Let's Encrypt's free and automatic certificate management has been around since November 16th, 2015, by the way.
And who owns the root certificate?
You don't own the root certificate even when you aren't using Let's Encrypt, unless you self sign or want to become a certificate authority. Am I missing something? Is there some controversy about Let's Encrypt I'm unaware of?
I just mean they own it, I know that you can't decrypt encrypted messages with root certificate, but you can abuse it in the case of being man in the middle. Of course I don't think that let's encrypt are doing that, but there other entities that would really enjoy having that toolset for hundred of millions of services that rely on let's encrypt.
And if you look at the ones who sponsor Lets encrypt, I don't think that any of them would bat an eye (except for EFF) if for instance the pedophile chief decided that they need to change leadership. Or hey, we NSA also have access to the credentials to the root certificate.
Something being free is not always the best option, when it comes to security. And it's not impossible that such a large entity can become compromised through pressure, especially when they live on support from private organizations, who have time and time again, shown that they are not trust worthy and would choose to do unethical thing, if that benefits them.
I'm a little confused why you view this as an issue because in the alternative, manually installing certificates instead of using Let's Encrypt's tool, you still wouldn't own the root certificate.
Let's Encrypt has also started offering 7 day certs for people who are confident that they spent more than 5 minutes to setup their cert management lol.
Purple Arch has yet to fail me.
I made this for you.
I'm stealing that. Thanks.
I’m a simple man. I see endeavour OS, I like
I enjoyed my time with EOS but it had annoying bugs on my Thinkpad that I haven't had with CachyOS in a year+ of using it.
It kind of makes it hard to trust this distro when they fuck up the most basic things so often and frequently.
Not just with their web hosting. I've had so many updates break random crap it's not even funny. Recently, a random update I did not approve suddenly had kwallet not working. A core piece of a DE they provide a bundled version for. I had to start kwalletd myself every time I wanted to use it.
It didn't start that way on the fresh install. I didn't do anything myself except reboot. Then suddenly my scripts that nab from the keystore are failing and asking me for passwords and what a mess.
That's just a more recent example. I remember having quite a few random issues on update in the past, though the only other one I explicitly remember is the DE suddenly failing to start. Like, at all. Luckily I had a recent timeshift backup saved elsewhere, restored, and ignored the update notifications for a long while...
Why don’t people just use Arch directly instead of using derivatives? Well… I can understand using something like CachyOS as it has a different kernel with optimisations but Manjaro feels very irrelevant. If you just want Arch Linux with simple installation, just use the archinstall script. Regardless of which derivative you use, Arch based distros are going to be heavy maintenance than something like Bazzite, Mint or Ubuntu.
I used Manjaro for a few years before switching to Arch. Manjaro finds a nice sweespot for "Arch but also nice". Furthermore, Arch has gotten much more user friendly in the last 5 years or so. Back in late 2010s, Manjaro was adding a lot of value on top of Arch.
What really bothered me about Manjaro was the "forum cops" they employ, who are super aggressive to newcomers and unhelpful. It was not a nice experience to seek help. Say what you will about Arch people, they are at least helpful.
I finally switched to Arch when I got my new machine. I recommend the same.
Back in 2015 for gaming PC: Steam and Nvidia driver updates via package manager, Xfce (used it before on multiple laptops), promise to be more stable than vanilla arch.
Oh no, first lemmynsfw.com and now this
wait what happened to lemmynsfw
As posted at this new instance which appears to be trying to fill the void (heh) left by lemmyNSFW:
Xaeg/Yay was the owner of LemmyNSFW, and he had access to and paid for the domain, server, and everything else related to the site. He has been AWOL for about 6 months now, and suddenly this month, the server and the domain stopped being paid for. I have no access to the server to get the database.
Because of this LemmyNSFW as it was, and all the content on it, much to my dismay, seems to have died.
If they were in the US then they might be in 🧊 custody
Damn. Fuck ice. In general, not for potentially being related to this.
the only admin disappeared and the bills stopped getting paid, apparently
Wow. How does this happen when letsencrypt exists? Or certbot?
More importantly.. How does this happen again?
There is a significant amount of infrastructure that does not support cert bot out there.
That being said they are using LE but looks like the renew failed.
https://www.ssllabs.com/ssltest/analyze.html?d=manjaro.org&s=116.203.91.91&latest=
There is a significant amount of infrastructure that does not support cert bot out there.
Example? I believe you, I just can't imagine what would preclude a public-facing server from using Caddy or certbot. Certainly not for a project maintaining an Arch-derivative distribution.
It's still technically automaton if your workflow depends on people poking you when things break.
At this point is more of a tradition...
This is at least the third time, how do they even manage to fail that
At least the sixth time even. Four cases are documented here and another one was just three months ago. This last link points to reddit, but there a manjaro maintainer also explains why it keeps happening:
Politics within the project are the issue.
The fix for these issues have been build for about a year already. But those who have access to stuff like DNS and hosting are currently incapable of making any agreement on any topic preventing trivial fixes such as this from being implemented.
I had Manjaro break more often in the year I've used it that Arch in the past 5..
unauthorized end-to-end encryption.
To be fair it's about to get even worse with the much smaller max validity periods.
Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
sudo in Windows.Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.