MANJARO has a BIG PROBLEM

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everyone this is Nick and if you came here expecting me to bash Manjaro as a distro you came to the wrong place I used Manjaro for the better part of a year and a half or two years and I used the gnome version the caddy version the budgie version on two different computers and I like it but Manjaro has a problem not a distro problem but a management and image problem that is slowly making more and more people wary of them as a distribution and it's giving them an image that is not all that good all things considered so let's talk about this right after this segue to today's sponsor this video is sponsored by safing safeing makes the portmaster an open source tool to take back control of your internet connection it's free of charge and it lets you see every connection every application makes and it lets you act on these connections by blocking ads and trackers malware not safe for work stuff or scams with auto blocking capabilities and even the ability to use a DNS provider of your choice you can of course create your own rules globally or per application boardmaster is available as a Dev or an RPM package it's in the Aur or you can also install it on Windows using it is free of charge and they have paid tiers starting at 3 Euros per month to support the development or 9.9 Euros per month if you want the total package including the SPN which is a VPN on steroids that uses a different IP address for every connection so you're truly impossible to try so click the link in the description to download the boardmaster so let's begin with a quick recap of how Manjaro works and how it's structured Manjaro as a distro is an arch-based Linux operating system it's not Arch though and it has moved far from it to the point where it's closer to a traditional distro like Ubuntu or Fedora it is a rolling release which means you don't need to upgrade to a major version to get feature updates but they maintain their own packages and don't necessarily ship the latest versions of everything with three repos stable testing and unstable to have some amount of quality control before releasing something to everyone while Manjaro has access to the arch user repository it's not enabled by default and installing packages from it is more likely to result in breakages and issues than in traditional Arch as your mixing and matching packages with widely different versions and very different requirements they offer basically all the desktop and buy elements you might want with officially supported ones with plasma xfc and gnome and the community maintains all the other they also have versions for arm-based CPUs and release their distro for some mobile phones like the pine phone the distro is backed by a company since 2019 called Manjaro gmbhn Co which is based in Germany because they need to structure to manage all the projects and handle donations and revenue from the distro and Manjaro is a competent distribution in my opinion if you use it correctly and don't install stuff from the Aur all over the place to replace everything that you have installed through native Manjaro packages you're gonna have a stable and nice experience the problems only come when you try to mix and match stuff that isn't officially enabled so what's the issue well it's issues plural the first problem which might seem small is in how the company handles very basic stuff like security certificates Manjaro has led their certificates expire four times now this certificate is the thing that lets users know their website is secure and allows them to trust that they're really downloading an ISO from Manjaro and not any other website that passes for the real one when you're downloading an operating system that you are going to install on real Hardware it's kinda crucial to be sure that the image you're downloading is actually from the manufacturer you're expecting it to be and if your security certificate is expired or invalid you can't be sure of that not 100 it might seem like a very small issue but it's extremely basic renewing certificates is extremely easy and can be automated if you don't want to automate it you can at least set a reminder to renew it it's one of the simplest tasks when maintaining a server and manjaro's inability to anticipate this or automate it isn't a good sign in terms of how seriously they take their security and when Manjaro tells you to either add a security exception to your browser for the website or they tell you to rewind your computer's clock a few days to ignore the fact that the certificate is past its due date instead of actually renewing the certificate which takes five minutes stops you get the feeling that they might not be extremely tourist worthy or don't really know what they're doing but there are other issues Manjaro also has the weird habits of trying to release things that aren't ready to the general public without checking with the developers first one example is with the azahi Linux project where Manjaro decided that having Apple silicon support early would be cool which it is and so they shipped a broken kernel to end users had they talked to the developers of the project they would have known that the branch they grabbed was not stable not ready for production and that they shouldn't have shipped it to I don't know hundreds of thousands millions of users that could have their systems completely broken by this weird decision and it also gave a bad impression of the azahi project because it makes their work look broken when in fact it was not stable and clearly stated that it wasn't and it's still not stay ball as of today and Manjaro also does that for various applications where they will grab unmerged patches and ship them in their stable packages which means their shipping code that hasn't even been validated by the applications developers themselves and isn't even certain to be included in the final application if it's still unclear an apt comparison would be a car manufacturer updating your onboard GPS on your car that you already bought with new streets that don't exist yet and haven't been validated and replace old streets you don't want that this is what led to the don't ship it Manifesto from various developers specifically in the mobile Linux distro space and probably what led the bottles developer to also ask distros to not repackage their software without talking to them first because shipping unstable software or broken software or untested software only has a bad reflection on the application themselves not on the distribution and it also generates tons of support requests for the developers which have no responsibility on this issue whatsoever because they never wanted this software to be released in this state another problem that arose was the use of the Aur in Manjaro this Arch user repository is one of the greatest strength of archbase distributions it contains virtually everything you might ever want to install a lot of it is contributed by users and not necessarily tested but it's still the most complete repo of Linux apps and libraries and Manjaro has it although it's disabled by default now to be fair Manjaro doesn't officially promote using the Aur but they do ship it natively in the distro and you can enable it with just one switch and everyone knows that Manjaro is arch-based and expects the Aur to work on it so it's still a core part of the distro except the Aur doesn't really work well on Manjaro because the Aur assumes you're using the latest Arch software with the latest versions Arch releases which Manjaro doesn't because they hold back packages for testing which means that installing stuff from the Aur can seriously break your Manjaro system if you're not careful and then there's the whole DDOS situation manjaro's Aur helper the little software that lets Manjaro users connect to the Aur had a bug in it which sent thousands of requests per user to the Aur involuntarily causing a distributed denial of service