Still have muscle memory of commands like glxinfo, xdpyinfo etc. ;-)
They’ll move to something serious like vanilla Arch, Debian or Fedora soon enough
Omarchy scratches that itch.
Anything else is better suited when you have opinions about the ecosystem.
Much nicer configuration then fedora/Ubuntu for productivity.
And be assured, i have not posted a single screenshot anywhere.
Non work as good as omarchy for my very light web development needs at home.
Starts with very simple things, like podman with its improved security getting in my way, or copy paste not working the same in all apps and terminals.
I unfortunately have not a lot of time, between my familie, friends, hobbys and job.
Tbh the reduced/sensible security is most likely one of omarchys selling points.
And who gives a duck about 15gb?
This part was where I stopped taking the article seriously:
>Moreover, taking into account that the system relies heavily on sudo (instead of the more modern doas), and also considering that the default installation configures the maximum number of password retries to 10 (instead of the more cautious limit of three), it raises an important question: Does Omarchy care about security?
This is such a reflexive and petty critique. How many real world security breaches happened because a login prompt that requires physical access limited to 10 tries instead of the "more cautious" limit of 3? And do you even care about security at all unless you limit to the even more cautious limit of 2?
Author claims there is no structure to the project but one look in the GitHub repo says there clearly is. Also, how many users will now try Arch (or Ubuntu via Omakub) as a result of this? If the answer is a positive number and DHH wants to put his time and weight behind it, that’s a good thing.
> In fact, it is Omarchy that complicates things further down the line, by including a number of unnecessary components and workarounds, especially when it comes to its chosen desktop environment. The moment an inexperienced user wants or needs to change anything, they’ll be confronted with a jumbled mess that’s difficult to understand and even harder to manage.
> If you want Arch but are too lazy to read through its fantastic Wiki, then look at Manjaro, it’ll take care of you. [...]
> On the other hand, if you’re just looking to tweak your existing desktop, check out other people’s dotfiles and dive into the unixporn communities for inspiration.
That strikes me as very fair. I don't think it's gatekeeping to say that setting users up with a "distro" that eschews package management for a pile of curl|sh invocations is a bad idea for which there are much better approaches.
Omarchy is fine as an (opinionated) collection of dotfiles and configurations, but there are reasons proper distros are useful aside from wanting to spend time tweaking stuff or whatever. I don't see how the article talks about anything else than practical issues with it.
Moreover, the entire Omarchy ecosystem is held together by often poorly written Bash scripts that lack any structure, let alone properly defined interfaces. Software packages are being installed via curl | sh or similar mechanisms, rather than provided as properly packaged solutions via a package manager. Hansson is quick to label Omarchy a Linux distribution, yet he seems reluctant to engage with the foundational work that defines a true distribution: The development and proper packaging (“distribution”) of software.
Personally, my opinion, I use sudo, and if I take more than 3 goes then I deserve a timeout to get my act together. Anyway, 10 attempts isn't enough to brute-force a decent password, and if bruteforcing is a concern then add 2FA codes or hardware.
There's more serious concerns in the article though - the part about the screensaver / hyprlock? That's just security theatre.
God, this comment is funny to me. This is pulled straight from this website (https://learn.omacom.io/2/the-omarchy-manual/93/security)
> Omarchy takes security extremely seriously. This is meant to be an operating system that you can use to do Real Work in the Real World. Where losing a laptop can’t lead to a security emergency.
lol Are you saying that a distro that makes this kind of claim shouldn't be concerned with the amount of times you can type in a wrong password? Especially since it's not vetting that actual security of the password itself?
How many times does your bank allow you to type in the wrong password? Is it 10? Cmon.
To me, this indicates a lack of judgement around what should be prioritised, which is reflected across the many issues the post raises. Naturally judgement is an acquired skill, which novices lack (and which they gain through experience and guidance), but given the big names associated with the project, that doesn't reflect well on their other projects.
I will absolutely say that a distro making that claim should not worry about the difference between 3 and 10 password attempts on sudo (i.e. when you're already logged in).
