| 13 May 2022 |
 inference | * Ask yourself 3 questions.
-
Who are the maintainers? Research their backgrounds and life story if possible.
-
How responsive to security issues are they, and how quickly do they patch them?
-
How do they behave in general when it comes to community/customer support?
| 19:53:39 |
| inference | Also, you may want to add
- How knowledgeable are they?
| 19:54:10 |
 0xC0ncord | In reply to @inference:tchncs.de
Ask yourself 3 questions.
-
Who are the maintainers? Research their backgrounds and life story if possible.
-
How responsive to security issues are they, and how quickly do they patch them?
-
How do they behave in general when it comes to community/customer support?
I'll add: if there is an issue (possibly related to security) how can they be contacted and how likely are they to respond in time of an emergency? | 19:54:39 |
 life-the-user | Well I think people behind security projects are responsible and actually want to make a good product | 19:54:50 |
| inference | In reply to @concord:fuwafuwatime.moe
I'll add: if there is an issue (possibly related to security) how can they be contacted and how likely are they to respond in time of an emergency? Yes, it's important to be able to contact them. | 19:54:53 |
| life-the-user | In reply to @life-the-user:matrix.org
Well I think people behind security projects are responsible and actually want to make a good product Maybe artix should be fine | 19:55:13 |
| 0xC0ncord | Some distro maintainers are active on the OSS security mailing lists. That's another something to look at. | 19:55:22 |
| inference | In reply to @life-the-user:matrix.org
Well I think people behind security projects are responsible and actually want to make a good product Here's a tip. People who care will always have ways to contact them, will respond reasonable quickly to any issues (not only security), and will have a helping attitude rather than brushing you off.
These are reasons systemd doesn't make the cut for me, but that's subjective to you. | 19:56:03 |
| life-the-user | Hm | 19:56:38 |
| life-the-user | inference: alright, I will choose void and do the research about its devs | 19:58:00 |
| life-the-user | * inference: alright, I will choose void and do the research about its main devs | 19:58:08 |
| life-the-user | * inference: alright, I am choosing void and do the research about its main devs | 19:58:21 |
| life-the-user | In reply to @life-the-user:matrix.org
inference: alright, I am choosing void and do the research about its main devs Just because it is more stable that artix | 19:58:43 |
| life-the-user | Artix has a lot of init system options so some of them arr less maintained | 19:59:14 |
| inference | The 2 things I trust a lot because of their support and knowledge, and the fact that they respond very quickly to both mistakes and security issues, are GrapheneOS and ProtonMail. | 19:59:21 |
| life-the-user | inference: btw what do you think about openSUSE? | 19:59:34 |
| inference | In reply to @life-the-user:matrix.org
inference: btw what do you think about openSUSE? I haven't researched much, but I'd go with its rolling release. It seems to have both rolling and LTS like Debian. | 20:00:03 |
| life-the-user | Yeah tumbleweed and leap | 20:00:19 |
| inference | In reply to @life-the-user:matrix.org
Yeah tumbleweed and leap I think Tumbleweed is LTS and leap is rolling? | 20:01:11 |
| inference | * I think Tumbleweed is LTS and Leap is rolling? | 20:01:17 |
| inference | Or maybe the other way around. | 20:01:26 |
 September 🇩🇪 | In reply to @inference:tchncs.de
The 2 things I trust a lot because of their support and knowledge, and the fact that they respond very quickly to both mistakes and security issues, are GrapheneOS and ProtonMail. Protonmail doesnt have FIDO2 support tho >:(((((( | 20:53:47 |
| inference | In reply to @septemberdismay:tchncs.de
Protonmail doesnt have FIDO2 support tho >:(((((( It's planned. | 21:28:59 |
| inference | And is an upcoming feature. | 21:29:05 |
| September 🇩🇪 | As soon as they do im switching | 21:29:17 |
| September 🇩🇪 | How long and source? | 21:29:25 |
| inference | In reply to @septemberdismay:tchncs.de
How long and source? https://www.reddit.com/r/ProtonMail/comments/ua6f7s/is_fido2_already_available_traces_of_development/ | 21:38:16 |
| inference | Trying to find the official announcement, but that's already in the code. | 21:38:31 |
| 14 May 2022 |
|  Kielo left the room. | 00:07:38 |
|  itzzenxx changed their profile picture. | 00:37:31 |
