

Which version is it that sloppifies everything?


Which version is it that sloppifies everything?
Dwarf Fortress
I also really like Nightmare Kart which is free on steam, but I don’t think it is open souce…?
However it is unclear where Diablo stands. We have open source decompilations and remakes but as for the legality: grey area.


Kind of blowing it out of proportion.


For example if a device manufacturer provides drivers for linux, or a software developer has a version for Arch, but it’s missing a pkg build or config file, most users simply won’t be ably to figure out how to manually install it and CORE or Flathub probably don’t have any official packages for it.
There are millions of such niche cases like this every day.


A few months before the windows incident they did the same thing to their Linux customers, so definitely can’t blame that part on Windows. I think the real takeaway here is that bigger and more centralized is generally not better.


We should be surprised that there are still people at google decent enough to leave.


I bet something he didn’t mention is he probably used a privacy distro on his personal device, and since Google no longer provides the Device Tree in ASOP it’s left completely insecure, unable to update.


Crowdstrike as in the compant responsible for a global outage for machines using it including airports, hotels, fuelstations, banks, broadcasting, and manufacturing?
The company that accidentally made every impacted machine boot-loop because they accidentally added a whole bunch of empty lines of code to production?


I always check with my contract lawyer before installing or updating from the AUR. It’s worth it for me.


I miss the browser, but luckily I haven’t played RS since the new CEO cancelled new Pride Events right after the Trump Admin was reelected.


Yeah, it seems like these sort of problems aren’t necesarily due to an insecure system like the AUR but moreso because of the target’s publicity and popularity which is definitely the case with the rise of CachyOS.


I’m not real clear on if this is the case but you could try:
Have you installed or updated from the AUR before, such as with Yay? Specifically after June 5th? If so, check this list or the post above for a list of compromised packages. https://gr.ht/aur_pkg_list.txt
Maybe pacman -Q | grep atomic-lockfile because that appears to be what the threat actor is installing but I’m not really sure if that’s how it works…?
EDIT: If you really want to play it safe then you could try yay -R $(pacman -Qmq) to remove every aur package and wait out the storm, just be careful to backup important files.


I tend to be a little antsy around anti-capitalists. Too many bad run-ins with Tankies.


Are you one of the malicious actors? Thats some shit I’d expect to hear from the people doing this, trying to justify the attack by blaming the users for “capitalism”.


EDIT: No, sorry, alvr was just one package, there is no specific source for the infection just one or many malicious users: https://gr.ht/aur_pkg_list.txt


Users can check if they’re already compromised with EDIT: No, sorry, alvr was just one of countless affected packages. Also, several is an understatement since a huge number of packages are affected.pacman -Q | grep alvr I think maybe?
Post with more information here: https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/FGXPCB3ZVCJIV7FX323SBAX2JHYB7ZS4/


Nah, while I understand the importance of Proton, I’ve also seen that Andy Yen dude be openly pro-Republican and supportive of Elon Musk, so I’ve got absolutely zero benefit of doubt to give them when controversies pop up and I absolutely understand that they have enemies.
EDIT: A quote comes to mind, “It takes years to build trust. Moments to lose it.”
Ah, my apologies, the binaries are closed source and the raws are public domain.
A better answer would have been KeeperRL