AzureDiamond

And it works on linux. Using Lemmy btw

That is what I was thinking, too. Maybe it’s really just marketing, hand curated content like someone commented or something else non technical.

I saw banks being maintained by 10-20 people.

Anyone knows why Spotify needed 9000 employees in the first place?

I read that a lot, but my RTX4080 works quite well on linux. I’m running gnome with wayland on openSUSE tumbleweed. According to lemmy and reddit, that should be a disaster combination.

Finally someone daring to ask the real question!

If I learned one thing, when talking with people about stuff like that: Most people unfortunately don’t care. Many don’t even have an ad blocker to begin with.

As if shorts didn’t already break me.

Interesting take. I wonder if the amount of platform dependent bugs is generally that low for games. I’m a developer, but not a game developer. I would assume that platform dependent stuff comes into play a lot more, when using shiny new tech like direct storage, which is probably used more by AAA titles and less by indie games?

League of Legends and I regret every moment of it.

Most people, including myself, seem to agree, that ads were never the problem. When YouTube started, it had ads too and nobody cared. But the ads got worse and websites started to shove them down our throats. I miss the times of a single banner below a video. I don’t think Google and all the others realise just how much determined nerds can achieve. So far the ad blockers seem to win the race, minus some minor setbacks.

TIL about GPG keys in DNS records. Thanks, that is indeed a real benefit!

I can vouch for openSUSE Tumbleweed, too. Just today btrfs saved another day.

Oh you are absolutely right about it being much harder to compromise the distro website as well as a key server. And as much as I am aware of the concept of the web of trust, I still do not get how you securely draw a relation between a key on a third party website and the publisher of a distro?

I just checked for OpenSuse and Fedora. Both link to their keys on their own website, which both target files on their own domain. And even if they linked to a third party, what is stopping an attacker, who already managed to swap the iso and checksum file to also change the link to the key server?

You are right about already imported keys. But why would someone, who does not already have distro xyz installed, have the keys of the publisher of distro xyz imported?

Thanks in advance for the discussion!

Where do you get the public key to verify the signature from? My point being, that you have to trust someone. I don’t really see the benefit of trusting a key server, that the public key really belongs to the owner over a checksum file being published on the website of the owner.

Someone could’ve pushed a malicious compiler. Better write all the bits by hand.

What is the benefit of a gpg signature over a checksum? In either case you have to trust someone.