this post was submitted on 11 Sep 2024
850 points (98.3% liked)

196

16624 readers
3699 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 2 months ago* (last edited 2 months ago) (3 children)

Should I like tell you that ur like wrong or sumthin? Cus I will lol /j

OK critique:
Ubuntu is relatively closed/restricted compared to some other Linux distros. Its reliance on Snaps is concerning because its a closed ecosystem (open source client, closed source backend, no option to add other source repos).

Bad critique:
Um🤚🤓, actually you should be using security hardened NixOS using your own custom kernel sysctl config 🥵, using GrapheneOS's hardened-malloc and chrony.conf 🥸, and Tor Browser installed inside a kata-container and sandbox with Bubblejail🤯. All compiled from source, duh. 🥱

[–] [email protected] 3 points 2 months ago

Most people will just say "Read theory" or recommend a book that has nothing to do with the topic.

That said, you should totally read "An Appeal to the Young" by Kropotkin and you will understand

[–] [email protected] 2 points 2 months ago (3 children)

You seem knowledgeable about this and I know it's not entirely relevant but I'm planning to swap to Linux soon, what distro would you reccomend I start with?

[–] [email protected] 4 points 2 months ago
[–] [email protected] 3 points 2 months ago

Linux mint if you don't plan to learn the ecosystem in detail, Manjaro if you have cold feet about wanting to learn the ecosystem, Artix, Arch or Nix if you want to learn the ecosystem.

There's many adjacent options but hopefully that gives you some direction

[–] [email protected] 2 points 2 months ago

Probably Aurora by UniversalBlue

[–] [email protected] 1 points 2 months ago (1 children)

GrapheneOS hardened_malloc is great though

[–] [email protected] 2 points 2 months ago (1 children)

So is most of my "nerd voice" bad response. It just isn't for everyone, or very accessible to the majority of people. Only if you specialize in, or work a lot with, operating system security/privacy is it viable. I hope it becomes more accessible. Troubleshooting fuckin sucks.

[–] [email protected] 1 points 2 months ago

troubleshooting sucks, and also, the default security model of desktop linux terrifies me. i legitimately don't understand how i can be running all this random code off the internet without being pwned. i figure i probably can't, and that it's really just a matter of time until something real bad happens.

i went down the "sandbox everything" rabbit hole, and 6 months later random stuff still pops up like "trying to connect to an IPv6 link-local address at this LAN party... wait why don't i have an IPv6 link-local address? i know IPv6 connectivity works fine when i'm at home." turns out those NetworkManager hardening patches i've been meaning to upstream forever break SLAAC, and now i'm too worried what other edge-cases they break to try pushing them upstream, and now i understand why distros all run these things as root with access to way more resources than they probably need 🫤