The “tank” has an immobile or mostly immobile turret, depending on the particular design of this piece of battlefield ingenuity. Units appear to be making these modifications at the frontline to improve survivability against FPV drones but there isn’t a standard package.

Pay them for a public ipv4.

Lmao, it does not.

TL;DR don’t worry (for now) - it only impacts rpm and deb builds and impacted releases only really made it into OpenSuSe tumbleweed - if you’re running bleeding edge maybe you need to worry a little.

A laymans explanation about what happens is that the malicious package uses an indirect linkage (via systemd) to openssh and overrides a crypto function which either:

• allows access to the system to a particular key
• allows remote code execution with a particular key

Or both!

I have secondhand info that privately the reverse engineering is more advanced, but nobody wants to lead with bad info.

As for what you should do? Unless you’re running an rpm or deb based distro and you have version 5.6.0 or 5.6.1 of xz-utils installed, not much. If you are, well, that comes down to your threat model and paranoia level: either upgrade (downgrade) the package to a non-vulnerable version or dust off and nuke the site from orbit; it’s the only way to be sure.

there is no good answer

There is clearly a worst option.

I can still Gentoo Linux as an alternative if you’re willing to take a step towards better package management but don’t want to deal with all of the NixOS baggage.

I use Traefik for all of my containerised services. It’s fantastic.

That’s the point.

Booting up a laptop … that doesn’t have wpa_supplicant etc

If you french fry when you pizza you’re gonna have a bad time.

Seriously though, if you want to use wifi without some sort of supplicant you’ve fucked up.

That doesn’t say anything about watch unlock

A software platform that makes it nearly impossible for Beehaw to host, in any way, CSAM.

I hate to say it, but you’ll need to find a text-only platform. Allowing any image uploads opens the door to things like this.

Besides that, if your concern is that no moderator should be exposed to anything like that, well on a text-only site you might have to deal with disguised spam links to gore, scam, etc. You’ll still have to click on links to effectively moderate.

Maybe you should consider if this is a position that you want to put yourself in again. It sounds like this may just not be for you.

for everyday use … hektograms and the like are more common

[citation needed]

What about authoritarian communism?

hybrid intel/nvidia that can give you a lot of headaches on Linux

Nah, nowadays we just use PRIME render offload via prime-run and things “just work”.

The whole hybrid Optimus/Bumblebee graphics switcheroo was a terrible idea and I’m glad it died an ignoble death.

Huh. Just broken in Sync. I had no idea!

Bad bot.

You failed to link the summary and your spoiler tag is broken.

You are bad and you should feel bad.

The UI is just there for … automation

Wut?

I’ve never gone to a UI when I want to automate something, a sane CLI is much more predictable and consistent.

As long as you don’t have ls aliased to ls -la in your brain…

It’s mostly water, but so are you.

Guys, 9/11 won’t be funny until the 29th of December. I know you’re excited but until that moment you have to continue treating it as the sombre event that it is /s