Comments by "Immudzen" (@Immudzen) on "Brodie Robertson" channel.

  1. That global system library one is definitely an annoying issue. Windows improved a LOT when more applications just had their own copies of libraies locally. On Linux the problem is a big enough issue that we have entire software projects that basically deal with this issue. Things like conda not only create custom python environments they ALSO allow you to have custom libraries for your application separate from the rest of the system. There are also all those tools we use on servers to dynamically swap around environments. This is just so much easier on Windows or Mac by comparison. Each program should be in its own directory with its own bin, lib, etc directories.
    34
  2. You can't fault a developer for removing something that is that unreliable in working correctly. Having things sit for 3 years without a decision is absurdly slow. Honestly my experience with a Linux desktop has been less reliable than Windows. That did not used to be the case but it sure seems to be more buggy now than it was a decade ago.
    29
  3. Fixing bugs this old runs significant risks of actually breaking software. When something is around that long you can end up with software using it accidentally and nobody realizing it and then having stuff built on top.
    7
  4. One of the things I have realized is that most of the problems Linus has with Linux is due to lack of feedback. The desktop is doing something but seems to provide no feedback on what it is doing or what the progress is. In KDE you should be able to see that in the lower righthand corner if you know what to look for but I have also had issues before where a file just shows as copied immediately when it clearly has not. This is probably something that cuts across all the challenges so far. Linux needs to get much better at feedback.
    7
  5. I don't see a viable path towards Linux on the desktop right now. There was a time where people could go to the store and buy Redhat, Mandrake, Suse etc. but none of those are sold in stores anymore. The problem I see is this idea of eating your own dogfood for software development. Most of the developers are advanced and use more advanced distros and the work is just not put into making a good solid desktop for newbies. Linux works great on servers but the people that develop it for servers also use it for servers. Even pointing out that zipping a file up should give you some kind of feedback beyond a weird file extension gets quite a lot of hate. Linux does not need to work like Windows but it does need a more unified way of working. If you want desktop ideas that are VERY different and resulted in a nice to work with desktop maybe look for inspiration from OS/2. In the end most if the issues come down to the same small polishing pieces missing. There is a general lack of feedback on what the system is doing. Also the core OS really should be separated from all the other packages. There really should be no way that installing a user package could cause the removal of core OS components.
    7
  6.  @lamename2010  when the tradeoff to use shared libraries was made I think it made a lot of sense. It saved on both ram and storage space and both where in short supply but the tradeoff was stability. We now have a lot of ram and storage and the stability tradeoff is not worth it for most libraries.
    5
  7. Pretty sure this is why Windows has that feature to not run random binaries. You can call it whatever you want and with whatever permissions you want and if it is not signed Windows will warn you and require you to click that you really want to run it. Linux has amazing security against being attacked remotely. However, its security against local issues does need a lot of work. At least for some things it is moving in the right direction. Hopefully we can just bury Xorg soon.
    2
  8.  @anon_y_mousse  It is another example of poor desktop security. Automatically running binaries that look like data files is a very old problem and it really should not be happening anymore. My general point is that while Linux as a server is quite secure as a desktop it is one of the easiest systems to break into out of Mac, Windows, and Linux because of a lot of these little issues. From auto-running programs like this to how lockscreens work and shatter attacks.
    2
  9.  @anon_y_mousse  It is not just as insecure. For instance the lockscreen on Xorg runs as the user it is locked for and it is an overlay on top of your system. If you crash it you can crash it to the desktop and see everything. There have even been bugs where you could connect another monitor and access things on that screen because the lockscreen was not covering that area. On Windows and Mac the lockscreen is a login process to a user with no desktop, if you login it switches you to the right users desktop. It means if you crash the lockscreen you can't ever end up on a users desktop. This bug has repeatedly happened and it is inherent to the design of X11. It makes Linux as a desktop less secure.
    2
  10.  @anon_y_mousse  The windows method is not security through obscurity. That is a completely documented and best practice way of handling logins. It is just not one that X11 is capable of. Sure you can come up with cases where someone does not have X running by default. However, if you have a computer that is a windows desktop/laptop it would be extremely rare to have it start in console mode and then manually switch it to gui mode. None of the major distros do that.
    2
  11. I think it is worse than what you describe. If you don't reboot your system and open a new application it will most likely use the newer files. If you are running something from a desktop environment now you have a mix of old and new versions running at the same time. When the program communicates with the desktop environment it may use messages the DE doesn't understand. You can end up with a lot of weird behavior. It really is best to restart fairly quickly after an update. If you want to get work done don't actually install the updates until you are ready. If your program starts subprocesses this is REALLY important since newer processes it spawns will then use the new versions and you are now mixing old and new in your workflow without even realizing it.
    2
  12.  @luckyLaserface  I am familiar with the Nix project it is pretty interesting.
    2
  13.  @la.zanmal.  Most programs don't need to be in the path and mostly that just says we need a better way to handle this than a single environmental variable where a whole bunch of directories are shoved into.
    2
  14.  @insu_na  I have experienced using distro provided libraries before and after an update the software I was using broke. The distro changed some compile options for the library and while the version stayed the same it was now missing a feature my software was using. I then had to go through and compile that library by hand and then have the software use that version of the library. It was just a pain in the neck to sort out.
    2
  15.  @tomclark1213  It is an issue specific to that desktop and file manager but that setup is also recommended to new users which is a real problem. However, I would argue that even for advanced users the system should have fairly obvious feedback on what it is doing.
    2
  16. I have seen people do dumb things on Linux, Windows, OSX, etc. involving the core OS. I have not seen any evidence that one group is particularly worse than the rest. On a separate note I have really gotten tired of some of these security scanners. At least for the code scanners I would say that 95% or more of the issues are false positives.
    1
  17. I ran Linux on a desktop for 10 years. What made me finally just use Windows on a desktop and Linux inside WSL2 and Linux on servers was the behavior of the Linux kernel under high IO load and the nvidia driver when used for machine learning. Even with an NVME SSD under high IO load, while running simulations, the desktop would start lagging out and have weird stuttering. I tried many different IO schedulers and ran into the same issues. Under Windows I did not have that problem and I could still use Linux for my work inside WSL2. The other issues was more serious. Whie developing neural network code in tensorflow I had a number of times where the nvidia driver crashed and since it was also running the desktop it meant that every single program died with it. Debugging a problem like that is a pain in the neck when your entire development environment also dies with it. With Windows I ran into a few crashes of the video driver also EXCEPT that on Windows the screen flashes a few times and the video driver is restarted but all your programs keep running. I was able to fix my problems much easier that way because I could see what had gone wrong.
    1
  18. Updating without restarting on a modern GUI Linux is remarkable hard to do. You can install the updates but since the files are reference counted the old files are still being used by programs that already have them open. In order to actually do the upgrade you have to shut down every program using the files and then reopen them again. The more towards the core a library is the harder this is to do. If a library like gtk was upgraded you would have to shut down X and restart it. At some point you are better off just rebooting and guaranteeing the update is applied. I have seen systems before get broken into because they never restarted. The software running was still vulnerable even though the vulnerable software could no longer be seen on the filesystem. The admin thought they had applied the update and everything was fine when it was not.
    1