Omarchy and CachyOS are very interesting but they do not look serious about security [0] [1].
I mean in this day and age we all agree you need disk encryption (for a least 20 years) but what about SELinux, application sandboxing for example?
Especially for a desktop OS like Omarchy shipped with a bunch of apps and "plugins".
This has been a Linux Desktop weakness for more than a decade (compared to macOS, Windows and Android). App sandboxing is a bit sketchy and hard to get right.
The fact they do not explicitly state their strategy regarding those things make me believe this is a bit amateurish.
> Especially for a desktop OS like Omarchy shipped with a bunch of apps and "plugins".
Omarchy is _just_ a set of scripts to have a nice looking Arch Linux and some helper scripts for day to day tasks. It's not a distribution per se, it doesn't have repositories or packages of its own.
Therefore, your criticism of app sandboxing is more for Arch than Omarchy IMHO.
> Therefore, your criticism of app sandboxing is more for Arch than Omarchy IMHO.
I've never been an Arch user but deeply respect the project since their wiki as always been my favorite documentation.
From what I understand Arch is very much DIY, non opinionated and you you need to decide and build the security level / strategy that fit your needs. It seems you can go Flatpak, SELinux but only if you want.
I was kind of lurking for an equivalent of SecureBlue in the Arch world, meaning an Arch derived distro with a strong security posture. Allowing me to get started without worrying too much about it.
At the end of the day, you do you, but my experience with SElinux is that using it on the desktop is vastly overkill.
At a high level, the essence of SElinux is to limit the possibilities of exploitation and escalation by carefully specifying which process can access which resources in which context. Now that makes sense for a server opened to the www, or a host shared with untrusted users. But Omarchy is a _sole developer_ focused flavor of Arch Linux, think your typical dev laptop. There's no service exposed there, you most likely can't even listen on the internet behind your typical home router. The realistic threats that you face is your laptop being stolen (which is why LUKS is a default) or your laptop sitting unlocked (which is why hypridle & hyprlock are a default).
Of course there's always the tails of a compromised software, but it's much more unlikely.
The distributed development model makes it tricky, because distributions themselves aren't necessarily the developers of sandboxing solutions, there's multiple approaches, many are incompatible with each other, none are fully mature and support every tool users could realistically want to run.
Same with selinux/apparmor/competitors, they're all mutually exclusive to some degree and have different pros and cons. RHEL shoves selinux down everyone's throat without caring how well that works in practice, and coincidentally 100% of RHEL systems I've interacted with have it disabled.
Until there's solutions that are mature, the best solution for distros is still to let users choose the lesser evil for their specific use case.
> European security depends on winning the Ukraine war.
This is absurd.
Before 2021 and people were told to "care" about it, Ukraine was a "Westworld" type place for Europeans and others.
If European security depends on Ukraine, why didn't Europe sent any troops there?
This is very new, we fight an existential war now without sending any troops, money should be enough.
Anyway the fact is almost 4 years in Ukraine is probably dead demographically. You can't really reboot a country after having so much of its "fighting age" male population dead. Especially because the one who will be left will be deranged, violent and addicted to all sort of things.
And then having this type of nightmare on or within your borders is another pandora box.
So now whether the EU declares it wins or looses the war, it has lost anyway.
On the EU internal politics side, we are literally living in the Star Wars prequel trilogy. No need for much explanations.
> Anyway the fact is almost 4 years in Ukraine is probably dead demographically. You can't really reboot a country after having so much of its "fighting age" male population dead.
You should actually look up the facts before making assumptions. Or, for example, actually visit Ukraine. Currently conscription is between ages 25 and 55; mobilization of younger men is not done specifically to ensure the next generation is not depleted, and men of all ages are fighting. You're actually more likely to get called up if you are in your 30's and 40's than if you are younger.
There's about five million males currently in Ukraine in that age range, of which under 100,000 have been killed and under 500,000 wounded. That's just not an existential crisis at all. Germany the country survived WW2, and about half of their male population died in the war.
