The Linux Thread - The Autist's OS of Choice

[DavidS877]

IDK flatpaks just seem like the same thing but with containers.

Except without the container, in my opinion.
Flatpak's use many of the same kernel isolation that a container engine like podman or docker use but worse.
Here's the horrifying technology underlying it: https://docs.flatpak.org/en/latest/under-the-hood.html

In theory it will share the same version of libraries, but I have no idea if that actually works.

I like AppImages for my one file, one application. It even works most of the time without all the overhead of Snap or Flatpak.

 

[prollyanotherlurker]

let's say someone wanted to make a super bare bones window manager, one that doesn't even support tiling, basically runs an application directly on X11 with no windowing or decorations, and you can switch between applications by using shortcuts or by launching a dedicated app that basically shows all running apps as tiles, possibly doubling as a start menu where you can click on the tiles of unopen apps and they will launch. this would be intended for tablets and HTPCs, running native linux apps and PWAs through a basic Chromium browser. Is there something like that already? and how hard would it be to add some sort of transitions between apps (or transitions between the apps and the menu) and ensure it supports HDR and smooth fonts?

It sounds like CWM is what you are looking for.

Except without the container, in my opinion.
Flatpak's use many of the same kernel isolation that a container engine like podman or docker use but worse.

Generally I hear bubblewrap, considered sandboxing. Rather than being containerized. I'm guessing the distinction is that it's made in their own invisible temporary namespace. Which things are bind mounted into, to have them work. And are included or excluded, depending on whether you want them to have access.

Where a normal container is just a chroot, but with further isolation. At least generally speaking.

If you want a lightweight way to improve isolation between the applications you are using using bubblewrap, or firejail, are good ways to do it. If you know what you are doing.

 

[prollyanotherlurker]

I was just listening to lundukes latest video. The one about the un and open source.

And something occurred to me all of a sudden. With the thing about Asians being mentioned. Because Asians are excluded from being considered "minorities" in this dei stuff.

The thought. Is trannies are by far over represented in tech, and open source related jobs. So by their own logic. They should be excluded from being considered disadvantaged.

I wonder if people started pushing the idea that trannies should be excluded from dei, in tech. How that would go. People would have to do it all over the place.

 

[Froggy Fresh Sextape]

In theory it will share the same version of libraries, but I have no idea if that actually works.

It does as long as the library a Flatpak app wants to load is at the same inode as something already loaded into memory.

So if you're running multiple Flatpak apps that all depend on the same runtime you're not constantly duplicating it.

 

[analrapist]

The thought. Is trannies are by far over represented in tech, and open source related jobs. So by their own logic. They should be excluded from being considered disadvantaged.

Next consider this one weird semitic tribe and its overrepresentation...

 

[HalHalliday]

Static linking is retarded, also thank God for static linking. It seems like everything is build on a fucking quick-sand these days. You ship an application, and tomorrow it might not work, because of l33t-jeet engineering or because some tranny's brain is buzzing the wrong way that day. No wonder that people are choosing to ship whole environments with their apps. Soon, we'll be shipping entire "OS"s with our programs to boot, like in the good ol' days!

 

[Anti Snigger]

by their own """logic."""

 

[DavidS877]

Soon, we'll be shipping entire "OS"s with our programs to boot, like in the good ol' days!

Companies have been shipping VMWare OVAs for years now, sure it won't boot on bare metal but it's an entire OS for whatever crappy product you're running.

And most users of containers are too stupid to strip them down, so most are almost a full OS, some abjectly retarded ones even have systemd.

There is some feeble attempt to stem the tide with things like Google's "distroless" but most people aren't that smrt.

 

[prollyanotherlurker]

Next consider this one weird semitic tribe and its overrepresentation...

Trying to get them to not consider trannies, as underprivileged is already, probably beyond reality. Even though it worked for chinks. Either way. I'm just putting out ideas. Tranny's having power over any decision making in open source. Is just icing on the shit cake, that is modern tech.

 

[SCV]

In the wake of the recent (west)world-wide push for increased surveillance, I want to start a little discussion: what do you think would be the best way to insulate yourself from prying eyes at the OS level? [...] I'm only focusing on one machine directly exposed to the Internet here, [...]

Imma be real with you. Connecting a fully featured OS directly to the internet is suicide. All the services that are running even on something minimal are a huge attack surface and if you are "interesting" you're going to get fucked. At a minimum you need a device/router with a relatively secure, for-purpose OS (like pfsense), running a NAT that is dropping all incoming packets you didn't specifically ask for. This is also why IMO IPv6 is cancer.

That done (and I know this is trite but it is true) you should be asking what your threat model is. If you're just trying to browse anonymously the OS doesn't really matter so much as the browser. I would setup the tor browser with ublock and to not save history/cookies/etc. Just yeeting the tracking pixels and a cookie cleaner extension is like 90% of what you need.

If we're worried about advanced, personalized attacks then I think your outward facing router/device needs more attention. Running on something that doesn't have an IME/PSP. Auto-updates enabled. Fail2ban (not that you should have ssh from WAN enabled anyway). use dnscrypt, etc. Browsing from your actual PC with javascript disabled.

If you're worried about the government then it pains me to say this but depending on how mad they are they're probably going to get you anyway. Actual physical arrest, an intentional supply chain attack (or maybe you really do read and understand ALL the code on your machine perfectly?), or a 0-day aren't really stoppable. The trick is to not get to this point where they're big mad and know who you are because at that point it's already ogre.

The thought. Is trannies are by far over represented in tech, and open source related jobs. So by their own logic.

"Minority majority country."
"But what if the shoe was on the other foot? "
"White people can't be discriminated against"
And so on and so forth.