128 comments

[ 3.5 ms ] story [ 234 ms ] thread
Nope, and they’ve proven time and time again that we can’t trust them in any way shape or form
https://web.archive.org/web/20230315200925/http://antitrust....

What did changed since Microsoft used ACPI as tool against Linux?

Enforced Auto-Updates, Ads, Cloud Account enforcement, Blocking Firefox partially in Teams [1], Setting Teams as Browser (Edge?), WSL (intent is not compatibility, it is to prevent migrations to Linux), Azure is a giant security problem and finally the deal with Qualcomm (hinder Linux on ARM) like we are in the 90ies?

The crap named Secure Boot with Microsoft as Certificate Authority. After certificates proofed to be miserable on the internet for 25 years. What about signing with a user generated private key (stored in a keyring or similar) of the superuser and storing the public key in the UEFI? Which would be simple and reliable. No. Microsoft opted for the solution which depends on their goodwill and the biggest possible attack surface.

And Pluton looks so awkward that Lenovo and Dell turned it immediately off.

I will not trust them. Their business model is greed, making the users itself hostile actor against all others. Using something intentionally incompatible and borked isn’t “your department”. You harm others with incompatible APIs, ABIs, weird “Word” files and Teams.

I didn’t considered to use DotNet. GNOME removed it a long time ago and it is fine (Tomboy/Mono -> Gnome/C++). The only thing which seems good is LSP. But the hard work is done by CLANG and others. Not Microsoft.

[1] Teams worked six months ago flawlessly with Firefox. Even screen-sharing on Wayland. But they greyed out and blocked the video-call button. Until I figured out that I can initiate calls through the calendar…lol. It is like 2001.

"yOu cAn cHaNgE sEtTinGs"

I watched my computer reinstall edge, reinstall/hijack my drives with onedrive, re-add ads... But I left Windows for Fedora.

I felt offended that I didn't know about Fedora before. Like, there was some hatred toward Microsoft and Canonical for hiding a 10/10 OS. Angry at M$ for bribing schools. Angry at Canonical for free CD marketing that made crappy Debian-family the standard for 10+ years. Likely irrational.

But Fedora has been an option and I didn't even know.

What makes Fedora better (apart from having more recent packages)?
bookmarked for the response.
No snaps, better reliability during upgrades, more trustworthy devs.

That was enough for me to switch some of my machines.

I never upgrade Ubuntu straight away, because I don't want to deal with broken packages.
Imagine a world where the distro tests its updates.

You should check out Fedora.

If someone is looking for a snap-less system, but will like to stay in the Debian/Ubuntu ecosystem, do give Linux Mint a look.
Canonical is patching, more than Debian. Which is causing own specific bugs. Upstream developers don't like that. The attack through the xz package is just one last example. Fedora also patches but limit it to small changes e.g. transparency for the Gnome-Terminal.

But Canonical is not just patching. Their launching counter-projects:

    * Mir instead of Wayland
    * Unity instead of GNOME
    * Upstart instead of Systemd (Upstart is older but just SysVInit with patches)
    * Snap instead of Flatpak

Canonical always tries to push own stuff and harms the community. Usually Red Hat and the community oppose and win because:

    * they are better
    * and stronger
What Canonical does well is shipping closed-source drivers (a thing which we don't want) and libraries for codes and their installer is neat. Fedora instead requires you the add RPMFUSION but delivers a clean GNOME, fast updates and don't try to ship weird stuff. I install Fedora for all regular systems which shall require little to no maintenance. Especially for non-technial users.

For professional task and my very own system I prefer Arch. They only patch when it is necessary, usually upstream patches. If you want a terminal with background transparency there are packages with patches in AUR.

The distribution should be the choice about installing and package-management, the software (i.e. GNU and Linux) shall be in general the same. It shall not matter "which" Linux you're using.

I agree that Canonical have definitely had a history that feels like Not Invented Here, but so what? That's the real glory of this system, that we can pick out parts and try to do something better.

They've attracted a lot of ridicule from users, members, upstream, but it's their house, their engineering effort. Let's laud their attempt.

Mir, Upstart, Bazaar, AppArmour were all projects that started at the same time as the eventual "winners". It's not wrong to experiment.

Let's also not pretend that upstream always gets it right, or that they do things in concert with the wishes of their users (ffs Gnome).

You've had a lot of issues with debian family compared to fedora?
I have.

Debian is either outdated or a beta distro depending on which route you go. For my servers that don't require bleeding edge packages it makes sense.

However for my laptops, Debian is not a good fit.

