Fuck Yankies

  • 0 Posts
  • 35 Comments
Joined 1 year ago
cake
Cake day: June 29th, 2023

help-circle

  • It’s not a question of being a geek, but securing your entire supply chain. If you don’t already vet container image layers and cosigning said containers, chances are you’re already in risky rivers all the same.

    In essence the rooted mode was never that big of a risk when compared to the actual runtimes. Certain attacks don’t even care about being in a user container if it deals with breaking the kernel itself, even with SELinux and AppArmor taken into account.

    Rootless containers aren’t a magic bullet as a result. The only thing that you should concern yourself with is what you’re pushing to prod, how you layer your images and cosigning so that you can source… every mess… to every desk jockey junior…

    You…

    Do not…

    Mess with my infra.

    1000000363







  • This is the contentious part and also why I left Fedora.

    Don’t get me wrong, you’ll be hard pressed to find a better community, better support or even a more innovative bunch. Besides RedHat’s involvement, Fedora has been in the vanguard for desktop technologies like PipeWire, Flatpaks, Wayland, heck they were one of the first to push systemd.

    But my problem is that since RedHat holds sway over the Fedora leadership we cannot guarantee that the community will have the users best interests at heart.

    So when people say “use a community distro”, they mean a non-captured one.

    And again; Fedora is awesome, the community is awesome, been using it for years, but switched to NixOS like a month ago because I don’t trust the direction RedHat/IBM is taking Fedora.

    Most likely they’ll push some of these projects to Fedora, make them maintain the projects, then some years down the line sell those projects as apart of their service.

    There is a conflict of interest here and a clear opportunistic angle. RedHat wants to use the Fedora community as a free of charge testing grounds, in effect creating a userbase of free QA testers for future software.

    This is predatory, it is an insult to the community, but the community is captured, and therefore will play ball with RedHat. This is the problem. If the community would give some assurances and protections, that would be nice, but so far it seems the Fedora community is more than willing to play ball with IBM/RedHat.





  • Fríggin’ finally. Talk to some of the fediverse people on Matrix or Discord regarding monetization and they’ll lose their tiny little minds.

    The most belligerent ones seems like a bunch of anarchists and tankies who couldn’t give a flying crap about independent or small businesses, such as content creators, all the while forcing content creators to stay on the large platforms (like YouTube, Patreon, etc) unknowingly going nowhere.

    The fediverse needs to spearhead ethical monetization, and no: relying on the “honour system”, unlimited CC distribution and attribution while hoping you’ll get money through BitBucket donations is not a way to pay rent. It’s yee olde “trust me bros”, but instead of massive corporations, it’s a boys club of ideologically finagling molluscs.

    Give me exclusive (or locked content), direct donation functions and subscription functions. Build it, and they will come. Ignore it, and most likely some unethical businesses will co-opt everything (like Meta) and just steamroll the whole movement.

    Be anti-capitalist. That’s fine. But don’t be one of those guys who think you’re just one day away from the revolution. That’s dumb. Let’s bring monetization to the fediverse!




  • See, the thing that pisses me off and is the reason why I moved away from Fedora (Silverblue) about a week ago is that Fedora is the base of RHEL. Future RHEL’s will be based off Fedora. The community therefor is providing free development for their pricey enterprise solution.

    Now they’re adding insult to injury by wanting to enable telemetry metrics on the by default, claiming that the user has to opt in to report anything, but the fact is that the ordinary user might be paying that much attention. Sometime after the EULA might change and all that tasty dara will probably be harvested.

    This is the threat of it. The Fedora community has been one of the best, if not the best Linux distribution community out there. Now RedHat/IBM is sowing the seeds of distrust and will in all likelihood transform Fedora into a husk of its former self, much like Cannonical did to Ubuntu.

    It’s becoming such a drag to see that these corporate entities are turning tail and taking their community projects in the same direction as Microsoft, Google and Apple.




  • Not a problem :) just answer directly next time. In any case:

    It’s not that they became the biggest contributors out of nowhere you know. It’s not like they did it out the love in their heart and because of ideal, morals and ethics. It was seeing the writing on the wall and not wanting to be left behind. Remember both Microsoft and Oracle tried to sue various Linux distributions and the kernel maintainers themselves because they claimed that they or one of their subsidiaries had intellectual property that Linux was using - which was patantly false (pun intended).

    In modern times they push to prevent moving away from GPL2 to something like GPL3 because they’ve already gamed the license - especially Oracle, which allows them to contribute back as little as possible, and they couldn’t have done that if they weren’t benefactors and members of the Linux Foundation.

    Some would even say Microsoft’s “embrace, expand & extinguish” tactic is still well and alive to this very day. And we’re talking about the company that has a history of hidden licensing fees.

    In any case, I guess SuSE is more trustworthy than all of them - again because of historical presedence. But I’m still sceptical!

    In regards to Microsoft, IBM and Oracle? I’m cynnical. But it’s deserved cynicism, because of the afformentioned historical presedence.

    I’m not saying that people, organizations, companies, corporations, governments, multinationals, etc can’t reform… buuuut… yeah. All of these companies have a horrible history of patent wars and subverting consumers, as well as open source projects. Soooo… yeeeeeaaaah…