time. Thank you for your understanding!
Firstly, I’m glad we can have a civil discourse on this topic rather than resorting to personal attacks and namecalling. I also appreciate the fact that you seem like someone who actually wants to get to the truth rather than defending your stance no matter what.
Thanks fam for the compliments! Your engagement is (I think) (at least) equally commendable!
You’re right. The people in the video are in fact publicly celebrating the 9/11 attacks which took the lives of thousands of innocent people. As you can see, it’s not just grown ass men who are celebrating, but children and women too. If this is the level of hatred they have towards the United States, do I really need to explain how severe their hatred for Israel would be?
Btw, I understood the implied context of the footage. But, it would be intellectually dishonest if I didn’t take into account the framing at hand. Cuz, if we were to be very critical of the footage itself (so without AP’s provided text as guidance), then there’s nothing explicitly there that connects those celebrations to the 9/11 killings; no burning of American flags or anything that would imply it. Granted, I assume neither of us speak Arabic. So that doesn’t help either 😅.
Just to be clear, I’m well aware that this story is pretty much uncontested[1]. So I’m not actually disputing it. But, with the benefit of hindsight[2], it’s hard to completely deny any ulterior motives for broadcasting said celebrations.
And to push back: is it sociologically-speaking strange for them to be glad that the biggest support of their rivals has received a retribution?
That’s an easy question to answer. There would be one country and it would be called Palestine.
History has indeed taught us that that[3]’s a pretty likely outcome. But, I was also curious to hear your take on the other question. Namely, “What would become of the Israeli people?”.
But they will be celebrating.
Likely indeed.
And they will want the whole world to see them celebrating. That’s for sure.
For this, I’m not so sure. But it could be.
https://en.m.wikipedia.org/wiki/Dolphinarium_discotheque_bombing#Aftermath
Ah, another celebration. I’m starting to notice a pattern :P .
Another one.
This video I didn’t pay a lot of attention to as the media outlet didn’t seem to be as reliable as I’d like.
I think I got the message by now :P .
Again I want to be very clear that I’m not an Israeli sympathizer. I’m just trying to make a point that the Palestinians aren’t the saints that the liberals (btw I’m a liberal myself) often portray them to be.
If sainthood is achieved through suffering alone, then I’d argue they would make a good chance. But yeah, I get where you’re hinting at.
That is, the eventual wars in Iraq and Afghanistan. ↩︎
Nation states only exist since relatively recently. So, there has never been a Palestinian state or something. However, Muslim rule has dictated over those lands. My reading of history informs me that while Jews definitely weren’t first-class citizens, they were fortunately not persecuted like we saw in other parts of the world. ↩︎
Thank you for providing that video!
I hadn’t seen it before, and I can definitely understand why its content is disturbing.
Granted, as I’m unable to understand the context beyond what AP themselves have provided, I’ll (for the sake of the argument) accept this as Palestinians celebrating an attack on the US.
Then, my initial intention was to dissect the argument and explain why I can’t agree with your extrapolation[1]. However, to my surprise, your extrapolation might not be as far-fetched as I initially thought 😅. But, this ultimately depends on what you mean precisely. So, please allow me to ask further clarifications:
Let me know if you still aren’t convinced.
Please allow me to take you up on that offer 😜.
That is, “But if Palestine had the kind of military backing Israel does, Israel would simply not exist on the map today. And the Palestinians would be openly celebrating over the dead bodies of Israeli people.” ↩︎
they’ve been apparently working on its replacement for quite some time, so the “news” of its retirement actually comes because of the discovery of its replacement and the chatter around it.
Are you referring to the combination of Agama, Ansible and Cockpit?
Thanks for posting.
It has been my pleasure!
I was worried that it might have been forgotten about
The XZ utils supply chain attack has actually made the community more wary of blobs. Some projects were even prompted to come clean on this matter.
Fedora has also recently made a push towards reproducible builds. In the lwn.net article that discussed that push, one of Fedora’s spokespeople explicitly said that it would help combat supply chain attacks.
So, all in all, I can confidently say that it did leave a mark on the Linux landscape. Hopefully, this specific attack vector will not be as viable in the foreseeable future.
But if Palestine had the kind of military backing Israel does, Israel would simply not exist on the map today. And the Palestinians would be openly celebrating over the dead bodies of Israeli people.
What is this based on? Like, could you (by any means) back up this claim?
Please correct me if I’m wrong, but my understanding is that we didn’t get any alternative in return. Right?
thanks, that’s comprehensive
Thanks fam for the appreciation!
I recommend it at least :-)
I totally get it and I actually appreciate your efforts. Which shouldn’t be surprising as I favor anything ‘atomic’ over the traditional model. Heck, were it not for Fedora Atomic, I would probably have daily-driven openSUSE Aeon instead.
Uhmm…, my apologies for sidestepping to a topic I would rather not… But here goes nothing…
Perhaps you might have noticed the discussion that has been going on elsewhere in this thread😅. And thus…, you might have become aware that an LLM was used (by me) for wording/phrasing/punctuation the earlier ‘info-dump’. Note that the content is still mine. I just wasn’t able to commit to put out a decent writing myself. Instead, I speech-to-texted my input. Asked the LLM to make it legible. After which we had a bit of back-and-forth until we arrived at the final result.
Anyhow, now that you’re aware of the context, I would like to ask you the following: What would you have preferred?
While I don’t enjoy the fact that this introduces a ton of maintenance issues on systemd-less systems that would like to continue supporting GNOME, I do think leveraging systemd to elegantly revive the session save/restore functionality bodes a lot of optimism for the set of features that will follow.
I’m at least thankful that this maintainer/contributor dedicated about half of their announcement on how systemd-less systems could alleviate this issue.