The malicious code is only thought to have affected deb/rpm packaging (i.e the backdoor only included itself with those packaging methods). Additionally, arch doesn’t link ssh against liblzma which means this specific vulnerability wasn’t applicable to arch. Arch may have still been vulnerable in other ways, but this specific vulnerability targeted deb/rpm distros

I hope you’re right and this isn’t about them getting ready to DRM brush handles to brush heads. Sonicare brush heads are ridiculously overpriced compared to the knock offs

But you actually don’t know what monero is being used for when it’s used in transactions, no one does. You just have a bias that if people want to keep their transactions secret, it must be illegal.

You could make the same argument for cash.

This is called the “Door in the face method” of bargaining. Start with a request so high and absurd that you “slam the door in their face” because it’s so absurd.

The next time they try, they’ll come back with an offer that sounds far more reasonable than the original request. Since you’re still primed with the previous context, your brain makes it sound less bad than it probably is ("At least it’s not the first offer!). You’re more likely to accept after this.

The opposite technique is called “foot in the door”, start with a small request (get your foot in the door) and then increase the ask after the small request goes over.

You need a budget, but it’s not free.

But with Intuit, you are the product, so it’s only free in the sense that they get your info and you get mint in return.

I don’t really use it for this, but here are some things I do use it for:

• metrics scraping on servers without needing to open ports or worry about ssl encryption. Works great for federating Prometheus instances or scraping exporters
• secure access to machines not directly exposed to the internet. I.e. ssh access to my home box while I’m traveling
• being an exit node for web traffic while traveling. I.e. maybe you are traveling and have a bank who is giving you grief about logging in – masquerade that connection from your home IP

I mostly just use it for metrics scraping though