That’s possible, I’m using Firefox, is that something firefox would do?

The site does use https for me… it instantly redirects from http to https

My point is, since its meaning depends on the context, I don’t see the issue for it to mean, in the context of containers, “outside of a container”. Just like in the case of VMs, or OS vs No OS, it means there’s one fewer layer between the app and the hardware, whether that’s a VM, Container runtime, or the OS.

I’m pretty sure everybody, including you, understood its meaning in this context, it didn’t really cause any misunderstanding.

That’s only the meaning you’re used to, and that’s my point. It depends on the context. I can assure you that, in the context of microcontrollers, for example, “bare metal” means running without an OS.

Well, since we want to be technical … Docker is not bare metal. Linux apps are not bare metal. Arduino is bare metal.

I still run it on a 10 year old chromebox (replacing chrome with linux of course). It’s really not that heavy. If it seems very slow, I’d try rebuilding the database from a dump (if mysql/mariadb), and making sure the db is on a fast drive. At least, those two things made a huge difference for me. Also, some people reported huge speedups switching to postgres.

From my understanding, Arch based distros don’t link ssh with systemd, and so are likely unaffected. That includes EndeavourOS. Since researchers are still analyzing the code, Arch took some steps to patch it anyways, just in case there some other hidden backdoor.

TL;DR: Simply downgrade to a version before 5.6.0, or follow the official recommendations for your distro. For Arch, for example, simply upgrade your system.

Explanation (from my understanding ): a malicious developer snuck a backdoor into xz, starting with version 5.6.0,and thankfully it was caught before it could do much damage. This seems to only affect Fedora and Debian based distros, or otherwise distros where ssh is patched to link to systemd, which in turn links to xz. Arch doesn’t seem to be affected, but they took some preventative action. Again, follow the announcements from your distro, or just downgrade xz.

It is not yet clear what a malicious actor can do with that backdoor, but it seems, in affected systems, it enables remote code execution (if you don’t know what that means, just know it’s really bad), but last I checked security researchers were still analyzing the code. Things move fast, so maybe by now it is known.

I keep getting spammed by dems, they keep calling me Mark. My name is not Mark…