Project: sync tool

[catweazel]

Thanks. The theme is set by the OS. The picture you saw also had an accompanying picture of the application using a light theme. As for the name and linux esotericism, Athenaeum suits me fine on the grounds that you'd probably have to go searching go-ogle for the meaning. I encourage self-sufficiency in that department

Athenaeum is a cool name to me, maybe 'cause Athena was one of my favourites among the gods when I was young. (I know I'm weird. )
Though I've no idea how it relates to a sync tool, maybe it relates in a way that, you can always sync your knowledge with that of the ancients with the help of a library or an institution, I don't know, I might be wrong.
I think, it's cool.

Library. The application will keep a searchable database of what was archived, where and when, hence Athenaeum.

And I also like the AppImage approach, I think it's really cool to have a portable app that can run anywhere.
And I'm seeing a lot of developers choosing AppImage format to distribute their softwares in their respective websites.
Though initially I had read AppImages had a problem with security as they weren't sandboxed, even I read a discussion between AppImage devs talking about implementing sandboxing with such packaging system.
They've also recommended to use FireJail for that purpose.

I've not seen anything about how big of an impact the issue can have and how to properly solve it.
I gain some confidence when big developers use this format, though a little fear is still lurking inside.
I think you can clarify this.
If it's way too off-topic and I should start a new topic/thread, then please let me know.
Thanks.

It's quite simple. The security issue comes down to trust; either you trust the AppImage or you sandbox it. Given that you can download almost anything as an AppImage, you have no idea what you may be letting yourself in for. For example, I trust Balena's etcher as an AppImage, but I wouldn't necessarily trust an AppImage named ScribbleOnDisk by DarkLordVolderWart

[Mintymandy34]

Library. The application will keep a searchable database of what was archived, where and when, hence Athenaeum.

That's awesome.

It's quite simple. The security issue comes down to trust; either you trust the AppImage or you sandbox it. Given that you can download almost anything as an AppImage, you have no idea what you may be letting yourself in for. For example, I trust Balena's etcher as an AppImage, but I wouldn't necessarily trust an AppImage named ScribbleOnDisk by DarkLordVolderWart

Exactly, trust, I only download apps from trusted developers, I'm not one who would like to try an application that has no information on the web or which has no verified developers backing them.
But, I read a discussion about this trust analogy and that completely blew my mind.

The reason the system repo is safe is because it is verified regularly and the distro devs are really careful what they're passing.
They have a huge community and they can communicate with their users if any major security issue(most likely an attack) is encountered.
But in general, single or small developers might not have this big of a backing or resource because of which they might be more susceptible(not by an alarming rate) to an attack.
So, their websites might get hacked(for a day or two at max) and malwares can be distributed.
Now, this is where the trust becomes an issue.

We trust these developers and they would never choose to distribute malwares, but in some cases, someone pretending to be our trusted developer distributes a malware to users.
Smart and updated users might know what's up, but people who work a lot in offline modes and don't have much of an online presence might not notice the discrepancies.
This kinda scared me.
I trust my developers to protect their users at all costs, but there's still some risk and if we, as in users, could find a way to implement some safety measures like sandboxes, maybe that can work as a safety net in cases of emergencies.

I know, this fear might just be a xenophobia.
And I'm sure, you might have figured this out by now with all that experience clearing your thoughts, but I'm a little worried.
Let me know what you think about this.
Thanks.

For example, I trust Balena's etcher as an AppImage, but I wouldn't necessarily trust an AppImage named ScribbleOnDisk by DarkLordVolderWart

EDIT: I'm dumb but I'm not dumb enough to not notice Lord Voldemort, "Haarryy."
It would be really great if we could provide/maintain a list of trusted AppImage developers.

[catweazel]

For example, I trust Balena's etcher as an AppImage, but I wouldn't necessarily trust an AppImage named ScribbleOnDisk by DarkLordVolderWart

EDIT: I'm dumb but I'm not dumb enough to notice Lord Voldemort, "Haarryy."

Read it again, slowly. Forgive me, I was playing with your mind and you seem not to have noticed

It would be really great if we could provide/maintain a list of trusted AppImage developers.

You could do it. It's open source.

[Mintymandy34]

Read it again, slowly. Forgive me, I was playing with your mind and you seem not to have noticed

You tricked me again, but I'm still not sure what the trick was about.

You could do it. It's open source.

I'm planning to, but I don't think I've enough expertise on this.
I will still try to put up a list and hope other AppImage users who have a lot of experience in this regard can provide more info.
Thanks for suggesting this.
Though I really have no idea how to create a list where the options can be upvoted or downvoted by users and comments can be attached with the votes.
I've seen a poll in this forum, but I've no idea how to implement it, I'll ask that user about this.

[Faust]

........
And I also like the AppImage approach, I think it's really cool to have a portable app that can run anywhere.
And I'm seeing a lot of developers choosing AppImage format to distribute their softwares in their respective websites.
Though initially I had read AppImages had a problem with security as they weren't sandboxed, even I read a discussion between AppImage devs talking about implementing sandboxing with such packaging system.
They've also recommended to use FireJail for that purpose.

I've not seen anything about how big of an impact the issue can have and how to properly solve it.
I gain some confidence when big developers use this format, though a little fear is still lurking inside.
I think you can clarify this.
If it's way too off-topic and I should start a new topic/thread, then please let me know.
Thanks.

