Latest activity

These are all completely different cases. The AUR problem is that it allows commits by non-committers, in effect. The XZ case was a carefully built up internet persona. There is no formal background check.

I get this error msg when trying to run CubicSDR. I have no idea what it is missing. I use LXDE and Xwindows programs seem to work normally. Any advice?

This thread has "FreeBSD" right in the title.

A bad committer that obfuscates well will lead to a compromise. Same for any organization. Google does background checks, but what really is the value? They aren't magic.

Well, I have been using FreeBSD as my "daily driver" for some time now. Of course, it takes some getting used to, since the FreeBSD community expects one to have more than a "normal" ability to use 'pooters, but overall, I am sincerely glad I was...

That's trust-based and not really waterproof. A known committer with positive history can go there as well. While I only produce offline software, it would be interestinng to see an official checklist for administrators to avoid supply chain...

These are all completely different cases. The AUR problem is that it allows commits by non-committers, in effect. The XZ case was a carefully built up internet persona. There is no formal background check.

CubicSDR Not cubicsdr.

I have installed this, but when I try to run cubicsdr I get command not found! (a few minutes later) It seems I need to run CubicSDR!

Well, I have been using FreeBSD as my "daily driver" for some time now. Of course, it takes some getting used to, since the FreeBSD community expects one to have more than a "normal" ability to use 'pooters, but overall, I am sincerely glad I was...

ZFS, if you are using that, uses a lot of memory but it will release some of it if apps need it. Unused ram is wasted ram. The system will release memory if necessary. This is probably not an issue.

Using 10 years FreeBSD now. Be patient. Now i'm performant. Even very :)

I'm not that enamored by Spielberg movies. Rotten Tomatoes reviewers seem to give it around a C+ while Roger Ebert's site gives it 4 stars so who knows. We have nothing to do today and she's bored so we're going. I'll give my expert opinion later.

Gosh, I remember him from Wonderama with Sonny Fox. I think he was either a regular or frequent guest. I suspect there are a lot of folks around my age here, so probably many others remember it too. According to Wikipedia from 1959 to 1967, I...

Well yes, the AUR attack targeted developer credentials...now the fabled story that even FreeBSD core devs use Mac OSX for the desktop plays to our hand :D BSDs are primarily used as servers or as building blocks for specialized OSes.

Plus that *BSD usually don't draw that much attention...

Bottom line, AUR allowed random Internet people to take ownership of unmaintained ports and change them. As far as I understand, with FreeBSD-ports such option is not on the table. Whether we have 250 or 25k out of 30k ports stale, is not a risk...

bakul it is not concern trolling to talk about FreeBSD and supply side attacks. The details why Arch Linux case is/isn't relevant for us is currently under discussion. diizzy Ports have a checksum. The remote artifact can't change. If it...

I'm curious, are you running Minecraft as root? Maybe this is why.

More likely to try to get people's minds off Epstein.

It may be marketing spin but there are disc's with fairly good durability : Google's AI with search terms "Durable Blu Ray discs" spits out: https://www.iljitsch.com/2022/01-09-longevity-of-recordable-blu-ray-discs-bd-r-bd-re.html My burner is...

Ok, I'm not even sure what I did. On that laptop, once again, I thought I'd try the update to RC3. But when I rebooted, it was 15.1 RELEASE. And all was fine, no xlibre, alacritty worked, etc.

Well, that's not very friendly of them...

😂 You should have experienced Linux in the late 90s... That was no zoo, that was ... primordial soup.

I hadn't thought about it till last week when my wife said she wanted to go see the new Spielberg movie. I am positive it's no coincidence that all the hoopla over releasing of the UFO stuff from the US government coincided with it in the weeks...

No, it couldn't happen like this to FreeBSD ports. 1) there is no second-tier user grade package repository in FreeBSD, there is only one ports tree, committed to by committers. 2) the mechanism exploited for this was how AUR handles abandoned...

No, it couldn't happen like this to FreeBSD ports. 1) there is no second-tier user grade package repository in FreeBSD, there is only one ports tree, committed to by committers. 2) the mechanism exploited for this was how AUR handles abandoned...

What has happened to Arch linux? And this should be in the offtopic category.

I know the thread has been marked as 'solved' already, but... I'm in "that" mood right now so I'm happily going to ignore all that ;) Welcome aboard! I hope you're going to have a lot of fun with FreeBSD. First of all I'd like to compliment...

Stopped reading here.

😂 You should have experienced Linux in the late 90s... That was no zoo, that was ... primordial soup.

No, it couldn't happen like this to FreeBSD ports. 1) there is no second-tier user grade package repository in FreeBSD, there is only one ports tree, committed to by committers. 2) the mechanism exploited for this was how AUR handles abandoned...

Apologies, if I miss the obvious. I am new to FreeBSD since December 2025. My system is at dvl@mybsd:~ % uname -a FreeBSD mybsd 15.0-RELEASE-p10 FreeBSD 15.0-RELEASE-p10 GENERIC amd64 dvl@mybsd:~ % doas freebsd-update install Password: No...

My name is Mykhailo, I’m from Ukraine. My hobby is IT technologies, from programming to firmware and reverse engineering. Back in 2009, I decided to study Linux, but it felt like a zoo with no stability. Everyone kept saying “install this...

No, it couldn't happen like this to FreeBSD ports. 1) there is no second-tier user grade package repository in FreeBSD, there is only one ports tree, committed to by committers. 2) the mechanism exploited for this was how AUR handles abandoned...

Great more AI bullshit, I wonder why having a full AI written post could be allowed in this forums in the first place. Really funny that it talks about setgid thingies when we do have a mac based non setgid sudo alternative that is called mdo...

I really enjoy posts like these because it tells you all you need to know about the context: people who apparently blindly rely on their OS (or "equipment") to keep them safe which - by definition - is the biggest security risk of them all. Most...

I have Xfce4, which is running very well and a few things I like to have on my computer. Boinc projects, some smart ass comments and nifty graphics :)

This is the LXQT desktop on my recently updated case computer.

Depending on whethe the author is a committer or not, but basically non-committer authors need reviews by any committer(s) on whichever Bugzilla, Phabricator or GitHub pull request. My example of a review on Phabricator here. In this specific...

There is a myriad of human and technical solutions to this but it requires a lot of context to pick the right combination. The first question to ask, is how one gets to be an impactful rogue maintainer. We've seen examples of rogue hustling out...

The kernel can't do only memory safe operations by definition. That's why we separated the kernel from userland. The two serious attempts at a Rust OS are Redux and Asterinas. And at least one of them tries to separate the kernel in two: part...

My thoughts exactly. Where I come from is scientific background, but I've turned to a rational type of open mind where unforeseen phenomena must be rejected by science, and it can, and in all honesty will remain unsolved. Our method disproves...

Corroded? 😅 Are you talking about Rust dependency bloat? I think python is worse. Let's install 100 deps of 100K each with their own version requirements amd conflicts.... I'm no Rust user but too many things need it, unfortunately.

Arch User Repository. It's Arch Linux packages

What has happened to Arch linux? And this should be in the offtopic category.

AUR?

Stopped reading here.

I always googling with -linux, is that serious, doctor? 🙄

Hello All, I first heard about Freebsd in the late nineties from a friend in my OS/2 User Group. Had some trials and success installing and using Freebsd since. The last iteration was text only VM Freebsd in a Macbook to keep my small business...