Linux Foundation endorses Chromium, SteamOS ISO is coming Linux & Open Source news : linux

[–] onlinepersona@programming.dev 32 points 2 days ago (2 children)

Fuck dude, we need an alternative to the Linux Foundation that actually focuses on Linux itself, not every single project that somehow runs on Linux. The linux kernel is a pain to join as a newbie, it's underfunded (2% of all the Linux Foundation's funding goes to the Linux kernel), the development cycle and tooling is outdated, the major language (C) is a security risk, the maintainers are turning old and gray which brings with it the typical resistance against change, and so many other things.

I don't know if a fork is needed with a new org surrounding it that focuses 100% on the kernel, or if something else has to happen, but the Linux foundation wasting money on shit like AI and endorsing Chromium sounds an awful lot like Mozilla. Mozilla lost its way a long time ago and the Linux Foundation might be going the same way too.

Anti Commercial-AI license

[–] possiblylinux127@lemmy.zip 8 points 1 day ago (1 children)

The Linux kernel is just fine. C is in fact not a "security risk" and the tooling works fine for what it is.

[–] arendjr@programming.dev 3 points 22 hours ago (1 children)

I agree the Linux kernel is just fine. But that’s only because despite the security risks of C, there’s no viable alternative kernel.

But development doesn’t stand still, so either Linux catches up, or gets replaced when a viable alternative arrives. Thankfully Linus sees the problem, so they’re working to make the kernel viable a while longer, but I also agree with the person you replied to that this work could definitely use a bit more help.

[–] possiblylinux127@lemmy.zip -1 points 21 hours ago (1 children)

There are no security risks with C when you write good code. The reason we are seeing a lot of security vulnerabilities is because prior to about 10 years ago security wasn't considered that important.

I'm not saying Rust is bad. (It is generally good) The thing to remember is that Rust also can have security issues. What we need is skilled programmers who understand security.

[–] arendjr@programming.dev 1 points 3 hours ago (1 children)

Sorry, but this mindset is hurting both Linux and security in general.

The reason we are seeing a lot of security vulnerabilities is because prior to about 10 years ago security wasn’t considered that important.

This is frankly quite obviously false. Microsoft started taking security more seriously around the release of Windows 2000. Are you saying the Linux kernel developers took another 15 years to realize security is important?

Security research shows that new code is more prone to common vulnerabilities than old code is. While old code may have been designed with weak (or no) security considerations, those are well-mitigated by now. On the contrary, new code still regularly contains exploitable memory safety issues that slip by review.

What we need is skilled programmers who understand security.

We have skilled programmers who understand security. Those also understand that we need more than that.

Continuing to use C doesn’t merely require skilled programmers, it requires programmers that never make any mistake ever. That’s an infeasible standard for any human to uphold, hence why C is considered a risk.

[–] bargo@mastodon.tn 0 points 2 hours ago

@arendjr @possiblylinux127 eh, in reality, The reason we are seeing a lot of security vulnerabilities is because:
A: it is the most used OS in the world, hackers & pirates.... have 100 reasons to pirate winlol, for example imagine having 1 B$ worth of games on your storage drive, everyone would be killing to even have a sniff
B: it gives the feeling of the thrill of challenge when you decide to tweak, because it is close-sourced so it by default enables a few tweaks, all can be corrected

[–] taiidan@slrpnk.net 2 points 1 day ago (1 children)

The corporitization of linux continues. I jumped to BSD. Just linux at work now.

[–] onlinepersona@programming.dev -3 points 1 day ago* (last edited 1 day ago) (1 children)

Is BSD moving to Rust and can one contribute with something else than a mailing list?

Anti Commercial-AI license

[–] taiidan@slrpnk.net 1 points 1 day ago (1 children)

Good questions. I don't know, but it's unlikely that Rust will be included in the base system anytime soon. It is of course available as a package.

[–] onlinepersona@programming.dev 2 points 19 hours ago (1 children)

I had a look at NetBSD and FreeBSD: I don't think they are in a better position than linux honestly. NetBSD still uses CVS and mailinglists for contributing.

NetBSD even starts with this

An addition or change to the existing source code is a somewhat trickier affair and depends a lot on how far out of date you are with the current state of FreeBSD development.

Both might be even be worse than linux in terms of ease of contributions...

Anti Commercial-AI license

[–] taiidan@slrpnk.net 1 points 11 hours ago

Can't argue with that.

[–] muntedcrocodile@lemm.ee 19 points 2 days ago

I really dont support people hating on opensource devs/organisations but i think they deserve some hate for this.

[–] pastermil@sh.itjust.works 12 points 2 days ago (1 children)

Soon, Linux Foundation would be the joke that FSF is, but with capitalist twist.

[–] qweertz@programming.dev 10 points 1 day ago* (last edited 1 day ago) (1 children)

please don't insult the FSF like that by comparing it to the LF...

The FSF might be unpragmatic and (thus) often horribly out of date, but it's neither opportunistic nor engaged in corporate bootlickery.

At some times it can even be dogmatic, but you can at least mostly depend on it keepig it's spine and vision!
(even if I partially disagree with it, as it's doctrine does not take political economy — and thus the root problem that is capitalism — into account)

[–] refalo@programming.dev 3 points 1 day ago* (last edited 1 day ago)

They might have pure motives but I have to wonder just how useful that is realistically. The rest of the world does not seem keen on following in their spirit.

[–] domi@lemmy.secnd.me 9 points 2 days ago

Are there any statistics on which projects the Linux Foundation spends how much on?

Their annual report for 2024 only lists "Project Support" with 64% ($193,704,610) of its expenses but doesn't go into details which projects are supported by how much.

[–] Sanctus@lemmy.world 14 points 2 days ago

[–] astro_ray@piefed.social 3 points 2 days ago (2 children)

Why chromium?

[–] namingthingsiseasy@programming.dev 2 points 21 hours ago

Google pays the Linux Foundation a LOT of money.

[–] possiblylinux127@lemmy.zip 3 points 1 day ago

It is the industry standard. Realisticly there isn't anything else. You can't easily decouple Gecko and Firefox plus most companies don't want to rely on Mozilla.

Google sucks sometimes but at least they made Chromium into something modular and embeddable.

[+] cupcakezealot@lemmy.blahaj.zone -22 points 1 day ago (3 children)

chromium is not and never has been open source

[–] Allero@lemmy.today 3 points 21 hours ago

Chromium is open source

Chrome is not.

[–] qweertz@programming.dev 20 points 1 day ago (1 children)

Isn't that objectively a false statement?

[–] possiblylinux127@lemmy.zip 5 points 1 day ago

The queen of England isn't dead and Elvis just went home.