diff options
| author | luxagraf <sng@luxagraf.net> | 2017-06-30 11:05:31 -0600 |
|---|---|---|
| committer | luxagraf <sng@luxagraf.net> | 2017-06-30 11:05:31 -0600 |
| commit | dab8dd1f4a26d11eecbed9eee305a978b2fe717c (patch) | |
| tree | 9a2e0f7be6ae3f582f48752380b5c91a9195caad | |
| parent | ff27d7ed4ff3eb1b933c8733379f3870363ac169 (diff) | |
archived published stuff
19 files changed, 264 insertions, 45 deletions
diff --git a/distro-overview.txt b/distro-overview.txt deleted file mode 100644 index 8e297dd..0000000 --- a/distro-overview.txt +++ /dev/null @@ -1,45 +0,0 @@ -Ubuntu is returning to its roots, abandoning Unity 8, Mir, convergence, the whole shebang. If you're an Ubuntu user there's no need to panic. In fact you can even continue to use the familiar Unity 7 interface for as long as you like, though you'll have to install it after you install Ubuntu by enabling the Universe repos. - -There's even a community forming around the idea of continuing development on Unity 7, or at least, one hopes, fixing bug and updating to patch security vulnerabilities. As the user of a desktop that's more or less abandoned, or perhaps just considered complete (Openbox), I'm here to tell you that there's nothing to fear. Unity has a user base several orders of magnitude larger than Openbox so you should be just fine. - -Still, if you decide that the uncertainty of Ubuntu's future is not for you, it might be time to fire up Virtualbox and start experimenting with some other desktops and distros. This is naturally a very subjective thing, but here's a brief overview of some distro and desktop combinations I've enjoyed. I generally end up back at Arch, but I hop between these various combos on a regular basis. One tip, it's much easier to distro hop if you put your /home folder on separate partition. - -**Ubuntu MATE** This would be my top pick for anyone new to Linux or wanting a desktop experience that's reminiscent of Windows. MATE is fast, regularly updated and uses a familiar taskbar-oriented interface. My only hesitation here would be for users with HiDPI screens. MATE's HiDPI support is okay, but no where near as good as what Unity or GNOME offer. - -Ubuntu MATE offers a familiar Ubuntu experience -- all the apps you're used to, all the usual commands in the usual places -- but is much easier on the RAM and graphics card than GNOME. - -MATE grew out of Linux Mint project, but I happen to prefer what the Ubuntu MATE team has put together. I prefer ubuntu MATE in part because I often recommend this for new users and I don't think Mint's default security settings are a good match for Linux newcomers. - -**Fedora GNOME** If you're going to use GNOME, right now, not having seen what Ubuntu is going to end up doing, I would suggest trying it via Fedora. Fedora's out of box experience with GNOME is about as stock as you can get, which means you'll rarely run into problems with themes or extensions. Fedora's GNOME experience will help you get familiar with GNOME rather than some distro's customization of GNOME. - -That said, there is of course quite a difference between Fedora and Ubuntu, especially their package managers. If you work with an Centos servers you'll have a basic idea of Fedora's experience. Ubuntu uses Apt, which used to be one of my favorites, but Fedora has put a ton of work into DNF, which now offers quite a few nice bits that apt lacks, for example if you run a command in Fedora that's not yet installed dnf will often step in and offer to install it rather than just saying "command not found". - -It used to be that Ubuntu -- drawing on Debian's vast repositories -- had a wider range of software available. That's still probably true if you compare default repos, but Fedora has quite a few community maintained repos like the Extra Packages for Enterprise Linux (EPEL), COPR and RPMfusion repositories. It's not always wise to just blindly add lots of third-party repos though, I typically use a DNF add-on to I've never found an application that wasn't available for Fedora in some form. - -If you stick with graphical software installs you'll be right at home in Fedora. GNOME's Software app was the basis for Ubuntu's software app and functions more or less the same way. - -**Debian Xfce** The granddaddy of Linux distros and the upstream source of Ubuntu itself, Debian has a reputation for being a bit behind the times when it comes to available applications -- "conservative" would be the more neutral term -- but that's not necessarily the case. Or rather it is the case for Debian itself, but if you use Debian's testing branch you'll have access to just about everything you'd find in Ubuntu. - -One word of caution though, Debian does not support .deb files the way Ubuntu does. You can often install them, but in my experience nothing will break your Debian system faster. - -If you just click your way through the Debian installer you'll end up with a GNOME desktop, which offers a decent experience, but I find Xfce more suited to Debian. It's a bit easier on the processor and RAM and it's barebones, just make it work approach seems to match Debian's style. - -I would recommend installing the xfce-extras package, which contains some nice add-on and features that don't come with the base package. - -It's worth noting that there are some things that don't work in Debian, most notably secure boot support does not exist and was recently removed from even the as-yet-unreleased Debian 9. If you need secure boot then Debian is a no-go. It's also worth mentioning that Debian 9 will mostly be out in the next few months, which will bring Debian proper into the modern world. So if you'd prefer not to use Debian testing, you can wait a bit and what's currently in testing will be in Debian 9. I generally use the stable branch for the first year or so after a release and then, as newly released applications stop being backported, switch to testing. - -**Linux Mint Cinnamon** I've given Linux Mint a hard time in some reviews, especially because I think it's security situation is somewhat questionable, but provided you take the time to setup the right update processes and make sure that your software is updated properly Mint is an excellent distro. - -The Cinnamon desktop is theoretically available for quite a few distros, but none I've used match the out-of-the-box experience of Mint, which makes sense since Mint is where Cinnamon started. Cinnamon's experience is close to that of MATE (also a Mint project), but offers a little more polish and flash. - -Mint itself should pose no real problems for Ubuntu refugees. The software update and installation tools are different, but in many ways better and offer more control. The key is not accept the default settings, but read through the various options and make sure you understand what you're getting. - -**Arch Linux with Desktop of Your Choice** If you're ready to learn more about how Linux works behind the scenes, how the various bits of software fit together and want access to the latest and greatest the minute it's ready the Arch Linux is worth a look. It has a reputation for being difficult to install, but it's really not that hard. It does, however, require you to install via the command line and most things you'll ever want to do to your Arch system will be via a text-based interface. - -If all that sound intimidating, well, it would be were it not for the Arch community and the Arch wiki, which is one of the best sources of Linux