This is terrific. Thank you for starting this discussion.

I don’t think we can or should wait for individual users to make these decisions. Server admins are the ones who understand the risks and so should make this call. Guidance for server admins based on past experience (cough XMPP!) should be quite welcome.

I might refine the bit about altered API versions to really focus on the real problem: proprietary extensions. We probably want to leave the door open to try out additions to the spec that come with detailed RFCs.

But we know from XMPP that proprietary extensions are a huge problem.

I’m planning the same.

Let’s not defederate from every corporate player. Some of them can probably respect reasonable rules of civility.

But fuck Meta. We already know how this plays out.

We know there’s a huge wave of hatred and misinformation incoming. We’ve seen it on their other platforms.

Yeah. I’ll switch to an instance that is defederated from Threads, if mine doesn’t.

I left Meta’s other properties to avoid state sponsored hate speech. I won’t use a platform that gives hate speech a platform.

I don’t need to wait to know if Meta will do that. I already know.

I assume you mean to check on his often they’re is the breaking changes? :)

Declarative style isn’t perfect, but it’s a massive improvement from straight bash scripting.

I think you’re looking for Ansible. Have fun!

The difference between an Anible playbook and a script, is Ansible has a ‘check’, ‘change’, ‘verify’ pattern, and is declarative (meaning that once the playbook is made, it tends to keep working on future versions of Ansible.)

Awesome. Thanks!

It’s the year of the Linux desktop! /s

But seriously, I think I’m going to buy a SteamDeck.

Would it be enough to be able to run .deb packages on fedora?

Unpacking a .deb on Fedora, or unpacking an .rpm on Ubuntu isn’t a big deal. The files inside are often actually identical.

But would not be useful because the files inside usually rely on shared libraries, which may or may not already be installed. Those shared libraries are installed in different places on each Linux distro. Figuring out which ones to ask for (and making sure the program can find them) is the real work that the .Deb or .RPM installers do.

A fun way to try this out is with Portable Apps. Anything called a “portable app” either doesn’t use additional libraries, or carries the libraries it needs with it.

If you find a portable app for Ubunutu, there’s a good chance the Fedora version is an identical file, and works fine on Ubuntu. There’s lots of reasons it might not work, but it can be fun to try.

For the most part, the only reason any Linux program is unavailable on a different version of Linux is that no one has bothered to build the necessary installer for that combination of program and OS.

.RPM was supposed to solve this by being universal, since any other OS can implement it to match .Deb was supposed to solve this by being universal, since any other OS can implement it to match (about 60% actually do). I think Flatpacks and Snaps might solve this by being universal, at some point…

Source: I’ve built installer packages for various operating systems.

Same here. I daresay my phone is now finally again as nice as in the early days of smart phones.

That’s the most evil thing I’ve heard in awhile, and I would absolutely make use of it anyway.

Some amusing context (as a big Mercurial fan, myself):

According to the 2022 Stack Overflow Developer Survey, Mercurial is the 4th most popular response, beaten only by Git, Subversion, and “I don’t use version control”.

Git was roughly 94x as popular as Mercurial.

“I don’t use version control.” was a bit more than 4x as popular as Mercurial.

Good point!

By shear numbers, most companies are small mom and pop owned businesses.

Edit: The VC shills are out in force. Go read an economics paper if you’re serious about learning something.

Words matter. You’re using yours poorly.

Based on my experience with venture capital, I’m not convinced venture capital has ever produced anything worthwhile.

For 10 million and up, you’re exactly right.

But let’s not forget that the vast majority of multimillionaires are a retiree, out there minding their own business spending down their 2 or 3 million in savings buying breakfast at senior discount restaurants and driving a three year old luxury sedan with heated seats, back to a forgettable house in the suburbs.

Retiring with a couple million dollars is becoming commonplace, and it’s about the right number to retire with, in certain places, to leave almost nothing behind at death.

Being a multimillionaire is not “endless wealth”.

We need the multimillionaires on our side if we’re going to beat back the perversions perpetrated by the billionaires.

Holy cow! Stop the presses! /s

it seems like some kind of data breach happens every other week.

Yep.

Nobody ever does anything about it besides issue a generic corporate non-apology that was written by their legal team.

Ironically, the lawyer hours to write the non-apology are pretty expensive, right from the start. Beyond that, IBM thinks the average breach costs the company 4.4 million dollars.

Companies tend to get serious about breach prevention after a breach.

But the same leadership who couldn’t retain Cybersecurity experts on staff before the breach doesn’t magically become good at hiring Cybersecurity experts after the breach.

So I suspect that most pay too much money for too little talent for their needs, and remain at high risk of another breach.

I have no doubt that several sketchy companies know more about my online activities than I’d ever want them to.

Oh yeah. Very much so.

To end this on a more positive note, the biggest single improvement a person can make right now, in my somewhat random, but informed, opinion, is to switch to the Firefox browser.

I could probably be convinced that installing uBlock origin or installing a PiHole are stronger, in a friendly argument over a round of drinks.

Of course, all three of those are compatible, for the truly paranoid.

In fairness to CCleaner, there’s lots of other organizations that were victims of MoveIt’s breach.

“mass exploitation of a vulnerability in the widely-used file transfer software MOVEit has allowed cybercriminals to steal data from a dizzying array of businesses and governments…” - Wired Article on the MoveIt breaches

Trusting MoveIt was regrettable, but lots of folks made the same mistake.