Edit: for those who don’t want to use YouTube anymore. If a is the long side and b is the short side of a rectangle. Halving the rectangle will make the long side b and the short side 1/2 a. If the ratio is preserved when halving, we get:
There’s already more than one version without snap, it’s already a confusing mess. Not all distros are compatible with the exact same binaries. And people probably don’t want to compile everything form source.
Snap could potentially unify things, and remove all of that confusion.
I am so sorry this got so long. I'm absolutely horrible at brevity.
Applications use things called libraries to provide particular functions rather than implement those functions themselves. So like "handle HTTP request" as an example, you can just use a HTTP library to handle it for you so you can focus on developing your application.
As time progresses, libraries change and release new versions. Most of the time one version is compatible with the other. Sometimes, especially when there is a major version change, the two version are incompatible. If an application relied on that library and a major incompatible change was made, the application also needs to be changed for the new version of the library.
A Linux distro usually selects the version of each library that they are going to ship with their release and maintain it via updates. However, your distro provider and some neat program you might use are usually two different people. So the neat program you use might have change their application to be compatible with a library that might not make it into your distro until next release.
At that point you have one of two options. Wait until your distro provides the updated library or the go it alone route of you updating your own library (which libraries can depend on other libraries, which means you could be opening a whole Pandora's box here). The go it alone route also means that you have to turn off your distro's updates because they'll just overwrite everything you've done library wise.
This is where snaps, flatpaks, and appimages come into play. In a very basic sense, they provide a means for a program to include all the libraries it'll need to run, without those libraries conflicting with your current setup from the distro. You might hear them as "containerized programs", however, they're not exactly the Docker style "container", but from an isolating perspective, that's mostly correct. So your neat application that relies on the newest libraries, they can be put into a snap, flatpak, or appimage and you can run that program with those new libraries no need for your distro to provide them or for you to go it alone.
I won't bore you on the technical difference between the formats, but just mostly focus on what I usually hear is the objectionable issue with snaps. Snaps is a format that is developed by Canonical. All of these formats have a means of distribution, that is how do you get the program to install and how it is updated. Because you know, getting regular updates of your program is still really important. With snaps, Canonical uses a cryptographic signature to indicate that the distribution of the program has come from their "Snaps Store". And that's the main issue folks have taken with snaps.
So unlike the other kinds of formats, snaps are only really useful when they are acquired from the Canonical Snaps Store. You can bypass the checking of the cryptographic signature via the command line, but Ubuntu will not automatically check for updates on software installed via that method, you must check for updates manually. In contrast, anyone can build and maintain their own flatpak "store" or central repository. Only Canonical can distribute snaps and provide all of the nice features of distribution like automatic updates.
So that's the main gripe, there's technical issues as well between the formats which I won't get into. But the main high level argument is the conflicting ideas of "open and free to all" that is usually associated with the Linux group (and FOSS [Free and open-source software] in general) and the "only Canonical can distribute" that comes with snaps. So as @sederx indicated, if that's not an argument that resonates with you, the debate is pretty moot.
There's some user level difference like some snaps can run a bit slower than a native program, but Canonical has updated things with snaps to address some of that. Flatpak sandboxing can make it difficult to access files on your system, but flatpak permissions can be edited with things like Flatseal. Etc. It's what I would file into the "papercut" box of problems. But for some, those papercuts matter and ultimately turn people off from the whole Linux thing. So there's arguments that come from that as well, but that's so universal "just different in how the papercut happens" that I just file that as a debate between container and native applications, rather a debate about formats.
Sometimes you use a Library pre-made sauce or spice blend as part of a recipe, so you don’t need to waste time remaking something that is commonly used.
Every so often, a company will tweak the recipe for the things you are using, but it still basically tastes the same. Sometimes they just decide that now it’s salty instead of sweet, so it would complete ruin the dish you would like to make.
The recipe you are using assumes you live in Australia where the new version of the sauce/spice blend is more common, but where you live still only sells the old version.
So now you can either wait for the store to sell the new sauce/spice blend, import it from Australia, or try to make it yourself. But you might have another recipe that still needs/uses the old sauce/spice blend. Needing to have both can lead to issues where you use the wrong one, ruining the food you are trying to make.
This is where snaps, flatpaks, and appimages those dish-in-a-box kits come into play. They’ll have the correct version of the spices/sauces you want, so it doesn’t really matter which version you have in your kitchen.