This matches the on-the-ground reality: I've visited plenty of Ukrainian cities during the war, and there are plenty of males of all ages. Including young males. Any crisis they face is the same birthrate crisis that all developed countries face. And hopefully, the psychology of war will help reverse that --- Israel also has a notably high birthrate.
> Especially because the one who will be left will be deranged, violent and addicted to all sort of things.
I personally know quite a few Ukrainian soldiers who have seen action. They're all well functioning people. Combat when you're on the side of good rather than evil doesn't have the psychological toil people think it does. It's not nothing. But the supermajority of people recover just fine and go on to lead productive lives.
An important part of that is recognizing that Ukraine is up against an irredeemably evil enemy. You were killing orcs, not men.
>I personally know quite a few Ukrainian soldiers who have seen action. They're all well functioning people.
What kind of "action" did they see, pushing pencils? Because all soldiers who I saw coming out from action on the front line, meaning killing and seeing your friends get killed under firearms, drones and artillery shells, all had various forms of PTSD. There's no way sane normal people don't get affected witnessing that and can just bounce back to be "well functioning people" as you claim. So maybe they lied to you about their action.
> Combat when you're on the side of good rather than evil doesn't have the psychological toil people think it does.
Then why are so many men deserting and dodging the draft to leave the country, if fighting so chill? Some often almost die trying to cross the border to my country. That pretty much tells me everything.
> What kind of "action" did they see, pushing pencils?
Frontline trench warfare, including getting wounded.
A high % of the young male population saw combat in WW2. What followed was some of the most successful economic growth and society advancement in human history, especially the US. People are more resilient than you'd think, especially when society as a whole has your back.
This isn't Vietnam or Afghanistan. The mission is crystal clear and vital. Every day at 9am all of Ukraine stops to remember the dead. I've seen this first hand. Cars stop, people get out and stand, and they honor what soldiers are doing for them. It makes a big difference.
>A high % of the young male population saw combat in WW2.
Sugarcoated way of saying "most of them died". I wonder what their opinion would be if the dead could speak.
>What followed was some of the most successful economic growth and society advancement in human history
So every 50-100 years or so, we need to kill a lot of people in a world war, so that whoever remains alive in the rubble, gets to see massive economic prosperity because of the labor shortage that follows? Basically, the same thing Mussolini and Hitler were advocating for in their speeches.
Not sure I'd sign up for that. You can keep your "economic growth", I'd rather live mediocre but not die in a war for the elites.
And how will Ukraine achieve this hypothetical growth when all of they're youths moved to Europe? Most Europeans didn't have this luxury of moving to a safe country during and after WW2 but they were forced to fight for their country and then stay and rebuild it. Most Ukrainians are not forced to stay or even if they are, they can smuggle/bribe their way out with money, skills, connection or sheer determination, and can just pack their bags and go shopping for the best country that fits their desires via the asylum system. There was no asylum system of this generosity for Europeans in WW2.
I sure hope you are right but I wouldn't trust too much the official numbers we are told. We know during a war every incentive is there too minimize the causalities of one side. The real number usually appear long after and are always much larger.
> Germany the country survived WW2, and about half of their male population died in the war.
One way to see it is Germany and Europe did not really even survived WWI. The demographic shock and the trauma then lead directly to WWII. At the end Europe has been a shadow of itself since. Most of the problems Europe have today are rippling effects of the deep traumas of the two WW.
Let's say just a third or half the men between 25 and 55 are dead/badly wounded/traumatized/addicted, it will destroy the next generation and society.
Just look on much smaller scale at what the wars in Afghanistan and Iraq did to the US in the last 20 years. Even the few professionals and volunteers who fought it abroad brought back a lot of problems still clearly visible in today american society.
This is why those type of wars need to be avoided or stopped at all cost.
>Most of the problems Europe have today are rippling effects of the deep traumas of the two WW.
Can't agree on this when I see what China managed to do starting way worse than Europe and with no marshal plan to help. You can't keep endlessly blaming the distant past. How far in the past does the blaming go?
China is even more shocking example of the consequence of the WWs (and what happened before). Just the cultural revolution was an extreme aftershock of the wars.