information on the web. - -Two tips for running Arch: first, do not try to test it in a virtual machine. I've been running Arch for a couple years now and know my way around it pretty well and I still can't ever get it working right in Virtualbox. Second, do not go too long between complete updates. The only problems I've had with Arch and updates have been when I went a month or more without running Pacman -Syu. - -**OpenSUSE with KDE** This gets an honorable mention because, while I do not really care for KDE, the out of the box experience with openSUSE is excellent and well worth a look in your distro explorations. - -There are of course dozens of other distros and desktops out there. ElementaryOS is a popular one that might be worth a look, as is the newcomer, Solus, which has a very slick desktop and nice out-of-the-box experience. diff --git a/invoices/scott_gilbertson_invoice_87.doc b/invoices/paid/scott_gilbertson_invoice_87.doc Binary files differindex 0d29bf0..0d29bf0 100644 --- a/invoices/scott_gilbertson_invoice_87.doc +++ b/invoices/paid/scott_gilbertson_invoice_87.doc diff --git a/invoices/scott_gilbertson_invoice_88.doc b/invoices/paid/scott_gilbertson_invoice_88.doc Binary files differindex 9152d48..9152d48 100644 --- a/invoices/scott_gilbertson_invoice_88.doc +++ b/invoices/paid/scott_gilbertson_invoice_88.doc diff --git a/invoices/scott_gilbertson_invoice_89.doc b/invoices/paid/scott_gilbertson_invoice_89.doc Binary files differindex ad98a3f..ad98a3f 100644 --- a/invoices/scott_gilbertson_invoice_89.doc +++ b/invoices/paid/scott_gilbertson_invoice_89.doc diff --git a/invoices/scott_gilbertson_invoice_90.doc b/invoices/scott_gilbertson_invoice_90.doc Binary files differnew file mode 100644 index 0000000..570f17c --- /dev/null +++ b/invoices/scott_gilbertson_invoice_90.doc diff --git a/invoices/scott_gilbertson_invoice_91.doc b/invoices/scott_gilbertson_invoice_91.doc Binary files differnew file mode 100644 index 0000000..e9e5fb8 --- /dev/null +++ b/invoices/scott_gilbertson_invoice_91.doc diff --git a/open-source-insider-1707.txt b/open-source-insider-1707.txt new file mode 100644 index 0000000..783e30b --- /dev/null +++ b/open-source-insider-1707.txt @@ -0,0 +1,19 @@ +A couple months back I got a email from an old shared hosting provider. The host wanted to "upgrade" my account to a new server. I had long since stopped using the account for all but one client site that ran a legacy version of Django. I built it ages ago, but it was done. It worked fine and the client was still happy with it. No big deal I thought, they'll move it a new server and it'll keep on running. + +Then I discovered that my account was going to be involuntarily upgraded from CentOS 6 to CentOS 7. Without diving into a full review, let's just say that's a major change. There was no way that my app was going to be moved from CentOS 6 to 7 and still work. + +That's why there was a "migration guide", which is software hosting speak for a crap ton of work you're going to have to do continue using our service. I opted to use my own migration guide to migrate to a different company, one of the many cheap VPS hosts that have come a long in recent years. I mean if I have to update a piece of software anyway I might as well move it to something that gives me full control over the entire stack. + +What I found so interesting about the experience was that in communicating with the company it became very obvious that they saw nothing wrong with randomly upgrading the server. I call it random because CentOS 6 is a perfectly good operating system that will be supported until November 2020. There's no hurry to update. Because I review OSes I happen to know that CentOS 7 introduces a whole slew of very useful tools for sysadmins though, and this I suspect was the reason for the update -- the company's engineers wanted to use those tools across the board. + +This sounds totally normal and even reasonable to those of us who work and live in the world of software, but it's actually totally dysfunctional and insane. To see just how dysfunctional this is it helps to re-frame things in terms of stuff in the real world. Imagine you hire a plumber to build you a new shower. They do and you are happy, you pay them and everyone goes there separate ways. Five years later you come home from work and your old shower is gone and there's a new one, but it's now in the kitchen instead of the bathroom and it only has cold water because hot has been deprecated. There's a note on the door with some suggests on how you can use it just like you used your old one. + +Plumbers do not do this because that would be crazy. In most professions when you are hired to do something and you do it, then the project is said to have reached a status known as "done". There is no coming in afterward to change everything and then forcing your customers to accept it. + +But there is no "done" in software. Software is never done. I am unaware of a single software project that is considered done. There are plenty that are done because they've been abandoned. For instance, many people say that Openbox isn't developed anymore because it's done, which I'd tend to agree with, but it may also be that the developers just lost interest. The project at least has never formally come out and said, hey, this is done. + +That would considered crazy in software because by the rules currently governing software culture things can never be done. If things were done no one would upgrade, if no one upgraded we'd all be out of jobs. That's how the current software industry works. And that's generally how new industries go for a while. Presumably it took some period of heavy innovation and iteration before the current hammer came to be. But then there was a hammer and not a lot of thought has been put into hammers since. Hammers are done. + +Software desperately tries to avoid a state of done. Yet done seems to come of its own accord. Look at the release notes for any major software product over time and you'll notice that most are heading toward a done moment. But when that moment nears someone steps in and re-writes it from scratch to "improve it". + +In most cases though what works now works well enough. Even lowly, much-maligned Windows XP still works well enough. The only reason it's insecure is that it's creator decided to stop making it secure. The site I hosted with that company didn't need an upgrade, it was running fine with almost no attention at all. It was done. Which is exactly why the software gods stepped in and forced it back into development. Sure, I rewrote it working with the latest release of Django, but you know what? Now it's done. diff --git a/published/browser-privacy.txt b/published/browser-privacy.txt new file mode 100644 index 0000000..11ea7a4 --- /dev/null +++ b/published/browser-privacy.txt @@ -0,0 +1,39 @@ +In the United State ISPs have regained to power to snoop on your internet browsing and sell the results to the highest bidder. Although technically no new law has been passed, the Obama administration had created rules which prohibited internet service providers -- Verizon, AT&T, Comcast, etc -- from selling or otherwise sharing your web browsing history with other companies. Early this year congress reversed those rules, which means Verizon and pals can do pretty much whatever they want with your data. + +While it's unclear how that change will actually play out, many are expecting ISPs to go on a data-selling orgy