josef is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
josef @jk

*EXTREMELY LINUX VOICE*

you GOTTA upgrade the software on your computer or someone may hack you, and steal all your money. so make sure to ALWAYS update your computer.

btw, sometimes when you update your computer, it'll ask you if you want to replace some important-sounding script youve never heard of yet have apparently changed

this means you now have to work out:

-what the script is
-what it does
-what "your" changes do/mean
-what their changes do
-which set of changes to keep

good luck!

· Web · 7 · 27

@brennen do you think it's okay to change some shit inside grub.d??? if you say yes i'm going to trust your opinion & also blame you when my computer doesnt boot anymore

@jk tbh i think you're probably fine, but i will accept the blame if it doesn't work.

@jk @brennen you know who thinks it's fine? lilo, lilo has not a fuck to give about grubs

@jk

this sounds like too much work I'll just say yes to everything all the time because of course the people making these changes are professionals and wouldn't jeopardize stability for the sake of change.

@jk you pressed No! congratulations! everything is irrevocably fucked! have fun reinstalling!!!!!!!!

@jk love it when there are twenty different popular ways of stacking things on top of a wobbly foundation, and nerds yell at you if your rickety stack isn't built right

@jk with sudo comes great responsibility.

I just leave grub alone

@jk you have all these issues with linux and i literally never have them

@jk
I mean, does viewing the differences give you anything legible? that's what I normally do, and I find it fairly intelligible? or is my perspective lensed for some reason

@marlyn i looked at the differences. and it was a script which i didn't know the purpose of, it seems to mostly be setting environment variables and writing to other files in other places and calling other tools that i have never heard of. the changes consist of a few logic changes, for instances adding an "AND" operator to a few if statements to check an additional variable's state. i do not understand what the names of any of the variables mean or what the script does

@jk We really need a better feedback channel for ordinary users to talk to developers about stuff like this.

"Mailing lists" don't count. Mailing lists suck.

@HihiDanni @jk

Ha HA how about option B: forum threads that have long-since died and are no longer accessible, but you aren't allowed to start a new thread because every issue is closed

@jk (A lot of those issues seems mostly constrained to the Debian packaging system, so maybe some chain pulling over in Debian Developer Land is in order)

@HihiDanni i mean, honestly, all my other computers are running some kind of arch-based thing, this is my last debian holdout, so maybe i'll just ... well...

@HihiDanni @jk I have heard this claim, but have you /seen/ what people use INSTEAD of mailing lists? It's /awful/.

@HihiDanni @jk

Hmm, I wonder how well IRC channels work in such a situation...
I guess those don't allow "persistent" issue tracking, though
Perhaps that, in tandem with github for issue tracking?

@marlyn @jk IRC is about as archaic as mailing lists, and perhaps even harder to use. Github at the very least *tries* to be human-friendly

@HihiDanni @jk
IRC has suitable web-clients that require no user installation, and can easily be embedded in a website - I'm not sure if that's suitably "user-friendly" enough - at what point does it become comparable to a more "mainstream" communication system such as Discord?

@jk @HihiDanni
Certain clients such as "hexchat" also allow for native opening and importing of server links, as well - does that function suitably in place of "invite links" services such as discord offer?

@marlyn @jk 1. The person has to be using Hexchat. 2. The person has to be using _that_ Xchat, no not that other Xchat, or that other fork or mIRC or w/e. 3. It would not subscribe the browser to server URLs or w/e so you'd need to find the option hidden in the menubar that lets you connect, and you'd have to make sure that yes, the server URL syntax is correct. 4. "No I can't help you because I did it myself on this other client, do it yourself."

@jk @marlyn 5. Even if it did subscribe to the URL or protocol or w/e it'd probably be relying on a separate package that isn't installed by default, and may also conflict with, or not be honored by the current desktop environment, browser, or w/e. 6. "You need to register with NickServ, so do all this weird stuff that starts with a slash. Trust us."

