I don’t think their argument is valid, but a tool that would scan the repository is very different from an endpoint tool that sits in the kernel.

No more than a debugger.

I remember when people were shitting on Ubuntu for suggesting something very similar.

GPU VRAM is so scarce and precious.

That really depends. I have plenty of times when my GPU’s memory is sitting there mostly unused, because I need less than a gig for my desktop, but I have 16 gigs of it for gaming. Those times also correlate with when I really want more general RAM because I’m building some large rust projects with LTO. So this is a great way to put that extra hardware to use. I can always turn off that swap later when I want to play a game.

And, critically distinct from the AGPL, they wouldn’t have to open source their full service — just the changes to the library.

The thing is this isn’t a single spectrum. The requirement the AGPL adds to the GPL could be applied to the LGPL without including the requirements added by the GPL.

To take the video game analogy, it’s more like asking why you can’t set the brightness above 50% if the graphics quality is set to ultra.

The answer here is that the FSF likely doesn’t see the utility in such a license.

But I just sat down 😭

Two more for me:

• Had coffee multiple days in a row (not caffeine — coffee specifically, and idk why)
• In a car multiple days in a row

They have been trying to work with the Flatpak people to make it a standard everyone could share. After half a decade of frustration I think they just gave up and decided to do it themselves.

Any that run GNU+Linux?

I’m not the person you replied to, but I would love to have more ARM hardware for running tests on. A lot of what I write needs to be separately tested on each architecture.

Desktop machines aren’t really the target of these kinds of attacks.

Also I think the author in this case seems to have been pretty reasonable about what they did. If more of these issues were done this way I wouldn’t have nearly as much irritation about “branded bugs.”

Even the Framework 12 is bigger than I’d like.

Why does it seem to be impossible to find smol laptops these days?

Toy Story 2 characters

Even then, some of the upstream LTS kernels didn’t get the patch until the 30th.

Person A: Red Hat has massive US military contracts for autonomous weapons that are being used against Iran!

Person B: Yeah but they have IBM’s infrastructure too

Person C: There’s this much smaller company that we might be able to take down. They’re in the same industry.

Person A: Do it!

Person B: But do they have and military contracts like that?

Person A: SHUT UP I SAID DDOS THEM

Typically they use archive.ubuntu.com, which was not affected.

The people who found the vulnerability didn’t do proper coordinated disclosure. See: https://infosec.exchange/@wdormann/116489443704631952

Not true. None of the major distros were alerted and Ubuntu, Debian, RHEL, etc. were all struggling at the last minute. See: https://infosec.exchange/@wdormann/116489443704631952

However, none of those DDoS’s took out the archive servers, so Ubuntu users could still get new kernels.