TL;DR there was a backdoor found in the XZ program. All major distros have been updated but it is recommended that you do a fresh install on systems that are exposed to the internet and that had the bad version of the program. Only upstream distros were affected.

  • BreakDecks
    link
    fedilink
    English
    19 months ago

    I think the best option is to not be paranoid as a user.

    Yeah, just never be a dissident, or a whistleblower, or an activist, or a member of a vulnerable marginalized group. Remember, if you obey there’s no reason to fear being spied on.

    I really don’t think you understand how serious this kind of backdoor is. It puts certain people in real danger.

    • @Rykzon@discuss.tchncs.de
      link
      fedilink
      19 months ago

      And I don’t think you understand OPs point. Of course you should be paranoid as a person like that, but most users aren’t targets. If you, as a regular user, get this paranoid about using computers, maybe you should evaluate your priorities.

      • BreakDecks
        link
        fedilink
        English
        19 months ago

        If you, as a regular user, get this paranoid about using computers, maybe you should evaluate your priorities.

        “Regular user” seems to be a strange counter to all the people I just listed that would be affected here. I’m not worried about myself, I’m worried about the people whose privacy and security is extremely important in this context.

    • Possibly linuxOP
      link
      fedilink
      English
      -19 months ago

      These people do not seem to be affected unless they run Arch for some reason.