LurkingLuddite

I wouldn’t say pulling in higher versions is unsafe unless an attack like this succeeds. Otherwise it’s only an annoyance.

That sounds more like bad practices from the community. It definitely has ways to use exact versions. Not the least of which the lock file. Or the shrinkwrap file which public packages should be using.

Genuine question. How is NPM more vulnerable than other repos? Haven’t similar supply chain attacks succeeded at least as well as this one through GitHub itself and even Linux package repos?

Can’t be that popular if nobody’s trying to do it.

Microslop

Well that’s a fucking stupid rule.

Definitely need to add guillotines…

You don’t need to strike out that sentence. They’re doing both. They don’t work properly, are hoarding resources and wealth, and are fucking children.

Anyone who answers other than 5 is a fucking idiot.

Everyone is focused on the exit, when clearly there is still a vulnerability to the entrance side. If someone is identified as a bad actor, you do not want your own personal address showing up all over in the logs of who they’ve been conversing with… Regardless of what can be proven as to the nature of conversations, you will now have eyes on you.

So yes, a VPN is useful, just not for all the reasons the comments so far are addressing.

Nice! Sound like you’re on the right track, though might want to keep a live cd image on hand in case Windows decides to take over your boot options until you can finally squash it. xP

Try out some live boot disks then. Several flavors of linux will just boot up, and give you the option to install from within the booted OS. I forget which ones lwt you change things and basically treat them like normal, but some will even carry over any made changes right through the install (if you tell it to, anyways).

Then, you’ll just have to identify any critical applications you need and see if they run on linux, or have any viable alternatives that do, or worst case try to run the windows flavor through Wine or proton or so.

If you need stability above all, I’d recommend avoiding the bleeding edge distros or the young ones that are changing a lot. It sounds odd, but I’ve been digging MX Linux a lot, and I’ve tried a good few flavors over the years. It’s based on Debian Stable, so it’s repos won’t be the bleeding edge, but it has that classic Debian “Just Works” going for it. The only bugs I’ve had have been issues from Wayland that also affect other distros.

You can really tell the people that still operate on that mindset. “Number must go up” is apparently pretty stupid motivation in most contexts!

It doesn’t comprehend anything. That’s the damn point.

Though it WILL “understand” what you did by the algorithms that break down code turning the variable into another token. So all you’re really doing is costing yourself more time and money in the slop machine.

ELIZA effect in full swing… Humans really are gullible.

For #2, I’d definitely say it depends on the type of spoiler. Merely giving away the general events isn’t going to ruin good media. Though if someone is basically in effect recreating the whole scene(s) lazily in a different medium, then that can ruin the ability to experience it in the same way.

I would liken it to how the Red Wedding in GoT was portrayed in its own media: As done in the earlier seasons, it was a crazy surprise of an experience. If it happened in season 8, it would’ve been a shitty, “here are the things that happened” kind of portrayal and it would’ve been kinda’ what ever.

That’s not even speaking to spoilers, but story telling in general. If they’re doing a shitty job of telling the story, spoiler context or no, then it’ll kinda’ ruin the story either way. Spoilers are themselves story telling. It’s not all black and white good or bad. It’s how it’s done and what is covered that makes it good or bad.

Though with spoilers, it’s far less likely that people are going to try to really do it justice, especially in a meta-context like talking about the show, so spoilers are more often given in poor form for story telling.

I think it greatly depends on the media and what the spoiler is.

If it’s a story where the big twist is the thing that makes it so great, or if the depth of the story is greatly amplified when you can get immersed before a big event occurs, then spoilers are purely an asshole thing to give without warning or permission.

Though if it’s just Disney slop where the whole damn thing is formulaic and rather predictable anyways, then what ever, spoil away.

If you want Debian plus some nice tools, I’d recommend MX Linux. It’s based on Debian stable and mosrly just has a few convenient extras. Like installing nvidia drivers with one click, or being able to create a bootable ISO of your exact system. It has a few other neat tools, too.

Wouldn’t be surprised if you could just nab those tools ad hoc as desired for normal Debian, though.