

Never heard of Tombwater and Hunt the Night before, and both look excellent! Specially Tombwater (it gave me some Dark Tower vibes, loved it). Just wishlisted both and am considering buying them.


Never heard of Tombwater and Hunt the Night before, and both look excellent! Specially Tombwater (it gave me some Dark Tower vibes, loved it). Just wishlisted both and am considering buying them.


For me is it’s awesome, out of the box, syntax highlighting, auto-suggestions/auto-complete and the up arrow history function (that includes substrings).


I only use Win11 as a remote game server to play games with Moonlight/Sunshine without worrying about compatibility issues. To work and daily usage, it’s Linux all the way.
Just a matter of time until I transition 100% to Linux though. In the meantime I run WinUtil every once in a while to make sure to disable most of that shit.
Maybe I have misunderstood what the point of the article is but… What a giant load of horse shit.
If anything it just proves that the CENTRALIZED social network is the problem. X/Twitter amplifies what Musk wants and since it’s so big and influential (also because of Musk’s financial situation) it contaminates the perception of reality in all other mainstream social media.
I fail to see how this is an example that decentralized social networks such as the ones from Fediverse could make things worse.


Social network algorithms doesn’t care if you like or not the content itself, what matters the most to them is how long your screen stays parked on a post.
Maybe you’re watching something you think it’s terrible, and then you enter comments to see how people are reacting. It might be making you furious, but that makes it, mathematically, a successful post that grabbed your attention and therefore the algorithm will throw more of that shit at you, because it wants your attention.
It is evil because it ignores human nature and it doesn’t measure how you feel about it. It rewards highly controversial topics because it knows these posts grab people’s attention one way or another.


Is it a new action from them? I’ve been reading a lot complaints about it lately.
If they’re banning people for using VPN, they’ve reached a new low. Not that I care though… Reddit is just a shadow of what it once was.
Not recommended. Even if you’re not writing data to the drive, when you read it the physical components keep working, which can lead to more damage until you lose everything. I would recommend you to back up, right now, your most important data to any other drive you have, then unplug this damaged one, buy a new drive, and then backup your stuff on it following a ‘emergency’ order (the most important and non replaceable files first, and then the less important stuff).
What gives it in is the ID 5, Reallocated_Sector_Ct. In your log, there were found 120 reallocated sectors, which indicates pretty much literally a physical damage in the hard drive. The drive detects this damaged sectors and move the data to a different one.


I didn’t.
Saying that Debian and Fedora don’t need an AUR because vendors provide packages, implying these distros are pratically immune to third-party malware is totally false. Fedora has COPR, openSUSE has OBS, and Ubuntu/Debian rely heavily on PPAs and random deb downloads from websites. See xz-utils: https://en.wikipedia.org/wiki/XZ_Utils_backdoor
Most FOSS developers do NOT have the time or infrastructure to package for every distro. They provide source code on GitHub. The AUR exists to translate that source (or a vendor’s deb) into a native Arch package. Furthermore, downloading a random deb from a vendor’s obscure website and installing it with dpkg (which runs pre-install scripts as root) is arguably less safe than a PKGBUILD that downloads the exact same binary from the vendor’s official mirror, unpacks it, and lets you read exactly what it does before you run it.
Your conception of PPAs is riddled of misconceptions. Absolutely anyone can create a PPA. Canonical does not verify the identity of the uploader beyond email confirmation. Launchpad is flooded with unofficial, community-maintained PPAs that are no more “official” than an AUR maintainer.
Also, Ubuntu does NOT proactively audit the source code or binaries inside PPAs. They takes a PPA down after it has been reported and confirmed malicious, exactly the same as the Arch maintainers do with the AUR.
A PKGBUILD is a plain-text shell script. You can read the exact source URL, the compilation flags, and the install commands. A PPA provides a pre-compiled binary file. You have pretty much zero idea what is inside that binary. Blindly giving sudo access to a binary PPA is objectively more dangerous than auditing a 20-line bash script that compiles source code before running.


