ljrk

Well, yes and no. Matrix is a protocol, yes, but it manifests as a cloud messenger, meaning all the messages are stored on all servers taking part in the conversation. Yes, if you use E2E, these messages are encrypted -- but that's by far not enough for these conversations to be considered "private".

So no, keys matter much, but they aren't everything.

What we need (and they seem to be working on this, as they do actually acknowledge the weaknesses of Matrix!) is true peer-to-peer conversation.

My biggest gripe with Adwaita is the Shell theme. I use Arc for the Shell and Adwaita for everything else (since QGnomeplatform is pretty much hardcoded to Adwaita, sadly). The hard "blackness" of stock Adwaita is just to crass for me, if it would be slightly toned down, I'd be fine I think.

I like the idea of community-driven man pages, OTOH most of them were of quite a low quality (quite some time ago) and gave examples that were bad practice. And, at least for everything POSIX the man pages have really well-written and thought out examples.

Neurodivergent is a broad category. And it ain't a free pass for being an asshole, but anyway.

He's a major de-facto leader, the actual position does, in fact, not matter as it's the role he is perceived to be in. And yes, this perception matters because it is this that forms other peoples opinion on the FSF.

I agree that the line b/w Open Source and Free Software is already too blurry. Ironically though, the people who invented Open Source, like ESR, are supporters of RMS in the letter.

I think the best thing FSF/RMS could do, would be to properly address the -- well known -- problems, and half-hearted apologies don't fit the bill here. This would protect Free Software from malicious free riders on this letter (and there always will be some).

Sorry for the late reply -- the last week was a bit tiring and I didn't feel able to give enough attention to a reply :)

I think you're very right about it mostly coming down to perception. While I'd personally have wished for a more direct stance from Debian, I think I understand better now the ideas behind it. Thanks!

At least in Europe the EFF together with the Chaos Computer Club are quite successfully pushing for Free Software (and related issues). But they're still getting there and obviously they didn't want to "steal" the FSF topic from them. Although I guess this is what this will develop into, over long term.

I'm not good enough in anything wrt. law as to know whether this could be a problem, as this also depends very much on the country we're talking about. But I agree that this is a minor issue.

Again, thanks for taking so much time for the discussion, it was really educating and helped me see other viewpoint(s)!

If you target a binary for dropping a backdoor you usually want to build a binary that runs everywhere. My guess is that they could figure out how to build a drop-in systemd that they could compile once and worked on all major distros. This would be much harder with the kernel itself.

Regarding how it is setup: Often backdoors & exploits are sold in packages and combined when attacking the victims. Depending on the group behind the specific attack, the exploit used for setup may be different on each deployment.

Well, reading documentation is a skill people need to acquire as well, hopefully your documentation will help her learn this skill soon :)

Oh, and thanks for the kind words!

What a load of bullshit. You can, in fact, install the new Ubuntu versions and flavours, it's just the upgrade path that isn't there yet -- which is actually quite common. LTS releases even wait for the .1 release before enabling upgrades.

There are two sides of SecureBoot: The "MS is the only CA" side and the "You can have measured and signed boot". The former is, unanimously, agreed to be bad. But this isn't something the Linux community can protest by not allowing for the latter to happen.

The latter is actually a really great addition wrt security. Your full disk encryption is shite when you pass borders, if you don't sign your system binaries. Travelling, at least before Covid, wasn't that uncommon, I've heard.

All the cases where the FBI is whining about not being able to unlock iPhones? It's because Apple uses a combination of signed, attested boot and encryption. Do we really want a Linux which is less secure than your average smartphone? Or even a fucking Windows?

This "problem" here affects those who want to upgrade now. But this group is also capable to deactivate SB or custom-sign the shim. All regular users don't care and upgrade when it's ready.

Documentation is hard to get right, and something than is often taught wrong and with the wrong goal. It's not amount or "coverage" that matters, it's making it available exactly where it's needed.

It's like comments: Comments are not intrinsically good, they are a necessary evil (Uncle Bob).

I don't think it's an exploit, it's a backdoor. So someone who already had access drops this binary which then allows for further control by a CoC server.

No suspend right now is a bummer, but promising. Does it also support serial?

Uh, Sun Microsystems basically offered cloud computing before everyone else, but...