This is true for me, I can only use debian testing, unstable, or experimental. Is the grass greener on fedora?
It is rebased every 6 months, and those applications that do not follow semantic versioning can get an exception so they get full updates, to avoid the xscreensaver situation that Debian had.

https://www.jwz.org/blog/2016/04/i-would-like-debian-to-stop...

Wow that author is really bitter. Custom URL redirect if your traffic comes from HN.

Oh it's dna lounge person. I don't know anything else about how they behave, though.

Oh woops, I forgot about the HN redirect.

Hopefully you were able to just paste the link and try again. Basically they had so much noise from Debian users who were running an old version of xscreensaver where the bugs were fixed 4-5 years ago, but Debian decided not to update it.

I would be bitter if Debian treated me like that.

Yes I was, thanks for asking. I think debian does have an issue with absentee maintainers but I am not familiar with how to "do a maintainer's work for them temporarily" when a fix is badly needed.
>> I watched my computer reinstall edge, reinstall/hijack my drives with onedrive, re-add ads... But I left Windows for Fedora.

Had something similar happen when I finally relented to all the constant pestering to upgrade to Win11. I did so reluctantly. Suddenly, I needed to link everything to my onedrive account. Oh, you have an MS365 account? We need that too to set up your onedrive. Oh, you should use teams, let me make Edge your default browser and connect all your accounts to your edge account.

I didn't have any of this on Win10 and now it was just hijacking all my stuff, setting every MS program as the default and after I switched it, it would hijack them all back when I ran the updates. I purposefully keep all my stuff siloed for security reasons and here it was forcing them all together without my permission.

The last time it reset Edge and Teams and forced me to use my MS365 for Teams, that was it. I uninstalled it and then installed MX Linux (Debian based) and have been much happier since. I still have a Win10 desktop and I'm not surrendering that until I absolutely have to now.

Except they changed their mind on their CoPilot+ devices, as it is a required piece.

WSL is the proof how Desktop Linux isn't happening, while everyone keeps pushing for their snowflake distribution.

They aren't alone, Google on Chromebooks, Android, and Apple with Virtualization Framework, are all variants of what WSL achieves.

None of them has bothered to actually support the Year of Desktop Linux.

Regarding WSL, I tried very hard to use Linux exclusively on my desktop for about five years. While native Linux is excellent for servers, the desktop experience still has many shortcomings and unpredictabilities. It often feels like something breaks with every new release, affecting everything from power management to input systems. I grew tired of feeling like I was rolling the dice every time I performed an upgrade. Eventually, I concluded that using Linux on the desktop (at least on a large scale) is just a pipe dream. Although Windows has its problems, WSL provides a Linux implementation with the least friction, in my experience.
I have 100% the opposite experience. I was a Windows user for many years. After heavily using Linux for several months, I cannot work in Windows anymore; it just doesn't make sense to me. I feel like I can never predict what the system will do next. I would open a folder with a bunch of subfolders, and it would show me a progress bar. For almost half a minute. "Why? What the fuck are you trying to do, Windows? Why can't you just simply list the files? I just need to see them, nothing else. How come that literally not a single other file-explorer software does any shit of that sort? And why does it happen every single damn time when I open the same fucking folder?"

Search doesn't freaking work anymore. I can't even find an app that I just installed seconds ago - the search instead would take me to the web, opening Edge. Which is another damn pestilence alongside OneDrive Cloud. "No, Microsoft. I don't care about your damn browser, let me use whatever I want to use... And no, I don't care about your cloud." There's now built-in telemetry everywhere, and they're making it real hard to use the thing on your own computer without logging into an MS account.

I like my Linux. It makes me feel liberated from bullshit. Sure, it can feel brittle, but it doesn't feel "broken all the time". Windows feels like it's fundamentally broken beyond repair.

I've been using some of the most expensive Visual Studio subscriptions for probably decades. This thing is so jam-packed with features, I'll probably never know what half of them do. But I definitely have access to hot-reload.

Anyway, it doesn't really go to the point, but it's funny to me that I've had this hot-reload feature the whole time, and just have never found much use for it. Or maybe I just don't trust it.

IME it can be unreliable and just doesn't end up being all that useful. C# compile times being what they are, it's not such a burden to stop and rerun for minor changes.

Not like my C++ projects which take several minutes to build because Windows Defender wants to use 50-80% of my CPU to monitor the compiler for malware. Wish I could hot reload one TU or something.