selling everything to anyone. + +In light of that possibility it's worth figuring out, what data does your ISP have and how can you prevent them from getting it? + +The first question is pretty easy to answer, ISPs know just about everything. In order to connect you to the network in the first place they need all your personal data, name, address, current location (in the case of a mobile network), credit card, etc. It also know every website you've ever connected to, every song you've streamed, movie you've watched, every item you've purchase. It's also entirely possible for your ISP to buy other information from the world's various data brokers, things like loan history and credit card purchases for example. Put it all together and, in practical terms, your ISP could know more about you than you do. + +How do you stop that from happening? The short, depressing answer, is that you don't really. Not without radically altering how you use the internet anyway. + +That said, there are a few things you can do to reduce what your ISP knows about you. + +Before I go into that though it's worth noting that if you spend all your time, for example, signed into the Chrome web browser and have Facebook open all day you're leaking your data to Google and Facebook anyway, does it really matter if your ISP has it too? Google and Facebook sell that data to marketers too. So before you freak about ISPs selling your data, take stock of what you're already giving away without thinking about it. + +Let's assume that you're using Firefox and you don't use Facebook much. Your ISP can still see everything. That's where the first thing comes in -- HTTPS. The HTTPS protocol encrypts your traffic to and from the server. When you connect to an HTTPS page your ISP can't see what you see. Don't get too excited though because it can still learn a heck of a lot about your request. For example it can get the base domain. It can see that you've requested, for example, wikipedia.org, even if it can't see which page your connected to. + +Your ISP can also see what time you connected, where you where and cross reference that with your established browsing habits to make a pretty good guess about which page you connected to. Now, to be fair, we have no real way of knowing if that's something ISPs do -- Facebook, however, does -- but it's certainly within the realm of possibilities. Also bear in mind that once this information is sold, other companies can make all the same connections and educated guesses. + +So while HTTPS helps, it doesn't solve the problem. And again, nothing really does, but there is one thing that can help a whole lot -- a Virtual Private Network (VPN). + +A VPN is a service provider that acts like a black box. Instead of connecting directly to the internet, you connect to the VPN (which your ISP can see) and then the VPN box connects to the actual site (which the ISP can no longer see). + +The advantage of a VPN is that everything is hidden. Neither your ISP nor any other snooping party between your PC and wherever the VPN is terminating can see what you’re up to. They can still see the amount of data flowing and make some educated guesses perhaps, but they'd be too unreliable to be a value to advertisers, which are the primary target when ISPs are selling your collected data. + +The downside is that a VPN connection is slower because it has to connect twice, once to the VPN and then again, though the VPN to another point. That means slower throughput and slower browsing. If you have a nice fast connection you might not notice a VPN, but if you're using a VPN through your phone over 3G, you'll most definitely notice. Trust me, I use one every day and it slows down already slow connections. + +The speed difference and the complexity of setting up a VPN are part of the reason I said you'll need to change your internet habits to really stop ISP snooping. Then there's also the headache of picking a VPN, which is a very important decision since all you're really doing here is using one company, the VPN, to hide your data from another (your ISP). Your VPN can see everything your ISP used to see so you want to make sure you pick a company that you trust and that doesn't retain data. + +That latter bit is key. Because while it's true that ISPs need to see your traffic to optimize their networks, it's not true that they need to store it. So when you look for a VPN, make sure they're totally transparent about what data they log, how long they keep it, who they share data with, what jurisdiction they're in and what their track record is. + +Picking a VPN is greatly complicated by the number of spammy VPN reviews out there that are little more the affiliate marketing links, though they often look innocuous enough. Security researcher Brian Krebs has some <a href="https://krebsonsecurity.com/2017/03/post-fcc-privacy-rules-should-you-vpn/">good advice</a> on picking a VPN and the limitations of even good VPNs, though in terms of hiding your data from ISPs just about any VPN will work, the question is, how much do you trust that VPN? Krebs points to <a href="https://thatoneprivacysite.net/choosing-the-best-vpn-for-you/">this site</a> as a good starting point for VPN comparisons. + +If you don't want to pay for a VPN then you should not use one. A free VPN's business model is going to be selling your data, defeating the purpose of routing around your ISP in the first place. There is another option, however -- <a href="https://www.torproject.org/index.html.en">the Tor network</a>. + +Tor, which is short for "The Onion Router," works by bouncing your requests through a series of relays (a bit like layers of an onion, hence the name) around the world, encrypting your data at every relay. There are some limitations, but in terms of just hiding things from your ISP, Tor will do the job. I suggest getting the <a href="https://www.torproject.org/download/download.html.en">Tor bundle</a>, which handles configuring the network and opening a browser all ready to go. + +The trade off again is speed. Tor will be even slower than a VPN, but depending on how much you value your privacy, that may be an acceptable trade off. + +Oh and if you'd like to get vindictive, there's a <a href="https://www.searchinternethistory.com/">website</a> raising money to buy and then publish the internet browsing histories of all the lawmakers who repealed the FCC rules. As snarkishly satisfying as that would be, it's unlikely to happen and your money is better put toward privacy advocate groups like the <a href="https://www.eff.org/">Electronic Frontier Foundation</a>. diff --git a/published/debian9-desktop.jpg b/published/debian9-desktop.jpg Binary files differnew file mode 100644 index 0000000..3683e44 --- /dev/null +++ b/published/debian9-desktop.jpg diff --git a/published/debian9-firefox.jpg b/published/debian9-firefox.jpg Binary files differnew file mode 100644 index 0000000..7fe2e61 --- /dev/null +++ b/published/debian9-firefox.jpg diff --git a/published/debian9.txt b/published/debian9.txt new file mode 100644 index 0000000..f3491e9 --- /dev/null +++ b/published/debian9.txt @@ -0,0 +1,37 @@ +After over two years of development the Debian project has released Debian 9. Stretch, as this release is known, is dedicated to Ian Murdock -- Debian founder and the 'ian in Debian -- who passed away last year. + +As you would expect for a distro that takes over two years between releases, Debian 9 is a major update. + +In addition