Really? I think you should punch Nazis in the fucking face.

I’d trust also the official Arch repo.

Yeah they’ve only rolled out a version of curl that broke the package manager a few times.

I may be a touch biased, but I feel like you might enjoy trying Gentoo one day, especially with the recent official binary package host.

TL;DR don’t worry (for now) - it only impacts rpm and deb builds and impacted releases only really made it into OpenSuSe tumbleweed - if you’re running bleeding edge maybe you need to worry a little.

A laymans explanation about what happens is that the malicious package uses an indirect linkage (via systemd) to openssh and overrides a crypto function which either:

• allows access to the system to a particular key
• allows remote code execution with a particular key

Or both!

I have secondhand info that privately the reverse engineering is more advanced, but nobody wants to lead with bad info.

As for what you should do? Unless you’re running an rpm or deb based distro and you have version 5.6.0 or 5.6.1 of xz-utils installed, not much. If you are, well, that comes down to your threat model and paranoia level: either upgrade (downgrade) the package to a non-vulnerable version or dust off and nuke the site from orbit; it’s the only way to be sure.

That’s the point.

IRC is fine, so are mailing lists; I use both, plus various git forges, to contribute to open source projects.

IRC is still going strong on OFTC and Libera.chat

I get that the younger folks like discord, but seriously it’s a proprietary mess that locks everything behind a wall and tries to extract payment from each and every user.

Metadata for MP3 tracks is stored in an id3 tag; you need an id3 tag editor to embed the thumbnail into the tag.

There’s a lot of automation out there, MusicBrainz Picard is probably the best option out there for automating the process, especially if your tracks are already sorted by album.

I’m not worried about that 😎

You should be. Your name will be associated with abuse forevermore.

The admins can tell me what’s the frequency/number they’re comfortable w/ and I can reconfigure the solution.

Or you can set some sane defaults and a timeout period. 1 request / 5 mins is fine to check if something is online and responding.

Booting up a laptop … that doesn’t have wpa_supplicant etc

If you french fry when you pizza you’re gonna have a bad time.

Seriously though, if you want to use wifi without some sort of supplicant you’ve fucked up.

for everyday use … hektograms and the like are more common

[citation needed]

Dynamically linked all the way; you only have to update one thing (mostly) to fix a vulnerability in a dependency, not rebuild every package.

I’m not an expert

Clearly.

Ukraine were to have access to F-18s, F-35s, or any NATO asset, it would implicate NATO

Bullshit. Everything you just listed is in use by non-NATO countries. The primary drivers for “unlocking” new varieties of aid to Ukraine appear to be:

• battlefield utility in the near future (javelin, himars/m270, western IFVs, tanks etc).
• sending a message to that western support is locked in for the long term (repair facilities, announcements around reconstruction aid)

the geo-political consequences of Ukraine having NATO weapons is enormous… … [It would] … further escalate the conflict towards a NATO-Russian war (World War 3), and the precipitation of nuclear assets.

Russia has claimed that every single new weapons system delivered is “escalatory” and threatens nuclear war every single time. Please stop spreading their propaganda for them.

This is why even France’s own Dassault assets and Sweden’s Saabs were not offered.

Are you sure that it has to do with this and not the fact that there were more F-16s produced than each of the alternatives combined?

It’s mostly water, but so are you.

Does having swap memory damage SSDs

Not to the point that it’s worth worrying about. Seriously. Unless you’re on something stupid like an SD card the write endurance of a SSD will be fine for the purposes of swap.

If you’re regularly thrashing the swap it’s still fine, but maybe rethink what you’re doing anyway because there’s probably a better way

deleted by creator

Probably because of this:

Dmitry Valerievich Utkin … was a Russian army officer. He served as a special forces officer in the GRU, where he held the rank of lieutenant colonel. He is alleged to have founded the Wagner Group

According to several news outlets, Utkin is an admirer of Nazi Germany and has multiple Nazi tattoos, including Schutzstaffel (SS) insignia.

The tattoos are visible in multiple public photos.

The act of lithobreaking is inherently destructive.

Taiwan (Republic of China) and China (People’s Republic of China) are different governments that both lay claim to the same territory.

The TL;DR is that in 1949 the communists won the Chinese civil war and the remaining nationalist opposition retreated to Taiwan, beginning the state of affairs that we have today.

PRC considers Taiwan part of its core territory and will not renounce its claims. RoC has, since 1991, officially recognised that they can’t retake the mainland, but there’s ongoing debate about whether or not Taiwanese reunification or an independent Taiwan is the end state.

ABC news Australia abc.net.au

When Netscape didn’t take off like they hoped it was retooled a little bit and turned into ff

Don’t you mean “when Microsoft abused their monopoly to crush the competition it was open sourced”?