or as I like to call it death by denial of service because it basically killed the Aur for everyone not just Manjaro users now mistakes happen of course but such a mistake shouldn't happen twice which it did and this denotes a clear lack of focus on testing or communication with Upstream with consequences for the Upstream projects and all their users not just manjaros again human error this can happen but twice this means that no process was ever put in place after the first time to check if you could again detox the Aur which shows a lack of respect for the work of others and the fact that manjaru still lets users access the Aur even though there's a 90 chance it's going to turn your distro into a buggy mess doesn't show the greatest responsibility either and then there are a few other issues the Project Lead wanted to buy a new laptop using Manjaro fonts for about 2 000 Euros for a developer Treasurer refused the expense because it went against manjaro's policy which states the funds are to be used for the Manjaro Community like hosting development hardware and software stuff of that ilk and that these expenses should be discussed openly now this led to an argument with the project lead and surfaced other expenses that had not been discussed according to manjaro's policy and so the treasurer left the company leaving the project lead in full control of all the communities funds now that's not an issue if you trust them to do the right thing and use the funds correctly and responsibly but seeing all the other issues that we already mentioned doesn't paint the best picture of how the company is handled and so this is kind of a problem in my opinion then there was the office suites debacle Manjaro announced out of the blue that they would be shipping soft maker office by default instead of Library office a software change isn't a problem except that soft maker office or free office as it's now called isn't open source replacing an open source component with a proprietary one isn't something you would expect from a Linux distribution eventually the community uproar LED them to add a ballot screen which led Manjaro users pick the office suite that they want to pick which is actually a very good solution but it's unfortunate that it had to be a real uproar and a real issue before they thought about this solution Manjaro has also often been accused of not contributing much to Upstream especially on the mobile front someone involved in the pine64 community points out that the fact that most mobile Pine 64 projects are starting to falter in terms of contributions is due to the fact that only Manjaro is an officially supported distribution for the pine phone for example where before there were a myriad of community editions and that Manjaro doesn't really contribute to supporting this Hardware which in turn leads to these devices not being worked on much anymore as the other community projects lost motivation when support for them was dropped and sure that's more of a pine 64 problem for picking Manjaro who doesn't seem to contribute all that much to the hardware Support over other distributions like Ubuntu touch which apparently did contribute a lot to the hardware support and there is nothing wrong with just having a distro that packages and doesn't contribute development efforts but in that case why would you have a deal with Manjaro which will not help your Hardware Community instead of additional that would actually have helped so if you put all of these problems side by side they don't look too bad a few mistakes a few intested things and a few behaviors that might be attributed to communication problems nothing too scary everyone makes mistakes it's normal but a company that lets their Treasurer go because they don't want to discuss expenses openly a company that fails to renew the most basic of things their security certificates and offers workarounds instead of actually fixing the issue or a company that does deals with proprietary companies instead of discussing them in the open and giving you their choices all of this does give an image of something shady and untrustworthy that doesn't really care about what the community wants and Manjaro as a distro well you might like it or not personally I stopped using it because I installed a lot of stuff from the Aur and it kept breaking but I also got tons of comments telling me that Manjaro could be very stable and is a great experience so I do not have anything against the Manjaro Community or the distribution itself it's on the management and the communication side of things that I think the issue lies there needs to be better processes in place to test things to communicate with the community and the Upstream projects and to not be perceived as a distro that doesn't contribute and ships broken things on top of that basically the image that this conveys is of a company that forges ahead and builds their business on top of Upstream projects but without really caring about what users Upstream teams developers or basically everyone else wants this might not be an accurate reflection of Manjaro as a company or as a distribution but it's the image it's starting to have in the Linux community and I think it could be avoided with a little bit more communication so let me know what you think about menjaro down in the comments and I will let you know what I think about today's sponsor tuxedo is a company based in Germany and they make laptops and desktops that ship with Linux out of the box and why you would want that over a generic PC that you buy of the internet where you slap your own distro on it but it's because it removes all the guesswork and all the elbow grease basically tuxedo devices will support Linux you don't have to look up online you don't have to research anything you can just plug a USB stick install Linux and it's gonna work and there's no need to think about it which is pretty freaking awesome and they have devices for all price points all use cases from Ultrabooks nux gaming Towers laptops gaming laptops workstations everything that you might want they have plus a ton of customization options including your own custom keyboard if you want and your own logo on the lid of the laptop so if you need a new device and you want to make sure that it runs Linux and you want to support the Linux development because tuxedo does contribute to linux's development well head over to the link in the description below click it and get yourself a tuxedo laptop or desktop they're really really good so thanks everyone for watching the video I hope you enjoyed it if you did don't hesitate to like to subscribe to turn on notifications or to write a comment and if you didn't like the video well you also have that dislike button which also works kinda and if you really want to help support what I do and support the channel you can click the super thanks button or the PayPal Link in the description or you can join my patreon subscribers and YouTube members both get access to a weekly podcast on Mondays where I discuss Linux open source the channel my personal life and a lot of other topics and you also get to vote on the next topics that I'll cover on the channel both links for patreon and YouTube memberships are in the description as well so thanks for watching and I guess you'll see me in the next one bye [Music] [Music] foreign

Info

Channel: The Linux Experiment

Views: 188,386

Rating: undefined out of 5

Keywords: linux, elementary os, open source, distribution, linux distro, linux help, linux tutorial, linux 2022, opensource, free software, linux tips, ubuntu, distro, manjaro gnome, manjaro linux, manjaro xfce, manjaro vs ubuntu, manjaro problems, manjaro controversy, manjaro aur enable, manjaro aur install, manjaro aur ddos, manjaro certificate, manjaro security issues, why manjaro is bad, manjaro is not arch, manjaro is bad, manjaro issues, manjaro is good

Id: oVlD17OjFAc

Channel Id: undefined

Length: 17min 17sec (1037 seconds)

Published: Thu Oct 27 2022