teawrecks

Oh, honey...

I would go a step further and say that any time one of these MAC systems has to resort to user interaction to do its job, it's a straight up failure case: the system simply didn't have enough information to do its job, ended up doing no better than a blanket "block everything" config, and is asking the user to do 100% of the heavy lifting of determining what should happen.

So, when I hear

If someone is lazy or not knowledgeable enough to make the right decision...No automated system can protect [them].

I hear: "every access control system is fundamentally broken". Which is fine, maybe that's true, there's a reason social engineering is so useful. So then all these systems should prioritize streamlining that failure case as much as possible: Tell the user what is accessing what, when, how, and then make it trivial to temporarily (with well defined limits), permanently, (or even volatile-y using CoW/containerization/overlay fs) grant or deny access as quickly and easily as possible.

Every other system you're comparing SELinux, AFAIK, handles this case better, which is why users tend to prefer them.

For the record, I'm not arguing that SELinux is bad at the actual access control part, I'm only answering why people don't like using it, which is how it handles the failure case part. Now it's been a while since I've used SELinux and I've never used setroubleshooter, but if you tell me it actually streamlines all of this to be smoother than every other tool, then I'll install it tonight!

How do you know when you're letting through a valid access, an unnecessary one that could be a vulnerability, and an actively malicious one?

I don't think anyone is saying throw out all access control, they're just saying SELinux adds too much unproductive friction for everyday usage. You said it takes 15m to troubleshoot. But that's not a one time thing, that's 15m that scales with the amount of new programs and updates you're running. And 90% of people aren't even going to be able to tell they're looking at a malicious access if they're in the habit of always working around blocks that show up.

Yes, and I don't like the common comparison to binary blobs, and I'm attempting to explain why.

It is inherently safer to blindly run weights than it is to blindly execute a binary. The issues only arrise if you are then blindly trusting the outputs from the AI. But you should already have something in place to sanitize outputs and limit permissions, even for the most trustworthy weights.

It's basically like hiring someone and wondering if they're Hydra; no matter how deep your background check is, they could always decide to spontaneously defect and try to sabotage you. But that won't matter if their decisions are always checked against enough other non-Hydra employees.

If you are familiar with the concept of an NP-complete problem, the weights are just one possible solution.

The Traveling Salesman Problem is probably the easiest analogy to make. It's as though we're all trying to find the shortest path through a bunch of points (ex. towns), and when someone says "here is a path that I think is pretty good", that is analogous to sharing network weighs for an AI. We can then all openly test that solution against other solutions and determine which is "best".

What they aren't telling you is whether people traveling that path somehow benefits them (maybe they own all the gas stations on that path. Or maybe they've hired highway men to rob people on that path). And figuring out if that's the case in a hyper-dimensional space is non-trivial.

Ah that's fair, I didn't look closely

"Open carry prohibited, concealed carry without a permit" is Chaotic Evil energy.

Is this running in your rc (i.e. every single time you open a terminal)? Even if it's safe, I'd be annoyed by any delay.

I'm going to say it's not a "you" problem, but a "who you're surrounded by" problem. Is this something you're used to percieving accurately? Do you have friends or family who would actually mean it rudely? Because, as others have mentioned, I simply would not be able to function at work if I interpreted 👍 as rude/sarcastic.

I have to assume you're young or your work doesn't involve communicating with coworkers or clients over text. I'd also be curious if you look back at this post 5-10 years from now and think "wtf was I on about?" (I'd also be curious if civilization still exists 5-10 years from now, but I digress...)

It's not sunk cost, dude. We agreed that $120 will get them 5 years of service that meets their needs. Even if they switch to jellyfin after 5 years, they still got their money's worth.

It's only sunk cost if they are worse off than if they had switched earlier. I guess if you're arguing that they would still have $120 if they switch today, I would argue they should still pay that $120 toward jellyfin's development. And that's assuming they have time to switch to jellyfin AND it fits 100% of their usecases, either of which could be untrue.

Or Plex currently does everything they need it to, and $120 for 5+ years of keeping that going without any interruption of service is very reasonable. In the meantime, jellyfin will only get better and there might even be other options available by then.

Stop trying to make the issue black and white, one-size-fits-all. There are perfectly legitimate reasons for people to use both Plex and Jellyfin.

So, when you say crippled kernel, do you actually mean you tweaked the kernel params/build to the point that it failed to boot? Or do you just mean you messed up some package config to the point that the normal boot sequence didn't get you to a place you knew how to recover from and need to reinstall from scratch?

I think I'm past the point where I need to do a full reinstall to recover from my mistakes. As long as I get a shell, I can usually undo whatever I did. I have btrfs+timeshift also set up, but I've never had to use it.