cqst

joined 7 months ago
[–] cqst@lemmy.blahaj.zone 30 points 1 month ago (7 children)

There will be no improvement with browsers until the introduction of one with a strong copyleft license.

[–] cqst@lemmy.blahaj.zone 9 points 1 month ago

Some people are working on ladybird atleast.

Another permissively licensed toy.

[–] cqst@lemmy.blahaj.zone 0 points 2 months ago

Unless I’m missing something, here we will disagree. Secure or not, FOSS principle-respecting or not, if I’m choosing to install software by X then I’m going to get it straight from X and not involve third-party Y too.

Source code is like a recipe. Getting your food from the chef who made the recipe is fine, but getting it from another chef who... followed the same exact recipe is no different.

This is how the linux software distribution model works, distro maintainers are a CHECK on upstream.

[–] cqst@lemmy.blahaj.zone -2 points 2 months ago* (last edited 2 months ago) (1 children)

I’m and end user

Yeah, we all are. What's your point?

End users are also developers. All computer users are developers. You are developing.

user working for end users

By making a script that lets me get backdoors and shitty packages with ease? The linux package distribution system is a nightmare, Debian is the least bad approach. There is basically always a better option to using a .deb file. If you come across something that isn't packaged, I recommend Flatpak, building from source (and installing unprivileged), or using the developers vendored tarball (installing unprivileged).

https://wiki.debian.org/SecureApt

By using local .debs you lose the benefit of:

Reproducible builds

GPG checksums

Stable release model

debian security team

[–] cqst@lemmy.blahaj.zone 1 points 2 months ago* (last edited 2 months ago) (2 children)

Why does Debian-Ubuntu not provide a simple command for this?

You aren't supposed to add repos. Ever. https://wiki.debian.org/UntrustedDebs

Apt is not built with security in mind, at all. The partial sandboxing it does do is trivial to bypass. Adding a repo is basically a RAT Trojan on your computer.

An example is signal-desktop

Yeah don't use signal. They restrict freedom 3 by making distribution difficult. Thats why they trick you into using their RAT repo.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842943

The least bad option is the unofficial flatpak.

[–] cqst@lemmy.blahaj.zone 1 points 2 months ago (1 children)

Personally I need the desktop client because I mod it with plugins that are so useful that I can’t do without these anymore.

Discord client modifications are against the Terms of Service. https://www.gnu.org/philosophy/free-sw.en.html

[–] cqst@lemmy.blahaj.zone -2 points 2 months ago

If you are getting your code straight from the author,

Which is not what you are doing at all with a .deb file. A .deb file is a binary with a bunch of scripts to "properly" install your package. Building from source is what you SHOULD be doing. Debian has an entire policy handbook on how packages are supposed to be packaged. Progrmatically you can review the quality of a package with 'lintian'. .debs made by developers following a wiki tutorial can't even come close. remember, apt installs happen as root and can execute arbitrary code.

Also, debian packagers can be project maintainers, so they can be "the author."

[–] cqst@lemmy.blahaj.zone -2 points 2 months ago* (last edited 2 months ago) (3 children)

Well, I’m just automating what people currently have to do manually : visit GitHub and download DEB and install DEB.

Yeah. You should never do that. Like ever. Build from source; or use a vendored tarball. https://wiki.debian.org/DontBreakDebian

.deb is a terribly insecure nightmare thats held up by the excellent debian packagers, gpg , and checksums, and stable release model. don't use .deb files.

[–] cqst@lemmy.blahaj.zone 6 points 3 months ago

Dell E6400 can be flashed with libreboot without tools and is easily obtainable from Ebay.

https://libreboot.org/

[–] cqst@lemmy.blahaj.zone 18 points 3 months ago* (last edited 3 months ago) (2 children)

BSD is on its death bed

https://www.openbsd.org/75.html

https://netbsd.org/releases/formal-10/NetBSD-10.0.html

Considering OpenBSD and NetBSD have had two new releases just this year, and how well funded the BSDs are by major corpos who like ripping source code, I think their so called "Deaths" have been majorly overstated.

Give a BSD a try, it's a lot less like shoving systemd/apache2/red hat together and reading 300000 line long config files with documentation that clearly was never intended to be read and more like using an actual operating system designed to be cohesive.

[–] cqst@lemmy.blahaj.zone 2 points 3 months ago* (last edited 3 months ago)

Ban security through obscurity. As well proprietary security software.

The government likes proprietary software. They are never going to ban it.

162
rule (lemmy.blahaj.zone)
 
view more: next ›