Well… People finding and disclosing security flaws are often much closer to hackers than what happened with the AUR.

Calling people adopting outdated and orphanded packages hackers is like calling the guy that finds a banknote on the ground a bankrobber.

The term “hacked” seem to have lost all meaning…

There is the option to explicitly set DefaultTimeoutStartSec and DefaultTimeoutStopSec per systemd service.

If you don’t specify it in a service file, the default values from /etc/systemd/system.conf (both set to 90s) will be used, so you can change those values to 30s, too, to affect all services (that don’t have their limit set explicitly) globally.

While I understand the idea in general Tux, the penguin, is basically freely available, do whatever you want with it, and you are explicitly encouraged to integrate the design into Linux related projects… as long as you mention the author should someone ask (source)

I wouldn’t even buy a pre-fabricated sticker but do one myself. But that wasn’t the question…

PS: the Impressum here or here, down at the bottom labeled “Impressum”?

https://www.linux-shop.info/aufkleber/maxi-aufkleber/maxi-sticker-tux-pinguin?number=LI18700.9

oder

https://www.linux-fan-shop.de/aufkleber/maxi-aufkleber/maxi-sticker-tux-pinguin?number=LI18700.9

People tend to read them the first time when installing stuff, yet rarely think about the scenario of a well used package taken over by a malicious actor making changes.

While you are right in general, you are just creating a file with a <user>:<hashed password> line without any identifying context. So have fun searching the world for where I might have actually used it. Sounds like a really bad use of ressources to create list of passwords.

PS: Yes, as an Arch user I am still pissed that this tool is not available in the repos beside installing the complete Apache server…

The options to password protect it are in the (usually /etc/radicale/)config file und [auth].

For proper security you could use

type = htpasswd

htpasswd_filename = /etc/radicale/users

htpasswd_encryption = bcrypt

then create a users file with apache tools (htpasswd -c -B users User1) or one of the million online htpasswd file creators.

Is it even apt-get still? thought they changed over to apt long ago and apt-get is just a symlink for legacy reasons.

At least that’s what I last read… (speaking as someone also loving candy) .

You could click the link already provided above. Just the Table of Contents at the top gives you a good overview about issues with Brave without reading anything else…

irrelevant metaphysical distinction…

The point here is that SystemD’s natural behavior is to send SIGTERM then wait an eternity.

Those “service XY is shutting down (5sec/2min)” messages you sometimes get on shutdown are coming from SystemD not waiting for 3 seconds like the meme suggests, but waiting for minutes before giving up and switching over to SIGKILL instead.

upgrade to next kernel version != patch the kernel with backported security fixes

Debian daring to suggest that using your real name to identify yourself on the system is a reasonable choice for most people. So get the torches and pitchforks…

Also don’t tell those people about the fact that such fields for additional information (like real name, address etc) exist in most user-handling parts of their software since forever.

You get asked for your real name when creating a new user for longer than Linux even exists. It’s just that noone actually cares. But now that’s suddenly an horrific anti privacy policy because the narrative demand that it is.

deleted by creator

Occasionally I need to run an “occ” command after an install to fix some indexes

That then fails and breaks it (in about 1 out of 3 cases). Which requires rolling back everything, running the commands again pre-update, then updating and praying to not have to do another re-install (~ 1 out of 5).

I actually moved away from classical self-hosted cloud storage solutions after trying the usual suspects like opencloud, nextcloud etc.

And for me the time and effort (also the ressource-hogging if you don’t use quite overpowered servers) just weren’t worth it. Not when the used interfaces most of the time are open standards anyway and simpler solutions do the job:

Radicale for contacts and dates via a webdav subset. Webdav concidently being widely supported for integrating online storage into any filesystem (or as the backend for several other things like for example syncing my bookmarks over several devices and browsers). SFTP or the million tools being just a frontend for it.

One shiny platform like for example Nextcloud to do it all might be nice for a lot of users when they have someone dedicated to maintain it. But for selfhosting (as in: mainly for myself) the constant attention needed to fix stuff was quite tedious.

When I think of “Google Drive” or “Dropbox” alternatives nowadays it’s just a drive hooked up to some low-spec device and accessed via one (or several) already existing open standards.

(Bonus point: that lost phone is simply cut off by deleting its keys - unlike so many dedicated platform where you have to manage -if you even can- multiple dedicated users and their rights just to easily separate your personal access from your devices that are by design not all equally secure.)

Have in mind that compressed filesystem would be slower.

Often the opposite is true, depending on case. Compressed files load faster, so if you have the cpu power to spare (which you usually have in games while loading) and loading speed is the bottle-neck then compression speeds things up, often considerably.

And even in the age of ssds processing data and moving it through ram is much faster than the disk, so even for writing some amount of transparent compression is possible without affecting speeds.

Might be just my experience but what actually keeps people from switching is a proper support time line. Long-term and rolling releases can keep people using them for years after which they actually know what they want, what they can get used to and they don’t wanjt. Most distros however screw up something at the inevitable upgrade long before that, which then leads to “well, guess I could reinstall and try something else anyway”.

Productivity is such a bullshit idea… Like how do you measure productivity? In GDP?

Yes, but normalised for buying power and per capita. Where I live the last several decades saw an increase by +250% in normalised economic output per capita, while at the same time real normalised wages stayed the same. Which marks a stark decoupling of economic output and wages (thus usually also pensions, taxes (public budgets), sometimes health care - all linked to wages) that did not exist before. What happens to all those gains? They get transfered upwards to a few rich people, while the system is now only based on less than a third of the economic output… Alas! “We can’t afford proper pensions, social security or even just maintaining the existing infrastructure anymore” is the most sang song everywhere the neoliberal insanity rules.

And alongside it come fairy tales about demographics (how should the working people afford double the amount of people that need support? easy… when everyone of them is 6x as productive -> see output per capita still more than 3 times as high) and a lot of agitation pitting the “lazy stupid youth” against the “greedy old generation” when in reality they get all fucked over by the same small minority (with the old ones just having a better buffer because they already worked when the system wasn’t that broken).

Long story short: Industrialisation killed so many jobs… but in reality the people still working suddenly made enough to provide for the rest because of massive production gains (and so children didn’t need to work anymore, women could stay home and raise the kids etc). Automation killed so many jobs, yet again the actual productivity per capita massively increased. In general development of tech but also society happened and increased life expectancy as well as productivity side by side. And now we are talking about the impact of AI. Guess what… the problem is again not AI. It’s having changed the system to the point where workers get exactly nothing from productivity gains because we need to push imaginary stock market numbers and shareholder profits instead. Well done Reagan, Mulroney, Thatcher, Mitterand, Kohl and countless others…