What do you mean?
linkin_park_-_numb.mp3clearly has an extension, it’s all the other files that don’t!The OS designed to prime the population into bad cyber security practices so they are more easily able to exploit and scam later on.
takes off tinfoil hat
You have a point though. Why hide file types by default unless you believe the users are too dumb to ever learn what a few letters mean.
Governments and banks love to do it too.
It’s not like I want to defend windows, but If it needs admin permission you usually can’t start it without confirmation.
Everyone knows most people turn UAC completely off after it nags them for the 10th time and they get frustrated and dump it.
I turn UAC off before it nags me for the 10th time.
The only nag I want to see is the one right before it gets turned off.
I hate things that just throw up nag screens that users get desensitized to and just click through anyway. It hasn’t increased security at all.
Looking at you “do you trust the authors of the code in this workspace folder” VSCode. Yes I effing do, that’s why I opened it to begin with!
Fair enough but then you shouldn’t complain about the lack of confirmation (like the meme does)
It’s still a valid complain, but the problem is not exactly the presence or absence of a confirmation IMO, it’s a deeper matter.
What causes user desensitization (I guess that’s a word) is a direct result of how Windows users traditionally install software - from untrusted sources or by downloading them directly from a vendor’s website then manually installing it.
UAC would be just fine if it was a rare thing to see, but because of this “download a .exe > double click > install” flow users see it all the time, which defeats the purpose of the warning. It became just another half-measure Windows has implemented.
And it’s unhelpful because it doesn’t give any details about what it wants to do with that admin access and also treats permission for one action as permission for all actions (not that you can tell what they first action you’re permitting is).
I like the way android does it, where you can grant or revoke special permissions by category of action.
Though the system I’d like to see is one where each program is sandboxed and then even you close the program (or it prompts for an elevation), then you get a list of system differences between the sandbox and your system and can choose whether and which changes to push from the sandbox env into the main env. Or to combine sandboxes so that programs can interact with each other.
Yeah maybe, but if that exact same people would use linux they would sudo or 777 everything which wouldn’t be much better security wise
Let me introduce you to a plethora of industry RedHat users who log into GUI as root for 8 whole hours, everyday.
Sure but if you’re doing rooty stuff all day then sudo you’re sudo not sudo going sudo to sudo type sudo sudo sudo every sudo fucking sudo time sudo you sudo want sudo to sudo do sudo something. And yeah it sudo caches it for sudo a bit but sudo it’s still too sudo much.
#: I’m just going to write some memos in WPS Office and send it to the networked ftp server running on Binbos. Oh and while I’m at it, I’ll just ssh into a few other computers as root, using Nautilus (as root of course) and keep them all open until I shutdown, just because I want to copy their docx files.
I leave it on, only really need it for installing programs, even them a lot of them go into app data these days by default
I was going to say they didn’t used to require that, but that’s about 20 years ago, now…
Just hijacking a discussion about security. I would think that Linux users would be more security conscious. But I found in my buildings trash a bunch of HDDs, some 1TB and a 5TB, so I took them to see if they were ok (and recycle properly if not).
All ext4 formatted and with lots of personally identifiable information including emails and photos and stuff.
The previous owner was an early Linux dev, wrote stuff that is still in the kernel. Yet unencrypted drives just thrown in the trash.
I’ve cleared the drives and now use them for myself, after I searched for a wallet.dat file.
Maybe he knew none of the information could harm him if someone got hold of it?
I could have brute forced his password, there were SSH keys to various servers, I probably could have done something to him.
Possible they passed away suddenly and a tech-illiterate family member threw them out while cleaning out their place. Not great there was no encryption but people often overlook making plans for their eventual death, we mostly just don’t like to think about it.
I’m literally trying to get into Linux and one of the first things was installing software, which involves copying and running random bits of code from whatever website has the highest search result. I would say a lot of software is running code you have no idea what it does.
I ask this with full sincerity - are you unaware of the package manager?
He has a point tho. The amount of copy pasting random shit from the internet into the console is way too comon if you go down the rabbit hole on some issues with the system and find a solution on some abandoned by god itself linux forum. To be fair its usualy just a comand that does shit for you in 5 seconds so you dont have to use gui buuut it does happen and i can tell what this stuff does but the average user likley dosent . Alghtough it might be less common today. Its been quite a long time since i last broke my system.
I mean, I never do that without downloading the script and reading it. I also read makepkg files. It doesn’t take that much to validate these things
He wasn’t say you personally do it. He even said that he knows what the commands do, most of the time, but that the average person does not. Especially beginners to Linux, who are more prone to break their system and be on forum rabbit holes to try and fix it.
