The Sapir-Whorf is strong in this thread. MacOS' app-centric model makes it hard to even imagine other people's workflows. Stop thinking in apps, think about a task. I have multiple tasks (workspaces). Each task has multiple aspects (windows). Apps are a distraction, an accidental complexity. I want to switch between tasks and then subparts of those tasks.
It's very weird to assume good intentions or trustworthy info from Grokipedia but then hold up Wikipedia as "heavily poisoned". Your questions are based on a lot of assumptions that aren't widely shared.
And if you're not interested in upholding basic values? What if you're looking to intentionally destroy things instead?
Verified residency is better than nothing for putting real money on the table. Although if you've been to a local town meeting, you'll know it's still not perfect.
Lots of companies tried to recreate the Steam Deck and quite frankly, they're just not as good as the original.
SteamOS is a super controller-friendly desktop that would be right at home in a living room. Like the Deck, the Steam Machine could become a target profile for developers.
Here's a question, what if the executable was thoroughly sandboxed? Like Firecracker level with virtualization? And once you're there, what's the difference between that and a webapp?
I don't think apps are going away so users need to have a switch that says, "I don't trust this company with anything". Extremely limited Internet access, no notifications, no background activity at all, nothing. It needs to be like apps for the 2nd gen iPhone: so completely neutered that webapps look like Star Trek level technology.
There is beyond zero incentive for either Apple or Google to provide something like this. Google HAS network permissions on Android. You just can't access them. They're hidden from you, presumably because Google prefers more malware and spyware running on your phone.
The reality is that both Google and Apple are not just in on this, they created this situation. They not only don't care if you download 1 million apps from the app store that may or may not be malware, they actually prefer that model. Going as far as to sabotage the web to maintain that model. Going as far as developing their own browser which is broken to maintain that model.
Which, relatedly, is why any type of argument of "safety" around the app store or play store is complete and utter bullshit. Apple and Google want you to download as much malware as possible. All their actions demonstrate that.
This is the inverse of what he's saying. Attestation takes control away from users. Permissions give control to users. The ultimate user control is not using the software at all.
Standards are a double edged sword though. They are great for getting everyone to agree to the "most correct" answer. But they also freeze evolution in place. What happens when your standard doesn't support contemporary use cases? What if it's at direct odds with, say, modern security practices?
FHS hasn't changed in years. Since then, sandboxing, containers, novel package schemes, and more are the zeitgeist. What does the FHS say about them?
Looking at this specific use case, someone is saying /var/lock being world-writable is an unacceptable security risk, but that's very dependent on what your world/users look like. If anything it sounds to me like the maintainer is trying to make the FHS smaller and remove support for a lot of use cases. (Use cases that sound pretty valid to me, without digging in.)
Nothing keeps you from following the FHS inside your container or sandbox.
Are you referring to the location where container images live? Then `/var/lib/containers/` and `/var/lib/containers/storage/` would be perfectly FHS compliant.
The idea though is when you don't want to follow the FHS anymore, like systemd is doing.
Systemd frustrates and angers people with Poettering's complete disregard for bug reports, tradition, and basic common courtesy. At the same time, change needed to happen and change is gonna hurt. And big changes can't wait until they're just as stable as the old system: does anyone develop software like that in their own careers? I try not to ship complete crap but "just as stable as v1" is never a goal.
> Systemd frustrates and angers people with Poettering's complete disregard for bug reports, tradition, and basic common courtesy
Poettering is a Microsoft employee. It is normal that he follows the direction of the mothership. What is not normal is, that he has so many blind followers.
reply