They did then had their "Marshal plan" with almost the entire world massively investing in their economy.
In Europe for example I vaguely heard the French government collapsed again. One of the reasons is usually that for decades they can't reform their retirement system. This retirement system was designed for the lost and greatest generations demographics after the war but totally unsustainable after that.
After 80 years of "never again" because of the WWs Europe dangerously under invested in its military capabilities, now it is panicking and the pendulum is swinging in the other direction.
Wars create demographic and societal shock waves, this is one of the reason historian focus so much on them.
> I sure hope you are right but I wouldn't trust too much the official numbers we are told.
I don't have to trust the official numbers. I've been to Ukraine both before and after the full scale invasion. Yes, there are easily visible differences (like the big increase in the number of men you see with visible war wounds). But this isn't a society in collapse. Not yet. Overall, Ukraine is winning this fight and what they're getting in return for that sacrifice is a future.
> Let's say just a third or half the men between 25 and 55 are dead/badly wounded/traumatized/addicted, it will destroy the next generation and society.
Again, we've been through this before. It simply does not destroy society.
> Just look on much smaller scale at what the wars in Afghanistan and Iraq did to the US in the last 20 years. Even the few professionals and volunteers who fought it abroad brought back a lot of problems still clearly visible in today american society.
No. America's biggest problems have nothing to do with veterans. It wasn't a veteran who killed that Ukrainian refugee...
> This is why those type of wars need to be avoided or stopped at all cost.
Do you have a better plan? Russia isn't invading Ukraine out of some religious dispute. They're just war criminals who just want to plunder and steal. Negotiations have been tried over and over before: Russia just violates every agreement ever made. The only solution is to defeat Russia. And the fastest way to do that is to crush Russia's economy... which is exactly what Ukraine is (finally!) doing with their strikes on oil and gas infrastructure.
If you want less harm to be done, help Ukraine win faster.
> If you want less harm to be done, help Ukraine win faster.
That was my point.
What I find disgusting is those type of proxy wars where one side say we fully support you but won't send any troops or really work on a diplomatic solution (see my original comment).
So the war continues for years and kill the population.
This isn't a proxy war. Russia is invading Ukraine because they want to invade. That has absolutely nothing to do with anyone else; Russia is not a proxy.
Ukraine has exactly one choice: defend themselves, or be subjugated and killed. There is no diplomatic solution. It's very helpful that Ukraine has outside help. But that doesn't make it a proxy war. Regardless of whether or not Ukraine had outside help, they'd still be fighting.
The fact is that the #1 thing Ukraine is doing right now to win is destroying Russian industry with Ukrainian made weapons. They're doing that themselves. Again, that's not a proxy.
Dunno. European security since WW2 has depended on the principle that you can't just go invade and take over other countries because you feel like it and are militarily strong. If Russia takes over Ukraine they'd likely force Ukrainians into the Russian army and then threaten to take over the baltics which are part of the EU and NATO. It's easier to defend Ukraine now than face that.
I am curious about the Lightning Network, 10 years in it is still perceived as a failure.
What is blocking its adoption?
One I can think about is it is hard to accept that if I pay $20 for a pizza today, 6 months later that pizza might have cost me $40. It is a bit irrational but it will prevent most people from using it.
This is where the stablecoin thing is genius, one can decide/optimise when get in and out of crypto.
There's no native web experience that makes it easy to use Lightning in a browser; this forces everyone to step outside the box to figure out a way to (e.g. install extension or download an app)
There's also not much of an app ecosystem for it providing enough utility for people to use it each week/day
Interesting, so this is I believe the same problem as all the Ethereum type stuff: you need to have it lives with your keys in the most horrific place in a computer, meaning a browser extension. Or put the web browser in the wallet.
Either way, something like Metamask is really slow and scary.
The core Ethereum stuff is pretty elegant but once you want to build an UI you get trapped in hell to plug it to the "web".
Maybe the biggest problem of "Web3" is it was built on Web2.
> In EU, regulations are heavy and the result is I can send money instantly for free.
