What does Solyd mean, really?

Talking about SolydXK, another distribution or totally off-topic but within the Rules ? It's the right place!
Fargo
Posts: 896
Joined: 17 Sep 2013 14:40

Re: What does Solyd mean, really?

Postby Fargo » 06 Aug 2014 15:25

Zill wrote:
Fargo wrote:...But I think it would have to be understood developer time is devoted to the core Stable Edition. I think that would provide the team more time to further develop Solyd tools like the software center, update manager, maybe create a control center of sorts with a security center. To me that would make Solyd ideal...
But this is not in accordance with Debian's definition of "stable" which is, as I highlighted in this post above...
...This is what Debian's Stable name means: that, once released, the operating system remains relatively unchanging over time.
Both Debian and SolydXK development work should therefore be done with other releases, such as Unstable or Testing, but certainly not Stable. When the development work is completed and a package meets the requisite requirements, it can then move from Testing to Stable.

SolydXK developers should not be changing any of the stable packages, apart from essential security updates, as this will defeat the whole idea of testing upstream from Stable to ensure that users have software that always works.
Those are valid points. I think part of the issue stems from the fact I define 'stable' as not breaking, Debian defines 'stable' as not changing. I do have concerns about what backporting and adding newer kernels would do to Stable. I know distros in the past like Mepis did this but I don't know if that is the right solution either. As you said, that changes Stable and is not a Debian way of doing things. So it can cause issues.

Earlier I gave 2 options that I could see for a more up to date fixed release.
1) Base on Testing with a fixed LTS release we support for 1-2 years. (Which might look a lot like just going to yearly UPS.)
2) Base on Stable and backport newer programs and provide kernel updates

If we want to provide a 'stable' distro as in 'it wont break with updates', which is the better solution? I had fears about freezing Testing for our own release as we would be somewhere between Deb Stable and Deb Testing. In which case SolydXK might not be compatible with either Testing or Stable. However, I can see your point that if we change our Stable base too much, we might find ourselves in the same position of not being compatible with either Stable or Testing.

User avatar
Zill
Posts: 1850
Joined: 13 Aug 2013 14:28
Location: Lincolnshire, UK

Re: What does Solyd mean, really?

Postby Zill » 06 Aug 2014 15:56

Fargo wrote:I think part of the issue stems from the fact I define 'stable' as not breaking, Debian defines 'stable' as not changing.
Maybe we should stick to the official Debian definitions if we are to avoid any more confusion. ;-)
Fargo wrote: I do have concerns about what backporting and adding newer kernels would do to Stable.
While backports have their place, they do increase the risk of breakage and should therefore only be used when essential and after careful consideration of the risks. Systems based on Debian Stable are suitable for very many machines and only really hit problems with the "latest and greatest" hardware.

For these users, backports may be useful but I suggest the majority of systems will work perfectly well with standard Debian Stable, particularly with businesses which often have older machines. On this basis, I recommend backports should only be an option and not be enabled by default.

Obviously, Debian Stable does not have all the bells and whistles associated with more modern software, but this is often the only difference. Many users may well not even notice the additional functions added to later versions of software!

Deleted User 2764

Re: What does Solyd mean, really?

Postby Deleted User 2764 » 06 Aug 2014 16:39

I like your idea. Maybe a part on the SolydXK site that has a survey (very short) about the business and then a page of "case studies" for SolydXK BE where these businesses would be listed. It would show SolydXK is being used in actual business settings and give businesses a little extra free advertising. Win-win. :)

kurotsugi
Posts: 2258
Joined: 09 Jan 2014 00:17

Re: What does Solyd mean, really?

Postby kurotsugi » 06 Aug 2014 19:54

@schoelje: TOR can't be used as a firefox plugin. what I mean was repack tor's bundled browser as an independent browser so that user can simply install it via "sudo apt-get install" as usual. this package will be separated from the original firefox.

_q_
Posts: 73
Joined: 21 Apr 2014 10:02

Re: What does Solyd mean, really?

