Hi all,
not too long time ago I’ve read here, that some of you tried to combine IPFire with Pihole. Most users install Pihole on a Raspberry Pi. I suppose you know that RPi is not 100% open source.
And today I got this message via newsletter:
Microsoft repo secretly installed on all Raspberry Pi’s Linux OS
In my opinon it would be a little bit silly combining such a trap with IPFire.
Regards,
Pierre
The article clearly states how you can workaround this problem. If people don’t know about this then it would probably lower the privacy by a small level. Security isn’t affected.
I tried the workaround on a RasPi but I cannot do an apt update (sudo apt update && apt dist-upgrade). The RasPi gets stuck on anything MS-ish. It is just a test box and not a RasPi IPFire box. I’ll work more on the RasPi tomorrow.
I use a RPi as a dhcp server on Orange but I use Arch Linux as my OS. Makes it in line with all my other systems.
Thanks for the info I did not know that.
It think it is really a stab in the back for Raspian users.
Some other users from another forum reported a successful workaround attempt. Did you try apt-get?
Yes I did.
And apt-get is the deprecated version of apt.
Hi there,
I think having found a solution. Should you be interested, do following:
Perform all steps described under the link in my first posting. When trying to update now, you’ll stuck in a dead end street of Microsoft.
This way you can avoid it:
cd /etc/apt/sources.list.d
sudo rm vscode.list
cd ~
sudo shutdown -r now
After rebooting your RPi you can update as usual.
sudo apt-get update && sudo apt-get upgrade -y
Check now the content of the folder /etc/apt/sources.list.d again. You won’t find the file vscode.list anymore. Of course you should furthermore avoid running Pihole (RPi) and IPFire together.
Good luck,
Pierre
well the great thing about Linux, nothing can really be hidden, easy to remove offending stuff like that. Also can use a different distro. but if need to run Rasprian OS then can remove the repo stuff for that.
Which should have never been included to begin with as a default.
I don’t get why people are flipping out about this. If you don’t install VS Code (and most people won’t) then at most Microsoft will know that there’s probably a Pi at your IP address. That’s far less than they would get if you simply opened microsoft.com in a web browser (or use Hotmail/Outlook, OneDrive, Swiftkey, or even just Windows 10.) Do you worry about the Pi Foundation, Debian, Ubuntu, OpenMediaVault etc. knowing that there’s a Pi at your IP address?
This appears to be Github related. Makes sense given the Raspbian focus on Pi as a dev platform for kids. If you don’t use the code related apps, it doesn’t appear to activate. So If you don’t want the feature then just purge git.
I have a similar issue, on my Rpi running Buster
sudo apt update
Ign:1 https://packages.microsoft.com/repos/code stable InRelease
Err:2 https://packages.microsoft.com/repos/code stable Release
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. The name in the certificate does not match the expected. Could not handshake: Error in the certificate verification. [IP: 0.0.0.0 443]
0% [Waiting for headers] [Waiting for headers]
I guess this source gets blocked by DNS maybe? And the cert doesnt match 0.0.0.0
So I removed vscode.list as @anon4944014 suggested.
But still can’t update. What a headache 
sudo apt-get update
Err:1 http://archive.raspberrypi.org/debian buster InRelease
Connection failed [IP: 176.126.240.84 80]
Err:2 http://deb.debian.org/debian buster InRelease
Connection failed [IP: 199.232.138.132 80]
Err:3 http://deb.debian.org/debian-security buster/updates InRelease
Connection failed [IP: 199.232.138.132 80]
Err:4 http://deb.debian.org/debian buster-updates InRelease
Connection failed [IP: 199.232.138.132 80]
Interesting the other Rpi running Stretch didn’t get messed up by this.
I seem to remember removing ALL of the suggested changes from the article in Post #1.
Then I did the apt update (sudo apt update && apt dist-upgrade ).
After the update, then I applied the changes suggested by Pierre in Post #8.
Hope this helps.
Thank you for sharing about this article.
Guess I won’t be using Raspbian on my future RPi setup and I’m glad to know that there are always alternatives:
Bah. The link in the first post is needlessly alarmist - having the Microsoft repo does not actually install any software on your system. The “solution” given is overkill. Just follow Pierre Laporte’s instructions if it bothers you that much.