Jordan Sissel3d ago

We deeply need less seriousness in open source software. Folks keep writing unserious software (yay!) and then surround it with theatrical seriousness.

"Use a different distro if you don't like it" my dude if I had to reinstall my workstation every time I didn't like something, I would run out of OS distributions within a week.

"Wayland is more secure than X11" this is some Wizard of Oz madness. Please look behind the curtain.

My desktop software interrupting with popups because some software wants permission for stuff, sometimes multiple times a day for the same software. This is software pretending to be serious. There a dozen ways for software bypass these weird bolt-on security theatrics, but zero ways to turn them off as a user.

Gimme cute logos, messy documentation, a community of miscreants who thrive on making computers do weird and fun things.

"Open Source Supply Chain Security" do you even listen yourself.

Show threadVVelox3d ago

@whack What leaves me so livid about Wayland about this is all the bullocks that go into this claim. If something malicious can already trigger one of these warnings, it already can do way worse than sniff the keyboard via the Wayland/X11. If it gets to that point, it means the user's env or the machine has already been popped and it is game over.

On a similar laughable not, I love how Conical is playing off them gutting the grub install they are shipping as being done in the name of security.

Show threadJordan Sissel

@vvelox the weirdest thing I find with Wayland wrt security is that it seems like a retroactive conclusion? The original blogs/announcements focus on pixel pushing and I couldn’t find any keywords signifying “because security” in the first 5 years of git logs… though I may have missed something.

Further, sniffing keyboard isn’t hard on gnome/kde/wlroots so I don’t know why this myth persists 😅

Mar 26 at 4:35amWeb