> This desire to be able to understand absolutely everything on your system seems kind of absurd to me.

There's a difference between having a desire to be able to do something and having a desire to actually do that something. I intensely want to be able to understand something, if I have the time, energy and motivation. The fact that it's possible is what matters, not whether or not I actually do it.

You're not making that distinction, it seems, but it's a very important one. Arguing for choosing complexity that removes that option because otherwise we're irrationally afraid of the unknown is really one heck of a take.

I can't understand every intricacy of my systems, but I know several NetBSD developers who have intimate understandings of literally every aspect of their computers. Because this is possible, and because people with this level of understanding exist, I trust what comes from the NetBSD project more than I trust anything from any of the Linux distros.

> You're not making that distinction

I'm not making the distinction because I was talking purely about the desire to be able to understand everything, not the desire to actually do so at all. So your attempt to split hairs is purely irrelevant to my point.

Even the desire to be able to is one I find absurd, and as I said fundamentally based on an irrational fear of the unknown — specifically the fear of having to rely on something that you may not be able to perfectly understand or control — and a prideful desire to not only control everything but not have to rely on the expertise of others. Moreover it is a mindset that is simply not practical in any other field of life, in modern society, and while it may once have been possible in the software industry, I don't think holding back software from the many benefits more complex and complete software can bring making it easier to use, handle more edge cases, solve problems more completely and from first principles, have more useful features, integrate better with other things, and so on just to preserve that state, th)at sort of atavistic design philosophy, is sensible either. It seems like a monomial pursuit of the optimization of one variable, namely a certain specific sense of reliability where edge cases and the fragility of the integrations between things and the lack of accounting for various use cases necessitating piling on more ad hoc tools, are not counted, at the expense of many other things.

> Arguing for choosing complexity that removes that option because otherwise we're irrationally afraid of the unknown is really one heck of a take.

It doesn't seem like a particularly crazy take to me at all. Perhaps in the software industry it is, because there has been such a cargo cult like obsession with the Unix Philosophy for a very long time, but I've always been a crank and have no desire to apologize for that, and it's a trade-off we make every day in other areas: choosing something that even if we wanted to we probably couldn't fully understand all of the intricacies of because it serves our needs better on a practical level is something every person in modern society does every day with a vast panoply of things, including software, because the division of labor and specialization and so on is actually a very important part of what makes the modern world with all of its advanced technology and convenience and so on possible.

> I can't understand every intricacy of my systems, but I know several NetBSD developers who have intimate understandings of literally every aspect of their computers.

I'm not so sure that's true, except on an abstract architectural level probably, in which case the second part of my argument above would come into play.

> Because this is possible, and because people with this level of understanding exist, I trust what comes from the NetBSD project more than I trust anything from any of the Linux distros.

Trust about what? That's kind of my question.

> fundamentally based on an irrational fear of the unknown — specifically the fear of having to rely on something that you may not be able to perfectly understand or control — and a prideful desire to not only control everything but not have to rely on the expertise of others.

That's you. Please don't project your inabilities on everyone else.

> I'm not so sure that's true.

Interesting that you think it's OK to simply assert something based on absolutely no actual data, information or experience, in direct contradiction to what others personally know and experience. What a take!

You're making an argument that looks like this: things happen, and we're OK with them. Therefore, we should be OK with the same things happening with other aspects of life. Simply, no. I can accept that I know very little about how municipal water systems prevent contamination, growth of microbes, et cetera, but how ridiculous is it to suggest that because I simply accept that it's done reasonably well, I have to do that in other areas, too? Do I need to accept being as ignorant about the intricacies of something as everyone else, even when I'm an expert in that particular field? That's absolutely ridiculous.

> simply not practical in any other field of life

Bullshit. I can think of many, many examples where this is plainly not true. See my previous statement.

The fact that you think this complexity that defies understanding is required to handle problems that can't be handled more simply shows you have a shallow understanding of things. I genuinely don't know if you can't understand this, or simply choose not to, but I'll say that you giving up does not have any impact whatsoever on those of us who haven't. Needless to say, arguing for others to give up wanting to understand something that you seem to lack understanding of is, in basic terms, gatekeeping. You're no different from people who say to not self-host email because they can't self-host email (or for whom it's too much "work", or takes too much energy). Likewise, if you don't want to do something, that's really not an argument for telling other people to not want to do something. What kind of person does that?

so you're saying there will never be a breaking change when the or bugs when the software updates? ever? That seems unlikely. I've managed my own servers many times before and that's never been the case.

I wasn't saying that just that it should help a lot with minimizing the work. I self host my own stuff too, plenty of it.

and no one is stopping you. I just don't want to.

