Sammy Arson Fox :3Jul 19, 2024

"This wouldn't have happened on Linux" I say smugly, as I copy and paste a command from a 2008 forum post, three hours into trying to get my fucking WiFi working on Arch.

[/sarcasm]

Show threadPiko Starsider Jul 19, 2024

@theresnotime This wouldn't have happened with Linux using only open source software, at least with major distros. Because there's plenty of testing for distro and kernel releases, and open source software is readily available to be tested with it. CrowdStrike is not open source.

I don't think Arch is a good fit for a production server though. Or for an average user for that matter. (disclaimer: I use arch btw)

Show threadIves

@starsider @theresnotime Did you hear about that xz hack that planted a backdoor in sshd earlier this year?

https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/

What we know about the xz Utils backdoor that almost infected the world

Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream.

Ars Technica
Jul 19, 2024 at 4:20pmWeb
Show threadPiko Starsider Jul 19, 2024

@ives @theresnotime Yes, but I was talking about making machines crash at boot taking down a massive amount of servers.

The XZ hack is exceptional because it can't be pulled off twice. Distributions have put measures in place to avoid a similar incident.