It seems very powerful and secure. Could any experienced users share pros and cons based on personal experience? What are the must-have distroboxes to best complement Silverblue?
t. archgay for 7 years
 It's All Fucked Shirt $22.14 |
 |
It's All Fucked Shirt $22.14 |
it has aero? if not then into the trash it goes
It's a gimmick, Silverblue isn't no more secure than your average Linux distro
https://madaidans-insecurities.github.io/linux.html
silverblue is shit but that article is written by a fricking moron
>can't refute anything
madaidan is like every other autist
technically right but in the most unhelpful way possible
yes, sandboxing and locking down the system makes it more secure against third-party attackers
and yes, linux is not very good at that compared to other systems
but if your privacy threat model includes the companies who made your operating system (which it will if you want it to mean anything), his recommendations are the worst options you could choose
>windows 10 s
>chromeos
>macos
for people who actually want a right to privacy, all the security these systems provide are completely nullified by the fact that they phone home with your data
they secure you against malicious third-parties by compromising you against a potentially malicious first-party
at the moment the bsds (specifically freebsd and openbsd) are the best regular systems at respecting both by default
>fully open source
>heavily integrated stacks
>sandboxing built-in
>well-tested for decades
There's no sandboxing on OpenBSD.
pledge and unveil
top fricking kek
>but if your privacy threat model includes the companies who made your operating system (which it will if you want it to mean anything), his recommendations are the worst options you could choose
He suggests theses OSes mostly for security reasons. You can always disable the invasive telemetry in the settings and BSD is a meme
https://madaidans-insecurities.github.io/security-privacy-advice.html
12 million shekels transfered to madaidans. good job.
It's trash.
>What are the must-have distroboxes to best complement Silverblue?
This statement alone should tell you all you need to know. A distro that needs to be "complemented" with other distros to become usable is not worth using.
But you always have distros that are just werks for specific tasks, while others are a pain in the ass to work with. Machile Learning packages, at least a couple of years ago, was a good example of that. Silverblue just embraces the immutable OS philosophy and has distrobox working out of the box to fill in the completeness that I assume no single distro really has.
NixOS has the potential for that completeness, because it doesn't require you to think in terms of distros. You don't want to install a whole distro for a specific task. You want to install a package. Nix gives you that flexibility.
Thanks anon, I'll install Nix on Silverblue.
You'll have a hard time with that because of Silverblue's inflexible design. You can install Nix just fine on any other distro.
It's good but you need to edit your fstab with extreme care. In fact, I wouldn't touch it and use systemd .automount files instead.
It's really cool, though. I haven't figured out how to easily reproduce a build. I think that's how distros like this will be used in the future.
>I haven't figured out how to easily reproduce a build
This distro does not cover that aspect at all. It's still RPM in the back, so it's exactly as annoying to use and exactly as irreproducible as rpmbuild. All Silverblue does is automatically install a list of prebuilt packages, snapshot the result, and then you download the snapshot from their servers.
I think there's a way to create your own branch and rebase on that. It would be a lot of work and you'd still have to install vanilla Silverblue.
Of course there is, but one, it's a pain in the ass, and two, it still doesn't help with reproducibility in any way. Silverblue is effectively an efficient way to download a rootfs. That in itself can be repeated with the same result, but you're just downloading a file. Downloading a file twice and having it be the same file is not something special. Silverblue makes it easier to work with the golden image approach that was created out of necessity because of Fedora's lack of reproducibility, but it doesn't improve reproducibility itself. It's essentially a coping mechanism. The work of Silverblue developers isn't useless, but they shouldn't kid themselves into thinking that they are doing anything to improve reproducibility. They are building an elaborate contraption to shove the problem under the carpet.
No, that would be Guix
https://web.archive.org/web/20211120165407/https://ambrevar.xyz/guix-advance/
can you use zfs on it?
Just use btrfs you autist
I don't feel so good.
Good for containers and also installing it on your parents' computers so they can't frick anything up.
Why is it good for containers?
>pros and cons based on personal experience?
Pros:
Won't break
That's it lol
Cons: /usr is immutable.
You are supposed to use toolbox for cli software but its an hassle to use
Flatpaks are for the GUI part and they are fine.
imo its the perfect for say windows replacement for offices/etc
Not the silverblue part but ostree part
For home usage nix should be better
https://ostreedev.github.io/ostree/related-projects/#nixos--nix
Immutable root is the future of the desktop. macOS has done it for years now. iOS, Android, ChromeOS all do it. Windows 10X was Microsoft's attempt until marketing forced them to cancel it and shit out Windows 11 instead, but it's definitely coming.
Impossible to brick with a bad update, nearly impossible for malware to implant itself, and if it does, just reimage (usually just a matter of rebooting). Better for consumers, IT departments, etc. Basically gonna be required for any serious deployment. So if Linux on the desktop wants to expand beyond ChromeOS they gotta figure it out.
>nearly impossible for malware to implant itself
Previously, malware needed root to implant itself into the system files, so we'll assume this is where we're at.
mount -o remount,rw /
chattr -i /
Your immutable root is now mutable. Any changes made to /bin/anything will persist across reboots. That's hardly an obstacle.
Toolbx is trash. It still pollutes your home dir. And wouldnt protect you from rogue webshitters running rm -rf ~
the endgame is Debian
always was
You will never be a purely functional OS. You have no store, you have no closures, you have no derivations. You are a legacy distro twisted by hardlinks and overlay hacks into a crude mockery of Nix & Guix perfection. Your stateful configuration will decay and go back to the dust, and all that will remain of your legacy is a paradigm that is unmistakably deprecated. This is your fate. This is what you chose. There is no rolling back.