angel

joined 5 months ago
[–] angel@sopuli.xyz 4 points 1 day ago (1 children)

Thanks for your reply! Linus didn't only call out people posting flame replies, but also folks interested in a serious discussion on that topic, who also contributed to the kernel before (see PeterCxy's blog: https://typeblog.net/55833/getting-called-paid-actor-by-linus-torvalds). Most people simply wanted to know specifically which compliance requirement lead to the removal of russian maintainers. Linus never responded to these questions and called out people asking for that as russian trolls. AFAIK we still don’t know the exact reasons for the removal, which is just intransparent.

IMO By not answering these reasonable questions and calling people out as russian trolls, Linus did exactly what russian trolls want: cause disarray in the kernel community.

[–] angel@sopuli.xyz 43 points 2 days ago (6 children)

Get your head examined. And get the fuck out of here with this shit.

Yes, language like this is clearly unacceptable in a productive discussion.

Offtopic, but this reminded me that the Linux kernel has a CoC. Aren't the recent comments by Linus on the removal of russian maintainers, where he called several kernel developers paid actors, a CoC violation as well? Or have these comments w.r.t. to the CoC already been discussed?

[–] angel@sopuli.xyz 3 points 1 week ago

We're not in disagreement about whether rustdesk is malware or not, but I think the developers being incompetent is also a perfectly valid reason to avoid it. Sure, they have fixed most if not all major issues that were reported to them eventually, but who knows when they'll mess something up again.

Also, some issues weren't really resolved timely, take for example the issue where rustdesk autostarted on each boot. That one has been actively ignored for over a year, which is the opposite of building trust.

[–] angel@sopuli.xyz 3 points 1 week ago (3 children)

What about the certificate installation on windows? Besides, I never claimed it’s malware, but it’s certainly software I wouldn’t trust.

When running older Rustdesk versions on wayland it would display a notification saying "Rustdesk doesn’t support Wayland yet", containing a button labeled "Fix it", which is the button you’re referring to. There’s no way for the user to know that clicking this button will edit their GDM config and disable Wayland.

[–] angel@sopuli.xyz 3 points 1 week ago (5 children)

This thread has a lot of reasons against rustdesk and also discusses some alternatives: https://discuss.tchncs.de/post/21632052

[–] angel@sopuli.xyz 1 points 1 month ago

This. I also use udiskie on sway, works perfectly.

[–] angel@sopuli.xyz 3 points 2 months ago

Yep, I'm not a Rust expert either, but this is pretty cursed. The comments on this post have some more examples of bad rustdesk code: https://lobste.rs/s/njfvjb/rustdesk_with_tailscale_on_arch_linux

[–] angel@sopuli.xyz 144 points 2 months ago (15 children)

Rustdesk looks good on the outside, but if you look inside, it has a really bad codebase and has done some sketchy stuff in the past.

Last year, it installed custom root certificates as trusted on windows, which is a huge security risk: https://github.com/rustdesk/rustdesk/discussions/6444

On linux systems, it forced its own autostart with no option to disable this behavior: https://github.com/rustdesk/rustdesk/issues/4863

In the past, when it didn’t have Wayland support yet, it edited your GDM config and just disabled wayland: https://github.com/rustdesk/rustdesk/blob/1.1.9/src/platform/linux.rs#L411-L422

Furthermore, the code quality is really bad. 90% of the linux platform-dependant code is just executing shell commands and parsing their output, while the same could be achieved in a safe way with proper rust builtins: https://github.com/rustdesk/rustdesk/blob/master/src/platform/linux.rs

While I agree that Rustdesk works pretty flawlessly, the codebase and the behavior of the developers made me distrust the software and I don’t recommend using it.

[–] angel@sopuli.xyz 1 points 3 months ago

Try running ssh with -vv to get a better idea of the problem when no ssh agent is running.