I can assure the cost of those regulations is enormous for the banks. They were forced to make the SEPA transfers free but you ended up paying for it everywhere else.
the original claim was that somehow the EU regulation enabled free, instant transfers. the claimant didn't specify but obviously talked about SEPA transfers, however, they aren't free or instant across Europe by a large margin.
> Because literally the only point is to avoid the existing banking system and you can do that with a postures database with much less cpu involved.
Ethereum is actually very low resource intensive nowadays.
You can run a validator node on a RPI, a full sync node on a Intel N100 minipc with a big fast SSD and the "light clients" can probably run on something very small.
I have seen banks having to bring semi-trailers full of diesel generators to plug them to their mainframe because the current requirements were too high for the grid during big batch jobs.
I like crypto (I'm formerly in the industry), but that's not quite a fair comparison.
1. Running a validator is inexpensive in terms of compute, but there are 1,000,000 validators or something, which adds up to a lot of CPU usage. Of course, I think it's insanely awesome that you can run some code on Ethereum and it'll be replicated on 1,000,000 independently-operated machines, but it's not a very CPU-efficient strategy.
2. Banks doing those batch jobs probably had much higher TPS than ethereum.
> Banks doing those batch jobs probably had much higher TPS than ethereum.
Yes the platform running in most banks, usually built on what we call "mainframes", is still mind blowing and with incredible performance. Also just one of those CPU is about the price of a house...
Also the requirements I cited is for running an Ethereum mainnet "Layer 1" node. And most "TPS" happens on the layer 2s anyway.
So it is hard to compare technically. But one thing for sure is becoming an active participant in the Ethereum mainnet has a very low barrier. They got rid of the whole intensive "Proof of work" part about 5 years ago.
For a full sync node the waste is more at the bandwidth and disk levels.
> Sometimes humble regulation is enough. Take SEPA as an example: I can transfer money free of charge to any European bank account, in a few seconds.
SEPA was a success but it was only a first step to modernise the banking system. The following regulations/directives like PSD2 failed in my opinion.
The ECB also had one of those CBDC built much earlier than people have been told. They already had something quite advanced around 2020, with a optimist launch date in 2022 I believe.
It obviously failed miserably and I read a few weeks ago that they are "exploring Ethereum and Solana for digital euro launch".
I would be curious what happened exactly but my guess is the banks just said "NO WAY".
SEPA allows this in theory; in practice, for amounts >10k€, most banks will require you to provide proofs for the transaction due to the maximalist AML laws in the EU.
My bank requires me to download a PDF on their website, print it, fill it out by hand, scan it, and then send it by mail. After a few days, someone will decide to allow it (or not). If it is refused, I don't get any reason why and have to call the client service for clues.
> The ECB also had one of those CBDC built much earlier than people have been told. They already had something quite advanced around 2020, with a optimist launch date in 2022 I believe.
> It obviously failed miserably
They had a CBDC but hid it from everyone... but then somehow it failed miserably. If it wasn't released, how? They even had it before they decided to have it (2021). This seems just like a load of bullshit.
When they saw Bitcoin and Ethereum they obviously understood a great disruption was coming and acted on it. SWIFT too.
A Central Bank do not share everything they consider/plan with the public. It is not really hidden or secret, but they also do not make a press release about it.
Also if they are fundamentally gonna transform our banking system they better start early because a lot of things can go wrong. I estimate the time to build such a system is about 10 years if everything goes well.
I do not know exactly what went wrong, my guess is the banks pushed back as much as they could because most of them would have been made irrelevant under that model.
Now they are talking about Ethereum and Solana because they understood they have to fight against the Dollar in this arena.
> why are businesses finding crypto easier/faster/better?
One way to see it is today the EVM ended up being the solution to a lot of other problems.
The banks are dying, their core banking is dying after 50+ years of service. There hasn't been any real investment since 2008, only minimal maintenance and cost cutting. Also generations of incompetent people at every levels created a situation with no escape.
Also things like SWIFT became very irrelevant in practice. I can assure banks did not really used it for a while.