> Self-hosting means taking a second job as a sysadmin

True, in the literal sense that you will have to administrate your own system, but I'm sure there must be ways to make this easier for people. Perhaps small computers that come pre-configured with the correct specifications for being a good small-scale server and pre-installed with software that provides a simple web GUI dashboard that you can just drop files on and it will serve them up for you, with everything else taken care of under the hood.

> applying software updates all the time

With image based distros, containers, and their respective auto-updating schemes, this — and the concomitant problems updates may bring given the extensive and hairy state of most systems — should hopefully become a thing of the past.

> patching emergency security vulnerabilities

I mean, unless you are running something that is incredibly visible online and linked to you from a lot of places or used by a lot of people and so you need to take extreme extra security steps, shouldn't this be taken care of by just regularly updating your software? For a small scale self-hosted blog or personal email server this seems a hardly proportional.

> hardening services against constant attacks

Again, it seems like you are projecting the requirements of a much larger scale endeavor onto small-scale personal self hosting of a blog or email server only you use. And to the degree that system hardening is necessary for a small cell posted system, once again image-based operating systems with hardened Pam authentication rules that run everything in rootless podman containers and keep SELinux enabled should be more than hard enough and all that can be configured and set up upstream to the user.

> deciding whether the daily "I have found a bug in your system and will disclose" mails are legitimate threats

What are you even talking about here? For the third time, it seems like you are projecting the requirements of a much larger scale thing onto small-scale personal self hosting.

> If you fail at any of these tasks, relatively new regulations mean various governments can fine you more than your net worth over failing to report a data breach to the right agency on the right timeline

A data breach? On a small self-hosted blog or email server? Who's data would those regulations be punishing you for leaking, your own, maybe two freinds'? And those regulations, if you are speaking about the ones in the EU that I am thinking of, have pretty clear cut offs and requirements and stuff that really wouldn't apply to someone's little self-hosted thing.

> Perhaps small computers that come pre-configured with the correct specifications for being a good small-scale server

Great minds think alike. See FreedomBox[1] for a totally FOSS implementation of that idea; one of my friends runs all of his internet services at home with it: email, file storage, contacts synchronisation etc.

[1]: https://wiki.debian.org/FreedomBox

> Say you host your own WordPress blog with comments enabled. A few of your posts get to the front page of Hacker News, and you collect a couple hundred comments from California techies.

The possibility of this is less than 1% purely due to commenting friction. Hacker News already has a comment section. No one's going to sign up for a Wordpress account in order to post their comments there.

The easy solution is to just not enable comments. Nobody has an account on my site but me. I'm endangering nobody's data but mine. No worries.

Come on now. Can you point to one single case of something close to this scenario having happened in real life to a small self-hosted WordPress blog? Or even a big one? Governments are not that stupid, they are not that malicious and they do not have infinite resources to pursue such frivolous and nonsensical activities. This reads like some weird sort of paranoid legal fanfic.

> You have to personally notify every California resident of the breach, and California's Attorney General.

And if one doesn't?

I'm in Canada. Can they still do that?

Do those laws apply even if you charge no fees and serve no ads?

> As the article here says, not all apps can be used as flatpak. Currently flatpak is mostly for GUI desktop apps, most common cli tools are missing. For instance there is no gcc flatpak.

That's why we have distrobox/toolbx!

Unless it's using e.g. RefCells to enforce them at runtime

> If you requested this 5 years ago every would think you were crazy...

That's a straw man. Nobody was ever pushing for people to import all of libsystemd just to use the communication protocol with systemd, that protocol was designed to be very easy and simple to implement on your own precisely so you didn't have to depend on anything else, libsystemd just happened to provide an implementation too, and somebody was lazy and imported that instead, but I seriously doubt that's what anyone thought was best practice.

Contrary to popular belief, systemd isn't about linking gigantic binaries and libraries together into a giant blob like everyone things (e.g. the standard nonsense line from detractors that e.g. `systemd-resolved` is "part of systemd" as in "part of the same binary", which it isn't), but about just letting programs talk to each other, so that you can get reliable, featureful integration on your desktop instead of everything being a half-working mess of shims and ad hoc communication, and providing a centralized service that can consistently and from first principles solve certain tasks, so that you don't have to have every single daemon reimplementing their own, or a central implementation that's a big pile of preprocessed shell scripts, spinlocks, edge cases, and bullshit.

> Same as the suckless people. They were right after all.

