linux
Upgrade your systems now!
The xz package has been backdoored
https://archlinux.org/news/the-xz-package-has-been-backdoored/
I think a LOT of people are missing the fact that we got LUCKY with this malicious backdoor.
The backdoor was created by an Insider Threat - by a developer / maintainer of various linux packages. The backdoor was apparently pushed back on March 8th (I believe) and MADE IT PAST all QA checks.
Let me state that again. Any quality assurance, security checks, etc., failed to catch this.
This was so far upstream, it had already gotten into the major Linux distributions. It made it into Debian pre-release, Fedora rolling, OpenSUSE rolling, Kali rolling, etc.
This is an example of Supply Chain Security that CISOs love to talk and freak out about. This is an example of an Insider Threat that is the boogey man of corporate infosec.
A couple more weeks, and it would have been in many major distributions without any of us knowing about it.
The ONLY reason we know about it is because @AndresFreundTec got curious about login issues and some benchmarking checks that had nothing to do with security and ran the issue down and stumbled upon a nasty mess that was trying to remain hidden.
It was luck.
That's it. We got lucky this time.
So this begs the question. Did the malicious insider backdoor anything else? Are they working with anyone else who might have access to other upstream packages? If the QA checks failed to find this specific backdoor by this specific malicious actor, what other intentional backdoors have they missed?
And before anyone goes and blames Linux (as a platform or as a concept), if this had happened (if it HAS happened!!!) in Windows, Apple, iOS, etc.... we would not (or will not) know about it. It was only because all these systems are open source that Andres was able to go back and look through the code himself.
Massive props and kudos and all the thank yours to Andres, those who helped him, to all the Linux teams jumping on this to fix it, and to all the folks on high alert just before this Easter weekend.
I imagine (hope) that once this gets cleaned up, there will be many fruitful discussions around why this passed all checks and what can be changed to prevent it from happening again.
(I also hope they run down any and all packages this person had the signing key for....)
I'm installing Fedora on my PC now and I'm pleasantly surprised how modern and great the installation process is. And the USB drive live version can even recognize the AMD GPU and output 4K full resolution.
I use Linux every day at work but our IT is just too good so I haven't even gone thru any of these for over a decade! The most I've done is to install KDE plasma on work devices! 😅
Microsoft is killing Windows 10 and for many countries and users, updates will stop today. It is time to look for options.
@brucelawson has a suggestion for you. IMHO there are many Linux distributions to choose between and you will need to choose the one that works best for you.
I recently switched to Linux as my primary platform myself.
My plea, however, to the Linux community is to make it easy for people to switch to Linux, but also to make it easy to switch window managers, key chains and the like.
I switched to Ubuntu myself and I am finding certain things with Gnome were a pain. Thus I tried switching to KDE, but found that broke a lot of things. IMHO we should strive to make it easy for users to switch between window managers and desktops as well as applications, without breaking things. That requires the different players to work together to ensure that switching from one desktop to another, for example, does not need to mean loosing passwords.
Locking in is one of the things Big Tech is known for. Linux should not have that, IMHO.
#Windows #Windows10 #Linux #computing #Technology
https://brucelawson.co.uk/2025/goodbye-windows-10-hello-zorin-os/
GNU Linux-libre: liberte e renove o núcleo de sua máquina com o repositório Freesh
https://blog.ayom.media/daltux/gnu-linux-libre-liberte-e-renove-sua-maquina-com-freesh#GNU #LinuxLibre #Linux #apt #SoftwareLivre #blog
Pairing to a Logitech Unifying Receiver Under GNU/Linux
How to pair a device to a Logitech Unifying receiver using GNU/Linux in the command line or using a graphical application.
https://www.adamsdesk.com/posts/pair-device-logitech-unifying-receiver/
Zorin OS 18 já chegou e quer ser o "herdeiro" do seu PC com Windows 10
🔗 https://tugatech.com.pt/t72893-zorin-os-18-ja-chegou-e-quer-ser-o-herdeiro-do-seu-pc-com-windows-10
#base #compilador #desktop #hardware #internet #iso #linux #microsoft #navegador #powertoys #Privacidade #programação #Scratch #segurança #sem #servidor #software #web #windows #Wine
Zorin OS 18 is now available to download! A major update based on Ubuntu 24.04 LTS with GNOME 46 and a heap of interesting changes on top!