to major updates and changes to nearly every bit of software that ships with Debian, there have been some major policy changes as well. This version of Debian ships with two apps you won't find in Debian archives unless you go back nearly a decade -- Firefox and Thunderbird. Due to licensing issues Debian has long shipped Iceweasel and Icedove, instead of Firefox and Thunderbird proper. With the release of Stretch that's no longer true, the full Mozilla branded versions now ship with Debian 9. + +It's also worth noting something significant that didn't make it into Debian 9 -- support for Secure Boot. That leaves Debian as the only major release that doesn't support Secure Boot. That's disappointing since, while Secure Boot has some issues, it's generally a vast security improvement since it prevents unsigned code from running at boot. + +Aside from the missing Secure Boot support, which, it's worth noting, may arrive down the road, there's much to love in the release. All the major desktops Debian officially supports have been updated, most desktop apps are near their latest release and quite a few low level components see some major version leaps. + +Among the more significant changes in Stretch is support for the 4.9 Linux kernel, a huge leap from Debian 8.8's support for kernel 3.16. Kernel 4.9 means better support for Intel Skylake chips, quite a few improvements to different file systems, especially btrfs, as well as the usual slew of driver updates and improved support for newer hardware. There's also quite a bit of improvements to ARM support, which is significant for Debian since it supports just about every chip architecture under the sun, including ARM. + +Server users will note that this release ditches MySQL for MariaDB, which so far is a drop in replacement that shouldn't actually change anything in terms of database behavior. Those using Debian as a web server will be pleased to know that Debian supports PHP 7, which, while hardly new, is a welcome update. Python devs also get support for 3.5 in this release. + +While Secure Boot did not make the cut there are many changes in this release which greatly improve the overall security of Debian. Among the most significant are that Xorg no longer needs root privileges to run the display server. That eliminates an entire class of attacks that work by going after privilege escalation via Xorg. However, to run Xorg as non-root you'll need to install logind and libpam-systemd and use GDM 3 for your login tool since only GDM 3 supports running it without root privileges. + +Another big security change is an update for GnuPG. Debian 9 uses what the GnuPG project refers to as the "modern" branch of GnuPG by default (version 2.1), eliminating the need for GnuPG 1.1 or 2.0. Both are still available in the repos, but the modern branch has much better defaults for generating keys, as well as support for elliptic curve cryptography. It's also what nearly every other distro has long used, which means if you move between distros a lot, there'll be less confusion in GPG commands and behavior. + +Another major tool change is the version of apt that ships with Debian 9. + +I threw caution to wind and updated my primary laptop the day Stretch was released (from Debian 8,8) and while I have had no significant problems (even with my software from backports), there are a couple of gotchas worth noting. The biggest is that Network Interface Cards (NICs) are now named using BIOS/firmware and slot. That means for example your ethernet card will be something like ens0 or enp1s1. If you have any scripts that reference, for example, your wifi card by NIC, they may break. + +Also be aware that Debian 9 moves to use the libinput Xorg driver, so if you've got a bunch of customizations that rely on the evdev driver (the default in Debian 8) you'll need to migrate them to use libinput syntax. The other possibly rough spot involves GNU GCC 6, which is new in Stretch and offers support for position independent executables. That's a security improvement but it means you need to be on a newer kernel. My advice is update to Debian 8.8 before attempting to update to 9.0. That way you won't encounter any problems. + +There are a handful of other known issues with Debian 9 and it's well worth reading through the list before you attempt to upgrade anything that you depend on (I upgraded my laptop, but it'll be a while before I attempt to upgrade any production servers). + +The Debian installer offers half a dozen desktops, nearly all of which have seen major updates in this release. The default option is GNOME, which has been updated to GNOME 3.22. Perhaps the best thing about 3.22 is that the GNOME extensions API has been declared "stable". That's mostly good news for extension developers, but it also means that updates will no longer run the risk of breaking all the extensions you rely on to customize GNOME Shell and let's face it, only masochists use GNOME without customizing it. + +GNOME 3.22 also sees some big changes in the Software app, especially better support for Flatpak apps. If you haven't had a chance to dive into the world of Flatpak apps yet, you can do so in Debian 9. Flatpaks are still a bit rough around the edges and the very tight sandboxing model that governs them can mean that Flatpak versions of your favorite apps are missing a few features, but they're getting closer to usable status. + +The other desktops in the installer are Cinnamon 3.2, KDE 4.16, Mate 1.16, Xfce 4.12, and LXDE. + +While there way not be much that's really new in this release for anyone not using Debian, Debian 9 is a significant release for the project, Debian users and the wider Linux community. Without Debian there would be no Ubuntu, no Linux Mint and no elementary OS, to name just a few of the currently popular distros downstream from Debian. + +It's also worth noting that, while the above should confirm Debian's reputation as a very conservative distro focused on stability over all else, there are also two other versions of Debian. If you want to try out Debian's bleeding edge, right now is about as bleeding as it gets. When Debian 9 was declared finished it was moved out of the testing channel where it had been for the last two years. That means that testing is currently more or less the same as "Sid", the rolling version of Debian. That's where the latest releases will live for the next several years before they become Debian 10. Along they way they'll become Ubuntu 17.10, Ubuntu 18.x, Linux Mint 18.x and 19.x as well as dozens of other distros. Not all roads in Linux lead back to Debian, but for those that do Debian 9 is a milestone. + + diff --git a/published/distro-overview.txt b/published/distro-overview.txt new file mode 100644 index 0000000..b040d5e --- /dev/null +++ b/published/distro-overview.txt @@ -0,0 +1,73 @@ +Depending on who you ask, Ubuntu Linux may or may not be leaving the desktop behind to focus on Ubuntu on servers, Ubuntu in the cloud and Ubuntu in the so-called "internet of things". + +Even if you give Canonical the benefit of the doubt -- that it will continue working desktop Ubuntu in some fashion -- at the very least desktop Ubuntu's future looks uncertain. + +How will the transition to GNOME work? Will existing Unity users be "upgraded" to GNOME with 17.10? Canonical is reportedly plotting out solutions to much of this uncertainty right now, but for users the uncertainty rules the day. + +As I've argued previously, Canonical