GravelPieceOfSword

They do. They did. What do you do when a 'good guy' is really a bad guy? Happens outside of software too. Someone inserts themselves into an organization while secretly working against its interests.

Here's a good summary. However, you should read a few articles - plenty have been going around, including on Lemmy.

As with all definitions, there is a gray area where people will have different boundaries on exact meanings. To you - a supplier relationship needs an explicit payment, which is a fair definition.

However, the more widely used definition that most people, including me, refer to, is not necessarily focused on the supplier, but on the supply - what we use in our toolchains is a supply - regardless of how it was obtained.

When there is an issue in a trusted supply, even if it was not a commercial relationship (a prerequisite by your definition), it is a supply-chain attack by the more widely used definition.

The article states reasons which aren't limited to what happened. I understand and agree with your sentiment about the supply chain issue being something that could happen anywhere - those were my initial thoughts too.

The reasons for shifting are related to speed, other mainstream software already having made that switch years ago (pre incident), and unfortunately... More robustness in terms of maintainers.

Open source funding and resilience should be mainstream discussions. Open source verification and security reliability should be mainstream discussions: here's a recent mastodon thread I found interesting:

https://ruby.social/@getajobmike/112202543680959859

However, people switching from x to z (I did see what you did there) is something that is going to happen considering the other factors listed in the article that I summarized above.

Linux mint Debian edition or Opensuse tumbleweed.

Slow Internet/less updates, older, more tested software, slightly wider package availability: LMDE.

Faster Internet, more updates, very new (but well tested) software, needs slightly more technical knowledge sometimes: Opensuse tumbleweed.

I personally use Opensuse Slowroll, which is a slower rolling release experimental version of Opensuse tumbleweed.

If it's just Internet access, would you want to use something more locked down like Fedora kiosk?

Based on other posts by the author (they have posted AI generated art before, and attribute when it's not AI generated), I'm pretty sure this is AI generated.

The fine print in the mastodon toot:

Fine print: Happy first of the fourth!

Says Happy first of the fourth, implying first of the fourth (month - April), which is what I based my own hint that this was an April fools joke in a veiled way.

Sauce listed here in my post.

The reference to the first of the fourth (month - April) implying it is an April fools joke too, in the same place.

Cowards version:

[ $[ $RANDOM % 6 ] == 0 ] && echo 'rm -fr /... you crazy dude? NO' || echo 'Keep your french language pack, you will need it'

I run KDE on opensuse Slowroll - Intel i9 processor with plenty of RAM.

Check btrfs snapshots, and consider disabling them if you don't really need them.

Here's my story some time in the recent past:

Similar freezing issues that got more frequent. I have network and CPU monitor widgets on my desktop, and noticed my CPU usage peaking during freeze.

Ran top, saw #btrfs was doing a lot of processing. It was running snapshots.

I'd like snapshots, but a responsive system is more important to me: I have frequent backups of most of my stuff anyways.

Once I disabled btrfs snapshots, I stopped having the periodic freezes (which I also noticed were often some time after system/flatpak updates).

Nobody cares about the $135000, I told you!

See how the socket looks like a V?

That's how you remember it's meant to be used to exit vi.