@marlyn @jk "7. Don't post large text here! Upload it somewhere, but we're not going to provide any hosting space for it, so figure it out yourself. But also don't use those URL shorteners." 8. To be pingable 24/7 you have to be connected 24/7, which wastes electricity. 9. No, IRC bouncers just paper over the problem. Even Quassel, which is far easier to use than typical IRC bouncers, has issues.

@jk @marlyn 10. The mere act of logging onto IRC may expose you to DoS attacks. Apparently this is a big enough issue that Freenode has a special thing called "cloaks" to mitigate this. No, you don't get to have one by default. You have to do this song and dance for it. And then the cloak won't even be applied for the first few seconds you're actually connected, so it's useless

@marlyn @jk 11. "This is the developers' channel. Users asking for support should go into the user support channel. No we don't actually read anything that goes on in there."

verbose reply 1/ Show more

verbose reply 2/ Show more

verbose reply 3/3 Show more

verbose reply 2/ Show more

@jk DEFAULT. Always let the person who wrote the update script figure it out. They've spent more time thinking about it than anyone else.

@pixelguff this is what i did, until about 3 or 4 years ago when doing that completely broke my system. and then again, about a year later, when it made Apache completely stop working and broke three people's websites for a day!

@jk Ooooh, yeah. You deffo thought about your Apache config more than anyone else.

one time i accepted the defaults on an apache upgrade and it completely fucked my website for about a day until i realised that all it was is they had changed their configuration file's terminology slightly so that i just needed to replace all instances of the word "lock" in my config with the word "mutex"

@jk why did you have a config that even mentioned locks

@er1n it wasn't my config, it was THEIR config file! however i had made some changes to it for some reason

@jk Oh, makes me remind of the time I tried to install iRedMail over my already existing server setup.

Seems like it absolutely needs to be the first thing installed on your server, unless you want to break absolutely everything web-related. :/

@jk "mutex" sounds like something you take for a cold

@Murkrow helps solve problems with blocking

@Murkrow @jk Actually, it’s a logorrhea remedy.

so i restarted my computer after that upgrade

AND NOW MY FONTS ARE BROKEN FOR SOME REASON

fucking hate linux !!!!!!!!
mastodon.social/media/_wuhTiVk

@jk your computer cant find the 404!! you gotta buy a new one. a 405 should work too (it's the 404's successor) slime.global/media/BN8QXrocPUK

why did me upgrading my system remove the font that i use. why??? what the fuck is going on??? can someone explain how and why this can or should happen

@jk because sometimes upstream do stupid things? I remember filing a Firefox bug because they removed support for a certain type of font.

@jk the only halfway sensible reason I can think of for this (not implying that the actual reason is sensible) is that somebody fucked up in the past and included a font that wasn't correctly licensed, then had to remove it later

@aeonofdiscord weirdly i still haven't got a notification for this and a couple of other toots??

@jk ...huh, that's weird. only from my account/this instance?

@aeonofdiscord no it was a few other people too! although i got one for this toot so.. yeah idk

turns out that whatever it is i upgraded reset the contents of /etc/fonts to the default. why?? who knows

/etc/fonts, if you are not aware, has the weirdest way of configuring shit (by which i mean, bad, since i only understood what the fuck was going on because i'd already had to troubleshoot an issue with it 6 months ago), you have all of these xml files and they have names like 70-no-bitmap-fonts or 70-yes-bitmap-fonts and to enable bitmap fonts you copy the file from one folder to another

why does it work like that??? probably someone has a really good explanation, one that sounds really clever. but their explanation is wrong, because it shouldn't work like that, since nothing works like that

so anyway my experience of linux, on a ~monthly basis?? you upgrade or install something, and something breaks or doesn't work, and to fix the thing so that it works you have to learn about a program you didn't know existed, understand its uniquely fucked up configuration schema, make changes you don't really understand, and then sit tight until in 6-12 months it breaks again and you have to remember how the fuck you fixed it last time

@jk so this is weird, right? i've had this installation of linux for like 3 years and never encountered an issue where i had to edit any system files or fix anything, the system just works.

