#ShowerThoughts: A graphical desktop needs to be an app, with updates managed separately from the underlying OS (kernel+userland). It would be a meta-app, inside which other apps run. We have created such apps, they're called web browsers. But they require a desktop to run on, and their security is appalling, regularly giving malicious code access to the underlying OS.
Could we replace both desktop and browser with a graphical meta-app that runs real programs in isolation from the base OS?
@strypey The threat is unclear to me. In the 90s I recall a prof expressing enthusiasm about #JavaScript because it was designed specifically to barricade the app from the OS and underlying resources.
An obscure corner-case attack was discovered a few years ago where malicious JS was able to grab arbitrary chunks of memory. But it was an extremely clever exploit leveraging a bizarre hardware phenomenin, not something the language readily accommodates.
@strypey Interesting info. I’ll have to look it over closer later, but FWIW I use #firejail to run distrusted apps. So that might be worth a look. Firejail includes profiles for Firefox.
@strypey I’ve not yet taken the time to study or fiddle with docker. But abstractly I think FireJail’s sandbox is similar. But I’m not sure if docker gives refined control over all the i/o that fj does. If an app should not be accessing the network, you can do “--net=none”. You can constrain the bandwidth as well. I use it to force an app over Tor, which is otherwise impossible AFAIK. E.g. apps can bypass torsocks.
@strypey I guess I should also mention forcing apps over tor is not a typical use of FireJail. A complex setup is needed to create a virtual network device. Say you create vn0. You can then use the parameter “--net=vn0” to force all traffic over vn0.
@strypey
Their extreme political views were a red flag but that’s not the real problem. It’s their extremely controlling moderation style that’s a problem. Worse than Reddit they way they rampantly delete absolutely civil content by those without extreme views. And then how they delete mod logs to cover up their moderation acts. It’s despicable. It’s not the sort of thing you could reasonably expect them to change.
The good recent change is there are now many nutter-free instances. @erlend
@mikey Indeed the #threadiverse is a bit of an embarrassment (for lack of a better term).
#Lemmy has had yrs to improve & they still have fairly serious bugs like losing a whole msg if you click a button that intuitively should be clickable while composing. Kbin is a disaster out of the gate with copious chronic internal server error 500s that plague the system.
I must say I blame the web-based #GUI clients. They are just a shitty foundation relying on crappy #JavaScript.