[03:26] good morning [18:36] is better opensource or closed ? ;) [18:48] that's impossible to tell because closed source is closed [18:49] well, not for everyone (someone has written it) 🙂 [18:49] Opensource generally has been higher-quality in my experience, presumably because more people are able to fix problems in it. [18:56] yes, thank you, and ... [18:56] i have done a lot of apps all open ... [18:57] you can study inside them ... [18:57] with closed no [19:03] you can study inside the app => you can study the source code ... :) [19:09] with opensource => you can study inside the app ;) [19:14] with closed source apps => you can only use them, the apps ... [19:15] closed apps => only use [19:15] opensource => use + study [19:15] opensource wins ;) [19:21] opensource => use + study + modify + rebuild + redistributed + gratis xD [19:32] with gnu license is ok ... [19:35] RMS => please no money xD [19:35] This isn't exactly within the topic of this room. [19:35] ok [19:43] seeing teward's latest mail to -release i wonder why nobody packaged tor-browser as a snap yet ... feels like a natural candidate to lock into the snap sandbox [19:44] *drops in from orbit* [19:45] ogra: you could ask the Tor team [19:45] they produce team browser [19:45] tor browser* [19:45] ffs autocorrect be sensible [19:45] lol, stop IRCing from android ! [19:45] ogra: i could look into it but :P [19:45] team browser - the final merge of MS Edge and MS Teams! From the Tor team. D: [19:45] ogra: i'm not, i'm IRCing from my computer. [19:45] and it has an adaptive keyboard on it :\ [19:45] (tablet computer) [19:45] aaaaaaaaaaaanyways [19:46] ogra: i'd consider snapping it but the way Tor works under the hood is it writes a lot of data to its own work dir and i'm not sure if that worsk in the snap infra [19:46] tor circuit caching, etc. [19:46] well, i guess they deemed it too hard ... browsers *are* non-trivial [19:46] That sounds like a bind mount would fix that? [19:46] Not sure if those work with Snaps though... [19:46] arrayboltCBook: it wouldn't [19:46] the other factor is [19:47] torbrowser itself is designed to launch from userspace [19:47] as long as the dir is not a hardcoded path writes shouldnt be a prob [19:47] so torbrowser-launcher takes into account that it writes to its own directory space [19:47] and 'installs' torbrowser in userspace in the defined path in its launcher [19:47] and sets up that path there [19:47] it's a pain [19:47] teward: This sounds more like it should be dropped from Debian since it's not even designed to work right in Debian and is unsafe. [19:48] arrayboltCBook: Debian Privacy Team keeps it in there [19:48] arrayboltCBook: you're talking about Tor Browser [19:48] well, if i have some spare time (in some other galaxy i guess 😛) i might take a look at it [19:48] not torbrowser-launcher which in itself isn't unsafe [19:48] Oh. [19:48] torbrowser-launcher could theoretically be snapped and then it defaults to userspace (~/.torbrowser/) or some path for download/install [19:48] *at snapping it [19:48] but that's its own hellhole [19:49] ogra: if you manage to snap it make sure you get the OK from Tor beforehand [19:49] yeah, not sure that makes a lot of sense [19:49] Maybe torbrowser-installer could be made as a Snap? [19:49] and start with firefox snap as a base idea [19:49] because it's technically Firefox rebranded [19:49] and forked [19:49] i wouldnt release it ... just create a snapcraft.yaml and offer it to them ... [19:49] arrayboltCBook: possibly. wouldn't solve the problem for those who've installed it with ebs [19:49] If it's designed to run in a user directory, then theoretically it should just download and install Tor from the official website and plop it into the user's home directory right? [19:49] debs* [19:49] i got enough snaps in the store 🙂 [19:49] teward: True. [19:49] arrayboltCBook: again, doesn't solve the current bug [19:50] it's already packaged as a flatpak [19:50] so it should be capable to snap the launcher tool [19:50] What is the bug? [19:50] you should learn to check mailing lists :p [19:50] (On a different computer without my email.) [19:50] yeah, the launcher would be trivial i guess [19:50] teward: Not everyone can access their email without turning around and using the computer behind them... alright I'll stop being lazy. [19:50] arrayboltCBook: https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2000077 [19:50] -ubottu:#ubuntu-discuss- Launchpad bug 2000077 in torbrowser-launcher (Ubuntu Lunar) "Download URLs are broken" [Medium, In Progress] [19:50] the problem is the "fix" is invasive [19:51] and isn't easy to nitpick [19:51] because it's intermingled with a ton of other things [19:51] it's one of those few packages where bugfixes and features come out at the same time in merges [19:51] *sips caffeine* [19:52] Blah. [19:52] lovely [19:52] This is why Universe should be used carefully for anything security-conscious. [19:52] well, at least you get CVE fixes now [19:52] With Ubuntu Pro, I guess? [19:53] yeah [19:53] Does it cover Tor Browser? [19:53] arrayboltCBook: i mean, technically, I'm all for getting this as an MRE exception [19:53] but i don't think SEcurity would take it [19:53] and put it in esm-apps [19:53] teward: MRE? [19:53] if there would be an official CVE for it ... [19:53] micro-release-exception [19:53] Ah. [19:53] there's usually not CVEs in torbrowser-launcher [19:53] yeah [19:53] That personally sounds like it would be the best