When Ethereum and its EVM appeared 10 years ago a lot of people saw an opportunity to build a better "programmable money" platform but nobody really succeeded.
At the same time Ethereum did not fail, improve and still secure the assets and run the smart contracts deployed in 2015. More than enough to convince the people on a sinking ship to jump on that boat.
My guess is the the EVM is becoming something similar to UNIX: a loose standard almost everybody will build on. Maybe not the best but something good and flexible to jump and we need to move forward.
Also the dollar urgently needed a new outlet so its on.
So it is not really about "crypto" it is more about the EVM as a platform.
20-25 years ago, one of the problem GNUStep had is it was never packaged in the Linux distros. You had to compile everything.
One of the reason might have been GCC refused to include the Objective C extensions or something like that. I vaguely remember there might have been some legal concerns.
Maybe someone can clarify this.
But damn GNUStep was fast, snappy and a much better platform than let's say Gnome at the time. There was simply no comparison.
You could take a GNUStep app like Mail.app and just compile in Apple IDE and run it on Mac OS X (but the opposite wasn't possible).
It was one of the most impressive Free Software project out there at the time.
Debian woody (2002) shipped gnustep. I tried it back then, but as far as I remember, it was weird enough that anybody who didn't have NEXTSTEP experience would bounce right off. The floating menus, the weird scrollbars, etc. There were also no non-trivial applications that I can remember.
People back then were looking for something that would be familiar to Windows/Mac users. GNUStep (at least at the time) was not interested in being that.
I have started an ArchiveBot job for this website, so the site and all the pages it links to will be on web.archive.org for future viewing. Should be up in a few days to a week.
Be aware that these are built on very barebones disk images compiled by a community member many years ago; the NeXT community is working on more tourist-friendly packages that we hope to offer to Mihai soon.
Glad you like it and thanks for the recommendation!
Nonetheless, being the maintainer of this project, i'd like to point out that this is no dedicated GNUstep distro, but a mostly Debian based distribution using a thoroughly preconfigured Window Maker as its primary user interface, and that just happens to have the whole range of available GNUstep applications added on.
As already written elsewhere[3], citing my own words, this is a better characterization of its scope:
»Window Maker is just a highly compatible X11 window manager and is supposed to work as such. There is no interest to specifically integrate it with the provided GNUstep applications, as this is not supposed to be predominantly a GNUstep desktop. The included GNUstep applications are just an addon to give people a practical way to verify what GNUstep has to offer. In fact, wmlive would be perfectly usable without providing any single GNUstep application. The freedom and flexibility provided by an X11 window manager instead of the walled garden of a specific desktop system is much more preferable to many Linux users. NeXT nostalgists might want to look elsewhere. [1][2]«
People who's interest has been sufficiently piqued to download wmlive are advised to better wait until after Debian's bookwom 12.12 point release this saturday. A final bookworm based wmlive release will be uploaded shortly after. This will also be the last and final 32bit i386 variant of wmlive. After that work on an exclusively amd64 trixie based wmlive variant will begin.
By the way, notice Yubikey did not really release any new series/models and jacked up their price in just a few years. About 50% in 4 years.
The large adoption of those devices and standards did not lower the price.
They probably just banked on the enterprise market where every CISO was pressured to tick the hardware/2FA checkbox. And is then gonna allow to use the Microsoft/Google "software" one because it is hard to manage otherwise.
I think there's a bunch of factors to why yubi have upped their prices - not least, waiting for competition in their form factor & not seeing any emerge (token2 & nitrokey are much bulkier) probably gave them some confidence in the uniqueness of their product offering.
It's also become a much more niche product as software based (and/or primary-device-hardware-based) solutions have evolved & improved. & niche costs more.
All that said I'm really not sure why they've been so quiet on new series releases.
> I think there's a bunch of factors to why yubi have upped their prices - not least, waiting for competition in their form factor & not seeing any emerge (token2 & nitrokey are much bulkier)
It is true about the size.
Sill I do not understand the price difference between 5C Nano [0] and the PIN+ Mini-C [1]. 3 to 4 times more expensive depending on the currency.
reply