Every nation in the world should fund open source technologies with a large chunk of their tax revenue. The fact that this isn’t even close to happening almost everywhere says all we need to know about world governments and their corporatist nature.

Removed by mod

Removed by mod

You conveniently dodged my question, then asked me stupid questions, thinking I’d have to agree with cherry-picked offenses by China. I am not a fan of China. I just think they are justified in defending themselves. Furthermore, I think it’s hilarious that the the US decided to offshore our high tech goods to have them manufactured there as if we weren’t ASKING to be hacked. The only solution going forward is CLEARLY domestic RISC-V manufacturing and not allowing our enemies to manufacture our critical technologies.

Do I support China’s:

• domestic surveillance: of course not
• transnational repression: of course not
• supression (sp!) of free speech and freedom of the press: of course not
• bullying of its neighbours: of course not
• aggression against Taiwan: of course not

Do I support China engaging in pre-emptive cyber warfare against aggressors: absolutely

Do I support the US engaging in pre-emptive cyber warfare against aggressors: absolutely

Do I support Israel engaging in pre-emptive cyber warfare against aggressors: absolutely

Do I support war crimes being committed by ANY of these countries: NO

Embedding Trojans in your enemy’s infrastructure and leaving them to be switched on in times of war is ABSOLUTELY defense. You may not like it. But that’s called cyber warfare.

Quick question: Do you fundamentally disagree with what China is accused of but fully support Israel and the US’s extrajudicial backdoors, Trojan horses, domestic spying, pager bomb assasinations, AI targeted air strikes, and other clandestine war crimes just because they are perpetrated by “the good guys”?

This story deserves a “no doy!”

All major world powers are bolstering their cybersecurity. If they weren’t, they wouldn’t survive in such an opportunistic world.

Removed by mod

If you can use another method, disabling SSH entirely would do it. ;)

This is how Talos Linux achieves best-in-class security properties.

https://www.siderolabs.com/blog/how-to-ssh-into-talos-linux/

I used to keep a list of repos to pull onto my NAS in case they someday went closed source. I use “mr” for it. It worked great. I had it on a systemd timer.

https://myrepos.branchable.com/

Hopefully this sticks. IMO, movie studios need to keep attracting customers or the whole film industry will stay dead.

Have these people ever tried to code using chatGPT? It’s wrong SO often.

Edit: maybe they know this but they want to drive down the price of developers by pretending they don’t need them anymore. I would not be surprised if this were the case here.

You guys will probably groan but lots of people in this comment section should look into NixOS. My old Ubuntu machine was loaded with hacks I got from stack overflow to get certain things working (a script that runs at boot and shutdown to mount and unmount some network drives I wanted to appear natively). But now, I just use NixOS and there’s nothing on my machines that is even remotely hackey now. I just declare the drives as I want them and when I boot they are there and work as needed.

I absolutely adore xmonad. You can do ANYTHING you dream up in it. Additionally, it helped make Haskell less intimidating for me.

I have high hopes for their Wayland port called Waymonad. But it’s a long way off.

Little known fact: xmonad is the only WM that has a formally-verified base.

I run an xmonad community here: https://infosec.pub/c/xmonad

Perhaps you’re tired of hearing it but this is very close to exactly how NixOS works with home manager.

I do this in combination with Nix-Darwin for one of my machines. I also have some Kubernetes clusters and RISC-V machines running bare metal executables using NixOS-Anywhere and some other stuff.

It’s still fairly challenging and the documentation is probably, at best, dogshit (if I may be so blunt) at the moment.

OCI is probably a more worthy goal anyway, IMO. And it is unsurprisingly much more well-supported.

I think some of these replies have perhaps missed the powerful idea that made me fall in love with Eelco Dolstra’s idea. Here’s what won me over.

For example: THE main feature is that you could have a different version of say Python (for the sake of this example) installed for each dependency in your system. Let’s say you had Brave working with one version of Python and another piece of software needed a previous version of Python. In an FHS style system, this would be challenging and you’d have to manually patch things to make sure the dependencies didn’t step on eachother. When you updated, your patches would likely have to be changed as well. So, system administration and updating can really break things.

In a Nix store where things can be content-addressed and linked by symlinks to their specific dependencies, they would just work alongside each other due to their unique, hash based folder locations. Each folder in the Nix store is named based on the sha256 hash of that piece of software’s ENTIRE dependency graph, which has powerful implications.

Because of this hash, they’re effectively hermetically sealed from each other and cannot step on each other. The software in the Nix store talks to eachother through symlimks that were made upon compilation of the system.

This is the very definition of Nix and taken far enough to define a whole OS is SUPER powerful concept.

I’d actually argue the opposite in regards to clutter. If I switch to a new config without the software I don’t want anymore, that software goes away entirely when I do a garbage collect and there’s nothing left over like there might be in ‘’~/.config’’ on a non-immutable system.

IMO, the actual realization of Dolstra’s dream is flakes and home manager. They allow you to boil your whole config down to a git repo where you can track changes and rollback the lock file if needed.

I find it nice to open my config in an IDE and search by string inside of my config where I can comment out whatever I don’t need. Laziness also makes that pretty convenient too. Nix will only attempt to interpret what is accessible in code. If I comment out an import, that whole part of the config seamlessly shuts off. It’s quite elegant.

I’m even more envious of the atomicity of GUIX but IMO, it’s a little too much building the world from scratch for a newb like me.

I HIGHLY recommend forking a nix-config that uses flakes, home-manager, and whatever window manager you prefer. Since Nix is so versatile (and the documentation of flakes and home-manager are BAD), I found it absolutely crucial to reuse a well-architected config and slowly modify it in a VM to sketch out my config until it was stable enough to try on a real machine.

Clearly, it’s not a skill issue with you but with the dude that inspired this, my assessment was that he was flat out unwilling to learn and flat out unwilling to acknowledge that there are clearly some benefits to this style. Seems like you already grasp it but don’t feel like committing the time. I respect that much more than the blind dismissal that inspired my meme. ✌️