• 0 Posts
  • 16 Comments
Joined 1 year ago
cake
Cake day: February 10th, 2024

help-circle
  • If the only problem is that you can’t use dynamic linking (or otherwise make relinking possible), you still can legally use LGPL libraries. As long as you license the project using that library as GPL or LGPL as well.

    However, those platforms tend to be a problem for GPL in other ways. GPL has long been known to conflict with Apple’s App Store and similar services, for example, because the GPL forbids imposing extra limits that restrict user freedom and those stores have a terms of service that does exactly that.



  • If it was a community addition why would it matter? And why would they remove the codecs.

    You don’t have to be a corporation to be held liable for legal issues with hosting codecs. Just need to be big enough for lawyers to see you as an attractive target and in a country where codec patent issues apply. There’s a very good reason why the servers for deb-multimedia (Debian’s multimedia repo), RPM Fusion (Fedora’s multimedia repo), VLC’s site, and others are all hosted in France and do not offer US-based mirrors. France is a safe haven for foss media codecs because its law does not consider software patentable, unlike the US and even most other EU nations.

    Fedora’s main repos are hosted in the US. Even if they weren’t, the ability for any normal user around the world to host and use mirrors is a very important part of an open community-friendly distro, and the existence of patented codecs in that repo would open any mirrors up to liability. Debian has the same exact issue, and both distros settled on the same solution: point users to a separate repo that is hosted in France which contains extra packages for patent-encumbered codecs.


  • I was only talking about high core count and high (relatively speaking) single-core performance. The DeepComputing Framework board is neither. Its JH7110 is only 4 cores and a rather old processor, which seems like an odd choice for a product releasing in 2025. At least the software support is great since distros have been working with VisionFive 2 and Milk-V Mars for years.

    It’s also the only currently-available Framework 13 board with fewer than 6 cores, though core count isn’t remotely comparable between architectures. At this price ($209 for lone board with 8GB RAM, $799 for full laptop) I’d prefer to see something at the very least comparable to SpacemiT K1, which has 8 cores and vector support, and is on the Banana Pi BPI-F3 (8GB version is $95).


  • I’m only aware of one RISC-V system where I can say the core count is there: the Milk-V Pioneer board and its 64-core SG2042 processor from two years ago. It’s comparable in price to a 64-core ARM Ampere CPU+motherboard (USD$1500 for the board), which seems somewhat reasonable when not considering the performance of each core. Hopefully the C930 core described in this article leads to more systems that aim for multi-core performance.

    Most RISC-V development boards are only 4 cores or fewer, with just a few popping up in the last year with 8 cores and nothing higher besides the SG2042. The best single-core RISC-V performance so far is on the SiFive P550 but it’s only 4 cores and comes on a development board that costs USD$500 (plus another $150 for tariffs if shipping to the US). You could easily get a 12-core AMD CPU and motherboard combo for less than that.




  • Unfortunately, DMCA takes an extreme stance when it comes to anti-circumvention. Even personal backup doesn’t have a strong legitimacy case under it, especially not when it comes to the tools that enable it.

    Very related to this, LockpickRCM is a tool whose entire purpose is to extract your own Switch keys for the titles you own, and in turn is far more useful for people who want personal backups than those who are pirating the games. Still got a DMCA takedown two years ago, and though it never went to court it’s extremely unlikely any court would have ruled in their favor if it did.



  • Don’t assume Qualcomm’s general hostility to user control and freedom is representative of all non-x86 systems.

    This system isn’t like that at all. It’s usable with mainline Linux and mainline U-Boot and has no proprietary driver blobs. Granted, RISC-V has some more progress to make in terms of boot image standardization, and this board in particular uses an old SoC from three years ago (JH7110) which predates a lot of improvements that have been happening to various intercompatibility-focused RISC-V standards.

    For some of the most recent ARM systems (notably excluding Qualcomm junk), I can write a single installation image for a Linux distro of my choice to a USB drive and then boot that single USB drive through UEFI on several completely different systems by completely different vendors. Ampere, Nvidia, and more. ARM’s SystemReady spec results in exactly the same user-friendly process you’re used to on x86.

