Inlay

Profile

The Magic Blade of Asterisk Order, ready to heed your orders! (🗡️✨) | Spellcaster VTuber and Programmer My mama: https://bsky.app/profile/yushaainari.bsky.social YouTube: https://www.youtube.com/@MorganVonAsteria Blog: https://firmamentum.nekoweb.org/

Morgan von Asteria | Magic Blade VTuber

We aren't done yet with the AUR attacks. Another pattern has been reported, and this one is /just/ a little bit more elaborate. It's still a similar supply-chain attack. This one uses bun to fetch nextfile-js, one of the infostealers used in previous attacks. lists.archlinux.org/archives/lis...

There are two sides in me: one that loves UI with personality (yes, this goes out to you Aero, Luna, and Aqua fans) and one that understands the accessibility constraints that arose from those designs. It's not that we can't do both, but somehow we've collectively agreed that this is an either-or.

Essentially, we're seeing this new wave escaping the usual grep/regex detection by /slightly/ obfuscating the command used to fetch the infostealer package. It's not a complex method of obfuscation -- you can even decipher it by looking at it -- but it does place an obstacle when regex is used.

And then there are corporate, sterile UI that can't let designers express or impart any sort of artistic detail. These I also don't like, because I also believe that computing is as much form as it is function. I /loved/ Aqua used in OSX, because it had tiny details never visible in modern UI.

So, once again, I say this: please be careful with AUR. Vet and verify. Just because you run Linux does not mean you're magically immune to malware, because all it takes is one little carelessness like that for your system to be vulnerable.

One of the aches that people always bring up regarding Linux is the community. And that's fair, Linux communities are always a toss-up: you either meet people that'll deliberately troubleshoot with/for you, or people that'd dismiss your struggles with "well, don't use Linux like WinDOOZE."