Strypey
"Just see how a desktop environments handles double-clicking on an executable file that is missing the executable bit."
This is a security feature, not a bug. The ability of any random .exe file to execute on Windows (as root in earlier version!) is one of its major security flaws.
Strypey
"With AppImage, you get a software stack where the application author had a chance to cherry-pick which versions of libraries work together, test and tune both functionality and performance."
I'm confused by this too. Package management also allows app authors to specify particular versions of dependencies like libraries. But unlike AppImages, it allows distro maintainers to check all the components in the stack, from kernel up to app, and make sure it works smoothly as a whole.
Strypey
"... distributions could be much more polished if they focused on the base operating system and left the packaging of applications to the application authors."
For years, most apps have been deployed to GNU/Linux desktops through the web, not package managers. What's changed is that mobile apps have made native apps fashionable again, but users are used to the constant updates of web apps, not the security-conscious approach of package management.
Strypey
@xj9 so instead of Linux, you would use ... ?
Strypey
"Linux distributions traditionally have thought of themselves as more than just the base operating system itself – they also wanted to control application distribution."
Not really. Distros offer apps through their default package management, but they've never stopped users building from source, which was the only way to install apps before package managers. Plus, various distros have done their best to support third-party distribution with things like #PPA (and now Snap and Flatpak).
Strypey
@xj9 compared to the sandboxing in AppImage, Snap, or Flatpak?
Strypey
"AppImage has this concept of “binary delta updates”. Think of it as “diff for applications”. A new version of an application comes out, you download only the parts that have changed, and apply them to the old version. As a result, you get both the old and the new version and can keep them in parallel until you have determined that you don’t need the old version any longer, and throw it away."
This is cool. It addresses one of my main criticisms of app-as-a-file packaging. More of this please!
Strypey
"... download and run the AppImage instantly, without having to wait for my Linux distribution to carry that new version, and without having to throw away the old (known-good) version just because I want to try out the new (bleeding edge) one."
#Guix package manager also allows for this, but its deploys different versions of the same app with much greater awareness of the underlying system, and something makes me trust its sandboxing more than AppImage, Snap, or Flatpak.
Strypey
"AppImage wants to be what exe files or PortableApps are for Windows"
That's useful for some things, for sure. Like trying out bleeding edge apps that my distro hasn't packaged yet, or for a single-use app like Etcher that don't need to access the network or any user data or passwords. But swapping out .exes for sane package management, with automatic upgrades, is one of best things about switching Windows for GNU/Linux.
Strypey
"For example, I want to be in control of where stuff resides on my hard disks. I want to decide what to update or not to update and when. For most tasks I need a stable, rarely-changing operating system with the latest applications."
Sounds like he wants something like #Slackware or #Arch, not a live system. Pre-assembled distros are for noobs (and lazy people like me who are happy to trust the experts).
Strypey
@bkhl
> the Ubuntu live CD is meant to be a usable system, for example for people to use on a borrowed computer.
For doing some quick web browsing (without logging into anything) or as a quick demonstration of what GNU/Linux would look like on that computer. Not as a daily driver into which you enter potentially sensitive user data, passwords etc. A lot of 0days can be exposed and patched in the 6 months between releases.
Strypey
@kravietz I'm not saying a properly installed system completely prevents this (nothing is perfectly secure), but surely regular security patching majorly reduces the attack surface?
Strypey
@kravietz
> "We're defaced? Oh we just reboot and we're no longer defaced!"
I don't think he's talking about servers. He's talking about a desktop system. In which case there are much more serious potential consequences to getting pwned than your website being defaced (eg Bad Actors getting your banking/ crypto passwords).
Strypey
"Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders. We will openly publish information about our work for others to analyze."
https://www.apple.com/newsroom/2020/04/apple-and-google-partner-on-covid-19-contact-tracing-technology/
No source code, no transparency, no privacy.
Strypey
@selk it's very unclear to me how to download the last stable release of #Dragora and make an install USB. Can you help? Where can I find the .ISO image of 2.0?
Strypey
This confuses me. If you use a live system as your daily driver, how do you get security patches that were issued since the last release of the OS? Also, AFAIK even the live systems on 64-bit install images usually launch into a 32-bit session, so they can be used for recovery etc on any computer they are inserted into.
Strypey
"To this day all I ever run are Live systems, because the operating system “just works” out of the box without any installation or configuration on my side, and every time I reboot the machine I have a “factory new”, known-good state."
https://itsfoss.com/appimage-interview/
Strypey
#ShowerThoughts a lot of people don't know how to be specific, especially in a second language, and there is a really valuable skillset in asking questions that can help them describe what they want more precisely.
Strypey
All kids love log!
https://invidio.us/watch?v=-fQGPZTECYs
Strypey
"We introduced a few changes to make all of the core GitHub features free for everyone. Private repositories with unlimited collaborators are now available for all GitHub accounts, and we’re reducing prices for some of our paid plans."
Great GH! Now all you need to do is:
* stop geo-blocking folks from countries bullied by the US govt
* publish all your non-free code under a free license
* work with ForgeFed to allow GH to interoperate with other forges
* photograph that flying pig ;)
Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.
All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.