This is why I won't use random distros, even if they have better features. It's just one more point of failure, one more point of unnecessary trust. I would rather fight to deal with specific problems with specific apps on one of the handful of core distros with long histories.
Agreed, I just installed Fedora 43. I don’t even trust CachyOS at this point.
The entire website looks shady, I can't imagine anyone installing this.
Was there any analysis on what the binaries do, because it could theoretically be a really badly implemented 'check for updates'.
Though I'm tempted to believe it is all part of a big scam :)
Seems the only download the the OS is a 6.7GB ISO, yeah, not gonna bother to download and unpack that.
Browsing to their github is also interesting, no source anywhere, a few empty repos with a LICENSE.txt or README.md, but nothing of value.
I genuinely don't understand why anyone would use anything other than Debian (or Ubuntu), Fedora or Arch. Every other distro is a) based on one of those and b) is essentially just a package set + some wallpapers.
While I get your point, you are missing a big player: NixOS. It is not based on any of those distros, it is not similar to any of those distros, and it offers significantly more than just a package set and wallpapers.
My NixOS install is immutable, so I can trivially roll back any changes to my system/software/configs.
It has a lockfile so the versions of all of my software do not change _at all_ unless I tell it to. That lockfile doesn't just extend to the software I have installed but all the software that is used to build the software on my machine, so I can perfectly reproduce the same system with the same version of software compiled by the same exact versions of the compilers.
On NixOS you can trivially have many versions of any software or library installed on your system and use them all (for example, foo can depend on python 3.7.2, bar can depend on python 2.7.1, and baz can depend on python 3.14. They can all happily live on my machine. On arch linux your only option for python right now is 3.14.2.)
On NixOS I can trivially run 1 command and generate a bootable ISO that has exactly the same software and configs that I have installed on my computer. This has been rather nice for repair/debugging USBs and for running virtual machines off the ISOs.
You're also missing:
- Gentoo (not based on any of the distros you listed)
- Chimera Linux which brings in the FreeBSD userland, musl libc, and DinitDefaults matter way more than many think. More often than not, defaults are what inspire distro hopping.
Why? Because the path to the desired result from a big-name distro is frequently non-intuitive, often to the point that the user may not even realize it's possible. When something doesn't work as expected, the response isn't "I need to figure out which packages to install and what config files to change," it's "oh I guess this distro isn't what I'm looking for".
I think it would do an immense amount of good if the big distros did more to address this. If they made it such that a fresh install could be made to fit any remotely common use case and hardware combination with no more than 1-3 clicks that would make tiny distros much less appealing.
A handful of distros have the right idea by offering an install ISO with preconfigured proprietary Nvidia drivers for example, but even that could be improved upon by just rolling some heuristics into the stock install ISO to figure out if the user needs Nvidia drivers or not.
I agree with the sentiment you're trying to express.
But as a Gentoo / SuSE user, I'm also a little offended!
NixOS would like a word
Beyond that, Gentoo, SuSE and a few others.
But generally, yes, be careful with what you install :)
> Discovered by Steven Stobo (WeRAI / Haven AI)
AI pentesters and fuzzers will soon be the norm. And that's a good thing.
Static analysers are a good start here, but so often their rules can be overcome configuration tricks.
AI is seemingly really good here on that. Be interested to watch how it performs on the more weird and uncommon security cases.
This article is so painful to read. Do people not have shame in publishing slop?
> MakuluLinux is not just an OS with a backdoor. It's a delivery vehicle for a centralized AI-as-a-service platform.
But to the actual article point; it looks like this OS is designed to have these "integration features" that depend on a 3rd party connection. They could obviously be better - But the intent of them is very similar to how Android, Windows, or MacOS operate.
>Do people not have shame
The only person in the world you know can have shame is yourself. As for anyone else, you can only assume they do not have it, or are trying to trick you to feel shame to take advantage of you.
If you want said articles to feel ashamed, then they'll have to stop getting upvoted on HN. Otherwise they are here to stay.
> This is exactly why the Human Router architecture exists. In a world where you cannot even trust your operating system vendor, every decision — every execution — needs a governance gate.
> D = G × S. If G ≠ 1, D = 0. No action is routed without verified authority. No exceptions.
W... what?
It's an AI slop startup blog advertising their product, thats why.