I found it very annoying and restricting. Most significantly being restricted to flatpak. For example I failed at installing whonix and couldn't get rust and vscode to work together.
If I didn't plan to get rid of by steam deck, I'd install a different distro in it. I definitely wouldn't install it on a desktop, support for the deck's keyboardless form factor is the only reason I might choose SteamOS over a normal distro.
Though I didn't know about distrobox then, perhaps that works better.
I installed Antigravity with Codex in Distrobox Ubuntu. The Agents happily use sudo without care that it is a container. It's great when I run random scripts from the web that I don't even know how to uninstall and never worry about gunking up the main system.
It might be fine for just avoiding clutter, but be warned that distrobox defaults to very weak separation between container and host (e.g. default mounting your real home into the container). Good organizational tool, bad sandbox. (This is not a fault, just a matter of what the tool is optimized to help you do.)
I like that as a feature because I can use it like a normal root system. I have a pretty easy time seeing what goes in my home folder. It isn't esoteric to explore like system folders. If I had something I needed to keep private from Distrobox I could put it in my SD Card since it isn't mounted in the home folder on SteamOS and is in /run/media. You could also install QEMU in Distrobox or the virt-manager flatpak for a full sandbox.
From what I can gather from the site it has no security or sandboxing features. Or am I missing something?
I'm asking because I'm thinking about R7RS Wile scheme[1] as an embedded language, which has some basic security features. But it's heavily vibe-coded and that puts me off a bit, so I'm looking for other Lisp or Scheme dialects in Go.
I'm creating cross-platform GUI applications in Go. Besides that, there are numerous reasons why an extension/scripting language might need various security and sandboxing features on a server, too.
I'm tired of this story and the corresponding fake discussions because it's completely obvious that Anthropic was singled out because they didn't play along with the current US administration and this whole charade is just part of an extortion scheme.
Had to disagree with that. However, I don't think you can discount how much Anthropic has been banging the drum about how AI is dangerous (specifically theirs) and an existential threat, etc. etc.
The rollout of Mythos was clearly manufactured to stoke the fears of companies that didn’t have access to it. They also bragged (for Fable) about how they "ran an external bug bounty that produced no universal jailbreaks in over 1,000 hours of testing" only for it be circumvented almost immediately.
So them standing on the high horse and saying it is _so powerful, yet so safe_ only to have that blow up in their face just made it that much easier to make an excuse to do this. Again, not disagreeing, but they made themselves the tall poppy here.
> They also bragged (for Fable) about how they "ran an external bug bounty that produced no universal jailbreaks in over 1,000 hours of testing" only for it be circumvented almost immediately.
Where did you see there was a universal jailbreak?
How do you weigh the DOD fight against warning about Mythos' dangers when determining what made Anthropic 'the tall poppy'?
People here aren’t authoritarians, so we don’t accept your premise that you shouldn’t take on the government. That’s not how things work in the US. Perhaps you’ve encountered Trumpists who tell you that it is, but they’re lying; they routinely applaud businesses defying any government which their dictator-in-chief doesn’t control.
Don’t you see how this shows it wasn’t always the same? The way things work in the US is that the government has a limited, defined role in determining how things are run. Companies don’t have to comply if the government goes beyond its role, and indeed may face liability for complying if they violate a contract in the course of doing so. The idea that it’s fundamentally illegitimate for a company to say “We dislike the government’s actions and feel they’re serving as a poor regulator” is coherent, but almost nobody in the US holds it, although partisans sometimes pretend to when they need a way to defend an indefensible course of government action. (Sometimes they’ll go so far as to claim it’s undemocratic to resist government action, which is incoherent.)
Part of the security risk also is the number of different models. I’ve been tempted to try some other models, but how many do I want to give access to SSH or even my repo? Obviously there are ways to work with this, but it’s gonna run through some people‘s heads.
Because they siphon off data to US intelligence, and if you claim they don't, you couldn't possibly know because the CLOUD Act can mandate them to do so without telling you or allowing you to admit it. Of course, if you're in the US this doesn't matter but for the rest of the world it does.
A dying country that doesn't want small business to continue, that's not something I had in my 2026 bingo card collection. Be that as it may, I would just close down the business and incorporate elsewhere. Let them sort out their population crisis on their own, I'm sure children will magically pop out of nowhere.
US companies cannot comply with the GDPR because of the CLOUD Act. The two frameworks are fundamentally in conflict with each other and it seems to me that everybody in the EU knows about it, yet this is somehow swept under the carpet and ignored even by government authorities. I've always wondered why this is so and how these kind of dependencies could be allowed in the first place. It's even worse for AI use than it is for productivity suits and email.
The point is that without copyright you can' do it professionally. Someone will just sell whatever you created for you and you will not get a cent from it.
It's worth pointing out that some people under some circumstances need to use VPNs. For example, timestamp.apple.com stalls when I call it from my machine, so I cannot sign any executables for macOS. When I use a VPN that changes my IP number, signing and notarizing works perfectly fine. My CI chain would literally not work without a VPN.
I'm always interested in how they pay their bills. Unless I know how they make a living, the advice is worthless. Of course, you can give away things for free if you're a rich aristocrat in a society of slave holders, like many ancient philosophers were.
"A rich aristocrat in a society of slave holders" is certainly one type, but there are many other types that still meet mainstream standards today, such as heirs to fortunes, tenured university professors, etc.
Not everyone has that luxury, some people need to earn money. That's why I sell software instead of giving it away for free. It's fine if you want to get everything for free, you're just not one of my customers then.
How good is SteamOS as a general distro for a desktop machine? What are the Pros and Cons?
reply