Snaps branded dish-in-a-box kits are developed by Canonical, and they can be kinda weird. You need to check for updates if you need to re-buy them manually, and you can only get them from the “Snaps Store”. Other dish-in-a-box kits allow you to get them from whichever store you want, and will automatically re-order when needed.
And that’s the main issue folks have taken with snaps. If you have 50+ programs are making a meal with 50+ dishes, and you need to constantly check if you need to rebuy them one by one, it gets old quickly.
Also, Snaps takes up a lot of room, and generally just kinda suck compared to installing things normally or through flatpack.
My first introduction to them was “hey why does startup take so long now? This machine used to be so much faster.” and realizing it was snapd that was eating up the time. It’s also not exactly efficient at using storage compared to native installs of dependencies.
For a desktop these may not be noticable but for low power embedded systems it’s a nightmare. It should be an option but really isn’t ready to be default. And when appimages are already a thing that work well I don’t really see the point.
I’m not suggesting appimages are better, just that I’ve had fewer problems with them relative to snaps. Ultimately I’d argue all attempts to remove dependencies are not ready to replace typical packages for low powered systems. For desktop Linux the performance difference is negligible anyway.
I’m not completely sure but don’t flatpaks offer good sandboxing. If they do it could be a good idea for people who use/need proprietary software like steam and zoom so when you run those programs at least it can’t read through your files and stuff
You don’t need to break everything that exists, cause maintenance issues and incur that much overhead to have sandboxing. The security features that allows sandboxing in the first place are also available for regular binaries not installed in some weird ways, with all their advantages and flaws.
Snap is just Canonical’s way of getting more control over things. The only upside of Snap was “easier distribution”, which turned out to not be that true. The downsides, however, especially regarding maintenances and software updates, are very real.
Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux kernel and the systemd init system. The packages, called snaps, and the tool for using them, snapd, work across a range of Linux distributions[3] and allow upstream software developers to distribute their applications directly to users. Snaps are self-contained applications running in a sandbox with mediated access to the host system. Snap was originally released for cloud applications[4] but was later ported to also work for Internet of Things devices[5][6] and desktop[7][8] applications.
So (having tried various distro for almost 2 decades now, but always reverting to windows) the two useful things as I read that are 1) not having to know thst some bullshit distro doesn’t use apt and you need to figure out wtf the package manager is because this distro is a special snowflake and they wanted to show the world by being a bitch and not using apt; and 2) direct from devs, which is nice and imo preferred.
But like… native packages mostly handled this? I’ve been watching from the sidelines for a few years as this happened and I’m still like ‘this is a solution looking for a problem, and adding complexity in the name of simplicity’.
Can I get a tl;dr on flatpak? I think it’s basically snaps but again ‘we can make this standard better! by creating another fragment to the available standards!’ which is just, ugh.
That kinda is (one of) the big issues with Linux, in my eyes - everyone thinks their shitty implementation is best, and this happens for everything, and so instead of having one standard for everything you have 53 and none of them get the proper dev time and so ‘I can do this better’ and now you have 54 standards and […]. Like, it’s cool to be able to patchwork together the special sauce of 18 distros manually, but like… There could be consolidation and then 1 would have the special sauce of 18 in a user-friendly iso instead of taking 35 hours to get working. As a user, I want shit to just fucking work, or be moderately easy to get. Adding more fragmentation to the space is doing a disservice to the whole community.
With increasing amounts of people, organizations, and governments adopting Linux, we’re no longer as safe as we used to be. Unfortunately, we might have to get virus/malware scanners now like Windows users.
OSS is a double edged sword. It’s great, but the people looking for flaws that are exploitable are more often bad actors than good. At least that’s been my experience working in cyber security. Many CVEs that are responsibly disclosed are found to be actively exploited already.
Probably years of usage by intelligence agencies and criminals until someone notices. (with no possible way to know for anyone that there even is a exploit). And even then it might take months for them to fix it.
Exploit found in oss: Depending on the usage of the software several people are looking for security holes and they usually get fixed ASAP. Of course it is possible that there’s an exploit nobody finds and a criminal uses, but it is not more likely because he can read the code. If your code must be secret to be secure your code is anything but secure
Also there is no incentive for companies to fix an exploit quickly. They will only release the fix with some scheduled update anyway or else people might notice that there was something worth fixing and that's bad for your stock price.