idea. [19:53] but because this is an "odd case" I'm going a one-off MRE request here [19:54] if that's approved it makes prepping the SRU's that much more easier [19:54] i think esm-apps is for CVEs only [19:54] ogra: it is, and for Security team control [19:54] right [19:54] it's also a PITA right now [19:54] because users are being confused "Wait I need ESM to get any security updates now?" [19:54] it is still in its infancy [19:54] Hmm. It will be interesting to see how this plays out, I'll keep my eyes peeled. [19:54] (see the "apt integration is too much" bug) [19:54] yeah [19:54] arrayboltCBook: yeah i use torbrowser-launcher so it's one of the things I keep an eye on [19:55] it also takes care of *updating* tor browser too so [19:55] i'm rather worried what happens if yu dont opt in to pro ... imagine a 5y outdated install and the list of packages in the pro notice [19:55] lol [19:55] likely multi-page output [19:55] I mean wasn't this a thing back with Ubuntu Advantagetoo? [19:55] ogra: "5 year old release, past standard support" = "Go upgrade ya ninny" on most platforms [19:55] (add a space somewhere in there) [19:56] arrayboltCBook: Ubuntu Pro == rebranded with othe changes Ubuntu Advantages [19:56] well, 4.9y then 😛 [19:56] at the core ESM is still ESM [19:56] teward: I think he meant, as a system gets older, the list of unsupported Universe packages could get looooooooong. [19:56] arrayboltCBook, universe security updates were never a thing ... best effort at most [19:56] arrayboltCBook: that applies for things in Main too sometimes [19:56] Imagine someone installing Kubuntu 20.04, updating, and getting a heart attack. [19:56] that is the actual great thing about pro [19:56] but yeah universe security is usually ONLY community provided stuff [19:56] but Pro doesn't covera ll of universe either [19:57] it will ovr time [19:57] *was* [19:57] in practice it was basically "otto prepped mariadb updates" but very little else [19:57] But if you're not getting the Pro universe updates ever because you don't use Pro but apt keeps telling you about what in Universe you're not getting updates for, that will likely gradually get longer, and longer, and longer, and just clutter the user's screen and maybe even scare them. [19:59] If it could be shortened to "You have community-supported packages with security updates in Ubuntu Pro, run "pro list esm-apps" for more info", that might be helpful and still let users who don't use Ubuntu Pro rest easy. [19:59] but perhaps they shouldn't be resting easy [19:59] yeah, i guess that will need some work eventually [20:00] like not showing the list of package but a summary once the number exceeds a threshold [20:01] if you have not cared for it when the output takes two terminal pages, you are unlikely to care for it in the future 🙂 [20:01] Not to pick on Canonical, they do a great job, but this seems like one of those things that maybe could have used some more forethought before publishing it. The fact that users think that their systems are being left insecure is an indicator that something needs fixed. [20:02] Anyway, I'm sure they'll sort it out somehow eventually. [20:02] well, the users *are* unsecure ... [20:02] Not any more than they've always been, and all of the important stuff has been taken care of, no? [20:02] so it is good if users think about it [20:03] True, but they don't need to think we're strongarming them into using a freemium service that is actually optional. [20:03] not more than they have always been ... but now that is not necessary anymore and you *can* get them ... so it is good to tell them [20:05] Anyway, my opinions are nothing more than opinions, Ubuntu is and for me always has been the best Linux distro, so I'll quit my griping and go back to doing more important things :P [20:05] *for me Ubuntu is and always has been, I mean [20:06] well, the service has admittedly still rough edges ... and lots of room for improvement ... [20:06] prob is that you can no really do user testing like we do with other things during the non-LTS cycles [20:06] AAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+C [20:06] so 22.04 is actually the test cycle for it [20:07] meow ? [20:07] (cat learning to type) [20:07] 🙂 [20:10] (Fun fact that I learned thanks to the above incident, try pressing Shift plus an arrow key and see what happens.) [20:11] Shift+Up Arrow = A, Shift+Down Arrow = B, Shift+Right Arrow = C, Shift+Left Arrow = D [20:11] (At least on my two laptops that I'm using currently.) [20:13] arraybolt3: it's staggering how many people are just *now* learning that we didn't support universe packages previously [20:14] And people have been using Ubuntu without problems for years with that ignorance. [20:15] I love the fact that Ubuntu Pro fixes that, it just seems it may be being pushed a bit too forcefully and in ways that cause technical difficulties. [20:16] And tbf the forcefulness isn't even the problem, it's the "wow are users even going to be able to use apt without inconvenience now?" that's worrying me. [20:17] Maybe they will be able to still use it without problems, but making our users have to wade through info they don't want to see to tell them about a service they don't want to use seems... unhelpful. [20:19] well, it is easy to quieten by dpkg-divert'ing one file [20:51] arrayboltCBook: apparently that initramfs 'out of memory' thing is being fixed https://blog.jak-linux.org/2023/02/01/ubuntu-key-rotation/ [20:51] \o/