Small note. Opensuse Leap is EXTREMELY stable. Just as stable as RHEL and more stable than non-LTS Ubuntu. It’s just less well marketed in the English speaking world.

This article is from 2024. Hopefully it worked out. 😆

Different customers are dumb in different ways and different customers have different personalities.

If I sent a template email I would probably offend most of my customers. Lol.

Depends on the email. Sometimes it’s needed.

I can spend 10-20 min writing an email that basically says “no your idea is dumb and won’t work” to customers in such a way where by the end of it they agree with me.

It can take a bit of effort but with high stakes communication it’s needed.

If you’re just sending an email to your teacher or whatever it doesn’t really matter.

Think of it like the flooded house analogy. They could paint the dry wall while tearing it out at the same time. But why would they?

They’re not refusing. They’re actually doing the opposite. But they needed to get their house in order first.

The 3.0 upgrade was the result of the getting their house in order and modernizing. Doing cosmetic changed before hand would have made no sense because those changes would have been thrown away when they would have to modernize things anyways.

I think I have an analogy.

Gimp was like an old American style wooden house that was flooded. After the water recedes you could try to make things look nicer by plastering and painting the walls etc. But as goes with flooded houses if you do this the mold will rot everything out.

In order to save a flooded house you need to remove all the dry wall and use fans to dry out the internals. Once things are dry then you can plaster and repaint things.

Gimp 3.0 was them ripping out dry wall and air drying the internals. Now that that is done it now makes sense to clean up the UI.

If you clean up the UI before you dry the walls out it’s just a waste of time because those improvements would need to be ripped out with the dry walls always.

It’s not perfect as far as an analogy goes but it’s close. Gimp should have never let the house flood in the first place. (Analogy breaks down here a bit). But since they did. They needed to fix the fundamental before it would be worth fixing the UI.

This all being said they could at this point genuinely refuse to change things UI wise. I hope they choose to pull a Blender or Krita but they don’t have to.

I mean the whole point of doing the mega rewrite to gtk3 was specifically to enable such forward looking progress.

What they did in the 3.0 release was, largely, a massive modernization of a dinosaur code base.

Now that it’s done it makes sense to do a UI overhaul. Before 3.0 it made no sense to even try, now it does.

It’s a hard problem in the fediverse. It makes for a ticking time bomb of an issue. Imagine I am on a “everything is your own, we don’t sell your stuff” instance while another instance just copy pasted metas ToS. By posting a response to my instance, which then in turn is federated to the meta style instance I create something hard to solve. I can foresee other issues too.

I see your point. I just think it’s a difficult problem.

I don’t think the ToS approach would be invalidated here via your Safe Harbor fork theory.

The ToS could state something like “you give us a worldwide perpetual right to use your content in any way we want including granting this right to whom we designate”

You still own your content but by having an account you agree to the ToS that lets them do what they want.

They just host it and are safe.

I don’t think it’s equivalent to sovereign citizens. OP is the author of their comment and therefore has the copyrights. As the author one can license their work as all rights reserved or other permissive licenses.

OP chooses to license their work as Creative Commons.

They’re not forcing you to accept the license, it’s your local government that enforces copyright.

The reason why this might work on Lemmy but not on corporate Social media is that corporate social media often have terms of service that require you to give them ownership/rights/etc. Lemmy has no such ToC.

TIL. Very cool.

Solaris was beautiful. But it could have been more secure if it had Mandatory Access Controls. One compromised app running as root, or one privilege elevation exploit and without mandatory access controls you’re done.

Even with user contained exploits without MAC you expose way too much.

Edit: Turns out Solaris had a MAC enabled variant called Trusted Solaris! I could have seen myself using this if Sun was still around and OpenSolaris had panned out.

https://en.m.wikipedia.org/wiki/Trusted_Solaris

In conclusion Solaris was not junk.

I like the fact that it is a solid mandatory access control system. With SELinux you are substantially more safe than without.

For example. Let’s say you are running a compromised version of OpenSSH. Threw a XZ style back door a hacker gets in as OpenSSH (which runs as root).

Without SELinux the system is fully owned. With SELinux the attacker can only access what OpenSSH needs to access even if they have root. They can’t just chmod files and folders wherever. That means your photos and application data are still secure. With the pre written SELinux policies this applies not just for OpenSSH but for every piece of software installed on your system. Everything is limited to the exact folders, ports, and system capabilities that it needs and no more. Even stuff like seperate websites being served under Nginx. You can have Nginx-subgroup-1 and Nginx-subgroup-2 where the applications can’t see each other even though they are being run as the Nginx user.

I don’t trust any Linux distro without this security layer.

It’s a little difficult to learn and master, but it’s totally worth it if you care about security.

Redhat put out a comic about it a few years ago explaining the basics. https://people.redhat.com/duffy/selinux/selinux-coloring-book_A4-Stapled.pdf

Thank goodness for selinux. Without it Linux would not be a secure OS.

And no AppArmor does not do the same thing. You need the mandatory part for mandatory access controls to work.

Another one is that if you delete a file on an encrypted drive it can’t be undeleted later on. Lots of benefits.

I mean if you have an angle grinder and a space to safely use it sure. But it’s still harder than just dropping the HDD off at an e-waste bin.

Fair. If you have access to a crusher then maybe I can see not encrypting. But even then with non encrypted drives files can be recovered even after deleting etc.

This is why backups are important. But even if the drive is encrypted recovering data is exactly as easy as recovery from a non encrypted drive.

1. Do a ddrescue of the drive.
2. Re apply the luks header.
3. decrypt all non corrupt sectors
4. Use appropriate tools to recover files.

Like you lose the same sectors if those sectors are encrypted or not.

Just backup the LUKs header files. No need to encrypt them as they’re inherently secure as the hard drives they would originally reside on.

True. This does work. But it is less secure and much harder than just tossing an encrypted HDD into an e-waste bin. It probably is more fun though. 🤔