There are a lot more ways to sneak malware into a system. Especially if some apps aren’t being maintained anymore. Linux is definitely safer, but you shouldn’t let your guard down
especially if you’re a developer. There are a lot of shenanigans going on with malware npm packages that prey on easy typos. I imagine it’s the same with other library installers for other languages too
Possibly, but Firefox & Chrome based browsers have the same built-in isolation and other security measures as on Windows. Plus you can use Ublock Origins to get rid of malvertisements. If you really wanted, you can also isolate the browser entirely with something like firejail.
Hardend forks like LibreWolf are good too.
Oh, and Wayland also isolates clients from each other too.
I don’t think it’s that big of a threat as long as you keep some level of common sense.
Oh, and Wayland also isolates clients from each other too.
One of the biggest reasons I might want to say goodbye to xfce sooner than later.
I can’t make use of most of Waylands’ features and improvements, but this kind of isolation is very much worth it anyway.
Okay, what happens if your repo doesn’t have a specific software you are looking for? A trusted repo is good, but it won’t have everything you might want. This is especially true for new software or less popular software.
I don’t think that’s the correct path. There is a scanner already, called ClamAV, which works well enough.
Virus scanners don’t fix the problem though. Android does it better: security by isolation and verification of system components.
The most important part in malware protection is whoever sits in front of the screen. Systems like Android have so many safeguards in place, the only way to get a virus is the user forcing it through themselves, pretty much.
I’m surprised it hasn’t seen wider workplace adoption.
A call centre I used to work in once scrapped all our Microsoft Office licences and installed OpenOffice on everyone’s workstations to cut costs. It was bad for the MI staff because they relied on Excel functionality that OO Calc simply didn’t have, but the vast majority of staff could get by on OpenOffice.
My only real criticisms of how they handled this was not giving people any notice, and making us use a shitty webmail app that only booted in Internet Explorer and would sign you out after a minute of inactivity to access our work emails. They could have easily installed and configured Mozilla Thunderbird to give us some quality of life that Outlook once afforded us.
Also this happened a few years after Oracle got their hands on OO, so not using LibreOffice was also questionable.
But still. Think about the shitloads of money you’d save by using Linux in the office.
There’s already a ton of such exploits. Most servers use Linux and many exploits of corporations this had to go through Linux (though many exploits aren’t related to the OS at all – eg, SQL injection is OS independent). I expect it’s more common, though, that attacks on Linux systems are either meant to target servers or were personalized attacks that you’re not gonna accidentally download.
On that vein, I also kinda suspect that many people who use Linux may be bigger targets for their employer than their personal PC. Which is actually scary, cause personalized attacks are far harder to defend against. I expect the average Linux user is technically savvy. Not a lot of money in try to do a standard, broad attack on such types (I think most attacks on personal computers are broad attempts that mostly depend on a small fraction of technologically incompetent people falling for simple schemes). But a personalized attack that happens to infiltrate a fortune 500 company? Now that’s worth a lot of money. Using Linux won’t protect you against those kinda attacks.
10 years ago is giving Apple too much credit. They were using Intel processors then, ARM now. For now, you can still run Intel applications, but that won’t last much longer.
More importantly, a 10 year old application is likely to use Carbon instead of Cocoa. Unless it’s an extremely simple application (i.e. hello world), it is unlikely to run.
Then there’s the depreciation of resource forks, a new filesystem, tons and tons of extra security restrictions, etc.
Carbon wasn’t that prevalent 10 years ago. 15, maybe. 20, definitely.
10 years ago, Carbon was already officially deprecated, and it had clearly been a second-class citizen for years before that. Most apps were already using Cocoa at that point.
They could’ve easily continue going the Catalina way (you can allow 32-bit programs to run after a warning if upgraded from an older OS), but they didn’t. I don’t understand why they forced 64-bit on Big Sur, it breaks so many old, non-updated apps and they know that.
I think it’s more of a gaben hate thing, since the epic store can’t really make a dent to steams marketshare, even when they straight up give away games.
Sweeney is like a man-child who thinks that he should receive higher praise as his more popular counterpart simply because he takes the exact opposite stances on many issues as some kind of underdog. Blockchain economies, the legal gray zone of generative AI, Linux support; and kicking his superiors in the shin and crying to the world when he gets shoved in return.
Epic will always be a lesser store platform, and Sweeney will always be a lesser man.