@Gargron you probably arent doing anything interesting with your computer :(

@jk @Gargron what distro are you on so that I can never use it. never in my life have I seen an upgrade go so poorly and I used to run Gentoo

@Vopo @Gargron this is Mint, I’d say I have about 1/2 the number of problems on an arch-based distro but they’re still there sometimes

@jk @Vopo oh good god mint is the worst OS. stay away from it. my dad also had lots of issues with it. their website got hacked because they use wordpress lmao

@Gargron @Vopo this looks nice but i bet that if i actually end up using it, in 6 years someone will be be telling me that it's the worst OS and their website got hacked

@jk @Gargron six years is a while tho. the same has been frankly more true for commercial products. last year you could break into a Mac by not putting in a password

@Gargron @jk remember two years before that people saying Windows is so insecure. the price of bleeding edge security is paid in blood.

@Vopo @Gargron tbh although it does look nice i just can't deal with using a distro that isn't in the top 3 most popular because i need a large sized community support structure & docs

@jk @Vopo okay. i personally am using ubuntu gnome (16.04 LTS). that's the one i had for like 3 years without issues

@Gargron @Vopo ah, i switched to mint from ubuntu at the time because everybody told me ubuntu was the worst OS

@jk @Vopo canonical ubuntu is pretty bad because of the preinstalled desktop environment (unity) and some dumb adware like the amazon launcher integration. ubuntu gnome is a fork with a different DE (gnome)

@Gargron @Vopo ah, back when i used to use ubuntu the desktop WAS gnome, maybe im just extremely out of date

@jk @Vopo gnome 3 looks different to gnome 2 and i like it a lot more

@Gargron @Vopo on everything linuxy i use i3wm and uhh, idk what it's called. kde? gtk?? xkcd?? anyway i have no way to tell because everything just looks like i3. i probably use a different environment on each computer

@Vopo @Gargron someone needs to draw me a venn diagram with x, x windows system, x11, x.org, gnome, unity, kde, gtk, i3, dwm, and wayland in it

@jk @Vopo you'll hate me and all of linux for this but you listed like 3 different categories of things in there. there's x.org/x11/wayland is like a graphical API layer; gnome, unity, kde are desktop environments; i3 and dwm are window managers. i think.

@Gargron @Vopo yes, i know i listed things in different categories, that's why i wanted a diagram

@Gargron @Vopo this is pretty easy to visualise and understand since they're all graphical things, right? x lets you create windows on the screen and draw to them, desktop environments give you controls & OS-type onscreen features, and WMs let you organise the windows?? except they can also change the style of the windows too?? and if you ONLY have x installed it does function with its own basic kinda... well, wm? or DE? or??

@Vopo @Gargron i find it much harder to visualise what's going on with stuff that you can't really see, like other weird layers and configuration management systems where you can't even tell why they made it so abstract

@jk @Gargron I can tell you why they made it so abstract, it's a lot more fun to build. :V

@jk @Gargron @Vopo DEs usually include a WM, like gnome's mutter, but you can replace it with something like i3. There's also compositors which somehow do some extra stuff that's extremely important like wobbly windows

@noiob @jk @gargron @Vopo wait ok so the distinction I’ve never gotten is DEs vs WMs. I just configured my .xinitrc to launch my WM (bspwm) when I type startx. does that mean I don’t have a DE? Or is xinit my DE? What does a DE do other than launch the WM?

@alice @noiob @jk @Vopo the DE is WM+start menu+toolbars+keyboard shortcuts+a load of other shit that's nice to have. a WM is just how windows are laid out.

@gargron @noiob @jk @Vopo but all those things you listed are separate programs in my setup. Start menu = dmenu, stars bar = polybar, keyboard shortcuts = sxhkd, etc. And they’re all configured and launched by shell scripts that get executed by bspwm. Does this mean bspwm is my DE? Or is my DE a big pile of random programs and scripts?

