• 1985MustangCobra@lemmy.caEnglish
    95·
    4 days ago

    “I use Gentoo sir and my DE is i3, I brought my dotfiles if you would like to see them”

    “Son, it’s great to have you here. HONEY IM TAKING STEVE TO THE OFFICE!”

        • lennivelkant@discuss.tchncs.de
          14·
          4 days ago

          Really, the metric we should be looking at is (f+a)/b where f is some subjective weighted measure of functionality, a of aesthetic value and b describes the bloat.

            • lennivelkant@discuss.tchncs.de
              1·
              8 hours ago
              1. That’s a personal preference. Many people do care about aesthetics and I don’t think invalidating their taste is fair. Hence, if you wanted to add factors accounting for that preference, you’d have to define some additional variable for it.
              2. If a is a subjective measure of aesthetic value - as it must be, since taste is a subjective thing - you might as well include the factor already.
              3. If a is normalised against some fixed scale, but bloat (having effectively no upper limit) is impossible to normalise, it would be more reasonable to increase f instead in order to model the fact that a larger distro may also come with more functionality.
              4. You don’t need the extra parentheses around 0.5*a
              5. We’re both fucking nerds and I love it
    • josefo@leminal.space
      49·
      4 days ago

      The trick is securing a marriage before using Linux, if try the other way around it doesn’t work.

        • y0kai@lemmy.dbzer0.comEnglish
          6·
          3 days ago

          I know correlation ≠ causation, but I really want to believe your relationship was ruined because your wife was sneaking out in the middle of the night to use Windows

      • z3rOR0ne@lemmy.ml
        17·
        4 days ago

        I don’t know. I’m pretty sure one of the many ways you can end a marriage is installing Gentoo and saying “I’m just gonna go and compile my kernel.” to your significant other, then go to your computer and just never be heard from again.

      • Marthirial@lemmy.world
        2·
        3 days ago

        Can confirm this works. Windows user thru single life. Married, switched to Linux on my laptop. Now separated and life in ruins but a smile always sneaks in booting up Kubuntu.

    • toynbee@lemmy.world
      8·
      3 days ago

      I dated and married.

      I love the story of how I met my now-wife. It was on IRC. When I was trying to start to meet women, I never would have guessed that that would be how I met my future wife.

        • toynbee@lemmy.world
          3·
          3 days ago

          I’m not sure I’m succeeding, but I’m trying hard to be good to her. She’s the best person I know.

          Last time I touched grass, I hyperextended my already injured ankle. I’m super tentative about that kind of thing now.

    • superkret@feddit.org
      15·
      4 days ago

      I don’t date because women are proprietary.
      You can share them with the community, but you can’t modify and use them in any way you like.

  • katy ✨
    23·
    3 days ago

    you there, what distro do you use?

    distro? why it’s arch linux, sir

    • ilinamorato@lemmy.world
      9·
      3 days ago

      “Run and buy that turkey in the shop window and I’ll give you a shilling!”

      “For what reason do you want a turkey on your Arch Linux, sir?”

  • Possibly linux@lemmy.zipEnglish
    18·
    3 days ago

    For a while the deepin desktop’s looked pretty cool. It got old quickly though and it doesn’t seem like they are innovating as much.

    • Moobythegoldensock@lemm.ee
      103·
      4 days ago

      It’s by a Chinese company, and collects telemetry on its users via Umeng+, which is a Beijing-based analytics company. Even though it’s open source, the code is large enough that it’s hard to tell if there is anythinf compromising in there from the Chinese government, and/or whether/what data collected by Umeng+ is making it to the Chinese government.

      • HEXN3T
        21·
        4 days ago

        It’s unfortunate, because I really like the DE. Real stand out. If it were more trustworthy, it’d be my first choice.

      • kinther@lemmy.world
        4·
        4 days ago

        I mean a simple

        grep -r “string” *

        Does wonders to find anything, but you need to know what you’re looking for. I’d probably look for DNS names that end in government or China specific TLDs to start with.

          • kinther@lemmy.world
            2·
            2 days ago

            I know you’re be facetious here and I’m ignorant to actual application security methodology. I do have to ask though, when you are looking for something in code that could be a security risk, isn’t it possible to look for methods or functions used to lookup DNS, outbound network calls, or even libraries used to obfuscate code? It seems to me that most programmers wouldn’t go through lengths to obfuscate their code and would want it to be readable/maintainable, so doing so would be a red flag.

            Obviously no one is going to search for “evil spyware” when auditing code. Your point stands it is not as simple as that.

            • PotatoesFall@discuss.tchncs.de
              3·
              2 days ago

              You’re totally right, I just think you underestimate how long it takes to rigorously audit a whole codebase. Let’s say you look for outvound network calls. Now you need to figure out for all of them whether they are malicious, which will require specific domain knowledge. And that’s assuming you find them all, the network call could be hidden away in a dependency. None of this is impossible but it requires a serious effort.

