If the package is popular then it is very likely already packaged by your distro. You should always go there first if you care that much. If the package is not popular enough to be packaged by a distro then how does another centralized approach help? Either it is fully curated like a distro package list and likely also wont contain some random small project, or it is open for anyone to upload scripts to so will become vulnerable to malicious scripts. Worst yet people would be able to upload scripts to projects they don’t control as the developers of said project likely wont.

Basically it is not really any safer then separate dev owned websites if open nor offer better package support then distro repos if curated.

Maybe the server was hacked and the script was changed?

Same thing can happen to any system though. What happens if your servers for this service are hacked? Being a central point makes you a bigger target and with more people able to change (assuming you are not going to be the only one to curate packages) things you have a bigger area of attack. And once hacked they can compromise far more downloads than a single package.

Your solution does not improve security - just shuffles it around a bit. Sounds nice on paper but when you look at it in more details there are a lot more things you need to consider to create an actually secure system that is better then what we currently have.

Then how would you trust these scripts in a central repo? Seems to add no real value or safety over dev managed scripts if you are not willing to go down the path of becoming yet another distro packaging system.

There is also no way to verify that the software that is being installed is not going to do anything bad. If you trust the software then why not trust the installation scripts by the same authors? What would a third party location bring to improve security?

And generally what you are describing is a software repo, you know the one that comes with your distro.

Never said it had to be a text file. There are many binary serialization formats that could be used. But is a lot of situations the overhead you save is not worth the debugging effort of working with binary data. For something like this that is likely not going to be more then a GB or so, probably much less it really does not matter that much if you use binary or text formats. This is an export format that will likely just have one batch processing layer on. This type of thing is generally easiest for more people to work with in a plain text format. If you really need efficient querying of the data then it is trivial and quick to load it into a DB of your choice rather then being stuck with sqlite.

What is wrong with a file for this? Sounds more like a local log or debug output that a single thread in a single process would be creating. A file is fine for high volume append only data like this. The only big issue is the format of that data.

What benefit would a database bring here?

The attack is known as the evil maid attack. It requires repeated access to the device. Basically if you can compromise the bootloader you can inject a keylogger to sniff out the encryption key the next time someone unlocks the device. This is what secure boot is meant to help protect against (though I believe that has also been compromised as well).

But realistically very few people need to worry about that type of attack. Encryption is good enough for most people. And if you don’t have your system encrypted then it does not matter what bootloader you use as anyone can boot any live usb to read your data.

I don’t agree go is simpler to read. It is simpler to learn the syntax but the syntax is only part of what makes a language. Having learnt both, and having spent more time actually writing go I still prefer writing rust and finding it far easier to work with then go. Go has too many hidden gotchas that you need to trip up on to learn and then remember forever or else trip up on them again.

It does not matter if the battery is plugged in or not. Far more important is the state of the battery. All LiPo batteries degrade over time. But they can degrade faster or slower depending on the state they are stored in. They degrade faster when at higher charge levels or when stored in hotter environments or if they go through more charge/discharge cycles. Older battery technology also degraded faster in general, new ones tend to last longer in sub-optimal conditions.

Apart from newer battery technology itself battery monitoring and charging technology has also improved. A lot of modern laptops have smarter charging circuitry that lets them stop charging before the battery is at 100%, sometimes configurable in the bios, sometimes controllable via the OS. This can help a lot to preserve the battery life for longer, especially if you leave it plugged in as it spends less time at 100% charge. Older devices also tended to run hotter for longer periods of time, even when idle. Both of these combined with worst battery technology would lead to batteries degrading quite a lot faster if you left them plugged in all the time - hence where the advice came from (note that removing the battery at 100% charge was also not great for it, better to store lipo batteries at 40-60% charge, but it did still save it from the heat of the device) . But when setup correctly modern devices suffer from this a lot less so it is much less important to remove the battery at all - I doubt you would really notice the difference overall on modern systems.

will charge the battery and then start running directly from the wall-power once the battery is full. They bypass the charging once it is indicated to have a “full charge”.

