Remix.run Logo
leni536 5 hours ago

This is probably Windows pulling LG software through Windows Update bases in EDID. Linux won't ever do this BS.

delta_p_delta_x 5 hours ago | parent | next [-]

> Linux won't ever do this BS.

Arch Linux's AUR was recently hit by an actual malware supply-chain attack[1], which I would claim is arguably worse than adware. NPM is regularly in the news for supply-chain attacks. And then there was the XZ utils debacle in 2024. I concede that Microsoft is in part responsible for facilitating something like this, but just because something is free and open-source or based on Linux doesn't make it a universal panacea for malware or supply-chain pwnage.

[1]: https://lists.archlinux.org/archives/list/aur-general@lists....

delusional 5 hours ago | parent | prev [-]

I wouldn't be so categorical. This isn't really a kernel concern, and I could completely believe that there are some distros out there that pull in random packages based on hardware detection.

The saving grace of linux currently is that volunteers package most of the software, and they don't generally package malware. There is no structural guarantee there, and if we invite corporate interests to package at some point (like flatpack and snap wants to) this is 100% going to happen eventually.