What? It literally got included with several distros. It wasn't caught before it shipped to end users. Just because it got caught before slower to update distros got it, that doesn't mean it is okay. It reveals how low the barrier is for an anonymous person to get code into the OS.
>I never claimed you should have the right to cheat against other players.
Attestation doesn't take away your ability to modify and run software which means that you still have freedom 0 and 1. It just means that you can not prove to a remote server that you bare running unmodified software. To me you were implying that the server being able to kick people who modified the client to cheat was violating their freedom.
>Perhaps you want to run your own server, with different moderation policies.
Nothing would stop you from running your own server like that.
The xz backdoor was successfully caught before it landed in mainstream release branches, because it's free software.
But broadening the scope a bit, the norms of using package managers as opposed to the norm on Windows of "download this .exe" is a much stronger security posture overall.
I am aware the Windows Store exists, it's not widely used enough to make exes a marginal distribution pathway. I am aware curl | bash exists, it's more common than it should be, but even in those cases the source is visible and auditable, and that's very uncommon for non-technical users to ever do (unlike downloading random exes).
> Freedom 0 and 1 does not give you the freedom to cheat against other players without being banned.
That's a strawman, I never claimed you should have the right to cheat against other players.
> You can be free to modify the game client, but you aren't entitled to play with others using it.
And that's the issue, Windows has functionality to impede your ability to run the software as you see fit and modify it to your needs. Perhaps you want to run your own server, with different moderation policies.