Sweeney is like a man-child who thinks that he should receive higher praise as his more popular counterpart simply because he takes the exact opposite stances on many issues as some kind of underdog
This makes so much sense, he banned cryptogames, than after valve banned’em too, he backpedaled and embraced them, lmao.
Because it makes his job harder. He hates having to work for his money. He just wants customers to put money directly in his bank account without ever having to work for it. Other storefronts? Cheating him out of sales. Other payment systems? Stealing his money. Other operating systems? Making his life hard by forcing him to accommodate for something different.
He might be trying to create an in vs. out crowd mentality. If he makes Fortnite players feel exclusive and special, they may be more likely to choose playing Fortnite over other games.
I played a battle royal where you had unlimited lives but were weaker after you lost the first (either less health or less damage output) and then the game would end after like an hour or hour and a half OR there’s one team remaining with at least one of their members having their original lives
It was fun cus you could actually play the game and one minor slip up doesn’t mean waiting a half hour for a match to be found and start
Not a hot take at all. Asking someone to go from a GUI heavy operating system to a command line heavy one and be just as productive is lunacy. Like all major changes it is important to ween off the old thing.
My biggest hurdle with the switch has been permission related issues, and you can’t deal with those cleanly with a UI, and every help thread under the sun throws out a bunch of command line commands giving a solution without explaining why those changes are needed. It may seem like Unix 101 to experienced Linux users, but it is really cryptic to newcomers coming from operating systems that are…cough more lenient with their permissions.
There is also a mentality that UIs are much more idiot proof than command line. UIs are written by people who actually know the OS so we can’t accidentally delete our home folder because of a typo. It is a very legitimate concern.
Q : How/why did you make such a great OS?
A : I thought - what would attract young users to Linux? So I created this idea after a lot of reading and work.
It’s because the vast, vast, VAST majority of people have no idea that many apps are just showing a website. Also, the app version is almost always more efficient in terms of precious phone screen real estate compared to a browser. Apps also remember who you are so you don’t have to login. It isn’t hard to understand why people like them.
That said, many apps are horrible from a privacy perspective. But that is largely hidden from the average user, most of whom simply don’t think much about online privacy anyway.
I hope the ubiquity of irritating ads are the thin edge of the wedge that gets more people interested in ad-blocking, and then perhaps online privacy more generally.
The cruder the malware, the better your chances of running successfully in Wine.
Because throwing together some simple executable using inbuild windows functions is much easier than programming something well-build and hidden based on deeper system layers. So your random "I just encrypted all your files because you clicked this .exe, now send me bitcoin to get it back"-bullshit might work well on wine (which is why wine should be run as it's own user with no priviledges to access anything but your Windows programs).
English is not my first not language. When I write something down in my first language (polish), it feels more like I’m transcribing things I silently say to myself, while with english I’m actually thinking about every word I type.
The funny thing is, the better I am getting at English, making those types of mistakes is getting easier for me.
I like the discussion this has generated around toxicity and professionalism, but I’m still very amused by the fact that he censored himself in the last line after not doing so for the rest of the message.
I am a pretty heavy “Fediverse user” (Mastodon + Lemmy/Kbin) and my feeds have VERY little Linux talk. There is an incredibly diverse set of folks on the ‘verse but admittedly discoverability is hard. If the only people in your circle are Linux nerds then that’s all that might be boosted into your timeline. Put some effort into finding other folks and unfollow some of the Linux-only voices :-).
How do you curate your mastodon feed? How do you find interesting people to follow? I haven’t created a mastodon account yet because I honestly not sure how to do this.
Thanks! Some of the tips are certainly not obvious to people not familiar with mastodon like me (follow a lot of people first to discover stuff they boosted then prune it later, follow people that boosts a lot).
I think a good and easy way to discover new people is to follow hashtags.
I follow couple local pets work-related hobby and urbanism hastags, and I was able to discover new conversation and new people in these space quite quickly.
I think it’s mostly people viewing the “All”/“Community” feeds. Which I feel like you have to do in general as the niche communities haven’t really gotten to a self sustaining point where you can check your “Home” feed and not run out of stuff to doom scroll.
Not to mention that if you happened to mention certain things in communities that are tangentially related (Windows/Nintendo/Apple) then it usually starts another off topic discussion on linux/piracy/whatever.
Honestly the linux stuff doesn’t bother me as much as every topic seemingly turning into a critique of capitalism.
linuxmemes
Top
This magazine is from a federated server and may be incomplete. Browse more on the original instance.