I love using Alpine, and for the few packages that don't have a musl version available (e.g. Steam), flatpak has been a great way to run them.

Hopefully someone will maintain a fork.

Yeah, they were. Virus writers were not targeting them as a platform because why develop for 10% marketshare when you can target 90% for free. It just wasn't worth it to target as a platform. So there was some level of protection due to lack of interest in distributed attacks, but the OS had very little protection against targeted attacks.

> Apple has led the pack in nearly every major OS security feature of the last 25 years.

What an absurd claim. Apple trails behind, it never leads in this space. Windows 7 had numerous protections that had become standards that Apple still lacked when Windows 10 came out.

They've improved a lot, especially their phones, but I'd still never consider them a company that has a really strong focus on security.

If it's really just primarily dotfiles, those 'install scripts' are just going to be a few cp and maybe tar commands.

> Omarchy is maintained as a complete system. You can install it from an ISO, update it like a distribution, and expect someone to care about whether the pieces work together.

Not entirely though, because they defer so much control and judgement to the actual distro they are layering over.

I guess it's semantics. I guess if you consider Kubuntu a different distro from Ubuntu then so too would Omarchy be a distinct Distro.

It's not a distro because you could overwrite everything by downloading someone else's dotfiles in a few minutes. It's purely just a set of configs.

A lot of those people had no issue with ICE bullying and detaining legal immigrants.

As someone who has run DNS and DHCP servers for over 30 years and continues to do so, this just feels like confirmation bias based on your personal anecdotes. If there's an issue, it's likely due to messy over-complicated distros. Alpine is no less solid than OpenBSD.

Sure, and I think they are mostly great, main problem being they just don't go far enough. Where's the namespace level isolation, ACL or MAC support? Is there a way to give a user append only ability for one file, while having write but not delete access to another, and delete to yet another? What's the maximum extent to which OpenBSD could have limited an attacker, had they been vulnerable to regreSSHion?

OpenBSD didn't invent the concept behind W^X, and if you want to talk of 'copying', which I think is kind of silly personally, then PAX was first.

I'm familiar with the list of OpenBSD innovations, and in turn I would point you to https://https://isopenbsdsecu.re/ for a breakdown of their claims and marketing.

To this date OpenBSD doesn't have anything as simple as a proper ACL, let alone any type of MAC. They claim such systems are too complex, which is of course nonsense.

It's like I said - they focus a lot on preventing an attacker gaining access, but have little available to constrain attackers who DO get access.