appears to be following in the footsteps of Red Hat and SUSE Linux. In 2003 Red Hat dropped its desktop, then called Red Hat Linux, and started up Red Hat Enterprise Linux, eventually becoming the enterprise-focused company it is today. Something similar happened to SUSE, though the process was different. Novell bought SUSE in 2003 and immediately rebranded it SUSE Linux Enterprise Server. + +I believe Canonical will follow in the footsteps of Red Hat and SuSE. But there's an upside, out of Red Hat came Fedora and out SuSE came openSUSE. In the end, for Linux distros, community matters. Enterprise customers may pay the bills but without community Linux distros seem to fade away into the ether. + +In light of that, it's worth taking a look at where the various distros are, what their plans for the future are and why you might prefer them over Ubuntu. + +**Debian Linux** The distro that launched a thousand ships rarely gets the credit it deserves. Without Debian there would be no Ubuntu, no Linux Mint and no elementary OS, to name just a few of the currently popular distros downstream from Debian. + +Debian has a reputation for being a very conservative distro and that's true for the stable release, which often goes several years without a significant update, but it's not true for the testing and "sid" releases which feature frequent updates and more or less rolling releases. Eventually at some point in the development process testing stabilizes, gets frozen and becomes a new stable release. + +That moment is coming up very soon. Though Debian maintains a strict "when it's ready" release policy with no dates involved, Debian 9 is imminent. Once Debian 9 is out the door testing will turn back into the wild west of development as the future of Debian takes shape. + +Aside from the release of Debian 9 the future of Debian looks, well, like the future of Red Hat. There are just too many technologies originating at Red Hat to really allow for Debian to forge its own path. Whatever else you may think of systemd, there's no question that it is a many tentacled beast and once it is in your distro your distro is, on some level at least, beholden to Red Hat. + +In terms of personnel Debian has had a tumultuous few years, some of the conflict revolving around the aforementioned systemd, some unrelated. There were several high profile developer departures explicitly related to systemd and others that, while not about systemd itself, were about the decision making processes it brought to light. Then Debian founder Ian Murdock -- the 'ian in Debian -- committed suicide amidst very strange circumstances. + +Through all of the turmoil the Debian project has largely soldiered on unaffected, at least unaffected from an end user's point of view. That Debian continues to function is a testament to the community -- however imperfect and flawed it may be. If you're looking for a distro that's unlikely to change anything too fast, won't disappear at the first sign of trouble and provides a reliable Linux experience, Debian delivers. + +**Fedora** Fedora today is effectively what Red Hat Linux was in 2003 -- a community based distro. That its real purpose is a testing ground to discover what works and what doesn't before it ends up in RHEL doesn't make it any less reliable than any other distro. + +Like Debian, Fedora has been through some significant changes lately. A few years ago the Fedora project had become a massive sprawling beast that seemed to be losing its way. To help organize things and refocus Fedora launched its Fedora Next initiative, which divided Fedora releases into three categories. Today Fedora offers builds tailored for Workstation (desktops), Server and Atomic. + +Atomic was previously known as Fedora Cloud, but Cloud was sidelined in favor of Atomic. As the name suggests Fedora Atomic is built around Fedora's Atomic project and is tailored for those running container-based server systems. + +Fedora has been a great showcase for the development of GNOME Shell (a fair number of GNOME devs are Red Hat employees) and was one of the first major distros to deliver Wayland as the default (which happened in Fedora 25, released at the end of 2016). + +If you want a distro that's stable, but still a little more cutting edge than Debian, Fedora makes a good choice. Fedora devs have also been well ahead of the curve on some somewhat esoteric, but welcome, Linux improvements that then percolate out to other distros, for example color management and early support for the latest versions of unicode. + +Fedora is also a good choice for anyone who works with RHEL or CentOS servers a lot since the underpinnings and command line tools like yum/dnf are the same in both. + +Fedora's future looks to be more of the same, with development split across the Fedora Next releases. Fedora 26 should be released in early summer, currently it's slated arrive June 27. + +**Linux Mint** Linux Mint began life as a distro based around KDE, though it soon ditched KDE, picked up Ubuntu as a base and soon thereafter began using its own desktops -- Cinnamon and MATE -- atop the latest version of Ubuntu. This changed slightly in 2014 with the release of Mint 17, which was based on Ubuntu's 14.04 LTS release. Instead of tracking Ubuntu's latest release, Mint continued to use 14.04 as a base until 16.04 was released. So Mint 17.1, 17.2 and 17.3 all shared the same Ubuntu 14.04 LTS core and Mint 18.1, 18.2 and eventually 18.3 will all be based off Ubuntu 16.04 LTS. + +The Linux Mint project was founded by and is still essentially driven by Clément Lefèbvre, though there is a large community of developers working on Mint as well. + +It used to be that Mint was a bit like Ubuntu with all the proprietary software pre-installed -- things like plug-ins and codecs that handle Adobe Flash, MP3, and DVD playback. That's no longer the case, Mint stopped shipping those tools by default, though like most distros they're easy to install. + +These days most of Mint's efforts revolve around the Cinnamon and MATE desktops, both of which use a GNOME 2.x-inspired GUI and share quite a few components. Of the two Cinnamon is the flashier and MATE is the less resource intensive, making it a good choice for older machines with less capable hardware. + +Why choose Mint? Mint experienced a huge surge in popularity back when Ubuntu revealed Unity and GNOME announced GNOME 3. Mint developers didn't make massive changes to their desktops and they show no signs of doing so in the future. If you liked GNOME 2/Windows XP, you'll love Cinnamon and MATE. Those are of course desktops, not distros, but the developers are the same and one big reason for choosing Mint is the developers. + +Mint developers regularly solicit feedback from users, develop new features at an impressive pace and, perhaps most impressively, answer nearly every question on every blog post. They're also perhaps unique in the world of Linux as they really haven't forced any features into to Linux Mint that the community doesn't want. Unless you count systemd or any upstream changes coming from Ubuntu since the Mint developers don't have much say in those changes. There is a version of Linux Mint based off Debian testing, Linux Mint Debian Edition, though it tends to get far less attention than Linux Mint. + +Linux Mint make a good choice for those who'd like a distro that isn't constantly trying to change the desktop computing paradigm, but don't want to use