deleted by creator

https://www.avclub.com/spotify-donald-trump-brunch is just one of the many reasons not to support spotify.

see https://en.wikipedia.org/wiki/Criticism_of_Spotify for lots more

I see, here is where Debian patched it out of Xpdf in 2002.

Also lmao @ the fact that Okular’s ObeyDRM option still defaults to true today 😂

(Including in Debian, as their KDE maintainer declined to carry a patch to change it.)

I trust Debian developers far more

i definitely agree with you here :)

I think it was poppler or evince that decided they were going to enforce the no-copy-and-paste bit you can set on pdfs. Debian patched it out.

I found the notion of free software implementing PDF DRM rather hilarious, so I had to know more. First I found this help page which confirms that evince does have code which implements PDF restrictions, but it says that its override_restrictions option is enabled by default.

But I wondered: when did this get implemented? and was it ever enabled by default? So, I went digging, and here are the answers:

• in May 2005, the restrictions were implemented in evince in this commit
• in September 2005, the override_restrictions option was added in this commit, after discussion in bug #305818
• in December 2006 bug #382700 was opened, requesting that override_restrictions be enabled by default
• in January 2008, the default changed in this commit - but only after someone pointed out that the PDF spec does not in fact require the restrictions to be enforced. (The spec says “It is up to the implementors of PDF consumer applications to respect the intent of the document creator by restricting user access”) 😂

I don’t see any indication that Debian patched this out during the time when evince had it enabled by default, but I’m sure they would have eventually if GNOME hadn’t come to their senses :)

I’ve seen Mozilla decide they were going to enforce their trademarks. They carved out special exceptions for various distros but that still would have meant you would have to rename Firefox if you were to fork Debian. Debian had none of it.

In my opinion both sides of the Debian–Mozilla trademark dispute were actually pretty reasonable and certainly grounded in good intentions. Fortunately they resolved it eventually, with Mozilla relaxing their restrictions in 2016 (while still reserving the right to enforce their trademark against derivatives which make modifications they find unreasonable):

Mozilla recognizes that patches applied to Iceweasel/Firefox don’t impact the quality of the product.

Patches which should be reported upstream to improve the product always have been forward upstream by the Debian packagers. Mozilla agrees about specific patches to facilitate the support of Iceweasel on architecture supported by Debian or Debian-specific patches.

More generally, Mozilla trusts the Debian packagers to use their best judgment to achieve the same quality as the official Firefox binaries.

In case of derivatives of Debian, Firefox branding can be used as long as the patches applied are in the same category as described above.

It’s not yet fit to protect from malicious apps, but it still finds some use.

That it is “not yet fit to protect from malicious apps” is an important point which I think many people are not aware of.

This makes sandboxing something of a mixed bag; it is nice that it protects against some types of incompetent packages, and adds another barrier which attackers exploiting vulnerabilities might need to bypass, but on the other hand it creates a dangerous false sense of security today because, despite the fact that it is still relatively easy to circumvent, it it makes people feel safer (and thus more likely to) than they would be otherwise when installing possibly-malicious apps packaged by random people.

I think (and hope) it is much harder to get a malicious program included in most major distros’ main package repos than it is to break out of bubblewrap given the permissions of an average package of flathub.

Downsides of distro pacakges:

• someone needs to package an application for each distro
• applications often need to maintain support for multiple versions of some of their dependencies to be able to continue to work on multiple distros
• users of different distros use different versions of the application, creating more support work for upstream
• users of some distros can’t use the application at all because there is no package
• adding 3rd party package repos is dangerous; every package effectively gets root access, and in many cases every repo has the ability to replace any distro-provided package by including one with a higher version number. 3rd party repos bring the possibility of breaking your system through malice or incompetence.

Downsides of flatpak:

• application maintainers are responsible for shipping and updating their dependencies, and may be less competent at doing timely security updates than distro security teams
• more disk space is used by applications potentially bringing their own copies of the same dependencies

🤔

https://digdeeper.club/articles/browsers.xhtml has a somewhat comprehensive analysis of a dozen of the browsers you might consider, illuminating depressing (and sometimes surprising) privacy problems with literally all of them.

In the end it absurdly recommends something which forked from Firefox a very long time ago, which is obviously not a reasonable choice from a security standpoint. I don’t have a good recommendation, but I definitely don’t agree with that article’s conclusion: privacy features are pointless if your browser is trivially vulnerable to exploits for a plethora of old bugs, which will inevitably be the case for a volunteer-run project that diverged from Firefox a long time ago and thus cannot benefit from Mozilla’s security fixes in each new release.