> Especially since it's not vetting that actual security of the password itself?
Yes, that should be fixed. But it's a separate matter.
Sure, because the complexity of your password and the amount of times you get before you're locked out historically don't effect each other lol.
In fact, let's do this right now: I've just thought of a random english word and written it down. I'll give you 20 guesses. Guess it right and I'll agree with you.
"Hey guys, I'm going to prove that an OS that claims that you don't have to worry about security anymore is actually secure by asking a total stranger to guess my password"
lol.
> I will absolutely say that a distro making that claim should not worry about the difference between 3 and 10 password attempts on sudo (i.e. when you're already logged in).
If you'd like to point out that it's really important to require a high-entropy password for the lockscreen or disk encryption, then I'll agree, but that isn't the argument we're in right now.
It should, but anything below 100 guesses or so is kind of fine, unless the attacker knows you and has good guesses about your password.
Let's be generous and assume a six character password of all lowercase letters. That's 26^6 possible passwords. That's 3x10^8 possible passwords.
3 guesses means that you have a 0.000001% chance of guessing the password, whereas 10 guesses means your chances are 0.0000032%. Are you worried about a 0.0000022% difference?
The odds are slightly scarier if you limit it to English words, but I still doubt that 3 vs. 10 has any meaningful difference in practical terms.
I find somewhat ironic that he calls out the security aspect of it without considering the audience.
I feel the tracking for advertising is a lot more a security issue than it is the chances of somebody brute forcing a laptop password
https://github.com/basecamp/omarchy/blob/master/default/pacm...
But mine was a joke with a small complaint about the length. Everybody can do what they want with their free time, none of my business
Calling it flashy is an especially amusing critique. You couldn't kick your way through the 90s and 2000s without the endless parade of semi-transparent terminal windows running on various shades of windowmaker, enlightenment, kde, etc. all to show off how much more advanced the graphics pipeline and customisation was compared to Windows or Mac at the time. So this is hardly a new thing.
Let's hope this distro picks up steam; that it helps convert people who are fed up with Apple and Microsoft to another way of doing things. Arch + hyprland is a fine place to start.
https://world.hey.com/dhh/europeans-don-t-have-or-understand...
The guy who glazes JD Vance, the 1000000% alt-right Vice President who doesn't care about literal Nazis infiltrating his party is probably part of the alt-right.
lol go back to 4chan
"There are dozens of us! Dozens!"
>because it is from alt-right environment.
No it's not.
What does this even mean with respect to the article?
The author is remarkably negative without actually trying to help anything. The globbing is borked on some shell scripts in a very young Linux distribution? Submit a pull request rather than writing a blog post.
And then the tab changes its name to something dumb when you leave to try to get you to disable JS.
They're mad things come pre-installed. They're mad things don't. They just like being mad.
Dudes got the vibe of a cat.
Either way, I appreciate the opinionated and researched review. It was a good read, and certainly highlighted some of the ways Omarchy is… odd.
(Also, the JavaScript is annoying, especially when reading on a phone which backgrounds the tab when you lock it…)
Why is even the summary longer than most articles nowadays? I will maybe read te full article later, but probably will just let it rot on my pile of readlaters.
Is this enough trash-talk now? Is the Pro-tip pleased?
That is interesting.
I would respect the article a lot more if it spent words on actually investigating things like this, rather than repeated nitpicking.
I've used Omarchy over the last few months and I don't think this is a fair assessment of the project. Sure, it definitely fells hacky in some places but I don't think it's that bad.
Even though I don't fully agree with the article, I think the conclusion is right. If you already knows your way around linux, Omarchy probably won't be a good option for you in the long term.
I fully switched to linux around 2008 and never looked back. I went through most of the major distos, from Gentoo to Ubuntu. I'm not an expert, but I have a pretty good understanding of how things work under the hood.
