-
keepassxc
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
>UPSTREAM THEMSELVES decided not to include in default/recommended build instructions
This is false, or at the very least misleading. It doesn't take much to go on the repository and give a closer look instead of repeating "what other said". Kwpolska already wrote it in this thread, -DWITH_XC_ALL (the flag that's been turned OFF in the original Debian package rules) is explicitly called in the build instructions, and not only there but also one release tool [1] and snap config [2]. This is merely how the project manages its build configuration, with specific flags turned off and one master toggle enabled by default (or expected to be passed to cmake/bash release tool). Same thing for the ppa packaging. [3]
0. https://github.com/keepassxreboot/keepassxc/blob/develop/INS...
1. https://github.com/keepassxreboot/keepassxc/blob/da90319d2d0...
2. https://github.com/keepassxreboot/keepassxc/blob/da90319d2d0...
3. https://github.com/keepassxreboot/keepassxc-packaging/blob/9...
Meanwhile in Arch land (possibly other distros as well), the fwupd package (which I imagine to be a fairly common package to be installed among the user base) has been silently configured to depend on passim, which spins up an open web server on 0.0.0.0:27500[1] without any(!) explicit user consent whatsover. Passim then uses GnuTLS, which is famous for containing more holes than Swiss cheese [2][3].
Absolutely insane to me, and I would not be surprised if there's an xz type of exploit hidden somewhere in the chain.
[1]: https://github.com/fwupd/fwupd/issues/6721
[2]: https://news.ycombinator.com/item?id=7347500
[3]: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=gnutls
looking at the fwupmgr code.
The client uses DBUS to ask the server how many bytes were download from your LAN peers (unless you connect your device directly to the internet, then i guess i will show how many bytes ssh probes downloaded from you, inflating their numbers and making them more aggressive on the server feature)
https://github.com/hughsie/passim/blob/ae38c13da1a63fff8c8fa...
https://github.com/hughsie/passim/blob/ae38c13da1a63fff8c8fa...
also, note the quaint code to tell how much carbon it saved earth.
>UPSTREAM THEMSELVES decided not to include in default/recommended build instructions
This is false, or at the very least misleading. It doesn't take much to go on the repository and give a closer look instead of repeating "what other said". Kwpolska already wrote it in this thread, -DWITH_XC_ALL (the flag that's been turned OFF in the original Debian package rules) is explicitly called in the build instructions, and not only there but also one release tool [1] and snap config [2]. This is merely how the project manages its build configuration, with specific flags turned off and one master toggle enabled by default (or expected to be passed to cmake/bash release tool). Same thing for the ppa packaging. [3]
0. https://github.com/keepassxreboot/keepassxc/blob/develop/INS...
1. https://github.com/keepassxreboot/keepassxc/blob/da90319d2d0...
2. https://github.com/keepassxreboot/keepassxc/blob/da90319d2d0...
3. https://github.com/keepassxreboot/keepassxc-packaging/blob/9...