About to have a press release with local newspapers and TV channels for #DebConf23 with local team and Infopark representatives. Oddly relaxed about it too.
re: DebConf23 swag
@devrtz There are some more surprises on its way! (we dont' have enough for everyone, but for people who microblog about DebConf stuff, we'll make sure there will be!)
Here is a hopefully-useful notice about Linux kernel security issues, as it seems like this knowledge isn't distributed very widely based on the number of emails I get on a weekly basis:
- The kernel security team does not have any "early notice"
announcement list for security fixes for anyone, as that would only
make things more insecure for everyone.
- The kernel community does not assign CVEs, nor do we deal with them
at all. This is documented in the kernel's security policy, yet we
still have a number of people asking for CVE numbers even after
reading that policy. See my longer "CVEs are dead..." talk for full
details about how the CVE process is broken for projects like Linux:
https://kernel-recipes.org/en/2019/talks/cves-are-dead-long-live-the-cve/
- You HAVE to take all of the stable/LTS releases in order to have a
secure and stable system. If you attempt to cherry-pick random
patches you will NOT fix all of the known, and unknown, problems,
but rather you will end up with a potentially more insecure system,
and one that contains known bugs. Reliance on an "enterprise"
distribution to provide this for your systems is up to you, discuss
it with them as to how they achieve this result as this is what you
are paying for. If you aren't paying for it, just use Debian, they
know what they are doing and track the stable kernels and have a
larger installed base than any other Linux distro. For embedded,
use Yocto, they track the stable releases, or keep your own
buildroot-based system up to date with the new releases.
- Test all stable/LTS releases on your workload and hardware before
putting the kernel into "production" as everyone runs a different %
of the kernel source code from everyone else (servers run about
1.5mil lines of code, embedded runs about 3.5mil lines of code, your
mileage will vary). If you can't test releases before moving them
into production, you might want to solve that problem first.
- A fix for a known bug is better than the potential of a fix causing a
future problem as future problems, when found, will be fixed then.
I think I need to give another talk about this issue to go into the above in more detail. So much for me giving a technical talk at Kernel Recipes this year...
- The kernel security team does not have any "early notice"
announcement list for security fixes for anyone, as that would only
make things more insecure for everyone.
- The kernel community does not assign CVEs, nor do we deal with them
at all. This is documented in the kernel's security policy, yet we
still have a number of people asking for CVE numbers even after
reading that policy. See my longer "CVEs are dead..." talk for full
details about how the CVE process is broken for projects like Linux:
https://kernel-recipes.org/en/2019/talks/cves-are-dead-long-live-the-cve/
- You HAVE to take all of the stable/LTS releases in order to have a
secure and stable system. If you attempt to cherry-pick random
patches you will NOT fix all of the known, and unknown, problems,
but rather you will end up with a potentially more insecure system,
and one that contains known bugs. Reliance on an "enterprise"
distribution to provide this for your systems is up to you, discuss
it with them as to how they achieve this result as this is what you
are paying for. If you aren't paying for it, just use Debian, they
know what they are doing and track the stable kernels and have a
larger installed base than any other Linux distro. For embedded,
use Yocto, they track the stable releases, or keep your own
buildroot-based system up to date with the new releases.
- Test all stable/LTS releases on your workload and hardware before
putting the kernel into "production" as everyone runs a different %
of the kernel source code from everyone else (servers run about
1.5mil lines of code, embedded runs about 3.5mil lines of code, your
mileage will vary). If you can't test releases before moving them
into production, you might want to solve that problem first.
- A fix for a known bug is better than the potential of a fix causing a
future problem as future problems, when found, will be fixed then.
I think I need to give another talk about this issue to go into the above in more detail. So much for me giving a technical talk at Kernel Recipes this year...
@juliank I used about the same the last week to keep my bedroom warm the last week. If only it was possible to build a heat ex-changer that works between the southern and northern hemispheres!
I know I'm very biased, but I'm really just blown away how easy all my Debian bookworm upgrades are going. Thanks to everyone who made that possible!
@mattl @dsfgs @ItsSheVee Yeah with so many things in the world to worry about, desktop Linux is one of the last things that needs concerned, since it's literally bigger than ever (original source from statcounter: https://www.i-programmer.info/news/126-os/16464-linux-has-over-3-desktop-os-share.html)
Last week I talked to the guys from The Changelog podcast about Debian and it's 30th birthday, it's now up at:
https://changelog.com/podcast/553
I haven't had the courage yet to listen to it myself, hopefully their producers managed to make something coherent from my usual Debian babbling :-)
https://changelog.com/podcast/553
I haven't had the courage yet to listen to it myself, hopefully their producers managed to make something coherent from my usual Debian babbling :-)
Some pictures from yesterday's Debian's 30th birthday celebration in Kochi along with 19th birthday of OpenStreetMap.
The event was covered by Deshabhimani [Malayalam] https://www.deshabhimani.com/news/technology/open-street-map-kochi/1110867
#debianday #debian #debianindia #osm #osmkerala
The event was covered by Deshabhimani [Malayalam] https://www.deshabhimani.com/news/technology/open-street-map-kochi/1110867
#debianday #debian #debianindia #osm #osmkerala
"The time has come to concentrate on the future of Linux rather than on the destructive goal of enriching oneself at the expense of the entire Linux community and its future." -Ian Murdock, 1994
@passthejoe I have no idea, I've never used it. Whichever backup tool you use, it's good practice to test your restore procedure so that you know how (or if) it will work
@passthejoe I haven't used flatpak that much but, check if you have a .var directory, I believe flatpack apps store their data there