@alice @Gargron @noiob @Vopo also when i'm running xfce my windows look different than when i'm running i3, so i3 is a DE? orrrr, is my DE i3+i3status+dmenu??

@jk @Vopo @noiob @alice Your DE is a big pile of programs pre-configured to run together, yes.

@Gargron @alice @noiob @Vopo well thank god i didnt have to configure most of them

@jk @Gargron @Vopo I think it's mostly a coincidence that the two main widget libraries are closely associated with the two main DEs. GTK actually came from GIMP originally, not GNOME.

@jk @Gargron @Vopo that's like... a circle, three separate circles intersecting, and another five separate circles

@jk on four separate sheets of paper

@jk @Gargron @Vopo

X is the Tenth Gate. If opened, it releases the Darkness.

X Windows came out of the Gate. It's just another name for Windows 10. Apple's been secretly running it since 1999.

X11 is the Eleventieth Portal. It's eleven times worse than X.

X.org is the Xorgs. Don't mess with them.

Gnome and Kade both sit beside the Gate and will tell you that the other one lies. Maybe not even one of them is telling the truth.

Enlightenment is a mad druid who laughs at all who pass by.

@natecull @jk @Gargron @Vopo how did you make it through this whole post without mentioning bill gates

@Gargron @jk @natecull @bonzoesc yeah he's also just an agent of capitalism among many faceless others.

@natecull

GNOME finally got rid of it. They are migrating to a Way better Land.

@natecull @Vopo @Gargron @jk
All three are movies which appeared on the original -- Top: "Project Moonbase"; Center: "The Brain That Wouldn't Die"; Bottom, "Puma Man".

@flugennock @jk @Gargron @Vopo aww, I was thinking it must be a progression of the same character: getting a cyborg conversion, then flying

@jk @Vopo @Gargron
I really don't want to draw something, but it'd essentially be: X11 implemented by X.org -> DE/WM of choice -> Gooey programs
Wayland implement by who the fuck knows yet -> (optional) Wayland DE/WM (depends on a standard compositor/display server implementation) -> Gooey stuff

@Gargron Ubuntu doesn't use Unity anymore.
And when it comes to DE, it's mainly a matter of preferences, don't you think. I, for one, loved Unity ^^'.

@jk @Vopo

@Gargron @Vopo @jk GNOME 3 is now the official DE of Ubuntu again!

@jk @Vopo @Gargron

(Canonical finally threw in the towel on Unity and went back to GNOME.)

@jk @Gargron @Vopo oh my mint/ubuntu experience was the exact opposite, switched to mint because ubuntu kept breaking stuff and everything just works since

@Gargron @Vopo thanks for letting me know to stay away from mint 6+ years after i started using it due to everybody telling me it was the best

@WAHa_06x36 @Gargron @jk we've already talked about how Macs have had serious security flaws in the past year.

@Vopo @jk @Gargron Those have had basically zero impact on regular users, no matter how much the internet likes talking about them.

The increased usability has a huge everyday impact, though.

@WAHa_06x36 @Gargron @jk The op stated that they cared about security.

@Vopo @jk @Gargron Honestly, there's not much difference in levels of security between the two. Both have security holes occasionally, both have security features the other lacks.

@WAHa_06x36 @Gargron @jk you could literally login as root by not putting in a password. what security holes does say Debian Linux have that are even in the same Galaxy? it highlights a problem in their process that I wouldn't recommend a Mac in good conscience right now and I own one.

@Vopo @jk @Gargron It was a bad one, but it was rapidly fixed with minimal impact. Practical impact was tiny.

Debian, meanwhile, created trivially vulnerable SSL certificates for years, which is less spectacular but far more insidious.

In the end, basing your judgements on single events does not give you much useful insight. Everybody has a pants-on-head stupid catastrophic security issue SOMETIME, in today's development climate.