The security aspect is a very good topic and it merits a new thread IMO , and it will get much more notice that way than it will in this thread .
No disrespect to Geoffrey Bayl .... oops , I nearly gave away his "meat-space" id .....

Just as an example , I'm only reading this thread because I've been following catweazel's project for a while ,
and if not for that I would never have seen your post .

I'm a security maniac , so you already have my attention ....

[Mintymandy34]

The security aspect is a very good topic and it merits a new thread IMO , and it will get much more notice that way than it will in this thread .
No disrespect to Geoffrey Bayl .... oops , I nearly gave away his meat-space id

Just as an example , I'm only reading this thread because I've been following catweazel's project for a while ,
and if not for that I would never have seen your post .

I'm a security maniac , so you've already got my attention ....

Yes, I'm planning to start a new thread about Security in Linux Mint and Ubuntu: an Explanation and Some Tips by Pjotr.
I've read it very carefully and I've some questions about it, AppImage issue is also a part of those questions.
I've been waiting on this for few weeks now, I'm having some issues and I'm having hard time solving them. (I created 3 VMs 4 hours back and now it says boot media failed and their configurations are back to default. )

So, yes, I'm all for a new thread, but I don't really know which subforum to use for this post.
Any suggestions?
And should I start different topics for each issue, like AppImage issue, Wine issue, etc.?

Who's Geoffrey Bayl? catweazel? meat-space?
Thanks for your interest, I would love to hear from you in that post.

[Faust]

......
So, yes, I'm all for a new thread, but I don't really know which subforum to use for this post.
Any suggestions?
And should I start different topics for each issue, like AppImage issue, Wine issue, etc.?

Who's Geoffrey Bayl? catweazel? meat-space?
Thanks for your interest, I would love to hear from you in that post.

I would go with something like " Appimages and security issues " or a similar title for starters ,
and keep other GNU/Linux related security discussions to their own threads .

You don't need to write very much .... just cast the seeds and see what comes up .
As you may have noticed , this is not the sort of forum where topics stay afloat for very long ,
mainly because of the large user base and the number of new threads posted every day .

As to the other questions -

There is cyberspace and there is "meat-space" .
You are reading what "Faust" wrote in cyberspace , but it was meat-space me working the keyboard .
Or to look at it another way , is that your passport photo that you have as your avatar ?

catweazel admitted earlier that he was messing with your head , so I thought I'd do the same to him
He's always up for a bit of sparring ....
..... but in cyberspace of course .

[Mintymandy34]

I would go with something like " Appimages and security issues " or a similar title for starters ,
and keep other GNU/Linux related security discussions to their own threads .

You don't need to write very much .... just cast the seeds and see what comes up .
As you may have noticed , this is not the sort of forum where topics stay afloat for very long ,
mainly because of the large user base and the number of new threads posted every day .

Thanks, so I think you suggest I should post this in this sub-forum, right.

There is cyberspace and there is "meat-space" .

Oh, I get it now, cyberspace is computer world, and meatspace is the real world.
I thought they were different social network websites.

He's always up for a bit of sparring ....
..... but in cyberspace of course .

Thanks for using your mind tricks on him.
I still have no idea though, don't worry, I will get this in few months.

[gm10]

There is cyberspace and there is "meat-space" .

Oh, I get it now, cyberspace is computer world, and meatspace is the real world.
I thought they were different social network websites.

This is funny because MySpace used to also be called MeatSpace, but for entirely different reasons. But who even remembers MySpace?

I still have no idea though, don't worry, I will get this in few months.

It was just a play on words mixed with some geek culture references, take it as a positive that you didn't get it.

All that aside, that's a beautiful job of derailing a thread that has been done here. Since I'm the one originally linking you here I take some pride in it.

[Moem]

who even remembers MySpace?

*raises hand, looks around, lowers hand very swiftly*

Just so you understand, the general expectation on the Internet is that somebody's avatar is not indicative of their real life appearance.

Mine is. I totally look exactly like that ---->
Except that the hair colour differs. Right now it's a bit like this.

[gm10]

Just so you understand, the general expectation on the Internet is that somebody's avatar is not indicative of their real life appearance.

Mine is. I totally look exactly like that ---->
Except that the hair colour differs. Right now it's a bit like this.

I see the resemblance, the eyes gave it away:




You'd look better like this:


I'll see myself out... >.>

[Moem]

I'll see myself out... >.>

That sounds like a solid plan.

[Portreve]

Y'know, gm10 and Moem, I thought about doing that with my hair.

Then I remembered I'd need some, first.

[PhilippeH]

Athenaeum suits me fine on the grounds that you'd probably have to go searching go-ogle for the meaning. I encourage self-sufficiency in that department

Hello catweazel. I followed your advice and googled for Athenaeum. First result, and domain name strict match, return this. Being French, I definitely like this name

More seriously, I am very interested by this software of yours, if it could replace in one package the different backup tools I am using at the moment

[catweazel]

More seriously, I am very interested by this software of yours, if it could replace in one package the different backup tools I am using at the moment

I doubt it will ever do that. It's intended only for personal files.

[PhilippeH]

It's intended only for personal files.

Oh? Sorry, I misread this thread somewhere