There are probably cases where turning off Secure Boot is fine. If you make that decision for yourself and are aware of the implications, go ahead. My remark wasn’t against users turning it off, but rather against the advice of “just turn it off lol”
This is true, unfortunately some Linux users have been conditioned to “just turn off Secure Boot” without understanding what this actually means and entails.
This is an issue with these half-baked security solutions.
Don’t get me wrong: the setup protects against some very common threats (i.e. device gets stolen). But they’re unsuited for evil maid attacks.
Secure Boot isn’t flawless, but it can improve system security if used correctly; unfortunately, most distributions don’t go all the way as demonstrated here. I guess this can be solved via UKIs, but anything built on the users machine like an initramfs can’t be signed properly if no user TPM keys are enrolled and available during generation.
The issue I have with all this is that these distributions don’t really tell you that the security they provide is ultimately limited. Personally, I have custom TPM keys, the initramfs is signed, I unlock via TPM PIN and the emergency mode is disabled. Also UEFI needs to be password protected so that an attached can’t modify your booting parameters, though this couldn’t be done undetected because it’d break TPM supported boot.
I mean if you’re going for the piracy route, you never used streaming services or bought physical media anyways and the whole discussion is moot.
Well with your DVDs the “HD resolution” question is easily answered: you don’t get HD resolution. Weird comparison there. Especially since you complain about Disney+ not going beyond 480p in your specific case - so why buy DVDs with the same shitty resolution?
While I generally agree here, resolution isn’t everything, bitrate also plays a role, and some content in streaming services has been compressed rather badly so that you get artifacts that you don’t have on DVDs. A DVD will certainly look better than 480p streaming content despite a much older codec which light only exists as a reason for an upsell.
I think the way to go is a Homeserver (could even be a raspberry pi) where you can somewhat secure your storage with appropriate redundancy.
And how would you get stuff onto your homeserver legally?
The “don’t break userspace” is a kernel rule. It’s ok to break userspace within (like on library upgrades). The equivalent for Linux would be breaking kernel space, which they do… very often. It’s the reason DKMS exists and why Nvidia can be such a hassle
Wow way to make assumptions huh
It’s a fountain pen
Imagine installing Arch without having to bindmount dev, proc and sys smh my head
Yeah, this one is on Kent… again.
He posted on Patreon that there’ll be a DKMS module. In my opinion, this should have been the option from the very beginning and upstreaming at a later point in time. It would have avoided a lot of drama. And now bcachefs is kind of tainted. The only way I ever see it back in mainline is there is an independent downstream of Kent’s kernel that has no connection to him whatsoever.
Shame because I had very good experience with the filesystem. Definitely better than when btrfs was new. But Linus is unfortunately right; Kent is unable to follow agreed collaboration rules.
Unfortunate situation that could have been avoided entirely. Though I don’t want to be too harsh on Kent. He spent a lot of time and work on bcachefs and it’s his most important project. As such, he’s more passionate about all of this. But the same can be said for Linus and the kernel on the other side.
PipeWire my beloved 😍
LFS is a distro in the sense that a cookbook is a buffet
And why would they? They’re printing so much money, this niche probably doesn’t make a dent.
It doesn’t matter if Windows is the best system for gaming. It just matters if people believe it is.
You can always justify using Windows. “How do I get Game Pass to work on my handheld?” is probably something people care about.
Granted this is an expensive way to lock customers into your platform, but they’re already doing it anyways, so no need to pour money into the OS experience when you can just sell services building on customer data.
I think it can be assumed that of a machine has sudo, it also has touch.
Allows you to scroll through / view a text file in the terminal.
All the good stuff available and you choose a POSIX shell? To each their own I guess.
Granted, I still prefer it to PowerShell, but only in how it feels, not conceptually.
Admirable dedication to the cause
Godspeed, keep the hacking spirit alive
Either my Ansible knowledge is too limited which is entirely possible, or you can’t do stuff there that’s possible with Nix. Let’s stay go with my example that you have something that requires changes in PAM. So you write an Ansible file installing the package (which is distribution-specific, so you’re losing one advantage you had over NixOS), enable the service and add your entries to the respective PAM file (e.g. login because you want to enable user authentication against kanidm on your machine). The ordering in these files matter. Sure you have insertbefore and insertafter for lineinfile and blockinfile, but this basically requires you to know the rest of the file in advance… not a problem if your system is always the same, but you don’t have the flexibility and composability that Nix offers.
This isn’t what I get when reading bug reports he interacts in. Yeah, sometimes he asks if something can’t be done another way – but he seems also very open to new ideas. I rather think that this opinion of him is very selective, there are cases where he comes off as smug, but I never got the impression this is the majority of cases.
PipeWire for audio couldn’t exist nowadays without PulseAudio though, in fact it was originally created as “PulseAudio for Video”; Pulse exposed a lot of bugs in the lower levels of the Linux audio stack. And I do agree that PipeWire is better than PulseAudio. But it’s important to see it in the context of the time it was created in, and Linux audio back then was certainly different. OSS was actually something a significant amount of people used…