@WAHa_06x36 @Gargron @jk it took 4 months to fix, it had been announced prior to the big hooplah on the apple support forums.

@Vopo @jk @Gargron Apple support forums aren't where you report bugs, and I don't think developers or their managers tend to read them. But that is a discussion which is entirely uninteresting.

@Vopo @jk @Gargron That one has an extremely small impact on anyone at all.

I can dig out issues in Linux all day too, but that is just not an interesting discussion to have, you know?

@WAHa_06x36 @Gargron @jk I don't think there is an interesting discussion to be had when you won't admit major security flaws are impactful to users.

@jk @Gargron @WAHa_06x36 the fact that you view these as equivalent to other bugs in the industry speaks to a certain level of not understanding the gravity of an issue like this. it's one of those issues that indicates a much deeper problem in their development process.

@Vopo @Gargron @jk Look, I'm not interested at all in going into discussion of pointing out bugs back and forth, but this was like a week ago:

kde.org/info/security/advisory

Is far more damaging than the earlier bug, which was literally just a UI issue.

NOBODY in this industry is doing well at security. You're just going to have to accept that, and take whatever precautions you can, and hope for the best, no matter what OS you use.

@WAHa_06x36 @jk @Gargron @WAHa_06x36 @jk @Gargron the fact that you can it a "ui issue" fundamentally explains how much you don't understand about the bug. the bug you just posted is bad, but not anywhere near the same scale. the apple bug is a privilege escalation attack without any technical knowledge required. if that doesn't mean anything to you then that explains why you don't think it's a big deal.

@Vopo @Gargron @jk Actually, you can dial back that attitude.

This is a UI I know and use. And I understand what the issue is. The lock icon is basically a button to perform the equivalent of a sudo, to give you enough rights to perform certain actions.

The bug is that if you are logged in as an admin, who already has those rights, the button is still shown, acts as if it does something, but does not.

The user already has the rights. That is why they can unlock with any password.

@WAHa_06x36 @jk @Gargron it was actually replicated on guest by a lot of people so.....

@Vopo @Gargron @jk There is no mention of it. I am talking about your second bug.

@WAHa_06x36 @jk @Gargron oh, yeah that one isn't as bad. sorry I was still talking about the first security hole.

@Gargron @jk @WAHa_06x36 when you said far more damaging than your earlier bug I thought you meant the giant security hole that you handwaved as "not of significant impact"

@Vopo @jk @Gargron Look, the point is that every OS has plenty of incredibly stupid security issues. This is just a fact of the world today. It sucks, but that is the state of things.

Trying to say you shouldn't use any specific OS because it has them is just blinding yourself to the problems you yourself have. It is not an argument, it is just blinkered tribalism.

@jk @Gargron @WAHa_06x36 I have a Mac and a PC which runs Windows. I dropped a lot of cash on a machine with a wide open privilege escalation vulnerability and likely other issues. I don't understand why that didn't bother you

@Vopo @Gargron @jk Because there is no way to NOT do that, except to not use computers. Or build your own. And even then, your odds to succeed are slim.

I am more interested in seeing what any particular OS is doing to make the horrible situation better. And there, Apple is doing a lot better than most others. Sandboxing for apps and easy full-disk encryptions are great defenses for very real issue I face.

Like, I don't care much about a privilege escalation. If malicious code is already running on my system, it can often do most of the malicious things it wants to without any escalation.

I worry about software spying on me or installing adware much more than I worry about it getting root access.

@WAHa_06x36 @jk @Gargron let's stop rehashing this, jk knows that Macs exist. I think we're all aware of the ui of macs, and the voiced quality control concerns. sorry if I upset you I was just taken aback.

@jk @Gargron @Vopo Thanks for signing up for Computer Facts! You now will receive fun daily facts about COMPUTERS! >o<

@WAHa_06x36 @jk @Gargron @Vopo

To: your-list@example.com
Subject: doesn't matter

Approved: your-approval-password
Received: by some.site.org....
Received: by another.site.org....
From: joe@another.com (Joe User)
Subject: this list is great!
To: your-list@example.com

Hey, this list is great, and the moderator sure is sexy!

