>Do you have any idea of how much money is lost on scams via Western Union? Or how much money companies spend on fraudulent ad views? Insurance fraud? I'm fully aware, that's why I'm upset that the entire design of…
>And if the person is not honest, all it will take is for a few people to lose a small amount of money which is simply not worth fighting for, but it is enough to get those victims to warn others about the scam. I am…
Not really, with Linux it's the same as it would be in BSD if they wanted to avoid conflicts with GPL. You put that code in an optional module and have the user compile it. I am unsure as to why BSD people seem to think…
>You can add an escrow system or even use a reputation-based approach as a way to manage fraud, but the idea is that it is optional. If all you want is to buy some cheap and fast content online, you can't do that with…
I can't see how that is the point, I honestly don't understand what cryptocurrency provides there at all. I've seen nothing about it that suggests it has some kind of novel solution to fraud prevention; no chargebacks…
>Should we be telling all the sex workers and adult entertainers that we should be better at "building trust" Given that the reason there was controversy around OnlyFans was because of scandals about child sex…
That has not been my experience. The issues are with licenses other than BSD but that's the same in Linux; Linux can also use BSD code, a lot of Linux code is actually dual licensed as BSD already.
Docker wasn't dead 5 or 6 years ago when I heard about this. In my experience some things are easier to implement in Linux and some are easier to implement in BSD. I don't particularly care for BSD's internal politics…
Sorry, then I must be remembering some other issue. The effort to port docker to BSD seems to have disappeared. >And yes, having to use root is a major issue. Looks fixable though. AFAIK it took a long time to get this…
FWIW I think the goal has been to put security in some other layer that's more appropriate. You can add those type of APIs to Wayland but you'd have to also implement a security mechanism, which is non-trivial. D-Bus…
Side note: I suppose you could chroot to /.
>conflates the X protocol and Xlib which nobody was using to write new software even back then. They are mostly synonymous, there is a large amount of software using Xlib that will likely not ever be rewritten to use…
Any mechanism that allows you to listen to hotkeys at will is about as insecure as running a program as root that snoops keys; either way you're vulnerable to keyloggers. The X implementation is quite insecure as well…
This comment isn't really correct all, it's not possible to do that with the architecture of X. The best you can get is XSecurity and its related extensions, anything more than that is going to break the protocol. There…
Open source doesn't really work like that, there is no top-down decision maker setting priorities for what should be done in any given distribution. Usually what happens is you wait until it becomes enough of a problem…
I don't see why. BSD and GPL are equally compatible, it doesn't matter which way you go. I can see why they wouldn't want a GPL component to be mandatory but it can be made an optional component for Linux compatibility…
A lot of the various security options in systemd: https://www.freedesktop.org/software/systemd/man/systemd.exe... The sandboxing and mount-related ones are implemented with namespaces, and the idea with them is to not…
Not anymore, unprivileged user namespaces make it so you don't have to do that. That's how podman's "rootless containers" are able to work.
In my experience, both Linux developers and BSD developers don't seem to care too much about porting things to the other's operating system. If you want to do things the Linux way you can use Linux, and if you want to…
I haven't tested runj but just from looking at it, it seems it is not fully compatible with everything that runc does because the OCI itself specifies a lot of Linux-specific functionality.
>Yes, the Linux API seems more flexible, but when you think about it, it really isn't, because all the models that actually make any sense can be implemented using simpler interface, which is what jails provide. Not…
I'm using them for several things but the most straightforward one is probably that namespacing can be gradually added to services, you most likely see benefits from this already if you use systemd. That's one way that…
You can just compare the APIs, namespaces are like the individual components of a jail. You can use them to build something like a jail, or something different that has a different security model. This was discussed a…
>The attitude exhibited by GTK and GNOME developers on their issue trackers and the unstable nature of KDE apps on Wayland has made me cynical about GUI on Linux. I think you're misinterpreting the attitude, or rather…
And all the other ones: https://man7.org/linux/man-pages/man7/namespaces.7.html BSD jails are similar but not quite the same thing.
