TechNom (nobody)

Solid state physics.

He didn’t just wash off his hands. When asked in an interview about a moderator who edited a trans user’s profile to intentionally misgendering them (yup, even that’s not off limits for their mods), he justified it saying that ‘It’s not like using the N-word or something’. (For context, the n-word itself was innocuous. It gained notoriety due to its misuse by bigots like this).

There are several such examples - repeatedly even after being called out. I don’t belong to any diversity groups. But I don’t care if they make the world’s best operating system. I will stay well away from it if only to avoid any interaction with such a group. They’re a bit too happy about harassing people (not just transgenders either).

Is it legal? There may be alternatives with plausible deniability.

That makes me wonder! All these new GPU uses are enormous energy hogs. Is gaming like that too?

While I understand your point, there’s a mistake that I see far too often in the industry. Using Relational DBs where the data model is better suited to other sorts of DBs. For example, JSON documents are better stored in document DBs like mongo. I realize that your use case doesn’t involve querying json - in which it can be simply stored as text. Similar mistakes are made for time series data, key-value data and directory type data.

I’m not particularly angry at such (ab)uses of RDB. But you’ll probably get better results with NoSQL DBs. Even in cases that involve multiple data models, you could combine multiple DB software to achieve the best results. Or even better, there are adaptors for RDBMS that make it behave like different types at the same time. For example, ferretdb makes it behave like mongodb, postgis for geographic db, etc.

Nobody ever learned from the solarwinds attack. If a massive amount of your infrastructure is backed by some obscure software, bad actors will either try to insert a backdoor or find a zero-day exploit. If people are going to neglect what just happened, crowdstrike will fall heals up, faster than solarwinds did.

I don’t think that rust would have prevented this one, since this isn’t a compile time error (for the code loader).The address dereferencing would have been inside an unsafe block. What was missing was a validity check of the CI build artifacts and payload check on the client side.

I do however, think that the ‘fingers-crossed’ approach to memory safety in C and C++ must stop. Rust is a great fit for this use case.

Crowdstrike exists for Linux too. In fact, it apparently crashed RHEL and Debian a few months back. That didn’t get so much attention.

Falcon seems to be a cross between an antivirus and an intrusion detection system (IDS). There are many antiviruses on Linux, but only one FOSS AV is popular - ClamAV. As for IDS, snort is an example.

But in the true sense, Falcon is much more than just an AV and IDS. It’s a way to detect breaches and report it back to CrowdStrike’s threat detection and analysis teams. I don’t think there exists a proper alternative even in the commercial sector.

Nice idea!

In addition, we could have an allowlist for honest bots (like search crawlers).

We need three four things:

1. A way to poison the data that will throw off the training without causing perceptible difference to humans. As I remember it, many image AIs were sensitive to a peculiar noise that was imperceptible to humans.
2. A skiplist of AI data stealers, so that their IPs/domains can be blocked in bulk.
3. Eventually, the above technique will become useless as AI data stealers will start using dynamic IPs and botnets to bypass the skiplists. We’ll need to throttle or block data to visitors based on pattern recognition. For example, if the visitor requests linked pages in rapid succession. Or if the request interval is uniform or pseudo random, instead of genuinely random.
4. If the pattern recognition above is triggered, we could even feed the bots with data from AI models, instead of blocking or throttling. Let the AI eat its own s**t.

Oh! I misunderstood. Sorry! Glad to meet a fellow Gentoo here!

I use Gentoo with OpenRC. So my position in this matter should be clear. Anyway, check the last paragraph again to see what I think about systemd’s modularity.

The kernel isn’t a place to play politics. You can’t just yank a component out like that on short notice, even if it has such a horrible story attached to it.

Back then, ReiserFS was mildly popular and its use would have been widespread (that includes me). The users of ReiserFS and probably even the other kernel devs had no idea that Hans Reiser was capable of such a crime. Infact, he was known as a computer prodigy back then.

There are plenty of users who don’t have the luxury of migrating data on a short notice to a different filesystem. Disabling the filesystem would have left them high and dry. That’s why the devs gave it a long deprecation period.

The vast majority of Linux users consider systemd as a good thing because it apparently makes system administration easier. They also don’t agree that systemd is monolithic, because it’s actually designed modular.

But of course there are detractors. The only thing I like about systemd is its declarative service definition and parallel service startup. But if I wanted to run an OS with bloated and inscrutable software (even with the source code), my choice wouldn’t be Linux or Systemd.

I also routinely switch parts of my OS. This is harder with systemd. Although it is modular, the modules are so tightly coupled that it will prevent the replacement of modular components with alternatives. Frankly, I think systemd is killing the innovation in system component development.

You can uninstall the sudo application and add sudo as an alias for run0 in your shell initialization script. That’s better than them renaming run0 to sudo, because that will prevent people from running the real sudo if they want it.

In practice, all those tight coupling between components mean that it behaves more or less monolithic, despite the claims to the contrary. Replacing them with alternatives is a pain because something else breaks or some software has a hard dependency on it.

So you hate flatpaks and not flathub in specific?

A random one every month.

I have serious doubts about that due to the role of early Ubuntu in popularizing desktop Linux. For many including me, Ubuntu was the first taste of GNU/Linux and it was a breath of fresh air compared to the contemporary clumsy and cumbersome distros like Fedora. Only Ubuntu from those days has any resemblance to the experience we expect from desktop Linux today.

The problems at Canonical seems like a systemic institutional issue, probably related to egotistic management with temper issues. That of course means that Shuttleworth is the source of those personality disorders. But still…

LXD was under the Linux containers project earlier. After the Canonical takeover of LXD, the following changes were made:

1. The repo privileges of the original LXD developers were revoked. Those developers are driving the development of Incus now.
2. LXD’s license was changed to AGPL+CLA

The first point means that Incus is the true successor of the original LXD. The current LXD is a jealously guarded pet project of Canonical in the same manner as Snap and Mir.

As for the second point, I’m usually a proponent of AGPL. But CLA corrupts it so much that it’s more harmful than with a permissive license. The real intention of this license change is to prevent Incus from incorporating changes from LXD (since the copyleft license of LXD code is incompatible with the permissive license of Incus). Meanwhile LXD continues to incorporate changes from Incus, although the Incus developers haven’t signed any CLA. This move by Canonical is in very bad faith, IMO.

So yes - I consider LXD to be untrustworthy. But that doesn’t cover the old LXD code, its developers or its community. Those transformed fully into the Incus project the same way OpenOffice was forked into LibreOffice. And I don’t trust the LXD name anymore in the same way nobody trusted the OpenOffice name after the fork (before it was donated to the Apache foundation).