Ironically people who “btw I use Arch” have been FREAKING OUT because their precious arch user repository got massively infected with infostealer malware, lol
lmao, but yea- lesson learned anyway 🥀
never will install random packages without properly checking it, Got too carried away by "yay -Essing everything :sob:
I agree. It’s the ideal choice for gaming, and until recently, I had never heard of it. I can’t imagine going back to Windows 11 unless I was held at gun point and even then.
I think you vastly overestimate the importance of AUR. A lot of Arch users had to say something about the incident and many of them didn‘t even use it. It‘s definitely nothing essential.
Also Arch users still don‘t give a fuck about Windows. This whole AUR debacle has little to do with what OP was actually getting at.
I use arch (kinda), and has zero issues. It was a problem if you used unmaintained packages from arch, as adopting them and contaminating then was the attack vector. Using someone that’s unmaintained is always kinda questionable, so instead I’d just manually install that instead (it shouldn’t change if it isn’t maintained anyway).
The Windows equivalent of this would basically be the discovery that a bunch of apps on the Microsoft Store were infected with malware.
This really sucks for people that migrated to Linux without becoming Linux experts, and chose a friendly distro based on Arch that came with the AUR, like the often-recommended CachyOS.
And the AUR is not currently accepting registrations, so some degree of vetting is clearly happening in both cases. I don’t know how stringent for either.
This wasn’t supposed to be a perfect one to one comparison, just an interesting sidenote lol
There is a reason why the arch community had such a bad reputation when it came to newcomers, they were gate keeping good technical knowledge of the system. It had the side effect that most people became royal dicks on the forums and stopped being helpful, but it did have what I would consider the intended effect of people being wary of everything they did on their system.
I find the easy arch distros to be fairly interesting since my recommendation has always been that anyone who wants to daily drive an arch distro should install arch through command line at least once and read about the packages they use. I personally run endeavor os, but I started by doing the leg work, which led me to the conclusion that I prefer flatpaks over aur if it is available because they are far more easier to maintain good security practices on.
I think that’s a silly thing to say given that the arch wiki is the most comprehensive source of up to date technical Linux knowledge available to everybody. If you mean support for people on the distro itself, it does explicitly market itself to people who are already knowledgeable and willing to be their own support, so idk what you’d expect
Lol, I’d rather have AUR malware than Snap packages. You do you, friend.
All the arch based distros are fine, only the AUR is affected, so unless someone goes out of their way to use the AUR they’re golden.
For the casual user, they Just Work™. The famous ones like Stean, at least (I tried it sometime ago, it’s better than the flatpak version nowadays). If you never change your cursor, never check out your partitions, etc. snap’s problems aren’t as visible
Ironically people who “btw I use Arch” have been FREAKING OUT because their precious arch user repository got massively infected with infostealer malware, lol
This was just this week
For those of us Arch btw users:
https://gist.github.com/Kidev/85756c3dcad3623ca5604a8135bafd14
lmao, but yea- lesson learned anyway 🥀 never will install random packages without properly checking it, Got too carried away by "yay -Essing everything :sob:
Nobody is freaking out who isn’t a moron.
There are a handful of arch users who eat crayons… if the windows users in 2026 leave any I mean.
I use Bazzite btw
What a gamers nexus normie!
I agree. It’s the ideal choice for gaming, and until recently, I had never heard of it. I can’t imagine going back to Windows 11 unless I was held at gun point and even then.
Sweet
I think you vastly overestimate the importance of AUR. A lot of Arch users had to say something about the incident and many of them didn‘t even use it. It‘s definitely nothing essential.
Also Arch users still don‘t give a fuck about Windows. This whole AUR debacle has little to do with what OP was actually getting at.
Maybe so. I use cachy just for the record, so I’m not piling on with linux hate. I’m just enjoying the madness of it all. :)
I use arch (kinda), and has zero issues. It was a problem if you used unmaintained packages from arch, as adopting them and contaminating then was the attack vector. Using someone that’s unmaintained is always kinda questionable, so instead I’d just manually install that instead (it shouldn’t change if it isn’t maintained anyway).
I had a mild panic then realised I’ve never used AUR so I’m fine
This is why I love flatpak and sandboxing in general
Flatpak ruules!
The Windows equivalent of this would basically be the discovery that a bunch of apps on the Microsoft Store were infected with malware.
This really sucks for people that migrated to Linux without becoming Linux experts, and chose a friendly distro based on Arch that came with the AUR, like the often-recommended CachyOS.
The packages on the AUR are all user created. It’s not really comparable to the Microsoft Store.
Is the Microsoft Store not full of apps not created by Microsoft?
It’s apps approved by Microsoft. They only made a small fraction of them.
And the AUR is not currently accepting registrations, so some degree of vetting is clearly happening in both cases. I don’t know how stringent for either.
This wasn’t supposed to be a perfect one to one comparison, just an interesting sidenote lol
AUR is not the official repository. Its more like downloading a virus from Mlcrosoft.com.
The AUR is hosted on https://aur.archlinux.org/.
Just like how Microsoft hosts the Microsoft Store.
You mean like this?
https://www.howtogeek.com/788382/beware-of-malware-in-windows-apps-on-the-microsoft-store/
If it was the actual apps and not just look-alikes, yes.
There is a reason why the arch community had such a bad reputation when it came to newcomers, they were gate keeping good technical knowledge of the system. It had the side effect that most people became royal dicks on the forums and stopped being helpful, but it did have what I would consider the intended effect of people being wary of everything they did on their system.
I find the easy arch distros to be fairly interesting since my recommendation has always been that anyone who wants to daily drive an arch distro should install arch through command line at least once and read about the packages they use. I personally run endeavor os, but I started by doing the leg work, which led me to the conclusion that I prefer flatpaks over aur if it is available because they are far more easier to maintain good security practices on.
I think that’s a silly thing to say given that the arch wiki is the most comprehensive source of up to date technical Linux knowledge available to everybody. If you mean support for people on the distro itself, it does explicitly market itself to people who are already knowledgeable and willing to be their own support, so idk what you’d expect
CachyOS is completely 100% unaffected UNLESS people chose to install applications from the AUR.
Which is honestly just as hilarious, because I use Ubuntu just trigger Arch nerds.
Couldn’t happen to a nicer group of people.
Neat.
Doing something to spite strangers is the most pathetic thing you could possibly do.
Lol, I’d rather have AUR malware than Snap packages. You do you, friend. All the arch based distros are fine, only the AUR is affected, so unless someone goes out of their way to use the AUR they’re golden.
I partially chose Linux Mint to skip the whole snap nonsense. I seriously don’t get how it’s been so accepted in various distros.
For the casual user, they Just Work™. The famous ones like Stean, at least (I tried it sometime ago, it’s better than the flatpak version nowadays). If you never change your cursor, never check out your partitions, etc. snap’s problems aren’t as visible
Can’t we all just… get along?
At the Red
HatHouse we can!Kubuntu minimal install doesn’t have snaps.