Me, coder, student, cant afford mid range PCs, interested in learning computers, gamer, not professional. What about you guys?
Me, coder, student, cant afford mid range PCs, interested in learning computers, gamer, not professional. What about you guys?
What? Isn’t the entire AUR attack a vast net of worry cast on all update managers and the digital supply chain? Linux has suddenly become much riskier to use in recent years, even as it’s also steadily improved otherwise. We need to be just as brutally honest about its pitfalls as much as we can praise it over its strengths, lest we deceive ourselves and others.
Sure, and using the AUR is something to pay attention to when you do. You are right on that1.
But, here is the thing: I just don’t have to update anything if I don’t want to. There is no Windows Update saying “next reboot we’re going to update and you don’t get a choice”. That is what I meant when I said that I just don’t worry about it.
Though I guess that says more about what one gets used to when dealing with Windows, than necessarily being high praise for Linux. My work machine has been having issues with a bt headset for reasons I cannot phantom despite working for years, so forgive me if the joy of being able to leave well enough alone has got me excited.
1 I would argue that updating in general has become more fraught with danger, so I don’t really see the AUR as particularly dangerous in comparison, but my tolerance for danger may just be out of whack. See Notepad++ vulnerable versions, or just npm in general, for non-Linux cases.
I have the AUR turned off in pamac, I don’t need it. I assume they are tying it down in multiple ways now though, more users, and dodgy ai people would be making it increasingly problematic.