Even with all this knowledge I stumbled upon a bug that I wasn't even sure on how to start debugging. In my desktop I have 2 monitors and when the system wakes up from sleep my secondary monitor starts up faster than my main monitor and this puts them in the wrong order, as if I had swapped them left-to-right.
This is a trivial issue, I'm sure that ChatGPT could guide me through this issue in no time. But it made me realize that if I choose to stick with Omarchy I will need re-learn a lot of things, I will need to learn about several new tools and configuration schemas. And I don't want to do it right now, that's not a good time investment for me. Especially if there are no guarantees these tools will still be relevant in 10 years.
And this is why I'll be switching back to old and boring Fedora.
I don't understand why the link is now [flagged] by HN?
Sounds like bloatware.
For all of the security suggestions in this article I was also surprised to see the author recommending ungoogle-chromium, which has a number of security issues. See: https://qua3k.github.io/ungoogled/
The primary issue I take with the article is the chosen tone. I think there are ways that these points could have been made without being overly cynical and negative. I think speaking authoritatively throughout the article has the effect of equating the importance of subjective preferences (like the choice of which terminal emulator to include), with legitimate security concerns (bash shortcomings, migrations, firewall misconfiguration, piping curl | sh to install software).
I wouldn't use Omarchy, but I am glad it exists. It's bringing more people into the desktop Linux ecosystem, which should be positive sum. Omarchy comes off to me as a little hacky and immature, but at this stage that seems.. mostly fine? Perhaps they should be more clear about that in their marketing, but I understand the goals and I admire the enthusiasm from DHH.
I'm a long term Linux user (since 2003) and I have a brand new Lenovo Thinkpad X1 13th Gen sitting here with a blank boot medium and I have to decide what to install as an OS now. Ubuntu again? Fedora maybe due to more recent drivers? Omarchy due to - why not?
That article helped - the flagging? Not so much.
Because there are a lot of DHH fanboys on this site.
It's a tad ironic that critiquing the OS of one a guy who thinks he's fighting for "free speech"* gets flagged. lol.
*He doesn't know what free speech actually is as evidenced by his support of Trump and Elon.
Probably the juvenile title-altering script that could get people in trouble depending on where they’re from.
λ omarchy master Ɇ » shellcheck -f checkstyle bin/* **/*.sh | grep error | wc -l
451
λ omarchy master Ɇ » cloc .
662 text files.
473 unique files.
253 files ignored.
github.com/AlDanial/cloc v 2.06 T=0.07 s (6645.0 files/s, 133055.1 lines/s)
--------------------------------------------------------------------------------
Language files blank comment code
--------------------------------------------------------------------------------
Bourne Again Shell 125 704 319 3344
Bourne Shell 237 499 229 1952
CSS 41 122 22 653
TOML 19 113 9 612
XML 3 6 12 437
Lua 12 0 0 151
INI 14 20 0 78
JSON 13 0 0 67
YAML 4 4 0 50
Text 2 0 0 36
JavaScript 1 1 0 20
Markdown 1 5 0 5
SVG 1 0 0 1
--------------------------------------------------------------------------------
SUM: 473 1474 591 7406
--------------------------------------------------------------------------------
Even though I haven't used it, I don't mind Omarchy existing if it works. I had issues with omakub when I had tried it in the distant past.
That said, I think a lot of peoples criticism of DHH and Omarchy is based on their personal opinions of DHH or that they don't like that an opinionated Arch variant is opinionated, which is a bit of a ridiculous criticism too.
paulglx•3mo ago
mattbettinson•3mo ago
manmal•3mo ago
The cynicism is also pretty strong, in the first call-out, asking HN audience to jump to the TLDR, because?
slig•3mo ago
boesboes•3mo ago
bloppe•3mo ago
zahlman•3mo ago
Do modern browsers even still offer the built-in option to disable JavaScript unilaterally?
matltc•3mo ago
slightwinder•3mo ago
chinathrow•3mo ago
sorcercode•3mo ago
fwiw, it's trivially easy to block javascript per site today with uBlock Origin. Firefox + UBlock Origin really is the panacea of a de-shittified web.