abandonware. Mint is actively developed and both of its homegrown desktops are excellent. + +**ElementaryOS** The new kid on the block, elementary OS has put a wonderful skin on Ubuntu. In fact that's all it used to be, a theme for Ubuntu/GNOME. But as both and Ubuntu and GNOME moved in other directions, elementary OS became a distro in its own right, developing its own desktop and set of applications to go with it. + +The overall look and feel of elementary OS's Pantheon desktop environment is heavily inspired by Apple's OS X. The similarity isn't just skin deep either, Pantheon embraces quite a few of OS X's implied philosophies as well. Among the core rules that elementary OS's developers abide by are to "avoid configuration" and design in such a way that "minimal documentation" is needed. + +The result is a very newcomer-friendly desktop that's easy to get up and running. + +Elementary OS has taken some flack for it's download page, which requires you to add some amount of money (including $0) before the download button will work. The way it's designed it's not clear that you can in fact enter $0 and download it, which feels deceptive, especially coming from a distro that's so heavily staffed with designers. There's nothing wrong with asking for some money to support your distro, Linux Mint in fact does the same, but the way elementary OS does it strikes me as deliberately deceptive. + +Still, if it doesn't bother you and you're looking for a desktop that looks great with almost no need to configure things elementary OS makes a great choice. + +**Arch Linux** If you're ready to learn more about how Linux works behind the scenes, how the various bits of software fit together and want access to the latest and greatest the minute it's ready the Arch Linux is worth a look. It has a reputation for being difficult to install, but it's really not that hard. It does, however, require you to install via the command line and most things you'll ever want to do to your Arch system will be via a text-based interface. + +If all that sounds intimidating, well, it's considerably less so thanks to the Arch community and the Arch wiki, which is one of the best sources of Linux information on the web. + +Two tips for running Arch: first, do not try to test it in a virtual machine. I've been running Arch for a couple years now and know my way around it pretty well and I still can't ever get it working right in Virtualbox. Second, do not go too long between complete updates. The only problems I've had with Arch and updates have been when I went a month or more without running Pacman -Syu to update my system. + +Arch is perhaps the most community-driven distro, but it has some very different design philosophies than other distros. Arch tries to ship software exactly as released by the upstream developers with minimal distribution-specific changes, in the Arch packages that have patches they're usually just backported bug fixes. Arch also assumes you will manage your system yourself and generally does not configure anything for you. For example just because you installed something does not mean that Arch automatically added it to systemd, that's on you. + +What you get with this philosophy is a distro that has a very savvy user base and can roll out changes very quickly (because there are very few things to change, the package is simply tested, added to the repos and pushed to users). The future of Arch Linux looks just like the present, which is one of the nice things about a rolling distro. + +There are of course other distros out there as well, ranging from the more difficult like Slackware to old time favorites like Puppy Linux (yes, it still exists). If you want a real change you could always leave the Linux fold and give FreeBSD a try. In fact this is one of the best things about being a Linux user, there's an embarrassment of riches out there to explore. diff --git a/published/elementary-app-store.jpg b/published/elementary-app-store.jpg Binary files differnew file mode 100644 index 0000000..facb4f5 --- /dev/null +++ b/published/elementary-app-store.jpg diff --git a/published/elementary-columnview.jpg b/published/elementary-columnview.jpg Binary files differnew file mode 100644 index 0000000..b5cd4e1 --- /dev/null +++ b/published/elementary-columnview.jpg diff --git a/published/elementary-desktop.jpg b/published/elementary-desktop.jpg Binary files differnew file mode 100644 index 0000000..a8172f9 --- /dev/null +++ b/published/elementary-desktop.jpg diff --git a/published/elementary-pay-what-you-want.jpg b/published/elementary-pay-what-you-want.jpg Binary files differnew file mode 100644 index 0000000..d158c8a --- /dev/null +++ b/published/elementary-pay-what-you-want.jpg diff --git a/published/elementaryosreview.txt b/published/elementaryosreview.txt new file mode 100644 index 0000000..2a2ef65 --- /dev/null +++ b/published/elementaryosreview.txt @@ -0,0 +1,40 @@ + Ubuntu's Unity interface is gone, which means there's one less desktop to choose from in Linux land. Luckily for Linux fans, Unity is but one of dozens. Still, Unity was one of the most polished, arguably the most polished out there and there are many that will miss its attention to detail and design. + +If you're looking for a Unity replacement and want something that's equally well polished the not-quite-as-new-kid on the block, Elementary OS is worth a look. + +ElementaryOS actually began like as a theme for Ubuntu. It has evolved well beyond that now with its own homegrown desktop environment dubbed Pantheon, 13 custom apps and a distinct and very nice set of custom icons and themes. Under the hood it's still very much Ubuntu/Debian, so all the commands and basic apps you're used to will be there, even if you have to install them yourself. The Ubuntu/Debian underpinning also means you get the security and stability of those projects. + +I've tested ElementaryOS quite a bit over the last few years and I can say that, if you were put off by the bugginess of early releases, it's worth another look. The latest release, called Loki, has been very stable in my testing and features some really nice homegrown apps. The ElementaryOS team is very good at getting the core of an app right and then polishing up the details over time. Their Calendar app is awesome, though GNOME Calendar has improved lately and the settings app, Switchboard does a nice job of integrating Elementary-specific control panes with the few GNOME panes the project uses. And the file browser app offers something I still miss from way back in my OS X days -- a column view. + +That reminder of OS X is a common complaint about ElementaryOS, though aside from the Files app, which very obviously apes OS X's Finder (one of the better file browsers out there in my view), most of ElementaryOS does not strike me as OS X inspired. I find it more of a cross between Xfce and GNOME 2.x. Indeed the developers originally started working on it back when GNOME 3.x was announced. In that sense it really has more in common with MATE and Xfce than OS X. + +Still, for a couple of reasons, ElementaryOS seems to attract more than its fair share of haters. Some of it is because it's been dubbed an OS X ripoff, which, again, it isn't. There is, however, another thing that rubs many people, including me, the wrong way: the project's "pay what you want" approach to downloads. + +When you go to ElementaryOS downloads page the UI is designed such that it seems like you have to pay