Atemu

Atemu, 10 months ago

Voting is another concept that would become unhackable overnight

No. Voting on the blockchain is an even worse idea than money on the blockchain.

In many cases, there are good reasons why these things are done they way they are. I have yet to see a software system that is better at preventing voter fraud than humans looking at your government-issued ID at a poll site and humans overseeing other humans manually counting votes.

A single actor might be able to commit voter fraud in the order of dozes or hundreds of votes perhaps but with a digital voting system based on blockchain, they could do so on the order of thousands or even millions by compromising end-user devices used for voting or buy enough work/stake/whatever to perform a 51% attack.

Same goes for money btw. Our current system is by far not a perfect one but removing the ability for governments to i.e. freeze accounts of bad actors is not a boon.

Atemu, 10 months ago

Make sure that device doesn’t require proprietary drivers (commonly WiFi or GPU). If the hardware in question needs those and you need the component to work, I wouldn’t take it for free because you’d be stuck with shitty support on an ancient kernel.

Most commonly, thio affects broadcom WiFi and Nvidia GPUs.

Atemu, 10 months ago

Any distro that ships relatively recent libraries and kernels.

With the exception of Debian, RHEL, SLES and the like, pretty much everything.

Atemu, 10 months ago

Not just read but modify even.

Atemu, 10 months ago

I don’t know about timeshift but it appears to have a configuration tab for snapper.

Atemu, 10 months ago (edited 10 months ago)

What you’re doing is perfectly fine.

It is however more of a mitigation for bad distro installers than general good practice. If the distro installers preserved /home, you could keep it all in one partition. Because such “bad” distro installers still exist, it is good practice if you know that you might install such a distro.

If you were installing “manually” and had full control over this, I’d advocate for a single partition because it simplifies storage. Especially with the likes of btrfs you can have multiple storage locations inside one partition with decent separation between them.

Atemu, 10 months ago

except for hdds without cache

The “cache” on HDDs is extremely tiny. Maybe a few seconds worth of sequential access at max. It does not exist to cache significant amounts of data for much longer than that.

At the sizes at which bcache is used, you could permanently hold almost all of your performance-critical data on flash storage while having enough space for tonnes of performance-uncritical data; all in the same storage “package”.

Atemu, 10 months ago

Note that bcache and bcachefs are different things. The latter is extremely new and not ready for “production” yet. This post is about bcache.

Atemu, 10 months ago

WDYM by “overheat”?

Atemu, 10 months ago

TL;DR Amazon is building a Linux distro that starts a chromium to run react native apps. Apparently, you need hundreds of people for that.

Atemu, 10 months ago (edited 10 months ago)

AMD platform support is coming to coreboot in the next few years, consumer platforms much later and even there I’m doubtful it’d come to your laptop in particular.

Get a Frame.work with Intel chip if you want coreboot on a modern laptop soon-ish. I know the guy working on that port ;)

Atemu, 10 months ago

In regular FHS distros, an upgrade to libxyz can be done without an update to its dependants a, b and c. The libxyz.so is updated in-place and newly run processes of a, b and c will use the new shared object code.

In Nix’ model, changing a dependency in any way changes all of its dependants too. The package a that depends on libxyz 1.0.0 is treated as entirely different from the otherwise same package a that depends on libxyz 1.0.1 or libxyz 1.0.0 with a patch applied/new dependency/patch applied to the compiler/anything.

Nix encodes everything that could in any way influence a package’s content into that package’s “version”. That’s the hash in every Nix store path (i.e. /nix/store/5jlfqjgr34crcljr8r93kwg2rk5psj9a-bash-interactive-5.2-p15/bin/bash). The version number in the end is just there to inform humans of a path’s contents; as far as Nix is concerned, it’s just an arbitrary name string.

Therefore, any update to “core” dependencies requires a rebuild of all dependants. For very central core packages such as glibc, that means almost all packages in existence. Because those packages are “different” from the packages on your system without the update, you must download them all again and, because they have different hashes, they will be in separate paths in your Nix store.

This is what allows Nix to have parallel “installation” of any version of any package and roll back your entire config to a previous state because your entire system is treated as a “package” with the same semantics as described above.

Unless you have harsh data caps, extremely slow connections or are extremely tight on disk space, this isn’t much of a concern though.
Additionally, you can always “garbage collect” old paths that are no longer referenced and Nix can deduplicate whole files that are 1:1 the same across the whole Nix store.

Atemu, 10 months ago

Why is it that GrapheneOS/CalyxOS always seem to attract these kinds of people?

Atemu, 10 months ago

I somehow doubt that’s all you said.

Atemu, 10 months ago

As in, build a NixOS VM that’s otherwise the exact same as your current system but with a different DE enabled. nixos-rebuild build-vm

Atemu, 10 months ago (edited 10 months ago)

Guix might also be able to do this but I don’t think the others can.

This relies on NixOS’ declarative configuration which Silverbluae and the like do not have; they are configured imperatively.

Atemu, 10 months ago

Well, you can roll back with a switch too; no reboot required.

The VM protects you from accidental state modification however (i.e. programs enabled by some DE by default writing their config files everwhere) and its ephemeral nature makes a few things easier.

Atemu, 10 months ago

Post the journal after wakeup, not before.

Atemu, 10 months ago

There is none. NTFS is a filesystem you should only use if you need Windows compatibility anyways. Eventhough Linux natively supports it these days, it’s still primarily a windows filesystem.

Atemu, 10 months ago

If you’re only using this filesystem on Linux anyways, absolutely.

Atemu, 10 months ago

From what I’ve seen, that’s a great way to corrupt your filesystem.

Atemu, 10 months ago

I’m still in the process of optimizing stuff around Linux (e.g. media drive filesystem)

What do you mean by that?

Atemu, 10 months ago

Even with btrfs “weird archives” such as Borg’s or restic’s are preferred for backups.

Atemu, 10 months ago (edited 10 months ago)

I dont want weird archives or anything, just to copy my filesystem to another drive.

For proper backups, you do want “weird archives” with integrity checks, versioning, deduplication and compression. Regular files cannot offer that (at least not efficiently so).

Atemu, 10 months ago

You don’t.

No, seriously. Let the distros package your software; they know how to do that best.