Ignore the noise and go with Ubuntu LTS. When you get comfortable with that, you could try Debian.

You could play it backwards too. Try Debian, if you can’t get it to do what you want, wipe and do Ubuntu LTS. But I do not recommend this path if you have no idea what you’re doing. People underestimate how difficult it is to do simple things when you don’t know how to, no matter how trivial.

Not necessarily. For all of these cases, Debian, Ubuntu, Pro, the community and Canonical are package maintainers. Implementing patches means means one of: grabbing a patch from upstream and applying it to a package (least work, no upstream contribution); deriving a patch for the package from the latest upstream source (more work, no upstream contribution); creating a fix that doesn’t exist upstream and applying it to the package (most work, possible upstream contribution). I don’t know what their internal process is for this last case but I imagine they publish fixes. I’ve definitely seen Canonical upstreaming bug fixes in GNOME, because that’s where I have been paying attention to at some point in time. If you consider submitting such patches upstream as actively involved in project development, then they are actively involved. I probably wouldn’t consider that active involvement just like I don’t consider myself actively involved when I submit a bug fix to some project.

Exactly. In Debian, the community implements security patches. In Ubuntu, Canonical implements security patches for a part of the repo (main), the community implements them for the remainder (universe). This has been the standard since Ubuntu’s inception. With Ubuntu Pro, Canonical implements security patches for the whole repo (main and universe).

10 years security updates, plus security patches for community packages (instead of waiting on community patches). It’s basically the corporate support plan provided for free for up to 5 machines per account.

💥 Free for up to 5 machines 💣

I activate Ubuntu Pro

Ubuntu

Fine. I’m gonna go give them more money.

I mean I give my money to Valve as is tradition, but is there some new reason to give from today?

What

Not ads, actual Amazon search results. The good old times when Big Tech wasn’t so radicalizingly big.

Purely on the product side, if I decide to buy it, I wouldn’t buy it for myself. I’d buy it for friends and family who are not that tech literate. Either to make my life easier to give them self-hosted services, or ideally for themselves to be able to do so. I want this product to be a non-shitty, open source “Synology,” from a firm I can trist to support it for a very long time. Doesn’t have to have that form factor. And I’m totally fine with an ongoing subscription. I’d like to be able to say - hey friend, buy this from ACME Co-op and sign up for their support plan. Follow the wizard and you’ll have Immich, Nextcloud, etc. A support plan might include external cloud HTTP proxy with authentication and SSL that makes access trivial. Similar to how Home Assistant’s subscription (Nabu Casa) works. It could also include a cloud backup. Perhaps at a different subscription rate.

I don’t know enough to say what the structure should be but this should not be possible:

But it doesn’t protect you against more insidious forces like the founders selling to private capital

It implies that the founders have more voting power and ownership than the rest of the people in the org. In my mind, everyone should have an equal vote, which should prevent a sale on the whim of the founders or another minority group. If a sale is in the cards, a majority of the people in the org should have to approve for it to proceed. And this shouldn’t be advisory but a legal barrier to pass.

If I were to start a firm today, I’d be looking into this because not only this is the kind of firm I’d like to work in, but I think so would quite a few people in software. And those aren’t the dumb kids.

I can also say that as a customer, the few worker co-ops I’ve able to buy things from give me a much more trustworthy impression than the baseline. They just behave differently. Noticeably more ethically.

I probably would. However it has become increasingly obvious that the flaws with solutions so far have been in the organisation. Not so much the particular hardware or software. If I’m going to buy something I’d like some hope that it’ll be there in 5 or 10 or 20 years. So please if you go serious with this, look into worker-owned organizations because I’m tired of dodging profit-maximizing traps and pretend-non-profit landmines. If the people building and supporting the thing aren’t the ones deciding what to do with the revenue and profit, you’re the only one doing it and you’re going to make mistakes that will hurt them and us. And then you become a landmine to dodge.

EM3ev makes sick batteries. Grin’s (ebikes.ca) LiGo were spectacular batteries too. I got two bikes on them but they’re discontinued. There should be a new design coming out this or next year.

Good context for the ones who aren’t aware. 👍

Is it Luna Cycle? Of course it’s Luna Cycle.

It looks like something for a LinkedIn post.

No question. All I’m saying is it’s not feasible or truthful for the device OEM to claim they can support longer than the SoC vendor supports the proprietary SoC bits.

Or they have to clearly specify that the support is not all-inclusive and/or that it’s best-effort.

The software support hinges on SoC vendor support. You can only support it as long as the SoC vendor supports the SoC. Afterwards you can provide quasi support, for the upper OS layer only. Critical modem vulnerability past that point? SOL. I’m not aware of the current vendor support across brands but the last time I checked QC offered ~3 years and I think that’s from introduction of the SoC, not when it shipped in devices. I don’t know if anyone who sells their SoC offers longer support. It’s sad stuff.