Linux

48328 readers

641 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

123

open letter to the NixOS foundation (save-nix-together.org)

submitted 7 months ago by lemmyreader@lemmy.ml to c/linux@lemmy.ml

38 comments fedilink hide all child comments

https://chaos.social/@ktemkin/112310528803928457

you are viewing a single comment's thread
view the rest of the comments

[–] A1kmm@lemmy.amxl.com 49 points 7 months ago (11 children)

I wonder if this is social engineering along the same vein as the xz takeover? I see a few structural similarities:

A lot of pressure being put on a maintainer for reasons that are not particularly obvious what they are all about to an external observer.
Anonymous source other than calling themselves KA - so that it can't be linked to them as a past contributor / it is not possible to find people who actually know the instigator. In the xz case, a whole lot of anonymous personas showed up to put the maintainer under pressure.
A major plank of this seems to be attacking a maintainer for "Avoiding giving away authority". In the xz attack, the attacker sought to get more access and created astroturfed pressure to achieve that ends.
It is on a specially allocated domain with full WHOIS privacy, hosted on GitHub on an org with hidden project owners.

My advice to those attacked here is to keep up the good work on Nix and NixOS, and don't give in to what could be social engineering trying to manipulate you into acting against the community's interests.

[–] wewbull@feddit.uk 18 points 7 months ago

I think you're right to be suspicious. The XZ attack has showed that there are people and organisations out there that would love to get hold of a piece of trusted critical infrastructure like Nix. They'll go the long lengths to do it, manipulate people, and exploit the maintainer's desire to do the right thing.

And if the person can't stand by their critism and can only give wooly examples, then best to ignore it.

load more comments (10 replies)