The Linux Thread - The Autist's OS of Choice

[prollyanotherlurker]

Not often someone is a bigger piece of shit than cloudflare but he pulled it off. A special place in hell for people that constantly sue.

On the kernel thing, and keep in mind I do watch lundukes stuff. He always takes the absolute most doomer approach with his interpretations of what the end result will be.

I think it's more a matter of time will tell. If things really start getting effected. Then a real competing kernel will probably pop up. Though it's also likely things can end up getting resolved down the line.

Also with the kernel having as much support as it does. I can't help, but feel it's not going to make as huge of a difference as people might think. A lot of very rich companies are funding, and contributing to kernel development, like Google, and iirc even Microsoft is now days (that one could be wrong, but I feel like it is.)

 

[Moonglade Feral Druid]

I'm just going to use Linux. Idk if bsd didn't suck so much to use for desktop I might have already been using it, but it does, and I won't.

But also, personally I couldn't really give much of a fuck about Russia, or any of that stuff. So it's really not changing anything for me.

Pair that with a number of FOSS projects that hard link linux dependencies that then need to be patched.

 

[TheDataHorder]

Pair that with a number of FOSS projects that hard link linux dependencies that then need to be patched.

this genuinely angers me. not 5-10 years ago linux was in the same spot. the fact so many FOSS projects only work on linux and don't bother with other unix like system compatibility is disgusting.
we've been in their position, we should be helping them, not fucking them over.
if they can avoid the pain of getting others to listen with some help, then i see that as a win.

 

[Susanna]

this genuinely angers me. not 5-10 years ago linux was in the same spot. the fact so many FOSS projects only work on linux and don't bother with other unix like system compatibility is disgusting.
we've been in their position, we should be helping them, not fucking them over.
if they can avoid the pain of getting others to listen with some help, then i see that as a win.

I don’t think it’s done to be malicious against the BSDs, but rather out of laziness. If you don’t use a BSD you’re not going to bother making sure your stuff works on them, not because you hate BSDs but simply because it’s extra work and only a tiny portion of users would even care.

 

[Rusty Metal Skull Gun]

There's literally no point to using BSD over Linux nowadays. It used to be the case that the BSDs were better for network throughput, but as far as I'm aware io_uring has made that obsolete.

 

[Moonglade Feral Druid]

As of 15.1 MacOS can no longer run unsigned software with no way to bypass within the GUI, which requires a subscription to sign software builds.

You can only get around it now by disabling Gatekeeper via the terminal.

sudo spctl --master-disable

 

[khaine]

As of 15.1 MacOS can no longer run unsigned software with no way to bypass within the GUI, which requires a subscription to sign software builds.

You can only get around it now by disabling Gatekeeper via the terminal.

You can run still run unsigned software. I'm not sure what these retards are smoking. What they have disabled is the short-cut ways to run unsigned apps. You used to able to hold down command to run the app. Now you need to go into Settings | Privacy & Security | Gatekeeper and allow the app to run.

https://support.apple.com/en-us/102445

 

[Betonhaus]

You can run still run unsigned software. I'm not sure what these retards are smoking. What they have disabled is the short-cut ways to run unsigned apps. You used to able to hold down command to run the app. Now you need to go into Settings | Privacy & Security | Gatekeeper and allow the app to run.

https://support.apple.com/en-us/102445

I feel like I had a brush with fathomless retardation. Whitelisting in Gatekeeper sounds like an official and documented method that should be considered general practice, while holding down a key to launch an app (do you have to hold down command every time you launch that same app?) seems like a secret trick the os developers put in to make their work easier, but would be forced out eventually anyways as being a potential risk. Why make a big deal about the unofficial shortcut going away when the proper solution is still there?

 

[khaine]

Hol

I feel like I had a brush with fathomless retardation. Whitelisting in Gatekeeper sounds like an official and documented method that should be considered general practice, while holding down a key to launch an app (do you have to hold down command every time you launch that same app?) seems like a secret trick the os developers put in to make their work easier, but would be forced out eventually anyways as being a potential risk. Why make a big deal about the unofficial shortcut going away when the proper solution is still there?

Holding down Comman was only required on first launch. This was basically a shortcut way to tell macOS that you wanted to bypass gatekeeper for this particular app.

If for whatever reason the app doesn't show up in the settings after you try and run it, you can always self-sign the app to bypass gatekeeper. No dev cert required.

remove any signatures that may exist
codesign --remove-signature /Applications/OpenSCAD.app

self-sign the app
codesign --force --deep --sign - /Applications/OpenSCAD.app

 

[AmpleApricots]

There's literally no point to using BSD over Linux nowadays.

*BSDs various documentation has also often been named as a reason to go with it, but lots of the important linux userland software is well documented nowadays. Even the kernel is, really. (compared to how it was)

The only thing you can still say is that all the *BSD core software&kernel comes as one package and feels more seamless and polished than any given linux distribution. Also lack of dependence on the various quite bloat-y GNU utilities, but even that you can have with some distros (e.g. Alpine) now, if you really want to.

 

[GNU Abyss]

There's literally no point to using BSD over Linux nowadays. It used to be the case that the BSDs were better for network throughput, but as far as I'm aware io_uring has made that obsolete.

Jails are pretty nice. If we're talking all BSDs, pledge and unveil from OpenBSD are also really good. As a general point, it's always good to have alternatives out there.

 

[AmpleApricots]

Jails are pretty nice

Linux has namespaces I use intensely to isolate applications. bwrap is super useful and not known nearly well enough.

 

[Kosher Dill]

There's literally no point to using BSD over Linux nowadays.