However, despite its ridiculous conclusion, that page’s analysis could still be helpful when you’re deciding which of the terrible options to pick.

i haven’t tried it yet but https://offpunk.net/ looks interesting

I remember years ago reading about how the GEGL backend would one day enable some “non-destructive editing” features; I just decided to figure out how that works and I see it was sort-of implemented a long time ago but in 3.0 the UI is much better: many things under the Filter menu now have a Merge filter checkbox in their dialog. When that box is unchecked, then applying the filter will make it a (non-destructive!) layer effect and an fx icon will appear for the layer (in the dockable layers dialog, which you can reach with ctrl-L if it isn’t visible). You can apply any number of layer effects, and when you click the fx icon you can reorder them or modify their settings. Very cool!

Another tip (not new to 3.0): you can type / to open the Search actions window, which lets you quickly find various functionality without needing to dig through menus to figure out where something is :)

If you want to try a 3.0 release candidate before it is released, it’s easy to install it from the flathub-beta repo as described here. (That page is embarrassingly out of date and says “The current development release of GIMP is 2.99.6 (2021-04-26)” but if you follow the instructions there you’ll currently get version 3.0.0~rc3 which is the latest release candidate from earlier this month.)

https://kernel.org/pub/linux/kernel/SillySounds/english.ogg (from back when many english speakers were still insistent that the i in Linux should be pronounced “eye”)

I’m confused as to why this 404media story neglected to link to the post in question.

to get from this article to the post that it is about, i had to type in the bsky username from the screenshot and scroll through the timeline. to save others the effort:

https://bsky.app/profile/marisakabas.bsky.social/post/3liwlwvvq6k2s is the post which was removed.

https://bsky.app/profile/marisakabas.bsky.social/post/3lj3yrzc6is2p is the thread about it being removed and later restored.

why past tense?

They switched to bash in 2003 with Mac OS X 10.3; before that it was tcsh.

A lot of people commenting on this seem to have gaps in their knowledge of what happened

We’re in a Linus-email-🍿-thread, so that kind of goes without saying doesn’t it? 😂

What does glazer mean in this context? (English is my fourth language)

English is my first language and I also wondered. The definition in the other reply to you was only added to wiktionary last year. According to know your meme, it became popular on TikTok in 2023 and allegedly originated on discord in November 2021.

(wiktionary also has another definition which I’ve also never heard of before which has been there since 2007 with no quotations or other evidence of actual use…)

would you recommend that book for learning regular expressions as a non CS guy?

Absolutely, it’s an excellent book which I highly recommend.

The latest edition (3rd) is almost 20 years old, but I don’t think regex has actually changed substantially since then so it should still be very useful. (I read the 2nd edition cover-to-cover and enjoyed it enough that I bought the 3rd when it was released 😀)

If you’re going to buy a physical copy from amazon you should use the author’s link here to give him slightly more money for it. But if you just want a PDF I see one is available here.

short answer: because nobody flagged that other one. (it is deleted now too.)

re: riseup, is it even possible to use their VPN without an invite code? (i don’t think it is?)

in any case, riseup says clearly that their purpose is “to provide digital self-determination for social movements” - it is not intended for torrenting, even if it might work for it.

feel free to PM me if you want to discuss this further; i am deleting this post too. (at the time of deletion it has 8 upvotes and 33 downvotes, btw.)

Great article, BTW

I disagree, the headline is clickbaity and implies that there is some ongoing conflict. The fact that the Fedora flatpak package maintainer pushed an update marking it EOL, with “The Fedora Flatpak build of obs-studio may have limited functionality compared to other sources. Please do not report bugs to the OBS Studio project about this build.” in the end-of-life metadata field the day before this article was written is not mentioned until the second-to-last sentence of it. (And the OBS maintainer has since said “For the moment, the EOL notice is sufficient enough to distance ourselves from the package that a full rebrand is not necessary at this time, as we would rather you focus efforts on the long-term goal and understand what that is.”)

The article also doesn’t answer lots of questions such as:

• Why is the official OBS flatpak using an EOL’d runtime?
• Why did Fedora bother to maintain both their own flatpak and an RPM package of OBS?
• What (and why) are the problems (or missing functionality) in the Fedora Flatpak, anyway? (there is some discussion of that here… but it’s still not clear to me)
• What is the expected user experience going to be for users who have the Fedora flatpak installed, now that it is marked EOL? Will it be obvious to them that they can/should use the flathub version, or will the EOL’d package in the Fedora flatpak repo continue to “outweigh” it?

Note again that OBS’s official flathub flatpak is also marked EOL currently, due to depending on an EOL runtime. Also, from the discussion here it is clear that simply removing the package (as the OBS dev actually requested) instead of marking it EOL (as they did) would leave current users continuing to use it and unwittingly missing all future updates. (I think that may also be the outcome of marking it EOL too? it seems like flatpak maybe needs to get some way to signal to users that they should uninstall an EOL package at update time, and/or inform them of a different package which replaces one they have installed.)

TLDR: this is all a mess, but, contrary to what the article might lead people to believe, the OBS devs and Fedora devs appear to be working together in good faith to do the best thing for their users. The legal threat (which was just in an issue comment, not sent formally by lawyers) was only made because Fedora was initially non-responsive, but they became responsive prior to this article being written.