Look at that, an OP who is just a prick.
Look at that, an OP who is just a prick.
Why? If you say to limit the spread of bacteria we have some studies that suggest it makes no difference at all
What a hot take. I bet you’re real fun at parties.
Pay them for a public ipv4.
Your dog is probably just dreaming.
Mine does it and she sometimes starts making small barks in her sleep and twitching her legs while she does so. I assume that she’s dreaming about a long fun chase.
Do keep an eye on it and reach out to a vet if you’re concerned, but it sounds pretty normal based on what you’ve described.
I’d trust also the official Arch repo.
Yeah they’ve only rolled out a version of curl that broke the package manager a few times.
It depends. I’m glad that we have tools like proton, but when this was an explicit stretch goal that was met during funding it’s a bit different.
I’m disappointed in Nightdive. Not just because they cancelled the port, but because they made a promise and they broke it, and they just remained silent about it instead of being transparent about any challenges that they were facing over the preceding years.
I may be a touch biased, but I feel like you might enjoy trying Gentoo one day, especially with the recent official binary package host.
TL;DR don’t worry (for now) - it only impacts rpm and deb builds and impacted releases only really made it into OpenSuSe tumbleweed - if you’re running bleeding edge maybe you need to worry a little.
A laymans explanation about what happens is that the malicious package uses an indirect linkage (via systemd) to openssh and overrides a crypto function which either:
Or both!
I have secondhand info that privately the reverse engineering is more advanced, but nobody wants to lead with bad info.
As for what you should do? Unless you’re running an rpm or deb based distro and you have version 5.6.0 or 5.6.1 of xz-utils installed, not much. If you are, well, that comes down to your threat model and paranoia level: either upgrade (downgrade) the package to a non-vulnerable version or dust off and nuke the site from orbit; it’s the only way to be sure.
Just to be a pedant, you know that deserts don’t have to be hot, right? The definition of a desert comes down to the amount of precipitation that a region gets, not how hot it is - Antarctica is a desert, the largest one on Earth.
I can still Gentoo Linux as an alternative if you’re willing to take a step towards better package management but don’t want to deal with all of the NixOS baggage.
I use Traefik for all of my containerised services. It’s fantastic.
I’m sorry, but no. PluralKit only really impacts a tiny minority of the userbase to begin with. It isn’t enough to cause people outside that group to choose the platform, nor is it enough for people outside of that minority to avoid moving to whatever the next big thing is.
There absolutely was. Intel got smacked on the wrist for doing their benchmarks using ICC… you know, the compiler that builds code that detects that it’s not running on an Intel CPU and disables all optimisations and extended instruction sets (like say MMX/SSE).
You can never trust it for long term archival / to stay intact for a long period though.
It’s saying that incognito mode doesn’t prevent people on the web from tracking you, that’s all.
I.e. enabling incognito mode could still have an entity profile you, etc. like your ISP, government, or any corporation that you visit the website for.
This is a nothingburger.
Counter point: I don’t want an untraceable phone used as a detonator. There’s a reason that these things are linked to real-world identities.
That’s the point.
The “tank” has an immobile or mostly immobile turret, depending on the particular design of this piece of battlefield ingenuity. Units appear to be making these modifications at the frontline to improve survivability against FPV drones but there isn’t a standard package.