Bonum Certa Men Certa

Good Software Doesn’t Change Very Much

Reprinted with permission from Ryan Farmer

Good software doesn’t change very much.



In as many ways as possible, I continue using older desktop programs, some in Wine even.



It greatly annoys me that when a problem has been solved, we have to bury the thing alive in layers of garbage until it can barely move anymore, like modern Web browsers, or Windows.



I was mentioning earlier in IRC that I continue using Winamp 2 in Wine, and it doesn’t stop working. I use an unreleased leaked build from 2003 called “2.95”.



AOL never did anything about the leak. It was them that leaked it by mistake and when they leaked it, it had the same license as any other version of Winamp, meaning that there was nothing they could do really.



20 years later, it still runs. MP3 hasn’t changed. Ogg Vorbis hasn’t changed. Not in any way that affects playing it back.



There’s now an Opus plug-in that’s compiled for Winamp 2 that would still even work on Windows 9x.



Other than it looking a little funky with the interface scaled to 2x and the minibrowser you close anyway not doing anything (in Wine at least, because IE isn’t there), it works like it was supposed to.



Best of all, there’s nobody changing the interface.



The program was designed such that everything’s a plug-in. People have created alternative MP3 decoders based on mpg123, and new versions of in_vorbis.dll as well.



So basically, why shouldn’t I still use it?



I keep hearing that Audacious exists and is Free Software and is maintained.



Well, of course it is, but I don’t honestly like that. The GUI changes, the GUI toolkit gets “upgraded” and toolkit people are notorious for making pointless GUI changes and adding bugs.



Winamp 2.95 does everything I need it to do and apparently enough people agree or else it wouldn’t continue having community updates through the plug-in system.



Yes, there are newer audio programs, Free Software and otherwise, but this was the first program that actually played MP3s and didn’t make a huge issue out of the GUI. I ended up using it in the 90s (before AOL even) and even with the old “Nitrane” MP3 decoder (which wasn’t accurate and failed the ISO conformance) because it was good enough to work even then.



Roy Schestowitz mentioned engineers as practical people. I’m not an engineer, but I am practical. There’s really nothing that’s been done on the front of Human Interfaces since the early 2000s that’s worth a warm pitcher of piss.



Firefox was a regression from Mozilla Suite at the time and I still use SeaMonkey because the Firefox HIG is an ungodly mess.



By attempting to be “simple” and “clean”, they end up actually throwing all the settings, icons, and preferences into a few “junk drawers” and they change the interface again every few years and it’s really just a form of negative work.



Modern HIGs are basically a march to dumb down the PC until it’s like cell phone apps.



Everyone waving a cell phone with one button on it in one hand and their dick in the other hand.



I’m considering jumping over to a non-GNOME desktop environment for this reason.



The inmates run the asylum, and IBM Red Hat has so much influence over it that it’s basically a wing of IBM at this point.



Every time I update GNOME it feels more like a broken iPhone.



I played around with Fedora Kinoite on my older laptop and Wayland seems to work in KDE now. I’m considering getting all of my files properly backed up and nuking Fedora, because IBM is a disease, as I’ve blogged about previously.



I could probably put Debian 12 KDE on my system, but I asked and they don’t have a SeaMonkey package.



Roy mentioned PCLinuxOS and they not only don’t have GNOME at all, but they also package the current SeaMonkey. (Big positive factor.)



Some posers and trolls needle me for using SeaMonkey, but here’s the truth about security. There’s not really much you can do about “security” that’s better than just installing your patches and limiting the Web garbage that can run active code and watching where you get your software. The corporations in the driver’s seat are making all of this harder to manage. Red Hat making people turn to untrustworthy software sources for lack of resources to maintain the Fedora project, Google and Mozilla making the Web 100 times more bloated every time they shit a browser update. It’s horrific.



Even the same people who push these bloated software updates out admit that once you use their product you’ve already lost, so they go looking for ways to “contain” all of the exploit code they know they’re adding with more “sandbox” layers.



Tor Browser is dangerous for being based on Firefox and having most of the same holes.



WASM



The latest Tor Browser, showing it’s configured to run WASM by default.



The monthly Mozilla patches show us all the lovely WASM CVEs that are discovered, but in a system so complex, it’ll never end. So enjoy the Tor browser and when the State Actors say “WAASM UPPPPPPPP!?” don’t say nobody warned you.



