chameleon

Aww, okay. I’ll just have to go back to licking Switch cartridges then…

I think this one will work. Most of these games are already “multihomed” on different ad networks and display the one that is most profitable to them at any given time, or a semi-random mixture. The differences in profitably aren’t that huge, and it will get even worse if advertisers run away from Unity too. Unity is making an absolute killing from their ads division, and this is now being threatened.

And who are the advertisers? Other game devs. The whole mobile game advertising scene is one gigantic ouroboros with the ad platforms cutting off a huge portion in the middle. If you leave, you’re going to both stop showing ads and stop your advertising there.

This is a fun one we’re gonna be hearing about for a while…

It’s fortunate it was discovered before any major releases of non-rolling-release distros were cut, but damn.

Senior YAML programmer

Won’t help here; this backdoor is entirely reproducible. That’s one of the scary parts.

Given that the UUID changed, you almost certainly made a new LUKS container, overwriting the old one. That’s bad, because the LUKS header is the only source of the actual encryption key that was used, and making a new one will overwrite both the main header as well as its backup copy immediately. Your password/keyfile/whatever is merely used to decrypt the part of the header that has the actual encryption key, and that’s gone in that case.

Unless you have access to a header backup from before that, there’s a fairly strong chance it’s irrecoverable. I’d suggest going through any archives you might have to see if you have such a backup - most of the instructions on the Gentoo wiki encourage making one, so you might have made one through the power of copying & pasting instructions. Should be a file of around 16MB.

You haven’t been able to give them nothing for over 2 years now. For this particular bundle, the minimum split for Humble is 30% and the default split is an insane 45% to Humble, 50% to the company and 5% to charity.

Humble is unfortunately still coursing by on their old reputation of being charity-friendly, but they changed to be one of the worst players around years ago. That goodwill from back then has really been depleted.

It’s not what the buttons look like, it’s what they do. In Krita, making an ellipse involves clicking the ellipse button and dragging it somewhere. You now have an ellipse, and you hold shift if you want to make it a circle instead.

In GIMP there is no direct ellipse tool, there’s only an ellipse select tool, likewise you hold shift to make it a circle. Then you use a menu item to select the border of your selection, getting a popup to let you determine how much pixels you want. And then, you use the fill tool or fill menu item to fill it. That’s a surprising amount of clicks to accomplish what’s most likely the single most common task for anyone opening a screenshot in an image editor. I’m not aware of any easier/faster method to do it. Feels like it should exist, but this is also what you get if you search for how to draw a circle in GIMP, so if it exists everyone’s missing it.

GIMP’s method gives you more power, but you rarely ever need that power. But when you do, Krita also has ellipse select, border select and various fill tools that can be strung together in the same way.

DP is very much not free. VESA themselves is happy to tell you that DisplayPort is excluded from their list of free standards, and the leaked copies of old standards are stamped with a “distribution to non-members is prohibited” notice on every page.

I’m not sure where that misconception came from, but it really needs to stop at some point. The best thing to say about VESA is they’re slightly less bad than the HDMI Forum. But only by so little.

Reproducible builds generally work from the published source tarballs, as those tend to be easier to mirror and archive than a Git repository is. The GPG-signed source tarball includes all of the code to build the exploit.

The Git repository does not include the code to build the backdoor (though it does include the actual backdoor itself, the binary “test file”, it’s simply disused).

Verifying that the tarball and Git repository match would be neat, but is not a focus of any existing reproducible build project that I know of. It probably should be, but quite a number of projects have legitimate differences in their tarballs, often pre-compiling things like autotools-based configure scripts and man pages so that you can have a relaxed ./configure && make && make install build without having to hunt down all of the necessary generators.