Ah okay, thanks for the clarification! I haven’t delved deep into that aspect yet. But I’ve recently become aware of this unaddressed attack vector. And it is definitely something to worry about.
Unsure if it’s solved anytime soon. But, if it is properly addressed and solved at some point in the future, would that (completely) redeem Flatpak’s security model? Or, at least make it superior to what’s found elsewhere?
Hehe :P , thanks for sharing your experiences!
Uhmm…, please allow me to elaborate upon my first question, as I don’t feel it’s quite answered yet.
You noted the following in an earlier comment:
Edit: I’m leaving it
Which led me to believe that you left Bluefin for some reason. But after reading your great wall, it doesn’t seem as if you actually left it. So…, I’m mostly confused at the moment :P . Would you mind elaborating in hopes of (at least) alleviating this confusion?
Obligatory insert Manjarno.
It’s simply reflective of how Steam publishes those numbers on its own platform. For some reason, Fedora isn’t explicitly accounted for while it’s very likely to possess a huge chunk of the “Other” category.
To illustrate this point, we’ll look at Boiling Steam’s latest report. It uses ProtonDB’s data to give us (possible) insight on what’s found within “Other” (that accounts for 23.27%). Before I delve further, it has to be said that ProtonDB’s data contrasts Steam’s in significant ways. It’s not a huge departure, but one definitely notices a slight discrepancy between the numbers.
FWIW, as per Boiling Steam’s report, we find the following numbers for Fedora (and related derivatives):
Which (together) amounts to 18.4%.
If we would scale this down, as Boiling Steam’s report doesn’t include SteamOS Holo[1], we’d get:
Totaling to 12.7% this time. And thus, it('s at least likely to) constitute the majority of the “Other” category.
I’ll assume its share is 30.95% based on Steam’s own numbers. ↩︎
But how is it a security nightmare? Or did you mean “distraction”, but chose to use “nightmare” for -I suppose- exaggeration (or similar/related reasons)?
doesn’t matter if you downloaded malicious code
Hmm…, please help me understand: say, I installed a flatpak that included malicious code. But, it required some permission to enact upon its maliciousness. Which, it never received. And thus, if my understanding is correct, it couldn’t enact upon its maliciousness. How didn’t Flatpak’s security model not matter in this case? Apologies if I sound obnoxious (or whatsoever)*, but I’m genuinely trying to understand your case.
Thanks for sharing your experiences! As much as I absolutely love and favor ‘immutable’/atomic “Doritos” distros over their traditional counterparts, I can’t but accept the reality that it’s not (prime-time) for everyone (yet). Though, I do wonder what put you off (specifically). Would you mind sharing it?
Anything needing deeper access or only available in package form, I’ve been able to run in boxes.
I assume you’re referring to distroboxes and not to (GNOME’s) Boxes used for running VMs.
Its a security nightmare
How so? Doesn’t its sandbox offer superior security (under most circumstances) over most other solutions? Even in its relative infancy*.
Didn’t islam have to have special religious scholars for figuring out tiny things?
At least in theory, Islam is traditionally adhered to as an all-encompassing lifestyle. As such, it’s unsurprising to find rulings on the minutia of affairs.
FWIW, deriving new religious verdicts and/or refining the old is a continuous effort as new issues/situations arise.
I feel like I remember them having to be called in to issue a special ruling through the Quran that a religious building could be entered temporarily by the police to end a siege between them and some other group.
Perhaps you are referring to issuing a so-called ‘fatwa’, which is basically understood as a religious ruling derived by an Islamic jurist on a (pressing) matter.
Apologies for my ignorance, but what’s OST?
I was under the impression Arch was more for “hardcore” users, is that an outdated mindset (or was it ever true)?
It’s more nuanced than that.
Arch Linux, the distro Garuda Linux is derived from, is definitely not a distro that holds your hand like e.g. Linux Mint does. It (somewhat) demands you to read extensively through its excellent[1] ArchWiki.