I have used it a few times for debugging, as long as you are aware that it's not a guarantee that your changed code works perfectly when run from scratch, it can be useful to iterate changes to a single function without a whole compile>build>debug cycle, just edit the code and see if it changed the behaviour in the debugger.
Remember the quote from Steve Ballmer? "Developers! Developers! Developers! Developers!"

Apple is winning, somehow.

> Apple is winning, somehow.

How is it winning? Apple employees generally need approval to even contribute to any open-source projects that are not their own products.

Apple is only "winning" by selling Macs to devs, but about 90% of devs using Macs don't even write software to run natively on Macs and iOS devices.

No one company can be.
I think that this is spot on. Microsoft can't be trusted with open source... and nor can any other company. The exact logic that the author of this piece (correctly) uses to scrutinize Microsoft also applies to every other business. As soon as the right/wrong person gets sway in the company, the companies will be only too happy to burn their reputation for a short term profit.

I wish that it were simply a Microsoft problem, because that would be easy. Don't do business with them (or build open source efforts around them) and you would be good. But unfortunately, bad actors abound and they will screw you if they get the chance. So you have to make sure no one organization gets the power to cripple you, no matter who it is.

More than who? Amazon, Google, Facebook, Apple, etc.?
Wait, they already ran away with it. ChatGPT.
Trust is a complex thing. It's much more than a rational, game-theoretic or economic equation, it's emotional. Nobody "trusts" Microsoft.

People need it. People fear it, or fear losing it. People suffer it. Or they have no choice due to pressure or policy. Or they don't know any better. Or they are tricked into believing something about it. But in the end, the often forced choice to use Microsoft is a strategically created imposition by a company with billions to spend on manipulation and political manoeuvring.

Gullible people trust microsoft. I work with some of them, sadly.
> Yes, that is right, Visual Studio for Mac is a closed source version of the formerly open source MonoDevelop IDE after Microsoft acquired Xamarin.

Having all of my GPL code ripped out of MonoDevelop so it could become Visual Studio for Mac was the straw that made me write GNOME Builder, GNOME's flagship IDE.

Oh! So you are Christian Hergert, right?

I've been completely deaf to GNOME dev tools for a few years. What are the plans (if is there any) for a reasonably good RAD or ui builder tool (besides cambalache)? Is there any hope for blueprint + workbench turning into something to fill this gap? Was there any progress or plan on the "designable" interface for GTK?

For the record, I wrote this comment some time ago: https://news.ycombinator.com/item?id=35632761

I am.

It's been on my radar for a long time and I have prototypes for one that are bitrotting on gitlab. There are three major design pieces of it.

First, It has an executable that runs in your development container (environment/etc) which means you can load libraries/typelibs/girs/etc just like the app would without crashing the IDE (or Glade in the old days).

Second, everything is an AST node so doing fun manipulations, unlimited undo, etc is just tree mutations.

Third the worker process does the rendering to a render node tree which is then shipped over to the Designer process to render.

The cambalache author and I are friends, so we occasionally talk about how we can make things work to integrate from Builder.

As for blueprint, that is outside of my knowledge area. I still do everything in XML and would prefer a designer to work with trees anyyway. Not sure I'd go the route of mutating a blueprint AST, but I hear it has back-and-fro to XML so that would probably be fine.

Also, if you want to make this a higher priority, lobby my employer (Red Hat) to make sure they know it's important to you.

Secondly, help me with _any_ of my other projects so I have some cycles to dedicate to it. People rarely notice but Builder, Sysprof, Text Editor, D-Spy, Manuals, Ptyxis, etc... are all one-man (split between many) projects and libraries.

Tell us about your Audis!
> I have prototypes for one that are bitrotting on gitlab.

If you are talking about "drafting" I even had a few contributions in 2021. Would love to see it evolve.

I still miss XamarinStudio (MonoDevelop variant). I pay for JetBrains Rider now because it's the closest thing to my memories of the good ol' days.
When I used to work as a freelancer MonoDevelop was awesome since it meant I could work from a decent OS instead of Windows. Thanks so much for your work.
The thing about open source is that you can just fork it. You don't need to trust them.

If the question is actually "Can we trust Microsoft with an Open Source Community?" then it get's more interesting.

>> The thing about open source is that you can just fork it. You don't need to trust them.

That's not always true, particularly for things where a company is the primary developer.

You can prevent takeovers by using GPL license with no CLA.

No license, GPL or otherwise, can prevent the situation you describe. If the project is licensed under the GPL, and the company decides it's not turning sufficient profit while remaining open source, then they'll simply stop working on the project and the outcome is the same.

