More instances of sabotage are being found.

Simply excluding this backdoor does not seem to be sufficient. The malicious actor has contributed over 750 commits to xz, all of which could contain further backdoors.

Downgrading to the last version without any contributions from the malicious actor is not possible either, because of new functionalities and other security issues that were fixed in the meantime. Uninstalling xz is also not possible, because half my system depends on it.

I guess it will take some time to sort all of that out. I am very impressed by the fast and coordinated response to this incident by the FOSS community.

For my phone (almost 7 years old), a thin needle to scrape out all the dust is sufficient. Pressurized air also helps.

Me, a physics educator: “Interesting!” takes note

I am using Librera Reader. Make sure to install the F-Droid version (Librera FD) without Google Play services.

It is primarily an ebook reader that supports a variety of formats, but it is also an excellent PDF viewer. Significantly more feature-rich than any other FOSS PDF viewer for Android that I have found.

I was confused for a second asking myself when Kroger was split into Kroger Sued and Kroger Nord.

Again, this is an article about German startups. But you claim that this also applies to established mid-sized (usually family-owned) companies that are the opposite of startups: They have successfully saturated the demand for the niche that they are specialized in and neither potential nor interest in expanding further (within their niche, at least). So far, you have provided no justification for your claim, besides ”surely, no one would refuse a lot of money“.

Android supports multiple payment providers. Some banks implement their own payment provider (e.g. Sparkasse in Germany), most just rely on Google Pay (now Google Wallet). Google Wallet has strict requirements for the Play Integrity API. Because of the modifications to Android that GrapheneOS is implementing, it is not eligible to receive the required integrity attestation and thus, Google Wallet is refusing to work. Google could at any point reconsider and certify/whitlelist GrapheneOS, which would allow Google Wallet to work using GrapheneOS. Likelihood close to 0.

Any banking app implementing their own payment provider is completely independent of this decision unless it also relies on Play Integrity API attestation (or a similar mechanism).

You might have heard of alternative frontends to services such as YouTube (Piped, Invidious), X/Twitter (Nitter), etc.

Something similar exists for Fandom: Breezewiki. This instance seems to occasionally result in errors, other instances seem to work more reliable.

You can request a copy of your data according to Art. 15 of the GDPR. If they reject this, escalate to your local data protection authority. This way, you could gain access to the data even if Google tries to block you.

… well, theoretically, at least.

Well, Gnome 45 is in extra now. That was unusually fast!

We can only guess. But they can probably detect contacts for which the phone number is updated or which have several assigned phone numbers.

I would assume that “market share” is related to the relative number of units sold/number of active subscriptions/fraction of total sales in terms in revenue, or some similar metric. I run a variety of different distributions on servers (bare metal, VMs and containers) and desktop computers. Do they all count equally? Without giving it more thought, I wouldn’t even know how to determine the market share of Ubuntu in my own home in a sensible way.

With Windows, I can just count the number of active licenses. Oh wait, its zero.

With version 45, Gnome switches to ECMAScript modules (ESM). This standardizes javascript exports/imports, but it also means that every single extension will have to be adjusted to work with Gnome 45. I would not mind if Gnome 45 stayed in testing for a bit longer, so developers have time to adjust.

• Browser: I selfhost Piped
• Mobile: NewPipe works fine
• Subscriptions: I use RSS to subscribe to my favorite channels. No account required

This is just a frontend, DeepL (or any other engine you use) still sees the text that you translate.

Windows is in the wrong, not Linux.

reg.exe add HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation /v RealTimeIsUniversal /t REG_DWORD /d 1 /f

pacman -Qqdt will list the obsolete packages without the version number. You can pass the output of this command (i.e. all the obsolete packages) back to pacman using $(…) command substitution: sudo pacman -Rns $(pacman -Qqdt)

You can list the packages that were previously installed as a dependency for another package but are no longer required using pacman -Qdt. It should be safe to remove all of them. (Some of them might only be required to build another package from the AUR, not to use it. But those will automatically get reinstalled the next time you update/install that package using paru).

You can automatically remove all obsolete dependencies when uninstalling a package using pacman -Rns . For example, pacman -Rns wine would have likely uninstalled the lib32-… packages for you automatically (assuming no other package depends on them).

You installed these packages using the multilib repository (anything lib32-… lives in there, and a few other packages). Now, for whatever reason, the multilib repository is no longer available. Maybe you deactivated it in your pacman configuration, or you just had issues downloading the latest package database. paru no longer finds them in the official repositories, and it also does not find them in the AUR, so it displays that message. After you have updated/reenabled the multilib repository, this message will disappear.