Posted by aktau 8 hours ago
Consumers and businesses deserve better. It's crazy to me that in 2026 Notepad++ being compromised means as much potential damage as it does, still.
There has to be a better way. I think Linux's flatpak is a reasonable approach here, although the execution might be rather poor. I want a basic set of trusted tool that I can do anything with, and run less trusted tools like GUI programs in sandboxes with limited filesystem access.
There is also sandboxing configuration via Intune for enterprises.
Linux excels over Windows in the area of security by a wide margin, I have no qualms about running an app on Linux versus Windows, any day of the week.
Windows at least has a proper ACL system; on Linux it just takes a single compromised executable to loose everything.
No, this is wrong but might be true if you are talking about Linux package manager vs. Random Windows .exe on internet. But if you are talking about Secure Boot, encrypted disk, sudo etc. Windows is more secure but it looks like https://amutable.com/ will make Linux more secure like Windows.
Edit: Some insecure things on Linux: Dbus (kwallet etc.), sudo, fprint, "secure boot".
* Many of them are part of families of crates maintained by the same people (e.g. rust-crypto, windows, rand or regex).
* Most of them are popular crates I'm familiar with.
* Several are only needed to support old compiler versions and can be removed once the MSRV is raised
So it's not as bad as it looks at first glance.
If Microsoft states that they don't have any for a project like this, I would be wary of taking it too seriously.
- They have VPs posting on Linkedin about rewriting existing code using AI and adhering to arbitrary metrics of a x% rewrite and laying off y% of engineers that used to work on it.
- Renaming one of their major flagship product lines (MS Office) to (MS Copilot Apps 365).
- Forcing AI features on users despite not wanting it, and overriding OS configuration that should turn it off.
- Executives publicly shaming the general public for not wanting "all the AI all the time".
grep 'name = ' ms-litebox-Cargo.lock | wc -l
238
grep 'name = ' ms-litebox-Cargo.lock | sort -u | wc -l
221 -c, --count
prefix lines by the number of occurrences grep 'name = ' ms-litebox-Cargo.lock | sort | uniq -c | grep -v '1 name' | sort -n
Edit: Also, beware of the unsorted uniq count:
cat <<EOF | uniq -c
> a
> a
> b
> a
> a
> EOF
2 a
1 b
2 aA library OS is an operating system design where traditional OS services are provided as application-linked libraries, rather than a single, shared kernel serving all the programs.
I wonder if they, the industry as a whole, eventually will make being able to freely use a PC a subscription, bastardizing "freedom" completely.
That's the theory, but I don't know how far LiteBox is along to supporting that workflow.
> It focuses on easy interop of various "North" shims and "South" platforms.
For replacing wine on Linux the "North" would be kernel32 API or similar, the "South" would be Linux sys all API.
However this is meant as a library, thus require linking the Windows program to it and eine is more than the system interface, it has all the GUI parts etc of win32 API
Use Linux or BSD and ignore that approach for Vendor Lock-in* into their “library OS”.
The "North" part seems to be what I think you'd traditionally think of as a library OS, and then the "South" part seems to be shims to use various userlands and TEEs as the host (rather than the bare hardware in your example).
I'm really confused by the complete lack of documentation and examples, though. I think the "runners" are the closest thing there is.