I was under the impression that the license is perhaps its biggest remaining selling point for commercial uses, as it's more permissive than GPL and doesn't have as high of a compliance burden. No need to distribute source code and all that.

 

[Frederica Bernkastel]

There's literally no point to using BSD over Linux nowadays. It used to be the case that the BSDs were better for network throughput, but as far as I'm aware io_uring has made that obsolete.

The Russian political drama surrounding the Linux Kernel makes me think otherwise. The obscurity, and lesser corporate control over their foundations, give them legal advantages that aren't afforded to Linux because RedHat is a government contractor.
Also, some forks of BSD like OpenBSD contribute software people for people that use Linux.

 

[Redeemer]

I reckon this move took a lot of the kernel community off-guard. I expect some new fork of the kernel will come out of this. Given how big a mook-face-turn this is, and how the community was predominantly meritocratic before this, this is a lot more of a deal than they're trying to make it. Now the entry requirements for kernel work have gone from "submit a good patch" to "submit a good patch from an allied nation". This partisan horseshit of Linus's should have more of an impact than I'm seeing. But, nothing ever happens, so...

Spoiler: MATI

I feel like this has been a problem with kernel maintainers for a while. They take moderation action to preserve face, or for political reasons. I'm specifically thinking of the UMN thing, which everyone seems to have forgotten about.

Briefly, researchers at University of Minnesota submitted patches with security vulnerabilities, got them accepted, and then retracted them before they were pushed into mainline. They then published a paper talking about how the process for Linux maintainers vetting contributions needs to be overhauled. I believe the researchers said that every single one of the vulnerabilities could be found with a static analyzer.

This makes kernel maintainers look very very bad. So, in response, they declared the entire University of Minnesota a bad-faith actor. They banned all @umn.edu addresses from contributing. They reverted/reviewed every single commit made by an @umn.edu address (these despite the fact that all of the hypocrite commits were submitted through gmail), and issued pissy statements about how this was dangerous to the ecosystem. GKH's crybaby fit can be read here (a).

They politicked up concern over the ethics of the study. They got the university's IRB involved, saying that a study involving human participants should have had approval from an ethics committee, despite the fact that all they did was email some people some text and note how they responded to that text. Despite the fact that pen-testing and red-teaming are routinely done in the private sector, and you could honestly consider this to be a public service.

The pattern of kernel maintainers being cowards, lying, obfuscating, drumming up passions of retards who don't know what they're talking about, etc, is long established.

 

[Darkholme's Dungeon]

The Russian political drama surrounding the Linux Kernel makes me think otherwise. The obscurity, and lesser corporate control over their foundations, give them legal advantages that aren't afforded to Linux because RedHat is a government contractor.
Also, some forks of BSD like OpenBSD contribute software people for people that use Linux.

Yes but De Raat is also in Canada (Which can be more insane than the US) and has a type of Stallman-esque focus on ideological purity to that he won't allow SMT by default. FreeBSD and Dragonfly are both in California...

I fear what will happen is in the end these projects will all split off and run in there relative spheres of influence... And the truly meritocratic are going to end up on some sort of Internet site that only takes anonymizer relays where nobody gives a fuck about country of origin while getting hunted by the government for being "traitors" or something retarded.

I was under the impression that the license is perhaps its biggest remaining selling point for commercial uses, as it's more permissive than GPL and doesn't have as high of a compliance burden. No need to distribute source code and all that.

Corporate sponsorship is a big one. Especially when hardware vendors work with them. I could give zero shits if Microshaft didn't work with the BSD but Intel/AMD/Nividia/VIA/IBM working with linux is a pretty big thing imho. Kinda like how in China uses Ubuntunigger derived Kylin instead of FreeBSD as it used to...

I'm suprised there's been no feasible attempt by someone to build a RISC-V specific OS from scratch with something like an exokernel or microkernel. Maybe this will finally get those gears rolling.

DragonflyBSD, Illumos

Illumos is the continuation of OpenSolaris/OpenIndiana, which was a mix of System V, Oracle Solaris, and BSD.
Dragonfly is a pretty interesting design trying to move to a microkernel, COW fs, and tries to maximize SMP gains. Sadly x86_64 only.

 

[Betonhaus]

Was QNX ever open source?

 

[Rusty Metal Skull Gun]

No need to distribute source code and all that.

This is less of an issue than it sounds. The GPL says that you have to distribute source code if you publish binaries. You can hack on Linux as much as you like, as long as you keep your version internal.

I'm specifically thinking of the UMN thing, which everyone seems to have forgotten about.

The response to this was completely justified: open source only works if you assume everyone is acting in good faith. It's bad enough having to worry about Russian and Chinese glowies without throwing idiot academics into the mix too.

 

[Redeemer]

open source only works if you assume everyone is acting in good faith.

But you *know* that there are people who are not. Linux is a huge target to introduce vulnerabilities. There is huge financial incentive get even a small vuln introduced into the mainline kernel. Obviously there are going to be groups trying to do that all day, every day.

If the people responsible for keeping those changes out are not even bothering to run a static analyzer, that is something that is in the public's interest to know.

 

[Darkholme's Dungeon]

But you *know* that there are people who are not. Linux is a huge target to introduce vulnerabilities. There is huge financial incentive get even a small vuln introduced into the mainline kernel. Obviously there are going to be groups trying to do that all day, every day.

If the people responsible for keeping those changes out are not even bothering to run a static analyzer, that is something that is in the public's interest to know.

But why bother with kernel vulnerabilities when you can just attack the bajillion programs that linux requires to run like the xz utils backdoor issue? You can just keep a list of 0days close at heart and attack the much less scrutinized tools that aren't the core kernel.