G'day
@tgdf and welcome to linux.org
Chris Turner
wizardfromoz
First, thanks to the person who suggested below that I should have gone directly to SuSE. That's perhaps correct. I think I wanted to get a more unofficial read on this situation before making an 'official' complaint. Also, SuSE has gone through multiple hands, including those of Microsoft, & I also, possibly, didn't want to deal immediately with corp suits.
Now:
"Now is THAT any way to make your first post?"....."...Mr Cranky Pants..."
What? Are you 6 years old??
FYI, my first posts were in the 1970s. Since then there have been at LEAST 2 major Linux forum systems where I used to post which I've outlasted because they've gone under: Novell CustCtr openSuSE, &
www.linuxforums.org (which actually has a Wikipedia page explaining the demise). I've outlasted them because I'm careful & I get upset when I see lax, slovenly habits.
Why today, is truth & plain speaking confused with violence & bias? Can no one anymore tell the difference between "You're stupid," (an insult), and "You're ignorant," (meaning someone is uninformed)? I simply asked a civil question. Who is this guy & why is his trash on the repo site? And it IS trash. Most of what I dared look at is his promotion of his website & music as clickbait for his site. If there are ANY real executable or library files, they're coincidental.
So if I sounded Cranky, can you blame me? I think cranky, upset, & on the verge of anger is a proper response to the possibility of an OS repo site being hacked!
I'm an old timer from before the internet was www. In the 70s it was BBS only and we were pretty strict about enforcement. For instance, people were panned for ending their messages with ANY signature. Your ID & signature were in the header which was necessary. The flowery sig was totally unnecessary & seriously not wanted at a time when we used to pay by the SECOND for bandwidth, & a dialup connection was like waiting for molasses to flow in January. (If you worked 6PM to 6AM, it was $0.10/min. 6AM to 6PM it was $1/minute!!) So we were not angry, but we jumped on error, waste, & malevolent hacking.
My concern isn't even so much that the files are in the repository. My concern is "How did they get there?" The files seem harmless, though fantastically annoying. But the problem is, if any hacker can access & possibly change repository files, no OS is secure any more.
You'll forgive me if I'm bothered by what appears to be a cross between a Gigolo wannabee & a failed Hip Hopper (again, check out the image of his page) having potential access to my most highly guarded secrets. (And those characterizations are not insults. I believe them to be reasonably accurate evaluations of what I saw.)
Also, forums are NOT social media. If you haven't had the problem, keep your mouth shut. Forego the urge to be somebody by trying to hold up a totally useless end of the conversation. I don't need a 5 yr old AT&T 'help desk' infant to waste an hour of my time with, "Please turn all your computer equip off & on, then turn your phone on & off (after which you can start all over because this call will end when you turn your phone off.)" If you've had this problem before, (if you've seen & dealt with bogus, irrelevant files on a repo site) you know, pretty much, the exact answer. Please tell me your experience. If not, I really don't want your thoughts, musings, wonderment, & general awe that transistors have been reduced in size to where they get millions on a square inch. (When I was in HS, Scientific American used to actually be a magazine which published the research of the people who invented the integrated circuit & the ruby laser, in articles actually written by them. Today, Sci Amer is what Popular Mechanics used to be back then: The wonder of how an internal combustion engine can turn the blade in your lawn mower. I know how to reset a system.)
People who coddle you & constantly make nice-nice with phrases like Mr Cranky Pants, are NOT your friend. They are trying to put one over on you. People who are blunt &, when necessary, alarmist, are doing you a favor. It may not feel good, but it's better to be rudely awakened to a hacker than have someone be calm & soothing while the building burns down. And even if this FrankyU2 isn't a malevolent hacker, he's stealing from you & me by wasting our time & getting paid for useless clickbait.
It is possible I clicked on a link which added these repos to my list. I remember something about a site which may have been called GIThub or GTIhub. I believe I may have been looking for info re problems with dotNET not loading in Wine, but I'm unable to trace back to the exact pages I may have been looking at. In any case, the memory of possibly having clicked on such a link is connected to the memory of thinking it was strange to see such a potent link. Also, thinking that, if it were an actual connection to a real repo site, that site MUST be totally sacrosanct & protected from hacking.....which is why I'd be so upset when, a month or so later, I saw the garbage that was there.
And that's what's so concerning: The files came from a real SuSE site. I can't believe an org that puts out an OS would allow clickbait on their repo sites. I was wondering if I was correct in that. Perhaps I should have been more clear about that. But as I say, I was more concerned about shouting FIRE to get some attention to a potentially very serious problem, than in being PC or even academically accurate. Maybe you've heard: they now teach women, rather than scream RAPE, scream FIRE. Apparently, no one will lift a finger if you scream rape because it doesn't affect them. But people jump if you scream fire because they want to see if it involves them.
If you don't like my perspective, just say so. That's valid. But unless you ACTUALLY ARE the management of this site, I'm not interested in you telling me what I can & cannot say, or how urgent is my tone.
But thanks, all. In this instance, the negative supports my conclusion: NO ONE has said, "Oh, you're missing the point. These files are for this purpose...". And everyone has said that the files MIGHT be for some purpose, but they don't see what purpose. So I know what to do: Linux repositories (I think) are for sterile storage of OS files & applications, NOT for hype & nonsense. If no one can see the EXACT purpose of these files, they probably don't belong, & I do need to contact SuSE. Auch, kann Ich mit viele Sprachen diese Leute verstehen.
One thing I CAN tell you, I'll never again download repo files except with my OS Software Mgt ap.
(If I wind up with multiple posts here, please forgive me. I've opened more than one preview, but I can't find a way to close the windows or refresh the view.)
