If I understand correctly, nextcloud automatically updated … which I didn’t think it would, normally. Maybe it’s a “feature” of the AIO docker image?

Never upgrade to the latest and greatest of … anything really, especially in production. Let others test it first, or as suggested already, have a staging environment where you test the upgrade first. I guess you can still downgrade nextcloud though, especially if you have a backup.

Are you using the AIO image? I don’t know how well that works, but yeah, I absolutely hate automatic updates like that. I tried it once and I decided to use the plain “official but not supported” docker image instead, where I manage things myself. Never had an issue, and I can control which version I’m running, I can backup to wherever I want, using whichever system I want, etc.

If you want people to take you seriously about being open source, you need to have a git repo, like github, gitlab, etc. you can even self host one. Heck, you can even use a different (non git) DVCS, but not just a link to a cloud drive…

That’s possible, I’m using Firefox, is that something firefox would do?

The site does use https for me… it instantly redirects from http to https

My point is, since its meaning depends on the context, I don’t see the issue for it to mean, in the context of containers, “outside of a container”. Just like in the case of VMs, or OS vs No OS, it means there’s one fewer layer between the app and the hardware, whether that’s a VM, Container runtime, or the OS.

I’m pretty sure everybody, including you, understood its meaning in this context, it didn’t really cause any misunderstanding.

That’s only the meaning you’re used to, and that’s my point. It depends on the context. I can assure you that, in the context of microcontrollers, for example, “bare metal” means running without an OS.

Well, since we want to be technical … Docker is not bare metal. Linux apps are not bare metal. Arduino is bare metal.

I still run it on a 10 year old chromebox (replacing chrome with linux of course). It’s really not that heavy. If it seems very slow, I’d try rebuilding the database from a dump (if mysql/mariadb), and making sure the db is on a fast drive. At least, those two things made a huge difference for me. Also, some people reported huge speedups switching to postgres.

From my understanding, Arch based distros don’t link ssh with systemd, and so are likely unaffected. That includes EndeavourOS. Since researchers are still analyzing the code, Arch took some steps to patch it anyways, just in case there some other hidden backdoor.

TL;DR: Simply downgrade to a version before 5.6.0, or follow the official recommendations for your distro. For Arch, for example, simply upgrade your system.

Explanation (from my understanding ): a malicious developer snuck a backdoor into xz, starting with version 5.6.0,and thankfully it was caught before it could do much damage. This seems to only affect Fedora and Debian based distros, or otherwise distros where ssh is patched to link to systemd, which in turn links to xz. Arch doesn’t seem to be affected, but they took some preventative action. Again, follow the announcements from your distro, or just downgrade xz.

It is not yet clear what a malicious actor can do with that backdoor, but it seems, in affected systems, it enables remote code execution (if you don’t know what that means, just know it’s really bad), but last I checked security researchers were still analyzing the code. Things move fast, so maybe by now it is known.

Thanks for the detailed response, I’ll have to double-check some of these. It seemed strange to me that everybody called her a transphobe based just on that tweet I remembered, and on a statement she put on her website that didn’t seem that transphobic to me, but if all you say is true, then yeah, she definitely is.

so it’s crazy to me that JKR is now liking and retweeting statements from nationalists and the far right.

Is she though? Do you have a link? I really want to get clarity in this whole JKR situation. The only thing I remember is her tweeting something of the like “we used to have a word for ‘people who menstruate’ in the English language, what was it?” which I can see how it can sound transphobic, but all it’s really saying is that since the word “woman” now includes trans women, the English language now lacks a word for people being born female. She later said she is not tranphobic, and has (had?) many trans friends, but do think trans women are not the same as cis women, which doesn’t really seem all that transphobic to me, so maybe I missed something else she said.

Based on the above, and the fact that all her books are pretty woke, as you say, I always assumed it was a bad misunderstanding, but I’d really want to see if she doubled down on some objectionable view.

People have been trying to make VR go fully mainstream since, probably, the 90s or even earlier. It always flopped after some initial excitement. Who’s next to try their luck?

Here are my words above:

If he’s convicted, or if I judge orders it before he’s convicted, then the app goes down

Once convicted the app should go down period. If deemed very dangerous, a judge could order it down even before while awaiting the verdict. Hopefully that clarifies it.

reading comprehension…

Judges aren’t perfect, and our justice system isn’t perfecr, but it’s the best we got… people do get away with murder sometimes, but that’s a whole different story that I don’t think belongs here

Got it.

We’re adults (I hope), let’s behave like such and not put words in each other’s mouth. I didn’t say any of those words and you know it.

They aren’t legally required to get rid of an app of a convicted rapist and human trafficker.

I’m arguing that they should be legally required to take it down in that case if ordered by a judge, and also, that they should be legally required to let users install whatever app they want on their device, either side loading, 3rd party stores, or whatever.

Currently these aren’t true, but one can dream

If he’s convicted, or if I judge orders it before he’s convicted, then the app goes down. It shouldn’t be up to Apple because of the monopoly / walled garden they created.

If they just allowed 3rd party apps and/or sideloading apps, none of this would be a concern and I’d be 100% ok with Apple taking it off their store.

The solution is to have a court of law convict him. Where the hell did you get those things you wrote? I never said them for sure.