@ekvin @WAHa_06x36 @jk @Gargron being able to mute a comment thread would be a very good feature

@Vopo @Gargron @jk @WAHa_06x36

Submit it to the User Voice and we'll vote for it.

@Vopo @Gargron @WAHa_06x36 i actually have an iMac, it’s been my main computer since 2010, and I use it every day. i mostly run Windows on it atm since some of the software I prefer runs best on Windows. macOS is quite good, but I don’t much care for the way the window management works and also after years of weird experiences with homebrew and macports i decided “windows with WSL, and two additional computers that run native linux” was less annoying, at least for my purposes

@jk @Gargron it is the most popular but then so was Ubuntu.

@jk My own experience with desktop Linux - granted, over a decade ago - was plenty of just plain /wrong/ documentation all over the place, fighting for hours to get something done ("but it said to run ./configure; make; make install, and I have that fucking library that it says is missing"), and then just giving up and running the Windows port in WINE.

That's when I realized, wait, if I'm just running everything in WINE, why not... just run Windows?

@Mainebot @bhtooefr thats the hacker ethos right there

@jk as someone who’s used it for like 20 something years, this sounds pretty accurate.

@jk Which distro did you try poor soul ?

@Zulgrib i use Manjaro (Arch) on my laptop, Ubuntu on WSL on my desktop, Debian on my VPS, and Mint on my old-computer-turned home server. i've had similar issues with all of them

@jk Was able to break Arch, wasn't able to break mint by upgrading.
Did you add PPA or 3rd repo on your mint ?

@jk Did you update package that were unchecked by default by mint updater and picked "don't break my computer" when asked on first mint update launch ?

@jk

well what the fuck does a linux developer know about type or why people use it? Have you seen the state of desktop publishing and graphic design? You must have.

@jk this is one of those "me learning things below my level of interaction in the stack that unsettle me" threads isn't it

@jk
donald knuth wrote an article "using specially named files as configuration flags considered good" and you don't want to disappoint knuth do you

@jk
:drake_dislike: configuring fonts with a million xml files
:drake_like: configuring fonts by dumping all your fonts in a folder

@bonzoesc seriously, if i want a font, i put it in the fonts folder. if i don't want a font, i don't put it in the fonts folder. how come windows and mac have managed to get this right

@jk @bonzoesc
Side note, every BSD I've used has this right too, just drop system wide fonts in /usr/local/share/fonts and you're done

@alice lol that would be me, don't care who takes 'em, spread 'em around :drake_like:

@jk this is why I stopped using Ubuntu and don't wanna use Debian very much. All those intricate update scripts that ~should~ Just Work ™ sometimes messed things up.
I haven't had that problem on Arch.

@grainloom yeah im tempted to just install manjaro on this thing, it’s the (second-to) last thing I’ve got that’s still running Debian

@jk huh... You're not supposed to use /etc/fonts.
Your fonts do in ~/.fonts

@kensp im sorry but you didn’t understand what I was saying. it wasn’t a font, it was a system-wide font SETTING that was replaced. fonts themselves go in /usr/local/share/fonts or ~/.fonts but the font configuration information (in my case, to enable all bitmap fonts) is in /etc/fonts

@jk Still, /etc/fonts/local.conf shouldn't be reset. I'm gonna guess it's your DE that reset that file during the upgrade? who knows.
I setup all my fonts in either the application itself (usually in a subdirectory in ~/.config) or in ~/.config/fontconfig so everything stays in my home folder.

@jk
>why did me upgrading my system remove the font that i use
For adrenaline rush, when you use own distro?

@jk when they are not dicks, keeping current config won't break software.

@jk Yeah, I had one of those recently, although something as critical as grub, but sounded important enough for me to look at it. I did not understand what it, so I went for default.

Luckily, everything *seems* fine here.