Don’t get me wrong. I absolutely love Fedora Atomic (Silverblue, Bazzite, Kinoite, Aurora, IOT, etc.), more than any other distro I used, and I plant to continue using it.
It never made any problems on any of my devices, and because it is pretty much indestructible and self-managing, I even planned to install it on my Mum’s new laptop, in case her current one (basically a toaster with Mint on it) breaks.
But with the last days, my trust is damaged quite a bit.
First one, where I couldn’t update anymore on uBlue, because of faulty key pairs. This is a huge thing for me because uBlue updates in the background, and if I wouldn’t have read it here on Lemmy, I would have found out way too late, which is a security risk imo.
And now, my devices weren’t able to boot anymore due to some secure boot stuff.
Again, if I wouldn’t have subscribed the Fedoramagazine, I would have noticed it way too late.
I was able to just boot into an older image and just paste a few commands from the magazine’s post, and it was resolved in just seconds (download time not included).
Both instances were only a minor thing for ME.
But both would have been a headache if I wouldn’t follow those blogs, which is a thing only nerds (like myself) do.
Nobody else cares about their OS, it is supposed to just work, hence why I use Atomic.
I don’t wanna blame the devs (both j0rge/ uBlue and the Fedora team), they were very quick, transparent and offered very simple fixes.
And, being able to just boot into an older image, just in case, is something I am very thankful for, but nothing I want to depend on.
Having to be informed about stuff like this and then having to use the CLI is just a no-go for most people.
Am I over-reacting about this too much? What’s your view on those things?
I agree, mistakes and vulnerabilites happen in all software commercial and open. Now I can only speak for RetroDECK but, we also make mistakes and need to do minor patches to fix those.
I think Jorge and the team handled it as you should: Be transparent, inform on all channels they can and learn from your mistakes.
Me personally have full confidence in them.
Those that try to hide or shift blame of mistakes are a bigger red flag in my book.
What we need is a popup IN THE OS that tells users how to troubleshoot.
Separate from the OS core, updatable individually, like an RSS feed with persistent popups using KDialog etc.
People, please; look at this.
It’s inevitable that mistakes will happen.