XZ was also open source...albeit less eyes on it probably. Point is we take "open source" for granted and assume it means "secure" but the person running a project, even an open source one, can do real damage.
Yeah sounds about right. The only reason I'm even running graphene right now is because I heard he left the project. Otherwise I wasn't sure I wanted to be dependent on it
OpenVPN operates in kernel space as of 6.16. Well specifically for the data channel. Control channel is still managed in userspace so you don't have to do asymmetric TLS in the kernel. This also reduces the overhead and increases performance substantially. It is slightly more complicated to setup but barely tbh (I'm speaking from the server side). Is the crypto outdated? Not as far as I'm aware.
The big thing for public VPNs is the server can push the configuration to the client rather than having it be static. Config push, specifically for addressing is basically the only viable way to do a NATless VPN. Additionally while unrelated to public VPN providers wg does not have the ability to bind to individual IPs which is a headache for my internal VPN use case.
They have my credit card and legal name but not my ID, ID number, picture of me, etc. For me a credit card can be justified...but an ID is a line cross I'm not comfortable with. Additionally there are services I don't trust with my credit card and I use PayPal or privacy.com for those depending on if I want to give them my name or not. I don't typically like privacy because it can only be funded with debit but it allows you to give payment and still hide your identity completely (at the cost of you telling them who you are)
While that's true it doesn't change the fact that I would still cancel my subscription if a company asked me for ID. While it is true the company really doesn't have a choice that doesn't mean I'll comply
I think the difference here is cursor is a fork of VS code that is specifically dedicated to AI based workflows. Which means it's highly likely, although not guaranteed, that AI is being used as opposed to the other options you mentioned which are very popular IDEs where AI is a secondary feature that might not even be enabled. That being said I don't think there's anything wrong with using AI with oversight, what I do see as a problem is the fact that in the face of criticism they went and hid the evidence. That's terrifying for a privacy focused organization to do.
While I do totally see the advantages of rust and agree skill is not a solution given people make mistakes...I do agree a lot of the very vocal rust advocates do act almost religious and it is an annoying turn off.
Just to play devil's advocate. Until rust gets a production ready GCC backend or LLVM gets more esoteric HW support there are probably some platforms that cannot run rust. That being said... realistically I think by the time rust becomes a large enough part of the kernel for it to matter the issue will have been sorted out as there are already 2 GCC implementations of rust in development...
I'm not sure if that's true. The mint team has their X-Apps project which is designed to be a cross DE GTK app initiative. Having written GTK software I also haven't found many pain points myself. Most of the problems with gnome seem to be the gnome team and not the surrounding projects.
XZ was also open source...albeit less eyes on it probably. Point is we take "open source" for granted and assume it means "secure" but the person running a project, even an open source one, can do real damage.