A Fox With Penguins

oh hello amazing anon!

yea i have-[TRAIN PASSES BY, POLICE CAR SIRENS, PLANE JET NOISES ALL AT ONCE]

oh hello amazing anon!

yea i have-[TRAIN PASSES BY, POLICE CAR SIRENS, PLANE JET NOISES ALL AT ONCE]

So this is the Panasonic PRONOTE PD CF-62, it's a Pentium 133mhz running Windows 95, released in August 1996. Panasonic did this sort of trick more than once, they did a similar thing with an under-keyboard CD-ROM drive in the PD CF-41, from 1995.

This one is so fancy because that's not just a self-loading under-keyboard laptop CD-ROM drive, it's a HYBRID PD/CD-ROM self-loading under-keyboard laptop drive! It has to be this complex because it takes PD discs (which are the size of caddies) and caddyless CD-ROMs!

So what's PD discs?

They're an optical format by Panasonic, the Phase-change Dual (or Phase-change Disc). They're from 1996, store as much as CD, but are rewritable... much like the later CD-RWs which used basically the same technology, just in a slightly different format. Unlike CD-RWs (which you had to burn (usually), they acted like a hard drive, fully rewritable at any point. That's why the disc is hard-sectored, which you can see through the shutter gap. Those vertical lines indicate where sectors start and end.

So yeah, this laptop has a complex drive that can take both types of discs, and the whole thing folds under the keyboard. Fucking wild.

But the root reason, of course, is that they did this because it's a cool design, and they wanted to do that. Why did they think this was cool, why did they want to do this?

Pervert reasons.

Per the CachyOS subreddit:

"As the title states, the Arch AUR has been hit by a huge malware infection campaign over the last couple of days. There's an earlier post referring to alvr. That's not the only package it's hundreds of them, many of them Aur packages average people would install like apple-music-desktop.

I don't have the full details of the scope of the malware campaign. I know it's a credential stealer so it steals ssh keys and browser login info and apparently has rootkit potential.

This was widespread and targeted orphaned packages. Aur for some reason allows other people to take over existing projects.

The bottom line is if you used the aur over the last couple of days you may have been infected and the problem with taking over orphaned packages I believe remains. I personally would not use the Aur for the foreseeable future, and ideally not at all. It's a security risk."

There is a script that you can run on your machine to detect if you have a package that is known to have been infected which you can view here. I have also linked the subreddit post here.

Just download it, make it executable and run the script with sudo and let it run, it will tell you what it found once it's complete.

https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency

https://ioctl.fail/preliminary-analysis-of-aur-malware/

Users can also run the following to check for malicious packages:

Per the CachyOS subreddit:

"As the title states, the Arch AUR has been hit by a huge malware infection campaign over the last couple of days. There's an earlier post referring to alvr. That's not the only package it's hundreds of them, many of them Aur packages average people would install like apple-music-desktop.

I don't have the full details of the scope of the malware campaign. I know it's a credential stealer so it steals ssh keys and browser login info and apparently has rootkit potential.

This was widespread and targeted orphaned packages. Aur for some reason allows other people to take over existing projects.

The bottom line is if you used the aur over the last couple of days you may have been infected and the problem with taking over orphaned packages I believe remains. I personally would not use the Aur for the foreseeable future, and ideally not at all. It's a security risk."

There is a script that you can run on your machine to detect if you have a package that is known to have been infected which you can view here. I have also linked the subreddit post here.

Just download it, make it executable and run the script with sudo and let it run, it will tell you what it found once it's complete.

https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency

https://ioctl.fail/preliminary-analysis-of-aur-malware/

Users can also run the following to check for malicious packages:

Per the CachyOS subreddit:

"As the title states, the Arch AUR has been hit by a huge malware infection campaign over the last couple of days. There's an earlier post referring to alvr. That's not the only package it's hundreds of them, many of them Aur packages average people would install like apple-music-desktop.

I don't have the full details of the scope of the malware campaign. I know it's a credential stealer so it steals ssh keys and browser login info and apparently has rootkit potential.

This was widespread and targeted orphaned packages. Aur for some reason allows other people to take over existing projects.

The bottom line is if you used the aur over the last couple of days you may have been infected and the problem with taking over orphaned packages I believe remains. I personally would not use the Aur for the foreseeable future, and ideally not at all. It's a security risk."

There is a script that you can run on your machine to detect if you have a package that is known to have been infected which you can view here. I have also linked the subreddit post here.

Just download it, make it executable and run the script with sudo and let it run, it will tell you what it found once it's complete.

https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency

https://ioctl.fail/preliminary-analysis-of-aur-malware/

Users can also run the following to check for malicious packages:

Per the CachyOS subreddit:

"As the title states, the Arch AUR has been hit by a huge malware infection campaign over the last couple of days. There's an earlier post referring to alvr. That's not the only package it's hundreds of them, many of them Aur packages average people would install like apple-music-desktop.

I don't have the full details of the scope of the malware campaign. I know it's a credential stealer so it steals ssh keys and browser login info and apparently has rootkit potential.

This was widespread and targeted orphaned packages. Aur for some reason allows other people to take over existing projects.

The bottom line is if you used the aur over the last couple of days you may have been infected and the problem with taking over orphaned packages I believe remains. I personally would not use the Aur for the foreseeable future, and ideally not at all. It's a security risk."

There is a script that you can run on your machine to detect if you have a package that is known to have been infected which you can view here. I have also linked the subreddit post here.

Just download it, make it executable and run the script with sudo and let it run, it will tell you what it found once it's complete.

https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency

https://ioctl.fail/preliminary-analysis-of-aur-malware/

Users can also run the following to check for malicious packages:

I saw this when running newpipe. But wait, it gets deeper. I clicked on the details buttons and it said as of today, we have 83 days left until Google rolls out this new requirement for apps inside and outside of the google play store. If any developer disagrees with their new terms and fees, they will be blocked!

I'll share some of the info below:

Looks like they're trying to nuke the remaining privacy and freedoms we have left on the internet.

What to do?

-Get your developer friends to not comply to their new guides

- Sign the open letter on the site and take action by checking out the full resources list on their website as well!

To summarize, this is all daunting especially when you feel all alone with unfair and inhumane regulations comming out faster than improvements but we got this working together!

Share the link with your friends, family and anyone who will listen!