>Do you have any idea of how much money is lost on scams via Western Union? Or how much money companies spend on fraudulent ad views? Insurance fraud? I'm fully aware, that's why I'm upset that the entire design of…
>And if the person is not honest, all it will take is for a few people to lose a small amount of money which is simply not worth fighting for, but it is enough to get those victims to warn others about the scam. I am…
Not really, with Linux it's the same as it would be in BSD if they wanted to avoid conflicts with GPL. You put that code in an optional module and have the user compile it. I am unsure as to why BSD people seem to think…
>You can add an escrow system or even use a reputation-based approach as a way to manage fraud, but the idea is that it is optional. If all you want is to buy some cheap and fast content online, you can't do that with…
I can't see how that is the point, I honestly don't understand what cryptocurrency provides there at all. I've seen nothing about it that suggests it has some kind of novel solution to fraud prevention; no chargebacks…
>Should we be telling all the sex workers and adult entertainers that we should be better at "building trust" Given that the reason there was controversy around OnlyFans was because of scandals about child sex…
That has not been my experience. The issues are with licenses other than BSD but that's the same in Linux; Linux can also use BSD code, a lot of Linux code is actually dual licensed as BSD already.
Docker wasn't dead 5 or 6 years ago when I heard about this. In my experience some things are easier to implement in Linux and some are easier to implement in BSD. I don't particularly care for BSD's internal politics…
Sorry, then I must be remembering some other issue. The effort to port docker to BSD seems to have disappeared. >And yes, having to use root is a major issue. Looks fixable though. AFAIK it took a long time to get this…
FWIW I think the goal has been to put security in some other layer that's more appropriate. You can add those type of APIs to Wayland but you'd have to also implement a security mechanism, which is non-trivial. D-Bus…
Side note: I suppose you could chroot to /.
>conflates the X protocol and Xlib which nobody was using to write new software even back then. They are mostly synonymous, there is a large amount of software using Xlib that will likely not ever be rewritten to use…
Any mechanism that allows you to listen to hotkeys at will is about as insecure as running a program as root that snoops keys; either way you're vulnerable to keyloggers. The X implementation is quite insecure as well…
This comment isn't really correct all, it's not possible to do that with the architecture of X. The best you can get is XSecurity and its related extensions, anything more than that is going to break the protocol. There…
Open source doesn't really work like that, there is no top-down decision maker setting priorities for what should be done in any given distribution. Usually what happens is you wait until it becomes enough of a problem…
I don't see why. BSD and GPL are equally compatible, it doesn't matter which way you go. I can see why they wouldn't want a GPL component to be mandatory but it can be made an optional component for Linux compatibility…
A lot of the various security options in systemd: https://www.freedesktop.org/software/systemd/man/systemd.exe... The sandboxing and mount-related ones are implemented with namespaces, and the idea with them is to not…
Not anymore, unprivileged user namespaces make it so you don't have to do that. That's how podman's "rootless containers" are able to work.
In my experience, both Linux developers and BSD developers don't seem to care too much about porting things to the other's operating system. If you want to do things the Linux way you can use Linux, and if you want to…
I haven't tested runj but just from looking at it, it seems it is not fully compatible with everything that runc does because the OCI itself specifies a lot of Linux-specific functionality.
>Yes, the Linux API seems more flexible, but when you think about it, it really isn't, because all the models that actually make any sense can be implemented using simpler interface, which is what jails provide. Not…
I'm using them for several things but the most straightforward one is probably that namespacing can be gradually added to services, you most likely see benefits from this already if you use systemd. That's one way that…
You can just compare the APIs, namespaces are like the individual components of a jail. You can use them to build something like a jail, or something different that has a different security model. This was discussed a…
>The attitude exhibited by GTK and GNOME developers on their issue trackers and the unstable nature of KDE apps on Wayland has made me cynical about GUI on Linux. I think you're misinterpreting the attitude, or rather…
And all the other ones: https://man7.org/linux/man-pages/man7/namespaces.7.html BSD jails are similar but not quite the same thing.