• 2 Posts
  • 139 Comments
Joined 3 years ago
cake
Cake day: January 23rd, 2022

help-circle


  • The point of security isn’t just protecting yourself from the threats you’re aware of. Maybe there’s a compromise in your distro’s password hashing, maybe your password sucks, maybe there’s a kernel compromise. Maybe the torrent client isn’t a direct route to root, but one step in a convoluted chain of attack. Maybe there are “zero days” that are only called such because the clear web hasn’t been made aware yet, but they’re floating around on the dark web already. Maybe your passwords get leaked by a flaw in Lemmy’s security.

    You don’t know how much you don’t know, so you should be implementing as much good security practices as you can. It’s called the “Swiss Cheese” model of security: you layer enough so that the holes in one layer are blocked by a different layer.

    Plus, keeping strong security measures in place for something that’s almost always internet connected is a good idea regardless of how cautious you think you’re being. It’s why modern web-browsers are basically their own VM inside your pc anymore, and it’s why torrent clients shouldn’t have access to anything besides the download/upload folders and whatever minimal set of network perms they need.





  • I know it’s not new, but I’ve been seeing a lot more “suggested” (read: sponsored) places along my routes these days. Either businesses are just now discovering the feature, or they lowered the barrier for entry. Either way, it’s annoying as fuck to have ads pop up that I have to avoid when moving the map around to navigate


  • BaumGeist@lemmy.mltoLinux@lemmy.mlLinux middle ground?
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    1 month ago

    Debian Testing has a lot more current packages, and is generally fairly stable. Debian Unstable is rolling release, and mostly a misnomer (but it is subject to massive changes at a moment’s notice).

    Fedora is like Debian Testing: a good middleground between current and stable.

    I hear lots of good things about Nix, but I still haven’t tried it. It seems to be the perfect blend of non-breaking and most up-to-date.

    I’ll just add to: don’t believe everything you hear. Distrowars result in rhetoric that’s way blown out of proportion. Arch isn’t breaking down more often than a cybertruck, and Debian isn’t so old that it yearns for the performance of Windows Vista.

    Arch breaks, so does anything that tries to push updates at the drop of a hat; it’s unlikely to brick your pc, and you’ll just need to reconfigure some settings.

    Debian is stable as its primary goal, this means the numbers don’t look as big on paper; for that you should be playing cookie clicker, instead of micromanaging the worlds’ most powerful web browser.

    Try things out for yourself and see what fits, anyone who says otherwise is just trying to program you into joining their culture war


  • I’ll have to give starship a try, seems like a cool way to handle customizing the prompt

    as to the “omz is bloat and slows down your shell”:

    1. How slow? Because I’ve never noticed. Are we talking about waiting for 15 seconds when I should only have to wait for 1, or are we talking theory and the difference between 0.5 vs 0.08 seconds in benchmarks?

    Because I’ve never been inconvenienced by the speed of my shell nor terminal emulator, despite having tried all kinds of setups. Turns out that “blazing fast” gpu accelerated terminal really didn’t make much of a difference on human timescales. Now I’m at the point where I appreciate the features over the performance.

    1. In reply to Brody’s point, I’m inclined to say “yes, and…?”

    OMZ automates a lot. Sure, I could follow his way of manulaly sourcing dozens of individual shellscripts and making my own aliases and have a zshrc 1200 lines long… Or I could just let omz handle it.

    Yes it’s mostly just a plugin manager, and…? Yes it automates a process I could do manually, and… ? Yes, it uses bindings that I didn’t personally write, and… ?

    Fuck off with the clickbait “You’re living your life wrong, do this lifehack instead!!!” (and the lifehack is to reinvent the wheel) bullshit

    Here’s a fun real lifehack: try things out for yourself, don’t just listen to and parrot other people’s opinions, don’t be afraid to go against the grain. Way more fun and fulfilling that way!



  • It will cause a critical error during boot if the device isn’t given the nofail mount option, which is not included in the defaults option, and then fails to mount. For more details, look in the fstab(5) man page, and for even more detail, the mount(8) man page.

    Found that out for myself when not having my external harddrive enclosure turned on with a formatted drive in it caused the pc to boot into recovery mode (it was not the primary drive). I had just copy-pasted the options from my root partition, thinking I could take the shortcut instead of reading documentation.

    There’s probably other ways that a borked fstab can cause a fail to boot, but that’s just the one I know of from experience.


  • BaumGeist@lemmy.mltolinuxmemes@lemmy.worldAverage systemd debate
    link
    fedilink
    arrow-up
    24
    arrow-down
    4
    ·
    1 month ago

    To the feature creep: that’s kind of the point. Why have a million little configs, when I could have one big one? Don’t answer that, it’s rhetorical. I get that there are use cases, but the average user doesn’t like having to tweak every component of the OS separately before getting to doom-scrolling.

    And that feature creep and large-scale adoption inevitably has led to a wider attack surface with more targets, so ofc there will be more CVEs, which—by the way—is a terrible metric of relative security.

    You know what has 0 CVEs? DVWA.

    You know what has more CVEs and a higher level of privilege than systemd? The linux kernel.

