Can you tell me the political affiliation of the creator of grep? I use that tool a lot.

I think it’s impossible to know for sure what the political thinking of the people involved in everything that happens to have contributed to something in your life is. Some people are not even easy to discern… some people are interpreted out of context, some people are just caught in drama.

I’d rather take advantage of their work, be thankful for it but without any sort of para-social intent, just thankful for the mathematical algorthms.

It’s more abstract than that, because this started with “recommending hyperland”, not with “I support the creator of hyprland”.

I assure you most users don’t know (or care) about the creator of the software they use.

I don’t know about you, but me, myself, don’t really know the creators of every piece of libre/open source software I use.

I’ve even contributed to software some changes I wanted, without even knowing or caring who the creators or contributors of the other components were.

So, with that in mind, it’s not hard to imagine how this could raise a few eyebrows in people who do not agree with the approach.

If, by supporting this theoretical Nazi science genius, I enable him to better perform Nazism, then I have been morally complicit in his Nazism

If you think anything that could benefit him is enabling that, then there’s all sort of things that are complicit. Even the public social services and the State might be complicit, even people who pay taxes might be complicit… international influence/opinion, the whole world, society would be complicit.

I’m a believer of honesty and direct punishment for direct precise problems. The more abstract the punishment, the most likely it is you’d end up with the innocent paying for the sins of the guilty.

I think people should be aware of the exact reasons why something is bad, as opposed to punishing a general abstraction without actually addressing the root of the problem. I’ve seen how this often results in people religiously believing something is good/bad based on sheep thinking, and this leads to situations that actually create more Nazis than what they destroy. An unjust punishment is just a badly patched up wound that will not really heal and instead extend to other parts. Have you considered this in your calculation of moral consequences?

How about we just tell the truth as is?

But that’s exactly what I mean when I say recommend good software and recommend good thoughts.

Why do you assume I wanna “hide” problematic information? Did I say that? What I’m saying is don’t hide the fact that good things are good. The good car will be a good car, and the manufacturer being problematic will be a problematic manufacturer.

Recommending the good car does not imply that you support the manufacturer, and denouncing the manufacturer does not imply that their cars are bad and not something we should recommend.

What’s the manufacturer of the device you are using right now?

If a notorious criminal created a cure for cancer, I’ll sing praises to his amazing work, asking everyone to use it. But that dos not mean I approve of their crimes. It would be perfectly consistent with my praise of his work to, at the same time, ask for him to to be judged and sentenced accordingly for the crimes he committed…

The world is not black and white. People are not angels just because they have one good thought, nor do they become monsters that poison everything they touch if they have one wrong thought.

Define lack of design. You mean theming? because Linux has way more customizable theming options than the proprietary alternatives, to fit all kinds of subjective tastes.

You mean usability? it’s the one system that you can rice up to do absolutely whatever you want to do to fit your workflow, you can configure any key to automate literally anything a desktop can do.

The catch is that you actually do have to get your hands dirty if you want to mold the system to your liking… as opposed to being your own tastes the ones molding to adapt to whichever the designer of the OS decided should be the new tacky fashion or workflow.

So the bad thing is the off chance that he would benefit?

Because that’s a very different thing. Then this should not be about judging morals related to the thing they made, but executing punishment for a completely separate thing they did.

Then it’s not a disagreement of morals, it’s a disagreement on the approach you are taking to execute that punishment.

I’d be very wary of using any of his breakthroughs

Ah, but will you still use them? will you promote his breakthroughs if they help people? what if his scientific work leads to the cure for cancer?

Punish the nazi political work, promote the scientific work.

The more people learn to drive, the bigger the chance they’ll get a private car, the more accidents, the more people will die. Thus: let’s recommend everyone to not learn to drive.

I feel this path is sort of a baby-sitting approach to recommendations. Not only do I have to know if the software if good before recommending it, I also have to research if there’s a chance that whoever I’m recommending it to might find a community somewhere for which they might lack enough critical thinking to judge on by themselves?