Right about what? Right in myopically judging software quality by "lines of code" and setting nonsensical arbitrary line limits, and as a consequence confusing a (poor) map for the territory, because while, yes, "few lines of code" can make software good in some ways (less buggy, etc), it can also make it quite bad in others (less featureful, doesn't handle edge cases, brittle, annoying to use), or just be completely unrelated? Or finding every possible way to vrware software that most definitely "sucks more" for the vast majority of users that don't randomly happen to perfectly align with it, software that sucks so bad people have to maintain patch lists to make it useable, with all the inherent problems with maintainability and stability over time patches incur?

Suckless is a cargo cult of tradition following a fundamentalist interpretation of its holy texts, refusing to innovate and actually make computing better, stubbornly sticking to a model left unchanged since the 70s, which wasn't even that great back then, and proud of it.

Well obviously. The question is, are they wrong to do so?

I think it's impossible to tell because there's not enough people who are smart enough to prove that who care enough to do so AND who enough other people will believe. For example, half the people I ask consider Whonix dev Madaidan (and his thoughts on OpenBSD security: https://web.archive.org/web/20220227172102/https://madaidans...) to be wrong, while the other half think he's right. There's no majority consensus because everyone thinks they know better.

Madaidan is a bit of a mixed bag in my opinion — they are probably mostly factually correct in their statement about everything in my opinion, but it seems like they are deeply unfair to Linux (praising other OSes for things they've barely done and then criticizing Linux for barely doing those same things) and have fallen for the flatpak FUD. In the case of their opinion on obsd, I think they seem correct, and their opinion lines up with the other website criticizing obsd so there's that. But you're right, it's hard to know as a layperson.

Actually their stated reason for making the site is that they don’t like the politics of openbsd devs

> Because the OpenBSD community is notorious for not being nice and welcoming:

That's not their reason for believing that obsd isn't as secure as claimed or that their development practices are bad, however, that's just their reason for not directly coming to the obsd developers with the issues instead of just making the problems public for other people to make their own choice about.

And it isn't about the politics of the obsd developers, as I would have thought that website would have made abundantly clear, it's about the fact that the obsd developers are extremely prideful and unwilling to listen to other people's input and have crank-like is used concerning security according to most security professionals, so it would simply be unproductive to come to them with these issues.

So your attempt to insinuate that this website is purely dunking on obsd because their community is insufficiently inclusive or progressive or whatever and has no actual technical merit to it is simply wrong and misleading.

> however, that's just their reason for not directly coming to the obsd developers

In other words they intend to hurt the reputation of people they don’t like rather than fix problems.

They literally said, the website would not exist but for spite.

> obsd developers are extremely prideful and unwilling to listen to other people's input

That describes these sideline critics well. If you show the devs a vulnerability you don’t think they will fix it?

> has no actual technical merit

Well that’s ok because I’m talking about a social problem.

Tech Over Tea is pretty cool — in depth 2 hour long interviews with various interesting or crucial figures in the FLOSS world.

Looks good, thanks!

> This just in: forcing a mandatory selection from a mandatory screen results in people making a mandatory selection to go about their day. Even should users select at random, would this result in a market share increase for alternative browsers.

It doesn't make sense for an uptick in usage of smaller browsers to be just an artifact of forcing the decision, because the easiest and least cognitive overhead choice when forced to make that decision would be to just pick the default browser you would have used anyway, like Safari on iPhone or Chrome on Android. So the uptick must be the result of people actually wanting different browsers now that they have been made aware of the other options and presented with a convenient Choice up front. Which makes sense for the eu, considering as other commenters have said the recent distrust and resentment of American tech companies there.

Classic Apple:

> In iPhones, users can see the choice screen only when they click Safari, and then users are shown a list of browsers with no additional information, said Jon Stephenson von Tetzchner, CEO of Norway's Vivaldi.

> "The process is just so convoluted that it's easiest for (users) to select Safari or potentially some other known name," he said.

> The complicated design has led European Commission to start a non-compliance investigation into whether Apple may be preventing users from truly exercising their choice of services.

It's very fun to see that the EU is refusing to give up and take Apple's passive aggressive compliance on any front!

Blatant a-holish behavior towards tens of millions of users should and will be punished. Plus its outright childish, exactly opposite direction Apple tries so hard via marketing to project itself into.

Maybe few hundred millions additional fine will cool some oversized egos in management. If not, add 0, and keep repeating, we are too sweet and rich market to ignore and continuously insult.

How anybody can buy products form this company and feel they are buying from somehow better and more moral vendor than rest of the market is beyond my understanding.

Just think, you and I are lucky enough to be on a website chock-full of iPhone apologists, $AAPL owners and enterprising madmen. The comments can only get better from here.

> How anybody can buy products form this company and feel they are buying from somehow better and more moral vendor than rest of the market is beyond my understanding

> marketing