Anything with WASM support is a damn hazard. In addition to browsing with ublock-origin and NoScript on SeaMonkey, I turned WASM off. Active Code is a never ending security mess that will never get better. Don’t look for it to. Be happy with what you have.



“Hey Firefox, put all this garbage, active code, sandbox escapes for malware implants, and fingerprinting crap on all eight cores please! LOAD IT UP!”



I’m just a little black rain cloud
Hovering under the honey tree
I’m only a little black rain cloud
Pay no attention to little me



Oh, everyone knows that a rain cloud
Never eats honey, no, not a nip
I’m just floating around over the ground
Wonderin’ where I will drip



Oh, everyone knows that a rain cloud
Never eats honey, no, not a nip
I’m just floating around over the ground
Wonderin’ where I will drip

Winnie The Pooh – Little Black Rain Cloud


(Why on Earth would anyone feel safe browsing with Tor Browser in the default state? Obvious honeypot is obvious.)



I disable a ton of junk (backported from Firefox) in my browser and mostly read static documents and check my email and use IRC. SeaMonkey is great for me.



Recently Reddit made it difficult to use “New Reddit” with SeaMonkey. I tried various user agents from less capable Modern browsers like Safari, and even tried to provoke an Internet Exploder 11 fallback if they had one, but the new code is just fucked. Thankfully, there’s still Old Reddit and the various libreddit proxies if I want to look at something. I also use the Gemini NewsWaffle and Chilly Weather through a Gemini Web Proxy. That way I don’t get a mountain of JavaShit and cookies I don’t want, and paywalls, and IBM’s other monster, the Weather Channel.



If it gives SeaMonkey problems, the site is misbehaved and poorly designed and possibly malicious, and there’s usually another way to get at it.



The way I use SeaMonkey, it’s much more pleasant, and safer, than Firefox.



Debian probably dropped SeaMonkey first. The way I recall Ubuntu having SeaMonkey was one of Canonical’s usual “copy Debian’s repo at some point and THEN never patch anything for security”. They did it to Epiphany and WebkitGTK as well!



Michael Catanzaro blogged about the CVEs they allowed to pile up.



He shamed them into straightening up on those two packages, but here’s the situation when he blogged about it in 2016.



Ubuntu



Ubuntu releases WebKitGTK+ updates somewhat inconsistently. For instance, Ubuntu 14.04 came with WebKitGTK+ 2.4.0. 2.4.8 is available via updates, but even though 2.4.9 was released upstream over eight months ago, it has not yet been released as an update for Ubuntu 14.04.



By comparison, Ubuntu 15.10 (the latest release) shipped with WebKitGTK+ 2.8.5, which has never been updated; it’s affected by about 40 vulnerabilities fixed in the latest upstream release. Ubuntu organizes its software into various repositories, and provides security support only to software in the main repository. This version of WebKitGTK+ is in Ubuntu’s “universe” repository, not in main, so it is excluded from security support. Ubuntu users might be surprised to learn that a large portion of Ubuntu software is in universe and therefore excluded from security support; this is in contrast to almost all other distributions, which typically provide security updates for all the software they ship.



I’m calling out Ubuntu here not because it is specially-negligent, but simply because it is our biggest distributor. It’s not doing any worse than most of our other distributors.

-Michael Catanzaro


As if that wasn’t bad enough, Canonical also broke WebkitGTK so that some images wouldn’t display and YouTube videos were broken.



Some of the largest and most corporate Linux distributions are also the most sloppy and terrible.



Brimming with security holes and a lot of hacks and bad patches.



There’s nothing about Ubuntu that screams professionalism. It barely works at all, when it does, here be dragons. There’s all sorts of horrors I could go into, including what it took for me to fork a Linux kernel and make it work with all the crackpot asshattery going on that passes for engineering at Canonical.



I’m not even a software engineer and when I went digging it soon became obvious to me that I probably shouldn’t be trusting anything terribly important to a computer running Ubuntu. I’ve heard (although I never used Ubuntu during the ZFS file system debacle), that they even managed to add ways to lose data to ZFS. Which isn’t terribly surprising considering it’s a crackpot driver under a non-GPL compatible license, that’s not part of the kernel, and Ubuntu has sort of kludged together something that maybe boots if you don’t piss it off terribly by mistake. I didn’t even have to use ZFS to get this impression. When the bugs started hitting Launchpad it was a “get the popcorn out” moment.