Any open source project can only thrive if the community puts the effort in. Choosing GPL does not prevent or even lessen the risk that a company will decide to stop putting forth the effort.

But with GPL you are warranted the freedom to fork and even build your own company on top of that.

Look at MariaDB. It was forked from MySQL once oracle decided they didn't want to invest heavily on a competitor from their product.

In the same vein Percona built a succesful product and company on top of MySQL

After all the fiascos of companies changing the license on stuff, I’m a fan of what Linux. No copyright assignment and lots of contributors so relicensing is nearly impossible.
>> Choosing GPL does not prevent or even lessen the risk that a company will decide to stop putting forth the effort.

True, but it prevents the scenario where a company makes a well supported closed version leaving the rest of the community at a disadvantage in terms of development resources.

Suppose a project has 10 commercial developers and 2 hobbyist developers. The company decided to close source and the open source version is forked. The commercial version now has 10 developers while the open version has 2. That's going to be hard to compete. Now if the same project was GPL with no CLA and the company decided they don't want to contribute to open source, they'll cease contributions but there is no closed fork. The project still exists with 2 people working on it but no competing project. Users will stick with the open version as long as it is viable.

>The thing about open source is that you can just fork it. You don't need to trust them.

It gets a bit more fishy when that company does stuff like lobbying governments to make their shitty open source document format the standard, etc

This is true to a point. But there is the risk of building open source applications that are tied into closed source OS stuff. Like you could build some great thing that is completely dependent on Dirext X for instance. Sure you have ht code but it is functionally useless without that missing piece.

There is also the issue of sheer code size/complexity that means even if you have the code, do you have enough people to verify it or is it a case of just waiting until it breaks/gets exploited? That second point is a larger issue of open source nowadays, not just Microsoft.

That's what I've always thought of Open Source... until I found out Open Source projects that are not in the spirit of Open Source. Signal is a big example of that. It's hostile to forks, didn't publish its source code for a year and doesn't have a good documentation.

Same thing for Nvidia, big browser projects like Chromium, and Android. Many Chromium forks died because they couldn't keep up with upstream, except for ungoogled-chromium.

That is why Free(dom) software is better than "open source".

Free software is committed to sharing values.

This is untrue. Both "free" and "open" licenses do the same thing in this context: they are legal documents that tell you what different parties are able to do with the code, but none of the licenses mandate how you run your project: whether you must accept contributions from others, whether you provide a bug tracker, or anything else like that.

Hell, you could have a GPL project that is developed entirely behind closed doors, as long as you always give users a copy of the source code when you release a new version.

Microsoft embraced open source not because it liked it, but it had to, "if you can't beat it, you join it", it is a poison pill if history tells us anything.
Can we trust Microsoft with anything? I certainly trust them to put profit above all else in every situation.
This the crux of the issue. And it’s why you can basically ask “Can we trust <insert profit motive> with open source?” and always answer definitively No. one is collaborative “commons” economy, the other is an attempt to make a deal between a baron and their serfs. Ultimately, each is striving against each other.
Wouldn't a for-profit company like legalised free labor coming from open source project? Or does the control motive interfere with profit motive there?
Can you trust an alligator with your head in its mouth not to eat you?
(comment deleted)
I know a lot of Microsoft people who work in Azure who are big on open source. They know all about KeyCloak, Kubernetes, HashiCorp Vault, Terraform, etc

It’s not your Dad’s Microsoft

Microsoft has also been one of Linux' top contributors. The old days are over, and the shift has been from selling a product to selling a service and making sure those open source projects work best on your service. Ironically both Elasticsearch and Redis didn't like this in spite of having dedicated AWS employees contributing to their projects. At least Microsoft and AWS have a financial incentive to maintaining open source.
Yes. And why ? Because some heretics are not using hyper-V as hypervisor. So microsoft works with Linux to make sure windows can be run as guest.

The day AWS and GCP migrates their workloads to hyper-v will mark the end of microsoft's upstream contribution on Linux.

its not the workers and wealth creators people worry about, rather, its executive leadership and its ability to stand up to investors. Take xbox, phil spencer, gamepass etc. Look at the direction phil was taking things, the direction he wanted to keep taking things, but then compare against the direction it ended up having to take because of investors.

of course the workers are pro opensource etc. Their income is totally divorced from company profit, but through opensource they can at least build a public image that improves employability in a landscape of zero-trust relationships with your employer.

This situation from the article is interesting because it was one of the last obvious "old school Microsoft" vs. "new school Microsoft" battles. And, ultimately, old-school Microsoft lost this fight.