Dont lie, why do you like Gentoo. Explain

Because Gentoo FreeBSD exists.

unnecessarily complex by making package management awful. there is zero reason to compile every last piece of software.

Install gentoo

not botnet
everything is in the repo
writing ebuilds is easy
feels more unix-like than other linux distros

troll/10

Because it lets me customize everything.

How can you be sure binaries are from source code?

For example, let's take SELinux, made by NSA, used by NSA unless you compile it for yourself how can you be sure binaries are clean from some kind of NSA backdoors?

now exactly how does one compile things, ive only used linux in this order Mint, Ubuntu, LUbuntu, Debian

ive done arch, i've done LFS

this board makes me want to never consider Gentoo, because of the vitriol surrounding its proponents here

Are you retarded? Of binaries have to be built from source code. Do you think people just manually type machine code all day long and expect something to come out?

Just do what werks for (you).

The only criticisms of Gentoo are things like "compiling everything takes too much time" or "compiling everything is for autistic people" or "compiling everything makes package management hard"

These criticisms are either disingenuous or ignorant. Running "emerge -avuDN world" only takes a few seconds, and is no more difficult or time consuming than running a system update on any other distro. It may take along time to complete, but you don't have to sit there and watch it. Thanks to the fact that computers can do more than one thing at a time, you can shitpost on Sup Forums or whatever while the update runs. No big deal.

When things go wrong you have to be capable of googling error messages, which is no different from anything else, either.

People make these disingenuous criticisms because they tried to use Gentoo once and were frightened by the command line. The fact that this is all that they can come up with had ought to tell you how great it is.

>Implying that there is only one source code
Who's retarded now

Do you really think there's no way someone could have public, clean source code and one with malicious code inside which is used for binaries?
Sure, people who compile publoc one are safe, but most users just use binaries.

Gentoo's package manager handles compiling for you. For example, if you wanted to install the xfce terminal you would run sudo emerge xfce4-terminal

I like wasting time, electric energy and resources compiling firefox and libreoffice

lack of control and customization is what made me consider Gentoo

Sounds good, ill consider it, thanks for your 2 cents

Use flags and user patches are nice to use on Gentoo. The longest build times are llvm, gcc, firefox on my system which are not frequently rebuilt anyway.

i think he meant 'source' very litterlay

>Who's retarded now
You are. If you wanted to make that distinction, you should have said so, retard.

>Inject malicious code into compiler binary
>Build from source
>???
>Profit

I meant publicly available source code.
Tell me if I'm wrong: let's assume some company makes free software which is so great that majority of people likes it and uses it. Just downloads binaries from repo.
Could it be that binaries are compiled from different source code? Which has malicious code in it? Which isn't public (sc)..?

I know, right, shocking. Tell me if I'm wrong and it's impossible to do that.

Compiling is so slow. I imagine installing big programs like Blender in gentoo is a pain in the ass.

But all distributions, including Gentoo, package modified versions of the software they provide. Also, are you aware of what a reproducible build is? Ever heard of checksumming?

THAT'S WHAT A CHECKSUM IS FOR, YOU FUCKING MORON

Normally the company would provide a md5/sha1 hash and the version of the toolchain to compile it.
so if you have the same toolchain you could compile it and get the same md5/sha1 hash.
The source code from truecrypt and the binary had a different hash a long time.
so many people had the thought it is not open source and backdoored.
until someone tryed to use a veeery old toolchain to get the same hashsum

That argument doesn't even work for source-based distributions, because anyone can create their own version with hidden modifications and blame the checksum differences on patches. You would have to write your own compiler to confirm that what you built from source wasn't compromised.

Their own version of gcc, I mean.

Oh, so you check your binaries. Good then. And I thought everyone just trust them.

Do you read the source code of EVERYTHING you compile and are you an experienced security researcher?
If that's not that case the chances that you will notice something malicious in a publicly available source code are close to zero.
In this sense, there is very little difference between a "malicious binary" and a "malicious source code" since both would not be noticeable by (you).
Your point is moot.

I made no point. It was a question. Do you feel attacked by this question for some reason?

There's good point you made though. Did you heard about "heartbleed"? Supposedly a "bug" made openSSL insecure for a couple of years.
Some people say that this was intentional. Same people say that it's common practice in NSA to have "fun" like this with open source projects.

I feel attacked by your Godawful prose. I don't know what kind of third world labor camp you crawled out of, but you need to go back.

I use it because I'm too lazy to install/learn any other distro

What do you mean?
Just watch fosdem 2014 nsa operation orchestra
I'm not baiting or anything, that's quite possible.

How do you know the source code doesn't contain backdoors unless you audit it manually?

Even auditing manually it can be compromised.
See: Fosdem part. You can not be certain 100% that youbrun no compromise code even with fully open hw and sw

Fuck... I was thinking about something else...
I meant: backdoors can slip even after audit

I didn't understand a single word of what you just wrote.

youtube.com/watch?v=3jQoAYRKqhg

Kind of a Linux newfag, what's even the purpose of compiling from source? What advantages does it have?

I like Gentoo because I don't have to use Systemd and everything still works... except GNOME.

Who would even want to use GNOME anyway? XFCE is the best desktop unless you want to go full autism and going for i3.

It allows you to choose whether or not to compile in optional parts of a program, which from a package management perspective can affect a packages dependencies.

The file that tells the package manager how to install a package can specify that one package depends on another IF a certain feature is built in, and the user can choose whether or not to have that feature built in.

For example, I do not want consolekit or polkit on my system, but udisks depends on them both and gvfs depends on udisks by default. gvfs is in turn is dpended on by thunar. By telling my package manager that I don't want it to compile in udisks support when it builds gvfs, I can have thunar without having polkit.

Being able to alter how packages are build and what packages you're required to have on your computer can have performance, stability, security, and usability advantages.

>You get some minor optimizations for your specific CPU
>You can get features you wouldn't otherwise be able to get
>You can upgrade individual packages and just rebuild the dependencies to avoid ABI issues, which would be unavoidable on other systems
>You can random patches onto your packages, like ungoogled chromium patches onto chromium

For Gentoo specifically, they have a lot of really obscure software, like wine + Gallium 9 patches because they don't have to supply builds of all this software.

Shut the fuck up you retarded nigger. Either you intentionally misinterpreted what he said so you could sneak in an edgy greentext or you have severe autism to not understand what he meant.

Retarded nigger kill yourself.

NO YOU, DOUBLE NIGGER