Who needs cable?



Anyway, Ubuntu’s out. It’s garbage, it’s not secure, it’s got crackpot patches and copyright-violating modules. And they’re a Microsoft Azure partner, of course.



I may spin up several candidates to replace Fedora in Fedora on GNOME Boxes and play around with them and press all the buttons and see how easy they are to break.



When I used to occasionally distro hop on older computers in the 2000s, I ended up with shoddy craftsmanship like YaST on OpenSUSE circa 2007-2008 which would break the whole damn system if you added a couple extra software repos, and Sabayon Linux where you would click a button and have to wait for it to install a package for like an hour.



Even Ubuntu and Fedora aren’t shit shows in those ways (but they almost try to invent new ways to be a shit show of their own).



When you have a spare computer it’s easier to laugh when you press a button and chant “BROKEN SYSTEM CHA CHA CHA! BROKEN SYSTEM CHA CHA CHA!”



The Free Software community has been nearly obliterated by sabotage and subterfuge.



Microsoft on a bullhorn (with their moles in tow) shouting “Don’t run, we are your friends!” (“And we have a CoC!”)



It’s sort of like, “Why are you on Fedora?”



I ask that so I can answer. Because other major distributions have been infiltrated and ruined.



Like the damned Terminator in the bunker that got past the dogs and guards.



That’s why the #Fedora moderators on Libera Chat gets away with, basically, hate crimes and disorderly conduct, even though there’s a CoC.



They are a collection of toxic individuals that are “untouchable” because they’re in thick with the muckity mucks on the network.



Every time you re-settle somewhere, the bad guys roll over the border again and set up another vassal state of Microsoft.



I must stress that it’s not Free Software that’s the problem here. It’s a couple lousy corporations and Microsoft causing a lot of problems in distributions that used to be really popular. And I’m just some aging hipster that doesn’t currently know what the cool kids are using.



Although I have to say I was amused that “Mr. Hate Crime” & Friends in the Fedora room is still reading my blog intently, obsessed with what I might say about their rotting pile of crap (apparently without enough developers to package LibreOffice at this point) next.



I think I’ve vented enough of my frustrations about the toxic quacks that they’ll let into some of these communities lately.



Recommendations about competent distributions of GNU/Linux are welcome.



(As a quick aside, Matthew Garrett mentioned on his blog about taking the utterly pointless long way around when he found a Fedora laptop that was 5 YEARS out of date…..very secure…and he went poking around trying to skip 10 versions by opening things in hex editors when he could have done things like just tell RPM here’s a package, don’t verify it, and clobber this other one clobber clobber, and it’s the next RPM and the fedora-gpg-keys. It amused me. It’s like watching Mr. Bean trying to figure out how to perform dentistry on himself after whacking the dentist out cold, and filling three extra teeth as he rotated the x-ray around, just to be sure.)



Recent Techrights' Posts

A Year Ago, Only a Few Weeks After We Countersued the 'Hulk Hogan of UEFI', Our Webhost Came Under Attack
At the end of September 2024 our webhost received several threats
The Register - Kissing the hand that feeds it
hired to manage the publication several people connected to Microsoft, including the new Editor in Chief
 
