I thought that perhaps users of binary-based Linux distributions who are contemplating trying out the source-based distribution Gentoo Linux might be interested to know a bit about installation times in contrast to binary distributions. I am not going to go into great detail here; this is just to give interested people a quick idea of possible package installation times in Gentoo Linux.

The package manager of a binary-based distribution such as Ubuntu downloads and installs binary (i.e. pre-built) packages. On the other hand, Gentoo’s package manager Portage downloads source-code packages and builds the binaries (executables) on your machine. Nevertheless, a small number of Portage packages contain binaries rather than source code, either because the source code could take many hours to build on older hardware or because the source code is simply not available in the public domain. An example of the first scenario is Firefox, which is available in Gentoo both as the source code package www-client/firefox and as the binary package www-client/firefox-bin so that the user can choose which to install (‘merge’, in Gentoo parlance). An example of the second scenario is TeamViewer, which is only available as the binary package net-misc/teamviewer because TeamViewer is closed-source software (i.e. the company that develops TeamViewer does not release its source code).

• Gentoo hacker's code changes unlikely to have worked

  Linux distribution Gentoo's maintainers say attempts by attackers last week to sabotage code stored on Github is unlikely to have worked.

  Gentoo's Github account was compromised in late June.

  The attacker was able to gain administrative privileges for Gentoo's Github account, after guessing the password for it.

  Gentoo's maintainers were alerted to the attack early thanks to the attacker removing all developers from the Github account, causing them to be emailed.

• NSA Exploit "DoublePulsar" Patched to Work on Windows IoT Systems

  An infosec researcher who uses the online pseudonym of Capt. Meelo has modified an NSA hacking tool known as DoublePulsar to work on the Windows IoT operating system (formerly known as Windows Embedded).

  The original DoublePulsar is a hacking tool that was developed by the US National Security Agency (NSA), and was stolen and then leaked online by a hacking group known as The Shadow Brokers.

  At its core, DoublePulsar is a Ring-0 kernel mode payload that acts like a backdoor into compromised systems. DoublePulsar is not meant to be used on its own, but together with other NSA tools.

• Predictable password blamed for Gentoo GitHub organisation takeover [Ed: when Microsoft takes over the NSA gets all these passwords. (NSA PRISM)]

  Gentoo has laid out the cause and impact of an attack that saw the Linux distribution locked out of its GitHub organisation.

  The attack took place on June 28, and saw Gentoo unable to use GitHub for approximately five days.

  Due a lack of two-factor authentication, once the attacker guessed an admin's password, the organisation was in trouble.

• Gentoo GitHub mirror hacked and considered compromised

  Linux distribution Gentoo has had its GitHub mirror broken into and taken over, with GitHub pages changed and ebuilds replaced.

  In an alert, Gentoo said the attacker gained control of the Github Gentoo organisation at June 28, 20:20 UTC.

  "All Gentoo code hosted on github should for the moment be considered compromised," the alert said.

• Et tu, Gentoo? Horrible gits meddle with Linux distro's GitHub code

  If you have fetched anything from Gentoo's GitHub-hosted repositories today, dump those files – because hackers have meddled with the open-source project's data.

  The Linux distro's officials sounded the alarm on Thursday, revealing someone managed to break into its GitHub organization account to modify software and webpages.

  Basically, if you downloaded and installed materials from Gentoo via GitHub, you might be compromised by bringing in malicious code. And until the all clear is given, you should avoid fetching anything from the project's 'hub org account.

  "Today, 28 June, at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there," Gentoo dev Alec Warner said in a bulletin.

• Gentoo Linux GitHub organisation hacked, content modified

  The GitHub organisation of the Gentoo Linux distribution has been compromised and the project behind Gentoo is warning users not to use code from this source.

  In a statement, the Gentoo leadership said some unknown individuals had gained control of the GitHub Gentoo organisation on 28 June at 20.20 UTC and modified the content and pages.

  Gentoo is a Linux distribution meant for advanced users. The source is compiled locally depending on user preferences and is often optimised for specific hardware.

I have recently made a tabular summary of (probably) all Council members and Trustees in the history of Gentoo. I think that this table provides a very succinct way of expressing the changes within management of Gentoo. While it can’t express the complete history of Gentoo, it can serve as a useful tool of reference.

What questions can it answer? For example, it provides an easy way to see how many terms individuals have served, or how long Trustee terms were. You can clearly see who served both on the Council and on the Board and when those two bodies had common members. Most notably, it collects a fair amount of hard-to-find data in a single table.