My parents have an Alexa and I have no choice in whether they install one in our house or not. I doubt they would be convinced by my pleas about privacy. So unfortunately and reduction in whatever privacy that was left is a shame.

i’m sure they will appreciate your BSD 2 Clause contributions at Microsoft HQ

explaining the difference between a Toyota and a Honda

Sitting around and waiting for a revolution from a small group of people with one idea of how to run things is a bad idea

This is just a strawman of vanguardism . The bolshevik revolution was only possible with the overwhelming support of the peasants and proletariat class. A revolution is literally not possible without huge numbers of soldiers turning on the government.

It’s proprietary so, no thanks.

systemd is an init system and just has not played the same role in the development of GNU/Linux distributions like GNU has. before systemd there was sysvinit, and there are number of alternate init systems. It’s not about system functionality that we name operating systems.

Uh no, it’s not. GNU has been integral to the GNU/Linux project for years. Without GCC, coreutils, glibc, there would be no linux distributions. Systemd has not played the same role.

Debian GNU/Linux has been called Debian GNU/Linux since at least 1997 https://lists.debian.org/debian-announce/1997/msg00013.html

The ideal would be a locked boot system that is installed by the user and is fully under their control, but I have yet to encounter one.

https://libreboot.org/docs/linux/grub_hardening.html

deleted by creator

Dragora Linux

One of the coolest distros, ever. It’s like a mix of Alpine Linux and Slackware without dangerous firmware payloads.

No one thinks this. Even permissively licensed BSD operating systems package GPL software and accept it as Free Software.

but their “final goal” is to switch the kernel to BSD (i.e. away from copyleft)?

HyperbolaBSD is a hard fork, that relicenses the OpenBSD kernel as GPL (as permitted by permissive licenses.)

HyperbolaBSD has already dug into the OpenBSD source tree and discovered numerous licensing issues.

https://git.hyperbola.info:50100/~team/documentation/todo.git/tree/openbsd_kernel-file-list-with-license-issues.md

HyperbolaBSD will be a truly libre distro that takes advantage of copyleft, while moving away from the major issues Linux is stepping into too.

There will be no improvement with browsers until the introduction of one with a strong copyleft license.

Some people are working on ladybird atleast.

Another permissively licensed toy.

Unless I’m missing something, here we will disagree. Secure or not, FOSS principle-respecting or not, if I’m choosing to install software by X then I’m going to get it straight from X and not involve third-party Y too.

Source code is like a recipe. Getting your food from the chef who made the recipe is fine, but getting it from another chef who… followed the same exact recipe is no different.

This is how the linux software distribution model works, distro maintainers are a CHECK on upstream.

I’m and end user

Yeah, we all are. What’s your point?

End users are also developers. All computer users are developers. You are developing.

user working for end users

By making a script that lets me get backdoors and shitty packages with ease? The linux package distribution system is a nightmare, Debian is the least bad approach. There is basically always a better option to using a .deb file. If you come across something that isn’t packaged, I recommend Flatpak, building from source (and installing unprivileged), or using the developers vendored tarball (installing unprivileged).

https://wiki.debian.org/SecureApt

By using local .debs you lose the benefit of:

Reproducible builds

GPG checksums

Stable release model

debian security team

Why does Debian-Ubuntu not provide a simple command for this?

You aren’t supposed to add repos. Ever. https://wiki.debian.org/UntrustedDebs

Apt is not built with security in mind, at all. The partial sandboxing it does do is trivial to bypass. Adding a repo is basically a RAT Trojan on your computer.

An example is signal-desktop

Yeah don’t use signal. They restrict freedom 3 by making distribution difficult. Thats why they trick you into using their RAT repo.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842943

The least bad option is the unofficial flatpak.

Personally I need the desktop client because I mod it with plugins that are so useful that I can’t do without these anymore.

Discord client modifications are against the Terms of Service. https://www.gnu.org/philosophy/free-sw.en.html

If you are getting your code straight from the author,

Which is not what you are doing at all with a .deb file. A .deb file is a binary with a bunch of scripts to “properly” install your package. Building from source is what you SHOULD be doing. Debian has an entire policy handbook on how packages are supposed to be packaged. Progrmatically you can review the quality of a package with ‘lintian’. .debs made by developers following a wiki tutorial can’t even come close. remember, apt installs happen as root and can execute arbitrary code.

Also, debian packagers can be project maintainers, so they can be “the author.”