That does not make sense. Batteries cannot be charged and discharged at the same time - they are either charging or discharging or neither. When a device is in use while it is plugged in the device is being run directly from wall power - and anything left if sent to charge the battery. The only devices that don’t do that is ones that power off while the charger is plugged in - which does not include any laptop that I have ever seen, generally just smaller devices.

Modern laptops have smarter controllers that can turn off charging before the battery is full or when other conditions are met. But none are able to draw power from the battery while the battery is being charged - that just does not make any sense.

Huh? If it can be used while it is charging - which is all laptops since forever - then it will run off the adapter while plugged in. Regardless of the battery state. You cannot charge a battery and discharge it at the same time - if it is charging then power must be coming from anything other then the battery. Epically with LiPo batteries which you cannot continue charging after they are full - doing so will cause them to burst into flames. So all LiPo charging circuits will cut off power to the cells once they reach a desired voltage - weather that is considered 100% (aka once it reaches 4.2V) or at a configurable lower amount.

You don’t need anywhere near 50% market share to be a valid alternative. If anything market share has nothing to do with it being a valid alternative except that it more likely to be the case with higher numbers. Past 50% it is really no longer even the alternative at all - it would be the main choice.

Every OS has paper cuts. You learn to live with them over time as you have no other choice. When you switch OS it cuts in different ways and they feel fresher then the old ones you had gotten used to over time. It does not matter if you switch from Windows to Linux, Linux to Windows or to or from MacOS. They all have papercuts.

I said editor, not an OS that lacks a decent editor :)

What editor is more feature-rich then vim? Out the box it is lacking some sane config but it is one of the more powerful and flexible editors out there - more then a rival for any modern IDE.

Vims defaults are quite crap overall. It is why everyone needs 100s of lines of configs and many plugins to turn it into something decent. Well worth the setup but it could go a long way to making things nicer to use out the box.

Nobody sane uses vim as an IDE

Huh? Many people do this. With the right plugins and config it is just as capable as any IDE.

Instead, it’s about the irretrievable, sunken costs associated with a loss of incompatible software and hardware that the person would no longer be able to use after switching to Linux.

… When windows has made its latest release incompatible with most existing hardware out there because of some arbitrary requirements. I have not seen any major hardware compatibility issues with Linux in quite a few years now. It is not common at all for some hardware to not work. In less then about a year Windows in going to make a huge amount of existing hardware unusable for supported versions of windows. That alone will help with Linuxs market share.

Most arguments in this article are overblown out very outdated. Software compatibility is a issue, but much less then it used to be. Big companies like Adobe and Microsoft which refuse to support Linux are also starting to alienate their user base making the cost of switching more and more apprising all the while the linux friendly alternatives are growing in popularity. And as I said above hardware is not a big issue these days and about to be a big issue for Windows systems.

It does touch berfily on the main point sa to why linux os not very popular ATM:

Most people don’t even know what Linux is because they’ve never seen it pre-installed on a laptop in a store. But I digress.

That is the problem, defaults. Most people don’t care or want to change their OS and most people have hardware and workloads that are easily compatible to Linux. It is really only a minority of people that require things that Windows supports better - sadly those are also the types of people more willing to break from the default OS.

The year of the Linux desktop won’t come until we, the Linux community, find a way to balance the cost of switching with the future benefits of daily driving Linux from the perspective of an average user. Until then, Linux will remain more like a niche thing, made by enthusiasts for enthusiasts.

No it wont. The normal user will only switch when they are forced to by their current system stopping working or new hardware comes with Linux by default. The average user is your aunt how uses their computer to log into facebook or look up recipes online. A professional that requires adobe suite is not an average user and only makes up a tiny fraction of the overall userbase. It would be nice to support their workloads, but even if adobe was fully supported on Linux that would still only be a fraction more users that would be willing to move. For the average user it is the defaults that their system comes with that makes the biggest difference.

The problem is ides inlining only part of the error and generally skip all the helpful text on how to fix the error.

That is the type of thinking that causes a massive amount of CVEs in those languages.

Hey, the design specs never said the program shouldn’t blast out and air raid siren at full volumn every time the user clicks a button. Cannot be a bug, must be user error.