Postby _q_ » 06 Aug 2014 19:55

he did that the other day... my TOR updated shortly after this conversation through the UM :mrgreen:


(edited for typo)

SolydXK is such a delicious flavor of Debian!

User avatar
grizzler
Posts: 2197
Joined: 04 Mar 2013 15:45
Location: The Hague, NL

Re: What does Solyd mean, really?

Postby grizzler » 06 Aug 2014 20:18

_q_ wrote:he did that the other day... my TOR updated shortly after this conversation through the UM :mrgreen:
Erm... http://forums.solydxk.nl/viewtopic.php? ... 999#p41272

That package is from Debian.
Frank

SolydX EE 64 - tracking Debian Testing

_q_
Posts: 73
Joined: 21 Apr 2014 10:02

Re: What does Solyd mean, really?

Postby _q_ » 06 Aug 2014 20:33

thanks for pointing that out!

either way, apt works groovy :D

SolydXK is such a delicious flavor of Debian!

kurotsugi
Posts: 2258
Joined: 09 Jan 2014 00:17

Re: What does Solyd mean, really?

Postby kurotsugi » 06 Aug 2014 20:41

using tor and using tor's bundled browser is two different things. using tor on your system means you're wrapping your entire net connection by tor's network. there'll be a possible leak comes from certain sources such as DNS server. if you're using tor bundled browser it means that you're only using it on tor's browser so that it doesn't have the aforementioned risk.

tor (without the browser) is provided by debian but tor's bundled browser currently only available on tor's site.

Deleted User 2764

Re: What does Solyd mean, really?

Postby Deleted User 2764 » 06 Aug 2014 21:10

With something like Tor, don't people have to also serve part of the traffic from someone else through their system too (ie. traffic routing/sharing)? I wouldn't want to become a hub for people's annonymous internet connection. I don't want the legal liabilities (which is why I never share my WiFi network with anyone either).

Also bandwidth is a consideration (which is also why I can't seed torrent files - I also find torrent files takes too long to download anyway so I end up getting distro ISO's direct instead).

I really don't know how all this stuff works, actually, so I could just be overly cautious, etc.

User avatar
MAYBL8
Posts: 1487
Joined: 10 Mar 2013 18:41
Location: Maryland Heights, MO USA
Contact:

Re: What does Solyd mean, really?

Postby MAYBL8 » 07 Aug 2014 15:54

Hey Guys/Gals,
This post has made several points and been very active.
Anyone care at this point to do a summary of the valid points?
Thanks


kurotsugi
Posts: 2258
Joined: 09 Jan 2014 00:17

Re: What does Solyd mean, really?

Postby kurotsugi » 07 Aug 2014 19:19

@raven: the traffic is provided by the tor relays so that the answer is no. in general the connection speed in tor is slower because the relays in tor's network have limited bandwitch but that's not a the major reason why we shouldn't use tor for torrents.
How can I share files anonymously through Tor?

File sharing (peer-to-peer/P2P) is widely unwanted in the Tor network, and exit nodes are configured to block file sharing traffic by default. Tor is not really designed for it, and file sharing through Tor slows down everyone's browsing. Also, Bittorrent over Tor is not anonymous!
if you're interested in tor you can read the faq https://www.torproject.org/docs/faq.html.en

Deleted User 2764

Re: What does Solyd mean, really?

Postby Deleted User 2764 » 07 Aug 2014 19:57

Thanks for the informative link! I normally don't even use bittorrent or tor anyway because I don't have time to read up on it. The times I used bittorrent was not great (to download distro isos). It was much slower than if I just downloaded it via a normal link.

Fargo
Posts: 896
Joined: 17 Sep 2013 14:40

Re: What does Solyd mean, really?

Postby Fargo » 07 Aug 2014 23:01

I've been thinking about this thread. Forget all my previous ideas of freezing Testing or including backports. My BE has been running great. I really don't want anything to compromise the stability and trust I have in this OS. Are there some bugs that could have been worked out. Yes, there are. But the system has been Solyd and Stable. Sometimes I have to step back and take stock of what I really need. What I really need is a reliable system. I would love to have all the latest software but to me having a system that I can count on day in and day out is the most important. I have found that in SolydK BE. Thank you Schoelje and all SolydXK developers.

