• 4 Posts
  • 26 Comments
Joined 2 years ago
cake
Cake day: June 22nd, 2023

help-circle











  • A nice tl;dr was https://news.ycombinator.com/item?id=39866307

    Copied here:

    For those panicking, here are some key things to look for, based on the writeup:

    • A very recent version of liblzma5 - 5.6.0 or 5.6.1. This was added in the last month or so. If you’re not on a rolling release distro, your version is probably older.

    • A debian or RPM based distro of Linux on x86_64. In an apparent attempt to make reverse engineering harder, it does not seem to apply when built outside of deb or rpm packaging. It is also specific to Linux.

    • Running OpenSSH sshd from systemd. OpenSSH as patched by some distros only pulls in libsystemd for logging functionality, which pulls in the compromised liblzma5.

    Debian testing already has a version called ‘5.6.1+really5.4.5-1’ that is really an older version 5.4, repackaged with a newer version to convince apt that it is in fact an upgrade.

    It is possible there are other flaws or backdoors in liblzma5, though.






  • That’s practical, but not so sound, advice. IANAL, yet… I remember when Julia lang was gaining traction that many R lang programmers wanted to port their favorite packages. If they were to look at the R sources (under GPL) to write the Julia version to be released under MIT license, they would be violating the GPL. Or there was a risk, at least. Of course, this case is different because the first and original version is not GPL. But this came to mind. Anyway, I suppose that it all boils down to how much OP feels like their employer (boss or anyone with power in the company) will be a son-of-a-cop and really come forward to court against him… I mean, that’s in the first place. Then, comes the legal advice, as to how much of a case can be made, and what do we expect a judge would see it…




  • I don’t want to undermine everyone’s suggestions but I think they are failing to understand this is a kid, buying him a laptop and stuff is okay but doesn’t motivate him to much.

    Check for authors of books for kids. Invent with python is great, that was going to be my suggestion. But same author has plenty, like this one https://turtleappstore.com/book/ … to echo someone who mentioned Minecraft (indeed, already marked a whole generation into computer science subject!). Good luck! Maybe you can even find something for you, like, how do we teach CS/ programming to kids? How come that moving the Logo turtle was alright for so many years, lol