gentoo is “built from source”, but its package manager, which is wonderful, does all the heavy lifting. it’s a bare distribution, but all the customization is user space stuff. so it’s not a great way to learn “linux”, IMO. a stage3 tarball is already more of a “mini” distro.
Yes, exactly, though you can start from earlier stages too. The process even from stage 1 is well documented. It is all there but you can customize it completely from the ground up. Or, if starting from stage 1, the foundations are there and you have to build it up yourself.
For a newbie (looks to be the intended audience of the article), this gives them a working foundation to start from. They can get progressively more involved with whatever part of Linux they desire, as their experience grows.
It is a VPN. The point was to block all external traffic except for VPN traffic. Then make sure your VPN is secure, and you're all set. When you want to connect to some service, connect to the VPN first and then connect to the service through the VPN. Then all your traffic has actual security and not just some light obfuscation via secret handshake.
IMO, "only wireguard" is too restrictive of a policy - I also trust openssh and nginx to be open to the internet, if configured moderately carefully. Most FOSS servers that are widely deployed on the internet are safe to be deployed on the internet, or we'd know about it. I reviewed something that's not widely deployed on the internet though (Apache Zookeeper) and couldn't convince myself that every code path was properly checking authentication. That would have to go behind a VPN.
"The local store does not operate like a conventional CPU cache since it is neither transparent to software nor does it contain hardware structures that predict which data to load."
This kind of indicates the problem with it. When switching tasks, each local store would have to be put into main RAM and the new task's local stores pulled back out. This would make switching tasks increasingly expensive. I believe the PS3 (and maybe all cell processors) dealt with this by not having tasks switch on the SPUs.
>i'm caving for a world where hw manufacturers exist who fully embrace opensource development,
Those do very much exist! My go-to is System76. There are others, e.g. arguably Framework.
> and are rewarded for that...
Oh well, one can dream anyway.
The freedom Linux gives you also gives you the freedom to slap Linux on some random bit of Windows kit and then blame Linux for failing to work around the broken firmware. Apparently this is preferable to buying hardware that works with Linux.
Yeah the best way to go is to buy Linux preinstalled and supported. Though, as with Windows in this case, that still won't save you if the system integration and firmware teams don't do their job.
Yeah, that's not shocking. Linux uses the Intel ACPI infra, whereas Windows uses Microsoft's. It's as good as they can do, but it's not going to be possible to perfectly replicate Windows, let alone improve such clearly buggy firmware, at least generally.
It is possible on Linux to override some of the firmware (most notably the DSDT, e.g https://wiki.archlinux.org/title/DSDT because so much hardware is broken). So, if you can make or get a fixed version, you should be good. A wholesale replacement of all the ACPI assets, though, seems unlikely. I could well be wrong, though.
Anyway, in this case, I suspect the poster was advocating for Macs.
So the judiciary is completely isolated from external accountability?
I do not see how this is a superior approach.
reply