Catchy title, huh? 
Greetings - haven't posted here for awhile now that I'm no longer a Kubuntu user, but I see some familiar names. Awhile back I made my Big Move To Arch, so I thought I would follow-up on that a bit. I actually came here looking for distro ideas, because I've decided to move on from Arch. (Kubuntu Forums has this great 'Distribution Showdown' area which the other forums can't handle.)
Arch has a lot going for it in its design, but those seriously considering it should read Arch's Dirty Little Not-So-Secret so you know what you're getting into. I knew from the start that Arch had no gpg signatures on their packages, but I thought they must have something protecting the data. I was wrong, and after it was brought to my attention, I looked into it and found more than I bargained for. Not only is Arch's package management a huge security vulnerability just waiting for exploitation, but the attitudes of the Arch devs toward their users and toward security is highly disappointing, right down to the lead developer. That is why I'm now OS shopping, because even if they add package signing (some year?), I still wouldn't trust their product given the conversations I've had.
But Arch was good for me in a number of ways. I learned a lot setting it up and using it, and its flexibility and simplicity are great. As I've said before, any K/Ubuntu user who has a little practice with the command line can handle Arch. The big bonus from Kubuntu for me was the control I had over how little or how much to have installed and running on my system, and I knew how it all worked since I set it up from scratch. You will get a little breakage now and then due to the cutting edge mentality, but it's nothing much to handle. Arch has almost become boring in its stability. Yet the forums really really bite, and most Arch users will tell you this if they're honest. The attitude toward newbies is horrid, and any even slightly controversial topic is deleted. Worse, any discussion of Arch's security problems are forbidden (deleted). When I published my article (which was picked up by Linux Today and gave my blog the biggest traffic it's ever had AND crashed my mail server all in one day), I was surprised by the number of Arch users who were unaware of this gaping hole. But with any posts on the forum about it removed, it's not transparent enough, which was why I encouraged discussion of it on my blog. I have to be honest and say I haven't missed K/Ubuntu much, EXCEPT the forums. It's impossible to have a productive conversation on the Arch forums, and I was used to the way people of very different knowledge-levels get along here.
So now I'm thinking of Gentoo, because they have good security from what I hear, and are also rolling release, which I like. I'm just wondering how up-to-date it will be compared to Arch, but I don't need the latest and greatest. And I'm also trying FreeBSD. Has its positives, but limited hardware support may do me in there - I've been trying to get my Brother printer working with it.
Where does one go on graduating from Arch? They didn't tell us this at freshman orientation, but they also didn't mention their compromised mirrors. At any rate, don't take any BS from Arch users - just bring up package signing and watch them blanch.
Also, a reminder that my blog has some useful scripts and things, and most of my stuff works on any Linux distro, so don't feel left out just because you don't see *buntu mentioned everywhere. I make it a point to make my tools as distro-non-specific as possible (partly because I always seem to be on the move myself). Recently, there's a new tool there called devmon that allows you to build a custom auto-mounting solution with no configuration.
Greetings - haven't posted here for awhile now that I'm no longer a Kubuntu user, but I see some familiar names. Awhile back I made my Big Move To Arch, so I thought I would follow-up on that a bit. I actually came here looking for distro ideas, because I've decided to move on from Arch. (Kubuntu Forums has this great 'Distribution Showdown' area which the other forums can't handle.)Arch has a lot going for it in its design, but those seriously considering it should read Arch's Dirty Little Not-So-Secret so you know what you're getting into. I knew from the start that Arch had no gpg signatures on their packages, but I thought they must have something protecting the data. I was wrong, and after it was brought to my attention, I looked into it and found more than I bargained for. Not only is Arch's package management a huge security vulnerability just waiting for exploitation, but the attitudes of the Arch devs toward their users and toward security is highly disappointing, right down to the lead developer. That is why I'm now OS shopping, because even if they add package signing (some year?), I still wouldn't trust their product given the conversations I've had.
But Arch was good for me in a number of ways. I learned a lot setting it up and using it, and its flexibility and simplicity are great. As I've said before, any K/Ubuntu user who has a little practice with the command line can handle Arch. The big bonus from Kubuntu for me was the control I had over how little or how much to have installed and running on my system, and I knew how it all worked since I set it up from scratch. You will get a little breakage now and then due to the cutting edge mentality, but it's nothing much to handle. Arch has almost become boring in its stability. Yet the forums really really bite, and most Arch users will tell you this if they're honest. The attitude toward newbies is horrid, and any even slightly controversial topic is deleted. Worse, any discussion of Arch's security problems are forbidden (deleted). When I published my article (which was picked up by Linux Today and gave my blog the biggest traffic it's ever had AND crashed my mail server all in one day), I was surprised by the number of Arch users who were unaware of this gaping hole. But with any posts on the forum about it removed, it's not transparent enough, which was why I encouraged discussion of it on my blog. I have to be honest and say I haven't missed K/Ubuntu much, EXCEPT the forums. It's impossible to have a productive conversation on the Arch forums, and I was used to the way people of very different knowledge-levels get along here.
So now I'm thinking of Gentoo, because they have good security from what I hear, and are also rolling release, which I like. I'm just wondering how up-to-date it will be compared to Arch, but I don't need the latest and greatest. And I'm also trying FreeBSD. Has its positives, but limited hardware support may do me in there - I've been trying to get my Brother printer working with it.
Where does one go on graduating from Arch? They didn't tell us this at freshman orientation, but they also didn't mention their compromised mirrors. At any rate, don't take any BS from Arch users - just bring up package signing and watch them blanch.
Also, a reminder that my blog has some useful scripts and things, and most of my stuff works on any Linux distro, so don't feel left out just because you don't see *buntu mentioned everywhere. I make it a point to make my tools as distro-non-specific as possible (partly because I always seem to be on the move myself). Recently, there's a new tool there called devmon that allows you to build a custom auto-mounting solution with no configuration.
) and will definitely appreciate the convenience of kscrubber.
Comment