The XZ utils backdoor made it into Debian repositories undetected, although it was caught before it was in a stable version.
Debian repositories are quite secure, but also pretty limited in scope and extremely slow to update. In practice, basically everyone (I'm sure there are a few counterexamples) using a Linux distro uses it as a base and runs extra software from less tightly controlled sources: Docker hub, PyPI, npm, crates, Flathub etc. It's far easier for attackers to target those, but their openness also means there's a lot of useful stuff there that's not in Debian.
Holding up Debian as a model for security is one step up from the old joke about securing your computer by turning it off and unplugging it. It's true, but it's not really interesting.
XZ attack is an extremely rare event coming likely from a state actor, which actually proves that GNU/Linux is a very important target. It was also caught not least thanks to the open nature of the repository. Also, AFAIK it wasn't even a change in the repo itself.
In short, using FLOSS is the way to ensure security. Whenever you touch proprietary staff, be careful and use compartmentalization.
If you get 'verified' by Google and sign your app, sideloading shouldn't change. That means money and ID checks, or a free 'hobbyist' carve out if you have <20 users.
If you don't want to play their game, sideloading will get substantially harder.
There's going to be a lot of people who don't have a laptop/desktop handy right now - because they're out of the house, because it's unplugged in a cupboard, or because they borrow it from a friend or use an internet cafe when they need that. So a requirement to use that and connect your phone to it is effectively similar to the 24 hr waiting period: time to think, time to mention it to a friend who's heard about this scam before. This is why phones are such an attractive target in the first place.
It's not recent, and most terminals support it. You send an escape sequence to the terminal, and get back a sequence that tells you the exact background color.
Also, power users are the ones who will find and change the setting - that's pretty much what being a power user means. Picking defaults that work for novices makes sense, even if that's slightly more inconvenient for me.
I think this whole discussion is based on an assumption that changing the default is part of an agenda to get rid of middle-click-paste entirely. I don't think it is.
Not unlike Firefox, Gnome has a lot of hidden options which aren't exposed in the regular settings UI. There has been an option to control 'primary paste' for 9 years, and it's exposed in Gnome tweaks. There's no obvious reason that changing the default means the option will be removed entirely.
A web page with Javascript can see & send off something you paste into a text box as soon as it appears. So if you accidentally paste some confidential information, like a password, that's a security hole even if you notice and delete it straight away. This happens even for totally innocent reasons, like search-as-you-type.
Ctrl-C/Ctrl-V copy and paste is not such a big issue because far more people are familiar with it, and it requires more deliberate actions on both sides (copying and pasting). So you're less likely to accidentally copy something around that you didn't mean to.
> So if you accidentally paste some confidential information
So nothing like a "large security hole" that needs to be fixed, right?
I mean at this point, "SSH is a large security hole because people may enter their password while someone looks at their keyboard". I wouldn't consider that a reason to remove SSH.
There's nothing particularly wrong with it, but developing a browser engine and keeping up with new web standards is quite a bit of work. And web developers won't all test on a browser with 2-3% market share, so there's more risk of sites not rendering quite right because the engine is different.
I doubt AI agents are going to greatly accelerate the development of something as big and complex as Servo. It seems more realistic that Firefox would be built around either Blink (from Chromium) or Webkit to lean on Google/Apple.
I agree with all the people saying it would drive a lot of the remaining users away, and I hope they don't do it. But I'm not remotely surprised that they considered following what their biggest competitor (Chrome) already did.
Because Chrome was built by the world's biggest advertising company. If the World Wildlife Fund started selling ivory to pay the bills, would that not be surprising?
That analogy doesn't really work, though: Mozilla's goal is not specifically to fight against online advertising. Ad-blocking is connected to their goals, definitely, but they clearly have to make compromises, and I'm not that surprised that they'd think about that one.
Why? They have ample free cashflow. They haven't had money problems in 10 years. If they're worried about Google withdrawing support they should save money in an endowment, not do things to help Google.
Debian repositories are quite secure, but also pretty limited in scope and extremely slow to update. In practice, basically everyone (I'm sure there are a few counterexamples) using a Linux distro uses it as a base and runs extra software from less tightly controlled sources: Docker hub, PyPI, npm, crates, Flathub etc. It's far easier for attackers to target those, but their openness also means there's a lot of useful stuff there that's not in Debian.
Holding up Debian as a model for security is one step up from the old joke about securing your computer by turning it off and unplugging it. It's true, but it's not really interesting.
reply