In much the way I am aware of the Windows store: I avoid it and work to get the software directly from the source. I regularly run into the issue of software not being there or being of unknown version.
Perhaps that is some bias from Windows following me over.
That is definitely your Windows bias haunting you. Package managers are the way to get software on your Linux distro. Going straight to the source has it’s place, but for 95% of use cases, you should be using your package manager.
In much the way I am aware of the Windows store: I avoid it and work to get the software directly from the source.
That is not the way things work on Linux - the repos essentially are the source. It is intended for apps to be packaged and distributed through official repos precisely to avoid the issues you listed, which are more often issues of downloading from sites. Package managers take care of incompatible versions and conflicts. That’s definitely a Windows bias my friend :P
Ok but imagine if Microsoft got altruistic and made the Windows store to be as helpful as possible and not as a marketing or user control scheme. That’s the package manager in Linux.
Lol
Installing software on Linux almost never involves “copying and running random bits of code” unless you have a need for some really obscure program. Learn how to use your distribution’s package manager.
Learn how to use your distribution’s package manager.
Also
sudo apt updatesudo apt upgradecovers what, about 60% of Linux desktops?
if we’re being fair, it did involve a lot of that historically. Package managers weren’t always around and even after they became established, there was still a lot of fiddling with bad drivers and various distributions had policies which didn’t allow certain software with certain licenses to be setup through their package repository and so on and so forth. Sure nowadays this is less of an issue, but then windows security is also much better than it used to be. People here seem to want to compare the latest Ubuntu to windows 98
I mean, bash is a code.
Till next time
Those are just tutorials showing how to install something. Typing
flatpak install firefoxis one and the same as going into the app store, searching for Firefox and clicking “install”. Tutorial websites would just show terminal as it’s more universal.
If they ask you to actually download some file there is something very wrong.I often see people overwhelmed by universality of some things. Instead of searching “How to install Firefox on Linux?” what should be learned is “How to install software on Linux?” and, unless met with something badly ported, never do the search again.
But what my meme is about is Windows-only style of having some file and by default having no idea if that’s going to run in some program or be a program.
While I totally agree with you about package managers, I still run into a lot of apps that the only install option is a .deb downloaded from a webpage. Which is comparable to running a .exe on windows.
Spoderman.mp4.exe
This sounds like Windows
Winget is their standard packaging solution
The rest is accurate but it’s user error
Winget wasn’t a thing until 2020, and they at least partially stole it from an open-source project AppGet
Are you saying the meme is no longer relevant?
Are you saying any sort of majority of PC software is now delivered via winget?
‘Standard’ in this context is referring to the frequency/popularity of use, especially among the people for whom file extensions would be confusing.
Those people would do all the same on Linux
They’d find it rather difficult to just download programs from random websites and run them, considering the file will not be marked executable by default and they can’t just “download and double-click”.
Yea… Exactly… Thanks for providing evidence for me.
People going out and downloading random crap from shady websites clogging up their windows install with malware are not going to spend any amount of time troubleshooting why the random crap they downloaded doesn’t do anything when they double-click it. They likely won’t even know what to search for to find the solution to their “problem”.
Have yiubused Winget? It’s a very flawed piece of software.
winget doesn’t even work properly. I tried installing gcc with it and it installed some random chinese package.
winget install -e --id libjpeg-turbo.libjpeg-turbo.GCC
?
too late now, I wiped it with a nice EndeavourOS install ages ago
I thought winget was the Linux cli tool for downloading from http. What tool am I thinking of?
Wget?
Oui oui weget
Yes! Thanks! I had a major brain fart!!
Microsloth at work
Noob question: Could someone make e.g. an executable
linkin park - numb.mp3file on Linux by giving it execute permissions? Probably not by downloading, but by replacing the file with a duped one.Also the
.mp3.exetrick and the likes could be easily detected by any security software easily, like Windows Defender.Yes, any file that is marked as executable can be “run”. 9 times out of 10 the user has to do this explicitly.
Winget, get a popup when things request elevated rights,
winget is great, i wish it was oob tho.
It’s ok, they just started the “security first” initiative, we’re all saved.
Of all the reasons to be like “Windows bad, Linux good!” This one doesn’t really hit.
Of all the actual differences, this is the one people think makes Linux superior? This is just a circle jerk lol.
Honestly: Yes. It’s an example that perfectly encapsulates how windows “as a concept” actively babies and dumbs down its users. I the 00’s, nobody had a problem with file extensions, but now that we’re working with users that have grown up with computers we suddenly need to remove them because they’re “too confusing”?
You don’t love heading to the terminal to add the executable flag and run it?
I right click in nautilus to open the properties window and check the checkbox :)
deleted by creator
