4·
8 months agoSourcing just shifts the problem to having to verify the source though. Antivax people could easily cite thousands of sources. We’d know there bullshit, but some mod would be stuck needing to vet them.
It’s easy for common misinformation like antivax, but more unusual claims could easily be left around just because they have something seemingly relevant linked.
I don’t disagree with the idea, it just isn’t enough of a fix and would still require a lot of work.
I run Debian on most of my systems and run all of my services in docker (with rare exceptions for node_exporter or stable core tools). My base systems get automatic security upgrades, and then I’ll manually check in every few weeks whenever I feel like it.
My services in docker are version locked to a specific major version (when there’s a tag available) so I can usually re-pull to get minor version updates freely without breaking issues. My few more finnickey services get manual upgrades from me every 6 months or so only.
I usually stick to an OS version for as long as I can, and to that aim I stick to LTS versions with long support windows.
4 major versions in 12mo is…a lot. Especially if those include breaking changes for you. Yikes