Datacentres Aren't Reliable for Backups
bad practices cause immeasurable levels of permanent data losses each and every day
Links 28/09/2025: Science, Censorship, and Security Incidents/Advisories
Links for the day
Gemini Links 28/09/2025: Golem and Cybertrucks
Links for the day
Links 28/09/2025: Moldova Elections, LLM Slop Failing Again to Accomplish Anything
Links for the day
Links 28/09/2025: Slop Does More Harm, Newly Released Epstein Estate Documents
Links for the day
Links 28/09/2025: Fentanylware (TikTok) 'Going Private' (the Dictator's Media Allies) and UK Mirror Lays Off More Journalists
Links for the day
If Only Someone Warned Us About This...
Ubuntu is committing suicide with Rusty code
The Myths of "Linux" and of "Intelligence"
As noted this morning
People Remembered GNU's Birthday (Which Helps Remind People It All Started in 1983, Not 1991)
Have the FSF and GNU earned the respect they deserve?
Slopwatch: Ponzi Schemes Promoted by Media Companies, Linux Journal Turning Its 30-Year Reputation to Dust, and Serial Slopper Brian Fagioli Plagiarising, As Usual
This bubble will end up very badly
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 27, 2025
IRC logs for Saturday, September 27, 2025
Links 27/09/2025: Squashing Software Patents and When Hospitals Become For-Profit
Links for the day
Gemini Links 27/09/2025: Young Feet and Online Bots
Links for the day
GNU Project Turns 42
In 2033 it'll be 50
Next Step: Find Out Who's Funding the 'Hulk Hogan of UEFI' to SLAPP Us
We now have the 'Hulk Hogan of UEFI' working alongside a strangler of women, who as a Microsoft employee spent time in prison for it
Web Sites That Are Independent Are Also Like Software Projects (Sometimes Literally So)
Roll out your own 'stack'
Pieter Hintjens on Codes of Misconduct a Decade Ago
original is still online
Links 27/09/2025: Australia Might Ban Microsoft GitHub for Young People, Likely Illegal Executive Order Turns TikTok Into Cheeto Propaganda
Links for the day
Repeating the Lies to Promote a Ponzi Scheme is Not OK Because "Many Other Sites Do This" (Including Slopfarms)
They already work on the next Ponzi scheme
The Register MS (Situation Publishing) is Participating in a Ponzi Scheme
The market in "tech" seems awful when a lot of it sells a fraud and journalism about this market is part of the fraud
Glimmer of Hope: More People Realise and Come to Accept "AI" is Just a Giant, Elaborate Ponzi/Pyramid Scheme That Will Leave Everyone Worse Off (Except the "Top of the Pyramid")
quoting Einhorn and some comments
Mass Layoffs in Starbucks... and Society Loses Nothing of Value
Society might even be better off if Starbucks shuts down entirely
Do Your Job and Demand Your Compensation - But in That Order.
We'll do our best to convince the Judge to award all costs to us (lawyers, barrister, LIP bills etc.) plus judgements against them, for abusive litigation and needless suffering associated with that abuse
Matthew J. Garrett Behaved in a Similar Fashion to 4Chan and Kiwi Farms
Opposites attract? Are they opposites at all?
Drew DeVault Suggests "CoC Enhancement", Starts Trolling Projects in Microsoft GitHub
And it backfires immediately
Like Nazi Germany and Volkswagen
Tell us all about "freedom" when your government runs a Ponzi scheme
Microsoft Sponsored This Man, Microsoft Sponsored His Behaviour (and He Controls Microsoft)
They get what they paid for
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 26, 2025
IRC logs for Friday, September 26, 2025
He Talks Too Much, He Says Dumb Things
only British when that suits him
Slopwatch: FUD and Plagiarism (Working Against Linux) Promoted and Rewarded by Google News
Shame on Google News
Reminder: We're Unloading Some Publications to Tux Machines
About 15 years ago I was struggling to keep up with TechDirt
The E-mail Protocol is for Text
bad netiquette
Gemini Links 26/09/2025: Slop in OpenStreetMap and MOPML (My Own Private Markup Language)
Links for the day
Links 26/09/2025: More Provocations Against NATO by Russia (Near Alaska, USA), Microsoft Booster Accenture Has Mass Layoffs
Links for the day
Links 26/09/2025: Hardware, Security, Health, and Nuclear Armament
Links for the day
Links 26/09/2025: "Digital Fatigue" and Slop Frenzy (Hype) Ruining Work Productivity, Culture, Languages
Links for the day
Brett Wilson LLP Unwilling to Disclose or Explain How 'Hulk Hogan of UEFI' Pays for His SLAPPs Against Us (He Cannot Afford These), So We Are Escalating
Escalated in the British authorities
What 'Hulk Hogan of UEFI' Could Learn From Jimmy Kimmel About the 'Streisand Effect'
Lawyering up is risky and is usually doesn't work
Linux is Replacing Apple
Apple is money down the drain. Not only are the gadgets overpriced; they cost a lot to maintain and keep going over time
"We don't have that kind of relationship with Microsoft. The only public key that every UEFI firmware is guaranteed to have is Microsoft's, and only Microsoft owns the private key."
This is how to sabotage GNU/Linux distros that Microsoft does not control
Slopwatch: linuxconfig.org, linuxsecurity.com, and Google's Promotion of the Worst and Most Prolific Slopfarms
Over in Google News it has been quite chaotic this past day
Gemini Links 26/09/2025: Reading RSS Feeds, ROOPHLOCH 202
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 25, 2025
IRC logs for Thursday, September 25, 2025