Mine stopped working.
We know that sshd is targeted but we don't know the full extent of the attack yet.
Arch is on 5.6.1 as of now: https://archlinux.org/packages/core/x86_64/xz/
We at Nixpkgs have barely evaded having it go to a channel used by users and we don't seem to be affected by the backdoor.
Hmm, that shouldn't be the case could you open an issue on that?
Does firefox appear in your previous closure? nix-store --query --tree /run/current-system/ | grep firefox
To the person receiving the money, it is worth it. Else they wouldn't be doing it.
Yes and that's precisely the point. You can make the decision not to pay and there are good reasons to do so (I do so too) but you must recognise that someone is still not getting paid for their work.
Note that the diff does not necessarily correlate with the amount of data that changed, not how much additional space the snapshot takes.
Pretty much any?
Headless distros won't really differ in RAM usage. The only generic OS property that I could relistically see saving significant resources in this regard would be 32bit but that's... eh.
What's more important is how you utilize the limited resources. If you have to resort to containers for everything and run 50 instences of postgres, redis etc. because the distro doesn't ship the software you want to run natively, that won't work.
For NAS purposes and a few web services though, even containers would likely work just fine.