orthagonal@lemm.eetoTechnology@beehaw.org•Be careful. New platforms invite bad actors.English
1·
1 year agoI cracked the BMC on my workstation motherboard by binwalking the publicly available firmware and finding, to my delight and dread, that the built in root user password was laughably weak. If a top5 motherboard manufacturer is still doing shit like that, users are too.
I also work in support and have seen first hand the bananas things people do, even smart people that should know better
Linux is a kernel. At the beginning, software, especially userland software mimicked Unix conventions. There is very little requiring that anything work the way it does, except for inertia and convention. As cloud native conventions gain steam, a lot of them are working their way backwards into things like Nix. Having spent some time working with things like K8s and Packet and cloud-init quite a bit, I welcome declarative instantiating and configuration at the OS level, at least for those use cases. Stuff like Ansible, Chef, Puppet, Salt etc have been the middleware between the legacy OS layer stuff and a declarative CM system, but they all have an absolute pile of complex scripts and tests to make sure that when you say “I want this package installed”, it knows how to do it correctly and safely on the target system. Using a leaner declarative model at the package level makes it a lot simpler to declare the desired state.
I am pretty bearish that it will ever see overwhelming adoption for desktop users, but I see it having a ton of relevance when you want to orchestrate a whole butt load of server instances