@giacomo @civodul @lrvick @rekahsoft Apologize for what? Having and voicing an opinion?
Discussion
Loading...
@lrvick really interesting work! I'm curious what you thing of #guix and where it falls short (re security)? It sounds like you view it overall quiet favorably (relative to other distros)
A few things I can think of:
- uses linux-libre (so no microcode updates); this is overcame by using non-guix which does supply them
- depends on a central hydra, enabled by default; this too is overcomable by running an internal cuirass (guix's build server)
Best wishes!
@rekahsoft Guix goes further than any other distro and was a big inspiration, but it is not 100% reproducible/bootstrapped, trusts downloaded binaries, has a single-party trust model, chooses the GNU way of doing things above all others.
As a desktop-first distro with thousands of packages it would make it incredibly difficult to ever fully clear those bars.
Our threat model mandated the design a distro and release process built for supply chain security.
@lrvick Hi! I’m not sure what the “GNU way of doing things” is but Guix has a long track record regarding #bootstrapping and #ReproducibleBuilds and is used in production:
https://guix.gnu.org/en/blog/tags/bootstrapping/
(The “like no distro before it” punchline on the stagex home page is… questionable.)
That said, it’s good news that more distros are joining Guix and live-bootstrap on this journey!
@civodul@toot.aquilenet.fr
Unfortunately, they lead shitstorms against hackers and can't even apologize.
@lrvick@mastodon.social @rekahsoft@fosstodon.org
The “like no distro before it” punchline on the stagex home page is… questionableIf a punch line was the only questionable issue with #guix, I'd have given it a try years ago.
Unfortunately, they lead shitstorms against hackers and can't even apologize.
@lrvick@mastodon.social @rekahsoft@fosstodon.org
@giacomo @civodul @lrvick @rekahsoft Apologize for what? Having and voicing an opinion?
@gnu_slash_gabber@social.tchncs.de
#Guix leadership should publicly apologize for leading a shitstorm against #RMS that pushed him to resign from #MIT in 2019.
The excuse back then was his opinion on Minsky involvement with Epstein, but in fact the goal was to challenge his leadership over the #FreeSoftware movement.
Not content, two years later, the mob tried again.
Now, all people can have opinions, me, you, #Stallman, GUIX devs...
And they have the right to express their opinions, as both RMS and those GUIX devs did.
But they had plenty of space in their personal blogs and socials to do so.
Using the blog of guix, even ignoring the opinions of several mainteiners that still hate to be associated with that "joint statement", was #bullism.
Thus I'll consider Guix again when I'll see another joint statement on their home page apologizing for that vile attack to RMS.
@civodul@toot.aquilenet.fr @lrvick@mastodon.social @rekahsoft@fosstodon.org
#Guix leadership should publicly apologize for leading a shitstorm against #RMS that pushed him to resign from #MIT in 2019.
The excuse back then was his opinion on Minsky involvement with Epstein, but in fact the goal was to challenge his leadership over the #FreeSoftware movement.
Not content, two years later, the mob tried again.
Now, all people can have opinions, me, you, #Stallman, GUIX devs...
And they have the right to express their opinions, as both RMS and those GUIX devs did.
But they had plenty of space in their personal blogs and socials to do so.
Using the blog of guix, even ignoring the opinions of several mainteiners that still hate to be associated with that "joint statement", was #bullism.
Thus I'll consider Guix again when I'll see another joint statement on their home page apologizing for that vile attack to RMS.
@civodul@toot.aquilenet.fr @lrvick@mastodon.social @rekahsoft@fosstodon.org
1+ more replies (not shown)