        • Badabinski@kbin.earth
          10·
          4 days ago

          it’s trivial to break that approach by obfuscating strings. You can do things like using base64 encoded strings in the source code, building strings from smaller component parts, or using rot13 on, say, the host component of a URI. That last one could be pretty interesting if you, as a threat actor, owned both permutations. The hostname (minus TLD) in the source code could be the nice, human readable version (www.happysite.org) that appears to be something legit. Then, when you rot13 it to www.uncclfvgr.org, traffic is sent to the evil site doing scary things. People can be far more tricksy than that. There’s also the whole issue around whether or not the binaries you’re running actually match the code in the repo. The xz kerfuffle showed how much can be hidden that way.

          EDIT: I should make it clear that I don’t use Deepin or the DE it provides because I only use WMs with no desktop, so the distro and DE are of no interest to me. I don’t know if it’s a security hazard or not, I have no horse in this fight.

    • snpzrik@midwest.socialOPEnglish
      43·
      4 days ago

      First time seeing hate for deepin. What’s wrong with it?

      Western concerns about connections to Chinese government

      Radware’s head of threat research has commented on concerns about analytics collected by Deepin, and whether these are sent to the Chinese government: while the CNZZ analytics service has been removed, analytics are still collected, now by “Umeng+”.[29] According to cybersecurity lawyer Steven T. Snyder, due to the sheer size of Deepin’s codebase, it is impossible to really scrutinize all the code comprising it to be sure the Chinese government doesn’t have backdoors.[29] The project does remain fully open source allowing anyone to review, modify or change the code to meet their standards.

      • fl42v@lemmy.ml
        36·
        4 days ago

        due to the sheer size of [the] codebase, it’s impossible […] to be sure [it] doesn’t have backdoors.

        Meanwhile Linux and systemd 4rbnv4-3566887808

      • emeralddawn45@discuss.tchncs.de
        10·
        4 days ago

        This is ridiculous. If someone could write the code, someone cluld analyze it. If noone has found anything suspicious or incriminating then this just seems like anti china propaganda. “Maybe this Chinese company is collecting data! Even though their code is publically available we cant know for sure!” Meanwhile every US company is sucking up telemetry on every keystroke. Like what a thing to argue about when Microsoft, Samsung, Google, Meta, etc etc exist. And tbh, id rather china have my data then the US anyway. The US is both more likely and more capable of using it against me.

    • HStone32@lemmy.world
      22·
      4 days ago

      Not just deepin, but really any piece of software made by a Chinese or Chinese owned company should be treated with suspicion. At least, until the inevitable fall of the CCP occurs.

      • emeralddawn45@discuss.tchncs.de
        19·
        4 days ago

        This is insane. US companies blatantly collect data, meanwhile a chinese company releases OPEN SOURCE software that hasnt been shown to do anything malicious and your response is “but maybe they somehow hid some tracking in there”. Bro examine your prejudices.

        • sabreW4K3@lazysoci.al
          9·
          4 days ago

          What gets me is how everyone can spout this shit and not feel any shame. Somehow it’s okay when US companies do it, but even suspecting the Chinese is enough to shun something. I’m disappointed to see all the upvotes this bigotry gets.

        • SitD@lemy.lol
          42·
          4 days ago

          it’s a Chinese distro that looks very pretty but pays a heavy performance penalty

          • nfms@lemmy.mlEnglish
            8·
            3 days ago

            Of course the there is also the stigma of Chinese government telemetry embedded in Deepin

            • SitD@lemy.lol
              6·
              3 days ago

              well the thing is it’s open source. that is no guarantee for safety but with some popularity it’s as close as it gets. many people would probably love to write a paper about the Cybersecurity of deepin - especially if there are juicy issues.

            • SitD@lemy.lol
              4·
              3 days ago

              i had this DE for a while and liked it. for example it has a simple right click menu for per-application-scaling as far as i remember. and it’s pretty.

              but yeah not exactly something for gaming.

    • thedeadwalking4242@lemmy.world
      13·
      3 days ago

      Deepin is a desktop environment (windows is the desktop environment for the “windows” os) deepin runs on Linux. There are other desktop environments like gnome and kde. Which are open source. Deepin is a Chinese gov de

  • kekmacska@lemmy.zipEnglish
    13·
    4 days ago

    just use Garuda if you are a gamer, Qubes or Tails if you wear tin foil as your hat, Mint or Ubuntu if you barely know anything about computers, Arch or Void if you like to tinker with your system, Slackware or Gentoo if you hate yourself, Alma or Debian testing if you need a secure server, openSuse Tumbleweed or Kde neon if you like KDE and productivity