https://www.omgubuntu.co.uk/2025/10/zorin-os-18-released-with-new-look-new-apps-more
https://endof10.org/zh-cn/press/2025-10-04-extended-campaign/
https://endof10.org/zh-cn/
win10 已经停止免费支持了,如果有人厌倦了 #Windows 系统并想尝试 #Linux 系统的话,我本人可以提供远程的无偿协助。
联系方式可通过 Fedi 私信或是电子邮件(地址在我的个人简介有列出)。
Hallo, #hatclan!
In der vor uns liegenden 39. Kalenderwoche werde ich wieder am Montag, Mittwoch und Freitag, jeweils um 19:30 MESZ (17:30 UTC), jeweils für etwa drei Stunden, streamen.
Am Montag beenden wir vermutlich „Beyond: Two Souls”. Für den Rest der Woche steht dann das Wimmelbildspiel „Where Angels Cry 2: Tears of the Fallen” auf dem Plan.
https://hatnix.net/streamplan.html #Owncast #Linux #Gaming #DRMfree #Livestream
Hola amigos -
What is a #Mastodon instance which allows longer posts (think: 5 paragraph how-to / explainers)? Seeking an instance which is focused on #creativity, #makerSpaces, #openSource, #drawing, #music, #writing, #programming & tech (#python, #agile, #pairing, #Debian #Linux) plenty of #cute animal pics & videos, local & global #entrepreneurship & #investing
Languages: #english, #spanish (#medellin #colombia), #mandarin.
Help point me in the right direction! Gracias ✨
// JRO
A good time to be a Linux users. -- Microsoft is adding ads onto the desktop in Windows 11.
#Windows11 #Windows #Microsoft #Linux
RE: https://sakurajima.moe/users/chikorita157/statuses/112260100607498094
It is pretty bad when even your server wants to install Snaps when using Ubuntu.
That is both pathetic and sad.
Here marks my end of support for Ubuntu, because I am not going to be dealing with what is becoming the Microsoft of Linux.
#Ubuntu #Canonical #Microsoft #Linux #Snap
I'm considering switching to Debian instead of Windows 11. Anyone here got any advice about that?
LinuxMint really spoils me. The fact that you can double click a .deb file and it launches an installer just like a Windows .exe is *chef's kiss*
Anything to keep me out of the CLI is a win in my book. And dramatically lowers the barriers to entry for the #LinuxCurious and #Endof10 crowd.
This site does considerably better than just asking "Is this the year of the Linux Desktop?".
It lists and breaks down the current status of major software support in Linux, so you can decide whether the switch is right for you at the current moment, as well as a guide to help you make an informed choice on distro and know what else you might be getting into.
Interestingly , I don't know many #Linux users who actually daily drive it on their desktops. I'm sure there's a higher amount of users here in the Fediverse, but even then, its still low.. unless maybe you count WSL as the only good linux on a desktop environment :)
Also interestingly I was talking to an SRE at work and he was going on about "isn't BSD dying or dead?" mostly due to pfSense planning to Migrate away along with TrueNas Core switching.. interesting view.
What kind of user are you?
Options: (choose one)
If you are thinking about tinkering with your homelab, but are new to it or not sure what you’re doing, we’d be happy to help.
We are an authorized vendor or partner for some cool products:
👉 @1password password management
👉 Duo MFA and SSO
👉 @mikrotik networking hardware
👉 Ubiquiti networking gear
👉 45Drives servers and NAS
All consultations are free, and we’ll give any Fedi-friends a sweet deal on anything else! 
Email sales @ sasquatchnetworks.com or DM us with any questions you might have!
#techsupport #homelab #networking #server #cloud #linux #sysadmin #selfhosting #1password #mikrotik