    And don’tme get started on how bughunters can abuse CVEs for a quick buck. Seriously: these people’s job is seeing how they can abuse systems to get unintended outcomes that benefit them, why would we expect CVEs to be special?

    TL;DR: That point is akin to Trump’s argument that COVID testing was bad because it led to more active cases (implied: being discovered).


  • I’m gonna laugh if it’s something as simple as a botched fstab config.

    In the past, it’s usually been the case that the more ignorant I am about the computer system, the stronger my opinions are.

    When I first started trying out Linux, I was pissed at it and would regularly rant to anyone who would listen. All because my laptop wouldn’t properly sleep: it would turn off, then in a few minutes come back on; turns out the WiFi card had a power setting that was causing it to wake the computer up from sleep.

    After a year of avoiding the laptop, a friend who was visiting from out of town and uses Arch btw took one look at it, diagnosed and fixed it in minutes. I felt like a jackass for blaming the linux world for intel’s non-free WiFi driver being shit. (in my defense, I had never needed to toggle this setting when the laptop was originally running Windows).

    The worst part is that I’m a sysadmin, diagnosing and fixing computer problems should be my specialty. Instead I failed to put in the minimum amount of effort and just wrote the entire thing off as a lost cause. Easier then questioning my own infallibility, I suppose.




  • Use script instead, you can even have it in your .*shrc to run automatically whenever a shell is invoked (make sure to add a check that the shell wasn’t invoked by script, so you don’t inadvertently forkbomb yourself)

    Alternatively, just use Terminator as yout terminal emulator and enable the logger anytime you need it to record the shell session.

    Also, use bookmarks. That’s what they’re there for. 100 tabs is a great way to clutter your brain, but terrible for productivity. If you forget about it after bookmarking, it wasn’t important to begin with.




  • You intentionally do not want people that you consider “below” you to use Linux or even be present in your communities.

    No, but I do want my communities to stay on-topic and not be derailed by Discourse™

    Who I consider beneath me is wholly unrelated to their ability to use a computer, and entirely related to their ability to engage with others in a mature fashion, especially those they disagree with.

    Most people use computers to get something done. Be it development, gaming, consuming multimedia, or just “web browsing”

    I realize most people use computers for more than web-browsing, but ask anybody who games, uses multimedia software, or develops how often they have issues with their workflow.

    (which you intentionally use to degrade people “just” doing that)

    No I don’t. Can you quote where I did so, or is it just a vibe you got when reading in the pretentious dickwad tone you seem to be projecting onto me?

    But stop trying to gatekeep people out of it

    I’m not, you’re projecting that onto me again. If you want to use Linux, use Linux. Come here and talk about how you use Linux, or ask whatever questions about Linux you want. If you don’t want to use Linux, or don’t want to to talk about Linux, take it to the appropriate community.

    If keeping communities on-topic and troll-free is “gatekeeping,” then I don’t give a fuck how you feel about it.


  • I don’t think we do, but that’s a feature, not a bug. Here’s why:

    1. There was a great post a few days ago about how Linux is a digital 3rd Space. It’s about spending time cultivating the system and building a relationship with it, instead of expecting it to be transparent while you use it. This creates a positive relationship with your computer and OS, seeing it as more a labor of love than an impediment to being as productive as possible (the capitalist mindset).

    2. Nothing “just works.” That’s a marketing phrase. Windows and Mac only “just work” if the most you ever do is web-browsing and note-taking in notepad. Anything else and you incite cognitive dissonance: hold onto the delusion at the price of doing what you’re trying to do, or accept that these systems aren’t as good as their marketing? The same thread I mentioned earlier talked about how we give Linux more lenience because of the relationship we have with it, instead of seeing it as just a tool for productivity.

    3. Having a barrier of entry keeps general purpose communities like this from being flooded with off-topic discourse that achieves nothing. And no, I’m not just talking about the Yahoo Answers-level questions like “how to change volume Linux???” Think stuff like “What’s the most stargender-friendly Linux distro?” and “How do we make Linux profitable?” and “what Linux distro would Daddy Trump use?” and “where my other Linux simping /pol/t*rds at (socialist Stallman****rs BTFO)???” Even if there is absolutely perfect moderation and you never see these posts directly, these people would still be coming in and finding ways that skirt the rules to inject this discourse into these communities; and instead of being dismissed as trolls, there would be many, many people who think we should hear them out (or at least defend their right to Free Speech).

    4. Finally, it already “just works” for the aforementioned note-taking and web-browsing. The only thing that’s stopping more not so tech-savvy people is that it’s not the de facto pre-installed OS on the PC you pick up from Best Buy (and not Walmart, because you want people to think you’re tech-savvy, so you go to the place with a dedicated “geek squad”). The only way it starts combating Windows in this domain is by marketing agreements with mainstream hardware manufacturers (like Dell and HP); this means that the organization responsible for representing Linux would need the money to make such agreements… Which would mean turning it into a for-profit OS. Which would necessitate closing the source. Which would mean it just becomes another proprietary OS that stands for all that Linux is against.