However, Garuda and other derivatives[2] are opinionated takes on Arch that try to fulfill a specific goal that its respective maintainers have in mind. This can range from using Arch Linux as a base for delivering:
(Note that the oversimplified descriptions found above don’t quite do justice to the enormous effort that is put into these projects. Furthermore, it has to be mentioned that each of these distros proud themselves on the amazing communities they’ve built.)
Finally, it goes without saying that having an Arch base continues to pose a (potential) maintenance burden[4] with the constant stream of updates. While some of the above distros include some of the available protections by default, none claim to provide a silver bullet[5]. Thankfully, problems ‘should’ only act up every once in a while. And (almost surely) deflecting them with a working snapshot provides an evergreen magical experience.
So, to conclude, Arch Linux as a distro definitely is more demanding than e.g. Linux Mint. However, the derivatives mentioned above definitely bridge the gap to a remarkable extent. So much so, perhaps, that you might not even notice much of a difference (besides the constant stream of updates).
Arch Linux is not unique in its extensive documentation. This is more of a trend we find on other distros that come with (almost) no defaults; e.g. Gentoo also sports a(n arguably even more) comprehensive Wiki. This makes total sense as these systems require from their users to set it up. Which, unsurprisingly, is a nonstarter without proper guidance. ↩︎
This includes but is not limited to the likes of CachyOS and EndeavourOS. A more exhaustive list is found here. ↩︎
Historically speaking, the hardest part about Arch Linux was its installation. This has since been mostly alleviated with the introduction of archinstall. ↩︎
I think the Upgrading the system section of its System maintenance wiki entry is one of the most striking examples of what I mean. I’m simply unaware of any other distro that requires/demands something similar. Note that -on Arch- you’re encouraged to update daily or at least weekly. ↩︎
In Arch Linux’ defense, this is a hard problem to solve without introducing radical changes. Even openSUSE that pioneered the BTRFS + Snapper workflow in its Tumbleweed, is actively seeking and working on an even more powerful solution. But let’s not get down that rabbit hole for now 😜. ↩︎
I suppose you’re referring to the following resources. Am I right?
As the person in question has remained silent, I do wonder if I could perhaps help out instead. Would you be so kind to vocalize your question(s) as elaborate as possible? Afterwards, I’ll try to answer them to the best of my abilities.
I want my apps to be able to talk to each other. So flatpak is just in the way.
This is (at least somewhat of) a legit concern. But is mostly directed towards Flatpak’s limitations in its current implementation.
Also, I don’t see the point of immutable distros. I could boot off of btrfs snapshots years ago. Immutability gives me absolutely nothing of value either
Have you ever wondered why openSUSE started working on (what would eventually become) Aeon while they had previously pioneered the BTRFS + Snapper workflow with Tumbleweed? I believe you may find the point of immutable distros in there 😉.
If you’re still (relatively) new to Linux and are mostly interested in “just works”, then you simply can’t go wrong with systemd. It has (for better or worse) become the de facto standard on Linux and is therefore often assumed to be present. Hence, actively resisting it might be ‘costly’. Therefore, you should carefully consider whether it’s worth straying from the beaten path. Like, what do you hope to achieve?
As for the elephant in the room, what alternative can even put up a fight? While I’d be the first to admit that systemd’s design ethos leaves a lot to be desired; it’s so feature-rich that I’ve yet to find any distro that puts good use to (almost) all of them. But, including everything and the kitchen sink does make it hard for its competitors to compete whenever it matters; perhaps it’s one of the key reasons why systemd is as reliable as it is OR why attempting to replace systemd on Fedora/NixOS/openSUSE is a nonstarter. (Being founded and funded by Red Hat doesn’t hurt either. Nor does it hurt when its main developer is on Microsoft’s payroll.)
Though, even if I don’t see the likes of OpenRC/runit/sysvinit ever compete with systemd in terms of capabilities, I am cautiously optimistic for dinit and s6.
LOL, who am I kidding, systemd will (probably) only be dethroned whenever its PipeWire/Wayland is introduced.
