KubeRoot

I think on mutable distros, or at least arch, you can run a command to reinstall all installed packages, which will verify integrity of the package files (signatures) and then ensure the files in the filesystem match package files? And I think it takes minutes at most, at least for typical setups.

I do think it’s also possible to just verify integrity of all files installed from a package, but I don’t remember if it required an external utility, pretty sure it’s on the arch wiki under pacman/tips and tricks

Oh, just ask an Arch user about Manjaro.

I also recommend rEFInd for the bootloader if you don’t want to set anything up (and risk messing up). You don’t need to configure your boot entries, it scans for boot options and shows them with a graphical interface, so your Linux and Windows should just show up.

The issue is, when doing sudo, you have to put in the password when doing sudo. In this case, you put in your password, some flag is set, the computer does a full reset, and then after it reads the flag and decides to bypass the password system. That sounds like just a step away of figuring out how to set this flag without a password to bypass logging in.

I think an issue is, this sets up your computer to have a way to bypass putting your password in on boot. If you don’t care about security too much and don’t have things like secure boot and encryption, then that’s bypassable anyways… But otherwise, I’d be concerned about introducing systems that specifically bypass security.

Why does every distro need yet another package manager?

I think most package managers - the ones actually part of a distro - are old. It’s not a question of why they all use different package managers, it’s a matter of them having developed them long ago before any single one matured.

That said, there are other considerations, which is also where new ones come from - different distros will have different approaches to package formats, dependency management, tracking of installed packages and system files, some might be implemented in a specific language due to the distro’s ideology, some might work in a different way (like NixOS), and there’s probably a whole bunch that just want a different interface.

You wouldn’t ask why Linux has a different way of viewing installed programs from Windows, and in the same vein packages are not a universal aspect of Linux, so each distro has to make its own choices.

Also I like pacman, some people complain about the commands being obscure, but I feel like they’re structured in a much more logical way. Don’t confuse it with yay though, pacman doesn’t build packages, and yay is specifically a wrapper around pacman that has different commands, while adding the ability to interact with the AUR.

That makes sense, thanks for explaining! I saw “makes space” as what’s happening right now, since Android does let you install alternatives for all those, including third party app stores, but it does go farther than that.

I don’t think anything you said makes it not free, as long as you can fork it. The same can be said about most FOSS, since somebody, usually the creator, is in control of the repository.

That’s the point of FOSS - your repository isn’t becoming a democracy by virtue of using a permissive license, but it means somebody could outcompete you with a fork and effectively take over as the dominant project.

But… Aren’t all of those things still very much dominant?

The 8 dependencies must be an optional dependency for some other package you already have installed. That said, that kind of stuff is the main reason I want to try NixOS - any time I install something, configure something, etc. I’m risking forgetting about it and getting tripped up over it down the line, with no good way to check.

I think I saw a video mentioning they are illegal in some places, showing just why they’re so dangerous

Man, and here I put too much effort writing a reply to a troll 😔

Does windows come preinstalled and preconfigured with more potentially vulnerable software on open ports?

I personally don’t value an antivirus that much, since it can only protect you from known threats, and even then, it only matters when you’re already getting compromised - but fair point for Windows, I suspect most distros come without antivirus preinstalled and preconfigured.

A firewall, on the other hand, only has value if you already have insecure services listening on your system - and I’m pretty sure on Windows those services aren’t gonna be blocked by the default settings. All that said though… Most Linux distros come with a firewall, something like iptables or firewalld, though not sure which ones would have it preconfigured for blocking connections by default.

So while I would dispute both of those points as not being that notable, I feel like other arguments in favor of Linux still stand, like reduced surface area, simpler kernel code, open and auditable source.

One big issue with Linux security for consumers (which I have to assume is what you’re talking about, since on the server side a sysadmin will want to configure any antivirus and firewall anyways) could be that different distributions will have different configurations - both for security and for preference-based things like desktop environments. This does unfortunately mean that users could find themselves installing less secure distros without realizing it, choosing them for their looks/usage patterns.

Question, how is Linux more insecure out of the box?

Windows 10. The reason I switched was pretty funny - I had previously bought a cheap SSD and moved my install over to it, and installed Arch on my HDD hoping to experiment with it.

I never really did that, but one day before Christmas my computer booted straight to Arch to my confusion, and after a while I figured out my SSD failed. I ended up installing gnome to have something to use in the meanwhile, since I wasn’t gonna be buying a new SSD in the next few days, but then I just decided to stick with Linux. As I learned more about it I realised I was barely missing anything, and I preferred Linux for what I had.

I think you’re actually agreeing with me here. I was disputing the claim that software should be made available in “a native package format”, and my counterpoint is that devs shouldn’t be packaging things for distros, and instead providing source code with build instructions, alongside whatever builds they can comfortably provide - primarily flatpak and appimage, in my example.

I don’t use flatpak, and I prefer to use packages with my distro’s package manager, but I definitely can’t expect every package to be available in that format. Flatpak and appimage, to my knowledge, are designed to be distro-agnostic and easily distributed by the software developer, so they’re probably the best options - flatpak better for long-term use, appimage usable for quickly trying out software or one-off utilities.

As for tar.gz, these days software tends to be made available on GitHub and similar platforms, where you can fetch the source from git by commit, and releases also have autogenerated source downloads. Makefiles/automake isn’t a reasonable expectation these days, with a plethora of languages and build toolchains, but good, clear instructions are definitely something to include.

The responsibility to figure out the dependencies and packaging for distros, and then maintain those going forwards, should not be placed on the developer. If a developer wants to do that, then that’s fine - but if a developer just wants to provide source with solid build instructions, and then provide a flatpak, maybe an appimage, then that’s also perfectly fine.

In a sense, developers shouldn’t even be trusted to manage packaging for distributions - it’s usually not their area of expertise, maintainers of specific distributions will usually know better.

And reinstalling the packages, moving over all the configs, setting up the partitions and moving the data over? (Not in this order, of course)

Cloning a drive would just require you to plug both the old and new to the same machine, boot up (probably from a live image to avoid issues), running a command and waiting until it finishes. Then maybe fixing up the fstab and reinstalling the bootloader, but those are things you need to do to install the system anyways.

I think the reason you’d want to reinstall is to save time, or get a clean slate without any past config mistakes you’ve already forgotten about, which I’ve done for that very reason, especially since it was still my first, and less experienced, install.

The good thing is, on Android you can get an APK without root or anything like that, same for installing it, and you can use an emulator (or something like waydroid) to run it on a computer. For cases where the game doesn’t use any more specialized servers, and just uses the app store for authentication, DRM, etc. the situation is no different from PC games with DRM - it’s bypassable, and if done right, will work for all games, not just one.

That said though, it’s very true for multiplayer/always online games, and those are very common on mobile. While it’s possible to reverse engineer and rewrite the servers, for most of them nobody is going to bother. And in the world of aggressively monetized games, developers have an incentive to keep it that way - they can’t make money from players who are still enjoying a game they’ve already squeezed every penny out of.

Apple has always been about locking down the system and forcing the user to do things the way Apple wants. Not only within one device, but also in locking down inter-device protocols and removing standard ones, as well as obfuscating information about the hardware, not letting the users make an informed decision. And that’s already after the fact that you aren’t legally allowed to use the system on non-Apple hardware.