I liked Manjaro, they had a nice theme, it was in the direction of Arch, but still had some guardrails for the noobish.
Then my system kept breaking, then they screwed up their certs. If they want to fork it and go forward with a different focus/ideology, that’s fine by me.
Could you please explain why not renewing their certs is such a serious betrayal? Like, if they fixed it, isn’t that okay? And even if it happened again, and they fixed it again, isn’t it human to err? Or why is it such a harsh offense?
Serious question, I don’t know the consequences of not renewing these certs. 😊
It’s the tls certificate that proves your website is legit. Without which, you can potentially be a malicious actor that can pose as the website, and when you download the iso, you could unknowingly download something malicious. It’s pretty hard to forget certificate renewal (most of the time there are plenty of reminders sent and warnings given), so the fact that it happened twice was very impressively bad.
It’s pretty hard to forget certificate renewal (most of the time there are plenty of reminders sent and warnings given)
Oh boy. Seems to be the opposite in real life. Especially when it comes to managing stored cert of businesses partners. It has gotten somewhat better now of course, but three years ago most of my company’s sev1 production issues were due to lapsing or unscheduled cert changes.
Plenty of things, but the most obvious being the two separate instances they had issues with renewing their certs.
It’s more than that. Broken updates. Failed hardware ventures. The project has been shambling along for a long time.
and the certs lapsed again after volunteers built tooling to Prevent That
but somebody never set up the cron job to run it
Well that’s confidence inspiring.
Don’t forget their package manageer DDoSing the AUR multiple times
You seem to have misspelled package mangler
Oh yeah. Forgot about that one.
I liked Manjaro, they had a nice theme, it was in the direction of Arch, but still had some guardrails for the noobish.
Then my system kept breaking, then they screwed up their certs. If they want to fork it and go forward with a different focus/ideology, that’s fine by me.
Could you please explain why not renewing their certs is such a serious betrayal? Like, if they fixed it, isn’t that okay? And even if it happened again, and they fixed it again, isn’t it human to err? Or why is it such a harsh offense?
Serious question, I don’t know the consequences of not renewing these certs. 😊
It’s the tls certificate that proves your website is legit. Without which, you can potentially be a malicious actor that can pose as the website, and when you download the iso, you could unknowingly download something malicious. It’s pretty hard to forget certificate renewal (most of the time there are plenty of reminders sent and warnings given), so the fact that it happened twice was very impressively bad.
Oh boy. Seems to be the opposite in real life. Especially when it comes to managing stored cert of businesses partners. It has gotten somewhat better now of course, but three years ago most of my company’s sev1 production issues were due to lapsing or unscheduled cert changes.