Lemongrab @ Lemongrab @lemmy.one

Posts

18

Comments

890

Joined

2 yr. ago

What about when a style IS the copyright holder's (the artist's) personal style and voice likeness?

I see this as a major loss and just another way for capitalists to cheat artists and outcompete out them using their effectively free labor. It is disgusting and I hate copyright because it only works to benefit the rich and powerful, and never protects smaller artists.

Oops! All Diphenhydramine ...

Context: Benadryl

https://eylenburg.github.io/android_comparison.htm

What is special about FUTO's keyboard. I would argue HeliBoard (also on f-droid) with the swipelib is the closest to gboard.

I recommend Sherpa Onnx's TTS Engine app, using a piper voice model. I recommend Lessac Medium or Low.

Link: https://k2-fsa.github.io/sherpa/onnx/tts/index.html

Make it simple and just use fedora. Has lots of the same benefits as openSUSE, except openSUSE allows you to choose any and all the software that should be installed through a GUI installer. You should be fine, use flatpak for the freedom from distro specific application packages, and the ability to harden flatpak sandboxing through Flatseal or native support in system UI. For a Windows looking UI, I recommend KDE Plasma which is available for Fedora as the KDE Spin edition, or natively in the openSUSE installer.

Death.

Generally, I think it is better to use a general server OS like Debian or Fedora instead of something specialized like Proxmox or Unraid. That way you can always choose the way you want to use your server instead of being channeled into running it a specific way (especially if you ever change your mind).

Liking and commenting isn't possible through any client to my knowledge. Freetube is a nice frontend app available on linux. Follow existing tutorials for how to export subs from YT then import your subs in the app.

Security is preemptive. Keylogging is not a hypothetical, it just hasn't happened to you. Neither is it random, desktop linux is differentiated from linux server by its GUI. It is much harder to make linux desktop secure. I see threat as one of many in a long list of the weaknesses present in desktop linux.

I am not trying to say you shouldn't have the choice to use X11, my original comment was about how Linux Mint doesn't offer the choice of a DE that supports Wayland.

The reason I mentioned keyloggers is because it allows an attacker to perform privilege escalation by recording your sudo/root password and automating an attack. I searched it up and I do see automation tools for Wayland, maybe they aren't as developed as those for X11. For you, your usecase makes sense, though i (personally) wouldnt take that risk. The majority of users do not use such tools and should probably use Wayland.

Just because a malicious application is installed on your computer doesn't mean it should be allowed to freely exfiltrate data. It does not require root to perform this attack, a malicious script or AppImage could just as easily steal your keypresses. Or an extension in your browser, or a mod for your favorite game. You shouldn't need to read all the code for every application (including each subsequent patch and update) just to be sure it isn't stealing your data. Plus, why not use Wayland?

My point was that X11 is insecure. Security through obscurity is not security. Wayland does not send every keypress to every application, which protects against this attack vector. Wayland is both significantly smaller and more secure than X11. X11 was designed in a time when software was built to simply trust anything that runs on the computer. We need to move past just putting our trust in the software we run. At the very least raise the barrier to perform such an attack.

Not really. You can side load, but not great user experience.

None of the desktop environments included with Linux Mint (really) support Wayland. X11 allows any app to keylog easily. X11 is quite bad for Security. Cinnamon has experimental support.

Fedora or Fedora KDE Spin. Nice and user friendly, good support.

That is not how security works. You must protect against known and unknown attack vectors. I am only pointing out weaknesses of Docker and other linux containers that share the kernel with the host or/and run with Root. I'm not saying anything original or crazy, just read up on the security of these technologies and their limits. I am not a malware designer, I am a security researcher.

Look into gVisor and Kata Containers for info on how to improve the security of containers.

Here are some readings for you:

https://redlib.tux.pizza/r/docker/comments/eakd50/help_can_i_safely_run_malware_inside_a_container/
https://www.csoonline.com/article/1303004/vulnerabilities-in-docker-other-container-engines-enable-host-os-access.html
https://www.panoptica.app/research/7-ways-to-escape-a-container
https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
https://www.securityweek.com/leaky-vessels-container-escape-vulnerabilities-impact-docker-others/
https://www.cybereason.com/blog/container-escape-all-you-need-is-cap-capabilities

It is not speculation, it is reducing attack surface. Security is preemptive. Docker/Podman are not strong isolation solutions. Rare does not mean we shouldn't protect against the chance of kernel vulnerabilities. The linux kernel around 30 million lines of code long and written in a memory unsafe language. Code isn't safe just because we dont know the vulnerabilities, this is basic cybersec reasoning.

Docker/Podman and LXC linux containers share the same kernel with the host machine. Root in the container is root period (in the case of rootfull containers). Even without root, much of the data on your machine is readable from any user. With a exploit to escape the container (which are common) the malicious program has root on the machine. This is a known attack vector against linux containers. VMs are much better for isolating untrusted software from the host OS.

Idk how to decide what is safe or not, but as a warning, Docker containers can escape trivially and have access to the kernel.