How about we recommend good software when it’s good while at the same time recommending good ideals / good thoughts when they are good?

It’s morally wrong to promote bad things, and morally good to promote good things.

Just because I admire the theories Isaac Newton came up with and I encourage others to learn about them does not mean I support everything Isaac Newton did, said or thought.

All of our society is built on the shoulders of giants who did a lot of “good” despite being, in most cases, “bad people”.

“Super” is the one modifier key that you can rely on overwriting without interfering with normal app shortcuts, so I’d personally rather prefer if applications don’t start trying to use the Super key for their own things.

I have set up Super key shortcuts for all kinds of desktop management operations, opening the launcher/terminal/browser, switching workspaces/windows, closing windows, move/resize, switch tiling mode, audio control, make my package manager install updates, switch between a set of resolutions, activate my password manager, etc.

That said, Copy/Paste is a general/global enough operation that I would not mind having Super+C/V send to the current active app the Copy/Paste keycode (I might do that actually, now that I know that there’s a code apps are starting to support!). But I think it should be the desktop environment the one configuring “Super” shortcuts, not the app.

It makes sense for each application to have their own interpretation of what does each control character (or Control shortcut) do. It’s not like all control characters have a very reliable meaning to begin with… I mean, the backspace character (Control+H) was originally meant to move a character backwards without deleting it, but most screen terminals didn’t do that. If what you mean is alternate characters from Unicode and so, then the “Alt” key would be more suitable for that. And in ISO keyboards, “AltGr” is a very common way to have combinations that insert alternate symbols.

Let’s indeed hope that they back it up with action. Better late than never. Though, I wonder what “guarantee” you’re referring to.

Any “action” that does not result in guarantees isn’t helpful to solve this. So again, what I care about is guarantees.

For example, one way to “guarantee” that there’s no code that’s unaccounted for would be to achieve reproducible builds that can be rebuilt and obtain always the same binary bit-by-bit. So if the binary blob resulting from compiling from clean source matches the one offered then that’s proof that the distributed binary was built cleanly and there was no malware being slipped through.

The issue is that this wouldn’t just be a Ventoy problem, but also an upstream problem, since all projects Ventoy depends on would need to be, themselves, reproducible. So this wouldn’t be an easy task, or even a task that Ventoy should do on their own, imho.

FWIW, slightly over a month ago, someone started working on a solution.

I definitely wouldn’t trust that either until there’s guarantees. Again, I only care about what guarantees are offered. It’s not about who is the one managing the github account and/or what subjective reputation that random anonymous person might have.

The problem isn’t the existence of precompiled binary blobs either, so removing the binaries is not solving the issue. The problem is in the traceability and what guarantees we have that the final collection of compiled binary blobs that ultimately is offered for download (and we do need binary blobs for download ultimately) is actually corresponding to libre/open source releases without potentially malicious code.

The conspiracy theorist inside of me would like to think this is related to the return of Ventoy’s maintainer. But I digress…

I don’t think the maintainer went away. I’ve seen successfully maintained projects with much slower pace than this, specially projects for which stability is important. Last Bash commit was in 2024 and I wouldn’t say it’s unmaintained. Ventoy had a release 3 months ago.

Also, would it be bad if that was what triggered the interest to work on it? I mean, the post straight away mentions the github issue where that fork was advertised, and it implies that it’s in that issue where they noticed that people have started to care about the blobs. So it could well be that they saw there’s people who care enough to spend their time working for it (ie. they even made a fork), so why not open the doors for them? It does not have to always be drama.

To me, what matters is what guarantees they offer and/or plan to offer, not some subjective and fleeting idea of people online having expectation of at what speed things need to be done.

Can someone do it faster? then do it (and do it in the open, so anyway Ventoy can benefit too and essentially you’ll be contributing!)… but if you jump and start using a fork that has not done already the work and given the guarantees Ventoy is planning to give, then you are placing your trust in a much much worse and shaky ground. I’m sure a lot of people would use your malware if you presented it as a WIP Ventoy fork marketed as safer when it really isn’t.