Now, having said that, if certain bugs can be worked out without compromising the core of the OS all the better. But there is a reason Debian Stable has the reputation of being stable. So for me Debian Stable with the clean SolydXK interface and added SolydXK tools is exactly what I need. Thats what Solyd means.

User avatar
disciple1964
Posts: 95
Joined: 03 Jan 2014 04:33
Location: Irving, Texas

Re: What does Solyd mean, really?

Postby disciple1964 » 08 Aug 2014 01:04

"Now, having said that, if certain bugs can be worked out without compromising the core of the OS all the better. But there is a reason Debian Stable has the reputation of being stable. So for me Debian Stable with the clean SolydXK interface and added SolydXK tools is exactly what I need. Thats what Solyd means."


I have to agree with Fargo, SolydXK should stick to it's original vision and roots. Why change for the sake of change? It's refreshing to have a system that works and you don't have to jump through hoops to get it to "Just Work"
I am not that knowledgeable on this subject, but I like the fact that this is great software and I have had very few problems and those that do pop up, there is a group of guru's that have the answer.

Please don't change SolydXK!

Lenovo T61P-6gigs-15.1Screen-250gig hard drive / Desktop: Quad core Intel Core i7-4790K CPU Kernel~3.19.0-49-generic x86_64 Mem~1621.5/15928.2MB HDD~1120.2GB
Registered Linux user 566308

Deleted User 2764

Re: What does Solyd mean, really?

Postby Deleted User 2764 » 08 Aug 2014 02:28

You're userbar isn't showing in the sig (it's a broken image). May want to change that to {userbar}solydkuser{/userbar} (replace {} with [] - I did it this way so that the code would show instead of the graphic).

User avatar
disciple1964
Posts: 95
Joined: 03 Jan 2014 04:33
Location: Irving, Texas

Re: What does Solyd mean, really?

Postby disciple1964 » 08 Aug 2014 17:54

Thanks Raven,

Sigbar should now be showing as it was meant to.

Lenovo T61P-6gigs-15.1Screen-250gig hard drive / Desktop: Quad core Intel Core i7-4790K CPU Kernel~3.19.0-49-generic x86_64 Mem~1621.5/15928.2MB HDD~1120.2GB
Registered Linux user 566308

User avatar
ilu
Posts: 2633
Joined: 09 Oct 2013 12:45

Re: What does Solyd mean, really?

Postby ilu » 11 Aug 2014 17:41

I'm a bit late on this topic and I'd llike to go back to the questions Schoelje originally asked.

1. Regarding stability:
I already posted my suggetions on renaming here:
http://forums.solydxk.com/viewtopic.php ... 36&#p42036 and I think that would be enough for the moment (provided that BE is really stable as people say, I haven't tried that myself).
If you follow the idea of more or less ditching the rolling distro and XFCE too then we have to aks why have Solyd at all? Being just another distro doesn't cut it. There's Mageia, there's Mint, there's LDBE ... And there seems to be the problem that debian stable has with new hardware. So rolling has its merits and when I complained about the last update I just meant a warning in a more prominent place when starting the update would have been nice. I'm using the rolling distro and in spite of the hiccups I would like to continue with that.

And, because somebody asked, I'm a 1-person-business too, using SolydX-HE. I need a stable system but I can deal with some hours of instability and bug-tracking if I'm warned ahead. The warning is crucial though. I think the rolling edition can be managed by most small business owners. If you are warned ahead you can either time the update for the weekend (if you feel fit enough) or organize friendly/professional help in advance.

I don't agree that businesses usually have older hardware (maybe the bigger ones but not those run by the owner). All those entrepreneurs I know buy their hardware at their local discounter (ALDI !) whenever they feel like it - milk, bread, cheese - scanner - toilet paper ... you get the idea - and expect it to just work with their OS. My business friends use either Win7 or Mint or Ubuntu and the last 2 groups regularly run into driver problems (and subsequently call my friend who has to solve the problem).