    The RISC-V ecosystem isn’t there yet though its very recent RISC-V BRS (Boot and Runtime Services) spec promises to bring that for near-future hardware. But this DeepComputing board doesn’t have that and doesn’t have some other features (vector instructions, RVA22/23, etc) that are very likely to become the minimum requirements for several RISC-V Linux distros in the not too distant future.


  • Although swapfiles shouldn’t be in snapshots (or otherwise Copy-On-Write), that doesn’t mean you can’t have them in btrfs. You can create a non-COW file in a separate btrfs subvolume that you don’t enable automatic snapshots for and use that for swap. btrfs-progs even has a btrfs filesystem mkswapfile convenience command for allocating a NOCOW file suitable for swap use, though you still need to make sure to put it in a subvolume that you don’t make snapshots for.

    You probably don’t want to put swap in an unencrypted partition if you’re encrypting your root filesystem. Swap is liable to write sensitive data to disk, especially if you use hibernate.


  • I think the messaging is clear this time: Steam Deck is the defacto and flagship SteamOS device that represents the platform, and it has a strong established mindshare already, while other options are now available as well. It had a headstart of three years that gave it plenty of time to shine, and the handheld form-factor still stands out as something the competition (Windows) treats as an afterthought at best with poor UX.

    The Steam Machines effort tried to position Alienware Alpha as its focus but the press coverage including all of the other options at the same time confused people. Steam Machines also had awful timing and pricing, with the Alienware being outdated hardware whose Windows version had already been out for a year for the same price or lower by the time the SteamOS version released, and the SteamOS version offering absolutely no advantage in pricing, power, features, or UX for most gamers. All of those factors are different this time. Plus game compatibility was much worse than it is now.


  • Most of the “Is open source software safe?” section of this post seems to advocate for what’s conventionally called Security Through Obscurity, which is widely considered very ineffective at preventing exploitation and at best a minor hurdle.

    There are a lot of differences between Android and iOS in terms of security, attack surface, and exploitation, but attributing that to open vs closed-source completely misunderstands the entire subject. For just two of the countless reasons: Many of the worst vulnerabilities that affect Android devices are in closed-source proprietary Qualcomm firmware. A platform being open in the sense of allowing users to install any application they want to (like Windows and Android to a limited extent) or closed off to prevent installation of unapproved software (iOS, PlayStation, Toyota cars, TiVo, etc.) is completely separate from whether that platform is open-source or not. GPLv3 has license terms that try to tie the two concepts but I chose examples that don’t use it at all. Also, iOS has public kernel source code.



  • I’ve been using single-disk btrfs for my rootfs on every system for almost a decade. Great for snapshots while still being an in-tree driver. I also like being able to use subvolumes to treat / and /home (maybe others) similar to separate filesystems without actually being different partitions.

    I had used it for my NAS array too, with btrfs raid1 (on top of luks), but migrated that over to ZFS a couple years ago because I wanted to get more usable storage space for the same money. btrfs raid5 is widely reported to be flawed and seemed to be in purgatory of never being fixed, so I moved to raidz1 instead.

    One thing I miss is heterogenous arrays: with btrfs I can gradually upgrade my storage one disk at a time (without rewriting the filesystem) and it uses all of my space. For example, two 12TB drives, two 8TB drives, and one 4TB drive adds up to 44TB and raid1 cuts that in half to 22TB effective space. ZFS doesn’t do that. Before I could migrate to ZFS I had to commit to buying a bunch of new drives (5x12TB not counting the backup array) so that every drive is the same size and I felt confident it would be enough space to last me a long time since growing it after the fact is a burden.


  • For years I’ve been using KeepassXC on desktop and Keepass2Android on mobile. Rather than sync the kdbx file between my devices, I have each device access it through the network. Either via sftp, smb, or nfs, but regardless I need to connect to my home’s VPN to access it when away from home since I don’t directly expose those things to the outside world.

    I used to also keep a second copy of the website-tied passwords in Firefox Sync, but recently tried migrating that to Proton Pass because I thought the PIN feature might help, then ultimately decided to move away from that too and start using the KeepassXC-Browser plugin instead. I considered Bitwarden too but haven’t tried it out yet, was somewhat deterred by seeing people say its UI seems very outdated.