for the distro. If you want it for free you need to enter a zero and then hit download. I've called this a deceptive UI in the past and I stand by that. It is deliberately designed -- by developers who every clearly understand design -- to mislead you into paying. + +There's nothing wrong with charging for a product of course, software under the GPL is free as in freedom, it doesn't have to be free as in beer. The problem is how ElementaryOS tries to get that money. I bring this up mainly because the latest release of ElementaryOS, which arrived early this year, adds the project's "pay what you want" approach to ElementaryOS to applications in the distro's App Center. + +The same UI shows up in the App Center as well. There's a suggested price (usually less than $3) and then a drop down menu if you want to give more to support the project. To get the app for free you need to type in a zero, at which point the button changes to "free". Sigh. + +Maybe it's just me, but I find this UI irrationally irritating. I find it irritating because it implies that given a button that says "free" I would never choose to pay. To me that's depressing in its assumption of the worst in humanity -- that given a chance to get something for free we users would never pay for it. + +It's a shame because I think the idea of getting some money back into open source development is a cause well worth supporting. Especially for small application developers that make wonderful pieces of software that are just not big enough or widely used enough to ever get corporate sponsorship or other popular open source means of funding. In fact I think that solving this problem -- how to compensate small developers for their efforts -- is one of the biggest challenges facing the open source world. + +In that sense I'm very happy to see the ElementaryOS developers doing something to help out. I happen to dislike the UI and experience, but I'm happy it's out there because there are probably plenty of people who will think it's just fine and be very happy to pay the developers behind that software. And that's great news for developers and might even help draw more of them to ElementaryOS. More developers would mean more apps for users, which is part of why it's in your own best interest to put some money toward the software you use. + +That said, developers who want to get paid for their efforts need to sign up via ElementaryOS's <a href="https://developer.elementary.io/">Developer Center</a>. It is not, in other words, going to help them get paid outside ElementaryOS. + +It'll be interesting to see what happens to ElementaryOS apps, and how much the distro appeals to developers, as Snap packages and Flatpaks begin to become more common -- will developers want to put effort into something that's only for one distro when there's a packaging mechanism that reaches them all? Will ElementaryOS's efforts to get some money to developers make it upstream to GNOME? + +What would be the best of both worlds would be an application store for Flatpak/Snaps that featured a pay what you want button next to a free button and worked on every distro. + +Until that brave new world arrives ElementaryOS makes a very capable Linux distro with a very well polished desktop and set of applications. ElementaryOS gets even more impressive when you do a little digging and realize just how few developers are working on it. It outdoes some much larger distros in quite a few places, of course it does have that Ubuntu base to build on whereas Ubuntu has to worry about design and, well, Ubuntu. + +Still if Ubuntu's transition to GNOME isn't for you the latest ElementaryOS release is well worth a look, it makes a very different, but similarly well thought out, replacement for Unity. + +screenshots: + +elementary-desktop.jpg "The stock ElementaryOS desktop, reminiscent of GNOME 2.x" +elementary-columnview.jpg "ElementaryOS Files app with column browser" +elementary-app-store.jpg "ElementaryOS AppCenter" +elementary-pay-what-you-want.jpg "The pay-what-you-want option for participating applications in AppCenter" diff --git a/published/open-source-insider-1705.txt b/published/open-source-insider-1705.txt new file mode 100644 index 0000000..aa1a543 --- /dev/null +++ b/published/open-source-insider-1705.txt @@ -0,0 +1,37 @@ +There's been a good bit of discussion lately about Google AMP. Mostly stemming from Google's recent conference about AMP. Quite a few high profile web developers have <a href="https://css-tricks.com/need-catch-amp-debate/">offered some</a> <a href="https://danielmiessler.com/blog/google-amp-not-good-thing/">criticism</a> and some attempt to caution users about diving in with both feet. + +Those posts do not, in my view, make it clear enough, so this needs to be said: Google's AMP platform is not just bad for the web, but potentially web destroying. + +AMP isn't just bad for the web, it's a disaster. And it isn't just the web as whole, AMP is bad for publishers and it's bad for users. + +Google AMP is only good for one party in the equation: Google. + +It's time for developers to wake up and, as Jason Scott <a href="http://ascii.textfiles.com/archives/3086">once said</a> of Facebook, stop "shoveling down the shit sherbet" that Google is serving up in the form of AMP. + +Google AMP, for those that don't know, is a way for Google to obfuscate your website, usurp your content and remove any lingering notions of personal credibility from the web. + +If that appeals to you, here's what you need to do. First, get rid of all your HTML and render your content in a subset of HTML that Google has approved along with a few tags it invented. Because what do those pesky standards boards know? Trust Google, it knows what it's doing. And if you don't, consider yourself not part of the future of search results. + +Why a subset of HTML you ask? Well, mostly because web developers suck at their jobs and have loaded the web with a ton of JavaScript no one wants. Can't fault Google for wanting to change that. That part I can support. The less JavaScript the better. + +So far AMP actually sounds appealing. Except that, hilariously, to create an AMP page you have to load a, wait for it, yes a JavaScript file from Google. Pinboard founder Maciej Cegłowski already <a href="http://idlewords.com/amp_static.html">recreated</a> the Google AMP demo page without the Google AMP JavaScript and, unsurprisingly, it's faster than Google's version. + +So it's not really about speed. As with anything that eshews standards for its own modified version thereof, it's about lock-in. Tons of pages in Google AMP markup mean tons of pages that are optimized specifically for Google and indexed primarily by Google and shown primarily to Google users. It's Google's attempt to match Facebook's platform. And yes, Facebook is far worse than AMP, but that doesn't make Google AMP a good idea. At least Facebook doesn't try to pretend like it's open. + +The second thing you need to do is get rid of all your analytics data, because analytics are or something Google needs to have, silly developer. Okay here, you can peek at a small subset of the data Google gathers. That's the AMP analytics deal in a nutshell. + +Why would anyone want to strip out their own analytics, home grown features like interactive maps or photo galleries and create pages that won't even be shown with their own URL or branding? To get in Google's top stories carousel of course. All the cool publications are