2. Regarding security:
Even if malware is not a threat to Linux at the moment, it will be in the future (see Android). But I don't think a virus scanner would really help. I never used on under Win (3.1, XP) in the last 20 years and I never had malware. Other people use a plethora of security programs and get one virus after the other. So I think a big part of the problem sits in front of the computer.
That being said IMHO the important thing is whether the Debian architecture is inherently save (which Windows, as far as I understand, is not). For this Solyd has to trust the Debian people.

3. Regarding privacy:
I don't read and compile code myself so I have to trust those people that do. I think that the Debian way of doing things is our best bet that Debian does not have pre-implemented backdoors. I don't trust MS in that regard. In fact I KNOW there is reason not to trust them. I don't trust Ubuntu and, to be honest, I'm not sure about RedHat and Suse but I don't have any information to base my mistrust on. So that's why I switched to Debian. There is not much Solyd can add to that.
But that's just half of it as long as you use the internet. The other half is prudent browser and email usage and that has to be done by the hopefully informed user, the distro can't help too much. NoScript and some way to block flash should be mandatory. I would also recommend adblocking because many malware is spread by flash ads. I'm using RefControl and RequestPolicy too but that needs some dedication. Stay as far away as possible from Google and Facebook and remember that whenever a service seems to be free (as in free beer) it means you are the merchandise. And even if you are doing all this it won't help much - there is still nothing working against browser fingerprinting so big brother will still be watching you.

As you can see from everything I have written my main security and privacy concern is NOT the random hacker or common criminal but big companies (Google, Facebook, MS to name some) and governments (Five Eyes and certainly others too).

To all the americans or those others who think a hardened system is only necessary for criminals: A lot of the stuff the NSA is doing is considered CRIME under european laws (I'm not willing to discuss the legal details here just take it as a given at the very least for Germany). Those of us who are under threat of punishment forced to obey these laws (i.e. lawyers, accountants, schools, priests, medical practioners ... and by choice journalists) HAVE TO fight and I really hope that Solyd would go into a direction to help with this as soon as suitable means are available.

So now back to some practical questions:

a) Antivirus - implement it in the BE if you have time and think it's necessary but I would not give it priority.

b) NoScript, Flashblock and Adblock(+/edge) can be included in the distro (is it already?) without problems because it is quite straightforward to use.

c) I would propose to add Startpage.com as a search engine. That way you have Google without being traced by it. I tried DuckDuckGo but was not impressed with the results.

d) SELinux: I don't know anything about it. Wiki says the NSA is involved? Code has to be trusted (see above) so stay away please!

e) Someone mentioned SSD-support. This usually involves multi-disk-installations. I had to figure out everything by hand and that was hard. Would be a good thing if someone could tweak the installer for that. If not ... we'll survive.

f) Encrypted harddisk: I don't think this really helps. The disk needs to be decrypted while you are working with it - so at that point everything is accessable anyway. If you are a target HD encryption doesn't protect you, if you are not a traget it does nothing. Or does it? I don't know enough about it. I would prioritize keeping the existing editions. If you have time, why not? But make it optional. Encryption on installation would nead some very elaborated scripts to not go wrong I suppose.

g) Definitely mail encryption doesn't protect you, at least at the moment. It just makes you a target, Your encrypted mail is stored until the agencies find a way to break the encryption. It could probably be added without much trouble in the solyd-extensions though. But the existing addons leave much to be desired ... Additionally mail content (which would be encrypted) is not necessary for spying on you. Meta data (which remains unencrypted) is sufficient. There are methods working against meta data espionage but they have to be implemented on the mail server - so until they do we are pretty much screwed anyway. That's why I don't encrypt mails at the moment.

h) TOR usage definitely makes you a target. Its counterproductive, I would not recommend it - in fact stay away from it. The agencies watch over all the exit nodes and they already found ways to trace you back. Also independant exit-node-operators are put under legal pressure, nowadays child abuse is usually the leverage used. You just don't want to be put near that category, no way. Just the suspicion will completely ruin your life. TOR might be useful for some purposes (communication with undercover people in Irak or stuff like that - even those will get caught) but not for average use. Every flash you use will betray your IP anyway. Read up about TOR or - better - just don't bother with it.

