That’s an interesting question. It’s pretty nuanced. I don’t know of any laws that would stop Microsoft from going “oops, we had a bug in our software, sorry about that”. Same for the linux distros. Unless you’re a corporate customer, then that would be included as part of some contract. So at the end of the day you trust Microsoft’s reputation. You’d trust your distro of choice as well. So as a thought experiment I would suggest that the most secure operating system provider is the one that ships a very similar version of its OS to both end-users and enterprise customers. Some Linux distributions fall into that category, some definitely not.

Also, keep in mind that some distros are run mostly by individual contributors not employed by any knowingly reputable company, so I’d stay away from those by default.

What’s this about?

I sense this^ reply is crap.

Hey, can’t go have coffee with you because the water’s been cut and I can’t shower after the big dump I took. No flushing either =D.

(that’s how it went in my mind)

And Xfce4 doing the light heavy lifting as usual.

Hmm I don’t know… Users usually don’t pay much attention to security. And the disclosure method actively hides it from the user until it no longer matters.

For providers, I understand, but can’t fully agree. I think it’s a misguided culture that creates busy-work at all levels.

Indeed, then it becomes a market and it incentivises more research on that area. Which I don’t think is helpful for anyone. It’s like your job description being “professional pessimist”. We could be putting that amount of effort into building more secure software to begin with.

That’s the fallacy I’m alluding to when I mention stuxnet. We have really well funded, well intentioned, intelligent people creating tools, techniques and overall knowledge in a field. Generally speaking, some of these findings are more makings then findings.

God, I hate security “researchers”. If I posted an article about how to poison everyone in my neighborhood, I’d be getting a knock on the door. This kind of shit doesn’t help anyone. “Oh but the state-funded attackers, remember stuxnet”. Fuck off.

Poor banker. I can’t hold my tears.

Oh and lsp-mode is super opinionated, it does a million things you don’t want or need, so I wouldn’t recommend that.

Well, OP mentions he cannot install software on the machine, so I think that already blocks anything depending on lsp.

My experience is mostly from doing linux kernel programming on remote baremetal machines. I use ccls + eglot locally and have fiddled a lot with tramp, which is really good when it does work, but also tends to trip over bad connections.

I’ve also wrote all sorts of elisp hacks to be able to access the remote machine via tramp but have all code navigation commands apply to a local repository replica where the lsp server runs. My use case was similar to OP but the machines were not x86_64, so there wasn’t even any lsp ported.

So yeah, my gut feeling having dealt with similar issues is that it’s not worth it, YMMV.

cscope? ccls? clangd? Surely there’s something there that the other people in the team are using.

That doesn’t really solve his issue because what he wants depends on having servers (lint, lsp) running local to the codebase/machine. Anything with emacs will be a major pain unless it’s a really small project.

Immutable vs Mutable

weird        normal

It’s always been this way. Except that it was kernel developers arguing with kernel developers over C code. Now it’s relative newcomers arguing with kernel developers over Rust code that the kernel devs don’t necessarily care about. Of course it’s going to be a mess.

A fork is of course possible, but operating systems are huge and very complex, you really don’t want to alienate these folks that have been doing exclusively this for 30 years. It would be hard to keep the OS commercially viable with a smaller group and having to do both the day to day maintenance, plus the rewrite. It’s already difficult as it is currently.

Rust will be a huge success in time, long after the current names have lost their impetus. This is not a “grind for 4 years and it’s done” project.

Hey, so I finally reached the ashlands. Yeah, still think the trailer is misleading. Like everything about it, except the staff of protection.

Unfortunately, the ashlands is the most boring place in the whole game (haven’t reached the castle thing with a beacon though). Fast skeleton, slow skeleton, archer skeleton. Troll spider, big dog, fire blob. Inventory full within 30s because there’s 15 different types of material to collect. Maybe I should be pulling a cart around like in the trailer.

Words of wisdom right here.

Personally, what bothers me about the security field is how quickly it becomes a counterproductive thing. Either by forcing people to keep working on time consuming processes like certifications or mitigation work (e.g. see the state of CVEs in the linux kernel) or simply by pumping out more and more engineers that have never put together a working solution in their lives. Building anything of value is already hard as it is nowadays.

No, not misleading at all, that’s fine.

People who use spaces are not taping space space space space space space space space. Their tapping the tab key all the same.