Hahahahaha they also come in Debian .deb and Fedora .rpm packages. That’s why I never got this problem with my hardware on Ubuntu or Debian.
That is exactly why the AUR exists. To repackage that vendor’s .deb into something Arch can safely manage. This makes Arch support to 3rd party apps almost unbeatable.
And you’re right: PPAs are not the same… in this regard they’re actually worse. AUR is at least in plain text and the documentation is clear: always check the PKGBUILD. When you add PPAs you’re blindly trusting a 3rd party repository and updating them with sudo.
You can’t burn the whole thing down just because, in your own words, “people are stupid”. They either read the documentation and follow the security policies, or they stick with Arch and Flathub. Or, they can simply choose a different distro. It’s that simple.
The thing is, I agree that AUR could have some sort of protection, such as a rate-limiting or a reputation system. But even as is, AUR is still an excellent feature that should definitely be maintained. And people, specially using Linux, definitely should educate themselves instead of exclusively rely on strangers for all their digital security.
Edited for extra clarification.


There are some software that I only have because of AUR. For example, Brother printer drivers.
AUR is a great option to have. It doesn’t mean people should use it for everything, when there’s a perfectly capable version of the same software downloadable from Arch, Flathub or even through Distrobox.
Having options is a good thing, people just need to take care.
In fact, downloading something from AUR without checking it is hardly more dangerous than adding PPAs in Ubuntu.


The entire philosophy of Arch is to put user in control. The PKGBUILD format is plain-text and reviewable. The documented best practice has always been to read the PKGBUILD and the .install files before building.
I’m not saying they shouldn’t look into measures to make it less prone to such attacks, but “take it down” is a very stupid take. If people can’t deal with the existence of AUR, there’s plenty of different distros to choose already.


Considering the average time for game development nowadays, these studios barely had time under the Microsoft umbrella. It’s just ridiculous they’re getting shut down already.


Nope. Distrobox does not offer any meaningful protection, since its purpose is to integrate with the system. It’s basically meant to make downloading and managing packages from different distros, on the same system, much easier… but it’s not meant to protect and isolate your device the same way that Flatpak or other type of containers do. That baing said, stop relying on Distrobox as a safety measure, and check your recently installed and updated packages since 9th June, to make sure you were not infected.


I was starting to get too confident in AUR. Thankfully I wasn’t affected. Just replaced all possible AUR packages to their respective Arch and Flatpak alternatives, with exception of very few or from the ones I had no option. But will definitely check before updating them, and will only install AUR packages as a last resort.


No. If it came from AUR, it doesnt matter the method you used. You should check all the AUR apps you recently updated (from 9th to 12th June), and compare it to the lists. Only AUR though… Arch official repos are not affected by it.


Proton Mail is operated by Proton AG, which is a for-profit corporation.
That being said, even though Proton Mail is probably more trustworthy than Google and Microsoft services, it’s still handled by a for-profit corporation and therefore can’t be fully trusted.
Nowadays if something is owned by a corp I wouldn’t recommend anyone to get too attached to it. Use it while you feel it’s worth, but prepare to swap for something else eventually.
In other words: don’t ever fully trust your data to company owned software, and always look for a backup solution.


Not much, really. I’ve heard Zen had memory leak issues on Windows, but I was using it on CachyOS and didn’t bother to swap. But I use Waterfox on Android and on Windows, and I like it very much.
If I had to choose just one nowadays though, I would probably stick with Waterfox. I like Zen, but sometimes it feels more experimental.


The only Microsoft service I was using was Game Pass. For me, it was never cheap… the price was fair for what they offered. But after they doubled it I cancelled immediately and never looked back. And I would not, even if they decided to drop the price back again to what it was. Because now I know it is unreliable, and they will raise the price again as soon as they feel comfortable.
Typical of MS though, so that didn’t surprise me at all. They just can’t keep a reliable and fair priced service for long. As soon as they believe they can fuck people up, they do.
But thankfully nowadays we have so many options, to whatever product Microsoft offers, that’s actually not as hard to get free of them as they might think.
For now, yes. But these companies change their strategies all the fucking time. As soon as they see their “only on Playstation” strategy is not giving them the expected return, I am sure they’re gonna backflip, again.
Microsoft and Sony (and pretty much any other big corporation in the game business) are not reliable in the slightest - the only difference between them right now is the amount of power they have.
I find it both amusing and shocking that we still have ‘fanboys’ up to this day, when these companies themselves can’t even maintain a solid long term strategy. All they care about is making maximum profit at the cost of literally everything else, so their ‘promises’ hold no weight at all.