i) The only additional thing privacy-wise I would like to have (and I am already searching around for it) is an application based firewall. I know "personal firewalls" are frowned upon but they did a good service to me in my windows past. I really like to know whether a website tries to get firefox to connect on a non-standard-port and I liked to be informed if any software tried to "phone home". But this is me and if there even is an application layer FW for Linux (tipps welcome!) I will manage to find and install it myself.

This was a long post. I'd like to finish with thanking the developers for their work and all those that populate the support forums for their help. I'm sorry that I can't help with the real stuff because I'm just a user without any programming knowledge. If there is something I could do in spite of this let me know.

_q_
Posts: 73
Joined: 21 Apr 2014 10:02

Re: What does Solyd mean, really?

Postby _q_ » 11 Aug 2014 18:50

2. Regarding security:
Even if malware is not a threat to Linux at the moment, it will be in the future (see Android).
this has been an argument for decades now.

it would seem that in the *nix world, things get repaired rather than left alone to be exploited time after time as in some other OS'.

there WILL be *nix vulnerabilities just as there already have been.... and they get taken care of and become a thing of the past, quickly.

a scanner is totally the wrong approach to security..... the proper approach is to have a functioning system that closes doors found open.

scanners allow a luser a false sense of security and lead to complacency... why upgrade or patch, the scanner catches it all, right? they also are closing the barn door after the horse is out.

far better the way things are in *nix compared to certain fragmented OS'.

edit: this came out awfully short and snarky, i did not mean it so... most of ilu's other points got at least some form of nod out of me and i sadly focused on only the part i had a major difference of opinion with. :roll:

SolydXK is such a delicious flavor of Debian!

User avatar
fleabus
Posts: 1227
Joined: 16 Sep 2013 04:24
Location: Winchester, VA USA

Re: What does Solyd mean, really?

Postby fleabus » 12 Aug 2014 01:58

ilu wrote:fleabus' idea of more or less ditching the rolling distro and XFCE too
:lol:

Regarding Xfce, My exact words:
fleabus wrote:Retain both DEs if you wish, or concentrate on KDE and make Xfce an option.
Everything I said was in the interest of saving our dev some time, which is the critical issue here.

I use both DEs, but I use Xfce the most. I also love the HE, and use it every day. I certainly don't advocate "ditching" the HE completely.

Are my suggestions/ideas draconian in nature? Absolutely. They were meant to be. Very radical, even bleak, in order to provoke thought, and as a wake-up call. I stand by them. They have accomplished their intended purpose.

Being the Devil's Advocate is only one of many good reasons for all this thought-provoking and brainstorming. It's turned out to be an intriguing discussion. Lots of good stuff here. :D

Refugee
Posts: 47
Joined: 17 Apr 2014 00:32

Re: What does Solyd mean, really?

Postby Refugee » 12 Aug 2014 04:06

Fargo wrote: I do have concerns about what backporting and adding newer kernels would do to Stable. I know distros in the past like Mepis did this but I don't know if that is the right solution either.
<<Drive by Warning>>

As a former long-time user of Mepis, I can tell you that neither the release of newer kernels nor the community-produced backports ever caused any issues of major significance*. In fact, quite the contrary, these additions helped immensely in keeping a 'Stable' distro at least somewhat fresh and provided an avenue to occasionally resolve pre-existing issues in the Debian Stable base. Certainly, there were times when a given kernel or backport simply would not work at all (ie Dependency hell) or required additional tweaking but that is about the extent of issues that cropped up. But If anything, these two factors served Mepis well in both retaining and acquiring new users.

* With one exception- I have a fuzzy recollection of a Samba backport doing something wonky but IIRC Samba was already partially broken at the time.


Return to “Open Chat / General Discussion”

Who is online

Users browsing this forum: No registered users and 4 guests