doing it. + +They're not the only ones though. The Guardian and tk and other early adopters of AMP get to share space with Russian propagandists, as Andrew Betts of Fastly recently pointed out. Betts found content from Russia Today, an organisation 100 percent funded by the Russian government and classified as propaganda by the Columbia Journalism Review and by the former US Secretary of State, has its content shown in Google's AMP view stripped of all branding as if the content were from a legitimate news agency. + +It's not just Russian propagandists either, anyone can cram any illegitimate idea into a web page and, so long as it's encoded as AMP content, it'll look like it's from a legit new organization endorsed by Google. Because everything in AMP looks the same. There's a not so subtle message behind this lack of branding, it's that the source of information doesn't matter so long as Google got you there. + +This is what I mean when I say AMP removes the last shred of personal credibility. AMP, by its design, disassociates content from its creator. Google does not and never has cared about creators, all it wants is content, the more the better to churn through its algorithms, surround with advertising and serve up to the world. + +That's what makes AMP the most streamlined shit sherbet funnel that Google has going and it's not going to go away. + +Perhaps this is all too hyperbolic for you. Here's the facts though: Google AMP is a Google project designed such that you must restrict your layout options, forgo sending visitors to your website and accept whatever analytics data Google is willing to share. If that sounds like a good deal to you, email me using the link at the top of the page, I can get you a killer deal on a bridge. + +All the Google AMP cheerleaders I've been able to find are all Google employees who either created the project or are paid to promote it, which ought to tell you something right out of the box. And that Google AMP conference? Yeah that was all Google. As far as I can tell, using Google's own AMP promotional pages and some experimental searching as a guide, the only people actually using AMP are publishers so desperate to find a new way to make money they'd try anything. + +The rest of us though can change this. The rest of us collectively have the power to reject the AMP deal. To say no to Google. Because here's the thing, it's true that AMP content gets high priority in Google's carousel, but it's equally true that if there is no content in AMP there will be nothing to prioritize. It might seem like Google is the 800 pound gorilla here, but it only seems that way. As I've said before the power of the web lies in its decentralization, it lies with its edge nodes, that is, with you and I. If we reject AMP, AMP dies. Let's do this people. diff --git a/published/open-source-insider-1706.txt b/published/open-source-insider-1706.txt new file mode 100644 index 0000000..783e30b --- /dev/null +++ b/published/open-source-insider-1706.txt @@ -0,0 +1,19 @@ +A couple months back I got a email from an old shared hosting provider. The host wanted to "upgrade" my account to a new server. I had long since stopped using the account for all but one client site that ran a legacy version of Django. I built it ages ago, but it was done. It worked fine and the client was still happy with it. No big deal I thought, they'll move it a new server and it'll keep on running. + +Then I discovered that my account was going to be involuntarily upgraded from CentOS 6 to CentOS 7. Without diving into a full review, let's just say that's a major change. There was no way that my app was going to be moved from CentOS 6 to 7 and still work. + +That's why there was a "migration guide", which is software hosting speak for a crap ton of work you're going to have to do continue using our service. I opted to use my own migration guide to migrate to a different company, one of the many cheap VPS hosts that have come a long in recent years. I mean if I have to update a piece of software anyway I might as well move it to something that gives me full control over the entire stack. + +What I found so interesting about the experience was that in communicating with the company it became very obvious that they saw nothing wrong with randomly upgrading the server. I call it random because CentOS 6 is a perfectly good operating system that will be supported until November 2020. There's no hurry to update. Because I review OSes I happen to know that CentOS 7 introduces a whole slew of very useful tools for sysadmins though, and this I suspect was the reason for the update -- the company's engineers wanted to use those tools across the board. + +This sounds totally normal and even reasonable to those of us who work and live in the world of software, but it's actually totally dysfunctional and insane. To see just how dysfunctional this is it helps to re-frame things in terms of stuff in the real world. Imagine you hire a plumber to build you a new shower. They do and you are happy, you pay them and everyone goes there separate ways. Five years later you come home from work and your old shower is gone and there's a new one, but it's now in the kitchen instead of the bathroom and it only has cold water because hot has been deprecated. There's a note on the door with some suggests on how you can use it just like you used your old one. + +Plumbers do not do this because that would be crazy. In most professions when you are hired to do something and you do it, then the project is said to have reached a status known as "done". There is no coming in afterward to change everything and then forcing your customers to accept it. + +But there is no "done" in software. Software is never done. I am unaware of a single software project that is considered done. There are plenty that are done because they've been abandoned. For instance, many people say that Openbox isn't developed anymore because it's done, which I'd tend to agree with, but it may also be that the developers just lost interest. The project at least has never formally come out and said, hey, this is done. + +That would considered crazy in software because by the rules currently governing software culture things can never be done. If things were done no one would upgrade, if no one upgraded we'd all be out of jobs. That's how the current software industry works. And that's generally how new industries go for a while. Presumably it took some period of heavy innovation and iteration before the current hammer came to be. But then there was a hammer and not a lot of thought has been put into hammers since. Hammers are done. + +Software desperately tries to avoid a state of done. Yet done seems to come of its own accord. Look at the release notes for any major software product over time and you'll notice that most are heading toward a done moment. But when that moment nears someone steps in and re-writes it from scratch to "improve it". + +In most cases though what works now works well enough. Even lowly, much-maligned Windows XP still works well enough. The only reason it's insecure is that it's creator decided to stop making it secure. The site I hosted with that company didn't need an upgrade, it was running fine with almost no attention at all. It was done. Which is exactly why the software gods stepped in and forced it back into development. Sure, I rewrote it working with the latest release of Django, but you know what? Now it's done. |
