Because governments outsource everything possible and end up with no persistent talent that really understands whats going on so you end up spending all the money on interfacing with contractors.
Plain old HTML stops being responsive as soon as you try to do anything more than text. A plain HTML table would be horrible on mobile. If you want to reflow anything that isn't text you will need flexbox. There is literally no reason to not use CSS to make a site that works well on mobile and desktop.
Every day I become more and more of the opinion that Fedora/RHEL are the only distros that are actually worth using. I recently installed ubuntu server to see what it was like compared to fedora server and was shocked to see that the python package still links to python 2 (!) despite it already being officially discontinued.
Fedora Silverblue/CoreOS look like a massive step in the right direction which no other mainstream distros are working on.
Fedora also seems to be the only distro willing to set sane defaults for everything (SELinux, Wayland, CGroupsV2, soon to be pipewire, python 3) while every other distro waits around for someone else to make the first move.
> I recently installed ubuntu server to see what it was like compared to fedora server and was shocked to see that the python package still links to python 2 (!) despite it already being officially discontinued.
How recently? Ubuntu 20.04 dropped python 2 completely.
Installed it in the second quarter of 2020 but I just checked my isos folder and it looks like I have ubuntu server 19.10. Good to see python 2 finally kicked out.
No one who understands wayland was under the delusion that wayland would protect against an application which has full access to your user directory. Wayland becomes secure when combined with an application sandbox using SELinux/flatpak. Previously you could sandbox the app and X would provide an escape.
Yet the most common way to denigrate Xorg is to assert that Xorg is basically a keylogger. Which might be true, but as this post shows just switching to Wayland doesn't offer any additional protection under the key-logging point of view.
You might combine a sandboxing technique with Xorg too, by the way.
I can’t understand what is so hard to understand... under Xorg a program even with a traditional sandbox in which it can’t do anything, but display a window IS basically capable of keylogging everything, getting a root password etc. On wayland with the same sandbox you are safe from said attack — this exploit works by tampering with dynamic libs, but that is not available inside a sandbox and it is simply pedantic. It’s like saying a car failed a crash test when they throw it off a building and it arrived on its top..
>To limit what malicious software that runs as one's user can do, one must limit what the user can do
This is completely untrue. You can gain root access on Android and have full access to do anything while still keeping applications sandboxed. Limiting user freedoms is simply an extra thing that came with new mobile OSs.
You don't have to, package maintainers and developers do. Flatpak gives them the tools to do this. Flatpak solves a lot of other problems like making program installs a user level task without touching the OS. Which is needed because in the future the OS will be an immutable image.
There are like 10 weak points in the linux security model. Wayland plugs one of them but there are still a bunch of ways around it. Yes any program you install from the package manager can still see everything but wayland combined with flatpak and SELinux gets really close to a secure system similar to MacOS.
If you actually use a modern config like the defaults on Fedora it all just works. 100% of these problems come from people trying to use the proprietary nvidia drivers which is filled with issues.
X11 is not capable of doing this properly. Wayland is and as you probably know, nvidia refuses to support it which is out of the control of linux developers. You can get everything working if you use the open source nvidia drivers but then they run slow as shit because nvidia blocks them from setting the clock speed on the gpu.
Basically every problem falls back on nvidia and the linux desktop people have done everything in their power to make it work.
> If you want to use a legacy tool you shouldn't expect it to work as nice as the current generation software.
I'm not using the "current generation" because it doesn't work as nice as the "legacy" software. Have y'all figured out how to do screen sharing without per-compositor hacks yet?
