KssioAug

As others have mentioned, you’re not forced to. But Debian is indeed way more conservative in that regard if you use their stable release. Particularly I think you won’t have issues with either regarding hardware compatibility or performance. But for what reason would you want Arch or Cachy OS if you don’t mind me asking?

Just so you know, if you install Distrobox you can run pretty much any app from any distro (except drivers), regardless if you choose Debian or Arch. So if I were you, I’d choose Debian if you’re worried about stability, and choose Arch/CachyOS if you want to keep up to date features and drivers. Then use Flatpak and Distrobox to download pretty much any app you want.

I particularly use CachyOS and have zero issues with it with my Asus Vivobook with a Ryzen 5825U released on 2023.

Is it a new action from them? I’ve been reading a lot complaints about it lately.

If they’re banning people for using VPN, they’ve reached a new low. Not that I care though… Reddit is just a shadow of what it once was.

For instance, the MIT license being popular is pretty hard evidence that FOSS doesn’t necessarily mean anti-corporate, and for many users GitHub still more or less does what it says on the tin.

I’m pretty sure that MIT license is that popular out of ignorance, instead of an informed decision to allow corporate to steal and make money out of their code.

Not recommended. Even if you’re not writing data to the drive, when you read it the physical components keep working, which can lead to more damage until you lose everything. I would recommend you to back up, right now, your most important data to any other drive you have, then unplug this damaged one, buy a new drive, and then backup your stuff on it following a ‘emergency’ order (the most important and non replaceable files first, and then the less important stuff).

I believe the core reason is that, when MS bought it, and while they make it worse day by day, the number of projects in Github was already huge and it just keeps growing. That being said, it is still the main platform to find FOSS projects, and to have your project be found.

A lot of people are migrating though. The good thing about the FOSS community and philosophy is that they don’t really need to rely on shitty companies like Microsoft. They can (and many actually do) just move on, at least regarding their own personal projects.

What gives it in is the ID 5, Reallocated_Sector_Ct. In your log, there were found 120 reallocated sectors, which indicates pretty much literally a physical damage in the hard drive. The drive detects this damaged sectors and move the data to a different one.

Not saying you’re wrong, but I wonder how many people that were willing to pay 250 dollars for lifetime would actually pay more than 3 years of subscription.

I believe most lifetime buyers do it for FOMO. They pay it believing that they won’t ever need to worry about it again and that they’re making a good or safe deal… but most of them won’t be using Plex that much anyway.

With this price hike Plex is basically killing the lifetime option. Sure, they might get more subscribers at first, but in the other hand they will also lose a lot of impulse buyers that will hardly pay them 250 dollars in monthly subscriptions at the long run. At least, that’s what I think…

I believe Linux will experience a slow, steady growth because the technical alternatives for most Windows features and softwares already exist, making it pretty much a matter of time until people realize it. But the friction, like IT retraining, vendor certified vendor support from Adobe and other shit, and general user habits, are still too high.

Edit: Although, on a second thought, maybe not even that slow given Microsoft incompetence at managing Windows.

Valve’s Proton support bringing gaming to Linux effectively, Windows 10 reaching its EoL deeming millions of perfectly functional PCs as e-waste by requiring TPM 2.0 and a short list of CPUs, and Microsoft’s aggressive and incessant push of invasive telemetry and AI features (like that shit Recall stuff), are certainly driving a lot of users toward Linux. If Microsoft keep making decisions like this, I’m not sure how long they will be able retain their user base.

I didn’t.

Saying that Debian and Fedora don’t need an AUR because vendors provide packages, implying these distros are pratically immune to third-party malware is totally false. Fedora has COPR, openSUSE has OBS, and Ubuntu/Debian rely heavily on PPAs and random deb downloads from websites. See xz-utils: https://en.wikipedia.org/wiki/XZ_Utils_backdoor

Most FOSS developers do NOT have the time or infrastructure to package for every distro. They provide source code on GitHub. The AUR exists to translate that source (or a vendor’s deb) into a native Arch package. Furthermore, downloading a random deb from a vendor’s obscure website and installing it with dpkg (which runs pre-install scripts as root) is arguably less safe than a PKGBUILD that downloads the exact same binary from the vendor’s official mirror, unpacks it, and lets you read exactly what it does before you run it.

Your conception of PPAs is riddled of misconceptions. Absolutely anyone can create a PPA. Canonical does not verify the identity of the uploader beyond email confirmation. Launchpad is flooded with unofficial, community-maintained PPAs that are no more “official” than an AUR maintainer.