What is the kernel version on your system? On both Linux Mint and Ubuntu*
Penguins-eggs to the rescue.
Your reply is much appreciated, fam! Unfortunately, I wasn’t able to return right away. I thank you for your patience! Btw, I’m not native. So, if I misuse any terms/words/phrases or whatnot; my apologies. Usually, I put in some significant effort to alleviate this. Sadly, I didn’t quite have the chance to do so this time. Thank you for your understanding!
Firstly, I’m glad we can have a civil discourse on this topic rather than resorting to personal attacks and namecalling. I also appreciate the fact that you seem like someone who actually wants to get to the truth rather than defending your stance no matter what.
Thanks fam for the compliments! Your engagement is (I think) (at least) equally commendable!
You’re right. The people in the video are in fact publicly celebrating the 9/11 attacks which took the lives of thousands of innocent people. As you can see, it’s not just grown ass men who are celebrating, but children and women too. If this is the level of hatred they have towards the United States, do I really need to explain how severe their hatred for Israel would be?
Btw, I understood the implied context of the footage. But, it would be intellectually dishonest if I didn’t take into account the framing at hand. Cuz, if we were to be very critical of the footage itself (so without AP’s provided text as guidance), then there’s nothing explicitly there that connects those celebrations to the 9/11 killings; no burning of American flags or anything that would imply it. Granted, I assume neither of us speak Arabic. So that doesn’t help either 😅.
Just to be clear, I’m well aware that this story is pretty much uncontested[1]. So I’m not actually disputing it. But, with the benefit of hindsight[2], it’s hard to completely deny any ulterior motives for broadcasting said celebrations.
And to push back: is it sociologically-speaking strange for them to be glad that the biggest support of their rivals has received a retribution?
That’s an easy question to answer. There would be one country and it would be called Palestine.
History has indeed taught us that that[3]’s a pretty likely outcome. But, I was also curious to hear your take on the other question. Namely, “What would become of the Israeli people?”.
But they will be celebrating.
Likely indeed.
And they will want the whole world to see them celebrating. That’s for sure.
For this, I’m not so sure. But it could be.
https://en.m.wikipedia.org/wiki/Dolphinarium_discotheque_bombing#Aftermath
Ah, another celebration. I’m starting to notice a pattern :P .
Another one.
This video I didn’t pay a lot of attention to as the media outlet didn’t seem to be as reliable as I’d like.
I think I got the message by now :P .
Again I want to be very clear that I’m not an Israeli sympathizer. I’m just trying to make a point that the Palestinians aren’t the saints that the liberals (btw I’m a liberal myself) often portray them to be.
If sainthood is achieved through suffering alone, then I’d argue they would make a good chance. But yeah, I get where you’re hinting at.
That is, the eventual wars in Iraq and Afghanistan. ↩︎
Nation states only exist since relatively recently. So, there has never been a Palestinian state or something. However, Muslim rule has dictated over those lands. My reading of history informs me that while Jews definitely weren’t first-class citizens, they were fortunately not persecuted like we saw in other parts of the world. ↩︎
While that’s a good read for someone more technical
I would perhaps put more importance to eagerness to learn. But (I think) I understand where you’re hinting at.
the distro chooser brings it to people of lower technical prowess.
While the distrochooser definitely has a lower entry barrier, I’d argue that if one isn’t willing to read the above guide, then they might as well roll a die and choose between Bazzite, Fedora, Linux Mint, Pop!_OS, TUXEDO OS and Zorin OS accordingly.
While your endorsement is definitely well-intentioned, I’m unsure if it correctly reflects the project’s health[1]. I’d argue we’ve got (a lot) better resources on the fediverse. Like, e.g. this excellent guide: Understanding Linux and choosing your first Linux distro, v2.0
Nah, I wouldn’t go that far. That’s like way too dramatic.
I will whenever
aptdoesn’t (majorly) rely on backports for its security updates AND actually sandboxes its own packages. Zero Trust, FTW!