What is the very best Linux Distro? - best to make a poll about that

[Susanna]

Some malware injected into packages or a script is just a disgruntled tranny janny with the right access/server-who hosts-the-stuff exploit away.

Every package manager I know of verifies the signature before it'll install any packages, so no, you can't just inject malware into an .rpm to take out IBM or whatever. The packages will fail to verify and the file will be downloaded from fallback servers until they get one whose signature matches the expected hash.
What you can do is take over a project on github and inject your malware directly into the source code. If a package is compiled with the compromised code there's nothing you can do short of announcing the issue and encouraging every maintainer to lock to a non-compromised version until the project can be forked out of your control and cleaned up. This is what happened to node-ipc.

 

[AmpleApricots]

What you can do

I was mostly talking about these rando, small distributions where you don't really know who runs them. While the showrunner or even most of the team might have the best intentions, the handful of people he knighted maintainers on the distro's discord might not, for whatever personal reasons that might've cropped up later on. It's very likely that they have certain packages to maintain and nobody who really looks over their shoulder as prolific maintainers are usually in short demand anyways. They might've even been trustworthy at one point. They might've just pretended to be trustworthy for a few months. They might've changed their mind about doing the right thing. Thing is, you can't really always know. While I was browsing the alpine community repository I even came across the name of a certain shovel-faced asian man on one of the packages. These are the kinds of people you trust with your software, potentially.

...and that script you curl into your bash might've been replaced by something else for a few hours. Depending on what happened, the original owners might've not have even noticed.

Package dependencies really are another can of worms. There's a lot of blind trust in that sphere. You gotta wonder how often people simply got away with injecting random crap into one of the 200 dependencies of a project, maybe temporarily.

 

[Betonhaus]

Package dependencies really are another can of worms. There's a lot of blind trust in that sphere. You gotta wonder how often people simply got away with injecting random crap into one of the 200 dependencies of a project, maybe temporarily

Then there's vulnerabilities because of half forgotten tools that everything uses. Didnt everyone's code broke became Kik forced a developer to give up his package name?

 

[FailurePersonifiedV2]

Daily drive Artix Linux (s6, fuck systemd)
For servers, always Debian always

 

[McKennai]

Daily driving Popos and usually never bothered to upgrade the OS as it just seems to work for most of my needs since 3 years.
Figure, if possible, swapping apt and systemd would be too much of a hassle as I'm basically using Ubuntu.

GUI-less Debian for servers as well.

 

[Sperg Coalition]

I just checked the Linux thread and barring the most recent page where some guy has trouble using Arch because of Hyper-V or some shit like that, there are literally atleast 1 person complaining about a distro every single page. Here's another example: https://kiwifarms.net/threads/the-linux-thread.62944/page-256#post-17131851

The day Linux will get a good distro (apart from Android and Mac OFC) is a snowball's chance in hell.

>He got filtered.
Sad, many such cases.

 

[khaine]

Why isn't gentoo one of the option? I think its one of the best designed source based distros, with emerge and ports.

 

[Creative Username]

Why isn't gentoo one of the option? I think its one of the best designed source based distros, with emerge and ports.

Because the OP was new to the Linux world and therefore only knew about the 400 Ubuntu derivatives that are all aiming to make Linux into a truly easy-to-use OS, with widely varying levels of success.

 

[Kosher Dill]

Why isn't gentoo one of the option?

I'll add it in right after I find the bucket of prop wash everyone keeps asking me for.

 

[The Ugly One]

Just mentioning Gentoo gave this thread incurable body odor.

 

[Kiwi & Cow]

Just mentioning Gentoo gave this thread incurable body odor.

Just mentioning Linux already gave this thread incurable body odor, so what's the difference?

 

[Betonhaus]

Just mentioning Linux already gave this thread incurable body odor, so what's the difference?

Debian server and Linux Mint users would be pretty normal. Arch Linux users could probably get Smash Bros competitors a run for their money tho

 

[Creative Username]

Debian server and Linux Mint users would be pretty normal. Arch Linux users could probably get Smash Bros competitors a run for their money tho

Oh come on, you haven't seen REAL body odor until you've come across a Guix user.

Note: I've never actually seen one.

 

[Betonhaus]

Oh come on, you haven't seen REAL body odor until you've come across a Guix user.

Note: I've never actually seen one.

I don't even know what that is.

 

[Creative Username]

I don't even know what that is.

See, you only know about the 74836257267435980761075 Ubuntu garbage distros and not the "cool" ones.
...
FUCKING NORMIE.

 

[Betonhaus]

See, you only know about the 74836257267435980761075 Ubuntu garbage distros and not the "cool" ones.
...
FUCKING NORMIE.

Maybe try showering?

 

[Dr. Geronimo]

Linux Mint users would be pretty normal.

Can confirm. At this point I pride myself at being the resident normie of the farms.

 

[generic sauce]

btw I use arch

 

[Betonhaus]

btw I use arch

 

[generic sauce]

View attachment 5558960

View attachment 5558960