The more general vuln is CVE-2023-45853 apparently, in zlib through version 1.3

https://ubuntu.com/security/CVE-2023-45853#status

is this general to any Linux distro using zlib or just Ubuntu?

Ah, I can try that then, thank you!

OK… so what’s the best way to select a different keymap in Wayland? Searching around I see mentions of setting a keymap in config.h and recompiling a compositor… or ‘modifying the system XKB database in /usr/share/X11/xkb’ … or this tool https://github.com/xremap/xremap (have not tried it myself).

I need not just to tweak one or two keys, but to set a entire alt keymap (us,apl). and it has to be changeable on the fly, not statically, via AltGr or other user-defineable key.

I’d like to try KDE again, but last time I tried with wayland the keymap stuff seemed wonky to me.

Yes, I know they are update services; fair point you make, that those not technically-minded should probably leave them on.

However I personally do not appreciate OS updates, no matter their purported criticality, being installed without my express permission. I am aware of Group policies, but Win11 Home does not officially support them (though one can install gpedit.msc manually; however according to sources I researched, not all policies set will even be honoured by the Home edition).

I did consider scheduling it, just hadn’t gotten around to trying it out.

If could, I would wipe Win11 and use native Linux but this laptop is too new and support is poor on it; it’s gone as soon as practical :)

When I have to boot into Win11, I run this right after as a shortcut from my desktop (right-click and Run As Administrator):

net stop usosvc
sc config usosvc start=disabled
net stop wuauserv
sc config wuauserv start=disabled

… be sure to set your Wifi points as metered to block Update as well.

Note that anytime you go into certain Settings / Control Panel pages, Win11 silently re-enables the above services! Crazy. (Someone should really write a patch for that…)

Sad anyone has to put up with this BS but, we do what we gotta do.

Ah, good. I wonder why it isn’t used more often – this wouldn’t be such a huge problem then I would hope. (Let me guess – ‘convenience’, the archenemy of security.)

I don’t know much about NPM (having avoided JS as much as possible for my entire life), but golang seems to have a good solution: ‘vendoring’. One can choose to lock all external dependencies to local snapshots brought into a project, with no automatic updating, but with the option to manually update them when desired.

That’s what I ended up doing. A dumb monitor is just fine, as long as you don’t need a huuuge screen. The main thing is to find a good external speaker though that doesn’t auto-sleep in the middle of one’s show…

Or, please consider Devuan as well, to ensure there are distros without hard dependencies on systemd, an expansive attempt to cement IBM/RedHat’s control over the direction of Linux through foundational changes to the init, filesystem, login, homedir, and other components…

Please don’t bother replying to change my mind… never gonna like systemd no matter what. If it works for you, fine. Some of us still find it wholly unnecessary.

I put on my robe and wizard hat

When our last TV which was ‘smart’ died, we just bought a big lcd monitor at the pawn shop. We already were only using Kodi on an Android box, so a monitor with external speaker is fine. (Seemed spyware free last time I checked, but beware no-name android media boxes on=from eBay etc., use a tiny or old spare PC instead if you wish).

One must ‘sail the high seas’ tovget content, of course…

Good boy

And the dog too.

F*ck War, they both should’ve been warm and dry, at home.

No, I know that – I honestly want them both to die :p

Both have been a blight on software development for decades.

Can Oracle kill javascript as well, please? Please?

Recommend “Human Resource Machine” as well :)

That’s my phone notification tone

We should do more than block them, they need to be teergrubed.

Any leader who has to sign legislation stating they have lifelong immunity from prosecution, probably needs to be prosecuted for the rest of their long life.

Upvote for mentioning tit-for-tat. There has been a lot of research on the iterated prisoner’s dilemma, and as I recall the winning strategy determined by many experiments showed that over time, the ‘nice tit-for-tat’ strategy gets the highest score. It may lose out in an individual interaction, but over time, sticking to it is the best long-term strategy.

However this does mean if one is a grifter and fully expects never to interact with the other (victim) party again… there’s less incentive to use such a strategy.