Also, Ubuntu does NOT proactively audit the source code or binaries inside PPAs. They takes a PPA down after it has been reported and confirmed malicious, exactly the same as the Arch maintainers do with the AUR.

A PKGBUILD is a plain-text shell script. You can read the exact source URL, the compilation flags, and the install commands. A PPA provides a pre-compiled binary file. You have pretty much zero idea what is inside that binary. Blindly giving sudo access to a binary PPA is objectively more dangerous than auditing a 20-line bash script that compiles source code before running.

Hahahahaha they also come in Debian .deb and Fedora .rpm packages. That’s why I never got this problem with my hardware on Ubuntu or Debian.

That is exactly why the AUR exists. To repackage that vendor’s .deb into something Arch can safely manage. This makes Arch support to 3rd party apps almost unbeatable.

And you’re right: PPAs are not the same… in this regard they’re actually worse. AUR is at least in plain text and the documentation is clear: always check the PKGBUILD. When you add PPAs you’re blindly trusting a 3rd party repository and updating them with sudo.

You can’t burn the whole thing down just because, in your own words, “people are stupid”. They either read the documentation and follow the security policies, or they stick with Arch and Flathub. Or, they can simply choose a different distro. It’s that simple.

The thing is, I agree that AUR could have some sort of protection, such as a rate-limiting or a reputation system. But even as is, AUR is still an excellent feature that should definitely be maintained. And people, specially using Linux, definitely should educate themselves instead of exclusively rely on strangers for all their digital security.

Edited for extra clarification.

There are some software that I only have because of AUR. For example, Brother printer drivers.

AUR is a great option to have. It doesn’t mean people should use it for everything, when there’s a perfectly capable version of the same software downloadable from Arch, Flathub or even through Distrobox.

Having options is a good thing, people just need to take care.

In fact, downloading something from AUR without checking it is hardly more dangerous than adding PPAs in Ubuntu.

The entire philosophy of Arch is to put user in control. The PKGBUILD format is plain-text and reviewable. The documented best practice has always been to read the PKGBUILD and the .install files before building.

I’m not saying they shouldn’t look into measures to make it less prone to such attacks, but “take it down” is a very stupid take. If people can’t deal with the existence of AUR, there’s plenty of different distros to choose already.

Microsoft is trying to “reinvent” Xbox every couple years, for the last 15 years. Not even themselves trust their own plans, since they never stick to it.

Proton Mail is operated by Proton AG, which is a for-profit corporation.

That being said, even though Proton Mail is probably more trustworthy than Google and Microsoft services, it’s still handled by a for-profit corporation and therefore can’t be fully trusted.

Nowadays if something is owned by a corp I wouldn’t recommend anyone to get too attached to it. Use it while you feel it’s worth, but prepare to swap for something else eventually.

In other words: don’t ever fully trust your data to company owned software, and always look for a backup solution.

Not much, really. I’ve heard Zen had memory leak issues on Windows, but I was using it on CachyOS and didn’t bother to swap. But I use Waterfox on Android and on Windows, and I like it very much.

If I had to choose just one nowadays though, I would probably stick with Waterfox. I like Zen, but sometimes it feels more experimental.

Mozilla Firefox has gone downhill…

Not sure if they’re the best options nowadays (balancing privacy and usability), but I’ve been enjoying Waterfox and Zen for a while and don’t see any reason to go back to Firefox.

I don’t know if Ubuntu has fixed it, because trying to enforce their Snap store was intentional. But I can’t say for sure because there have been years that I don’t use it.

But yeah, for anyone using it, I’d recommend to just remove Snap entirely, since it’s totally unnecessary and goes against pretty much every Linux core concept.

Or just use something like Kubuntu or Linux Mint, that have Ubuntu under hood but are more community driven instead of relying on Canonical.

The country of free speech.

Mostly avoid downloading and running packages from sources you don’t trust. And if you’re going to run something you don’t fully trust, try to run it sandboxed (like firejail or a vm, for example). Linux is generally safer than Windows because a lot of malware are created to exploit Windows weakness… also, if you use Flatpak (sepecially verified ones) or your distro package manager, you will hardly get infected.

This, AND the fact that companies usually don’t give a flying fuck for developing countries. They want to sell their services for USA and European markets, and then they just make it “available” for the rest of the word with absolutely no regard for the monetary reality of each of these countries. You can’t expect people to think it’s fair to pay 70 USD on a game, for example, or 15 USD a month on a subscription service, when this translates to 30% of a minimum wage somewhere else.