DigitalDilemma @ digdilem @lemmy.ml

Posts

2

Comments

552

Joined

2 yr. ago

software developers are criticizing Microsoft and GitHub for taking down some of the affected code repositories

Surely it's sensible of Github to take down malicious code? It's not just honest, hardworking people trying to make sense of this that have eyes, it's others looking for inspiration from what appears to be a sophisticated and very dangerous supply chain attack.

One question and some unfollowable advice.

Question: Why not use AppArmor? My understanding is that's what Debian uses by default instead of Selinux which is more native to Enterprise Linux (Fedora, RHEL, Rocky, Alma etc).

Unfollowable advice: As an EL admin where it's the default and very closely integrated, we have a saying; "It's not always dns, mostly it's Selinux". For most distro-sourced software, it's fine. But if you install software from other sources, you're going to hit problems.

Others have given good reasons to your specific questions, but one tip if you go down this route. We use a redhat tool, "setroubleshoot-server" which helps hugely in both identifying when something isn't working because SELinux has blocked it, but also gives you the commands to add an explicit rule to allow it, so you can view the log, understand why it's blocking, and allow it without needing to get too involved with the complicated file contexts.

Sadly, it looks like this tool isn't available in Debian, which would seem to make like a lot harder using selinux. Familiar as I am with selinux, I don't run it on my personal servers or this laptop, which are Debian.

Not everybody is suited to management.

I think there's a core difference between loot boxes, which is out and out gambling, and gameplay. Both can be addictive, but they have very different consequences.

Gameplay addiction steals your time and maybe your social life, but that's it.

Gambling addiction also steals your money. And when that's gone, drives you to extremes trying to find more.

I like the energy, but this doesn't qualify as "lesser known"

I respectfully disagree.

I had redcare via Age Concern for my mum before she went into a home with dementia - it was a few years ago and it was all that was available.

Nowadays, the panic alarms are, I believe, entirely self contained using a sim card and mobile connectivity and include location information - so they are not reliant on local power or internet connection. That locational information could be life saving - one time my mother got very confused, left her flat and was wandering around outside in freezing conditions. Luckily someone heard her calling out and took her home, but she could easily have died that night and was so confused that she didn't think to use her dongle which was still around her neck, and it is doubtful it would have been in range of her base station anyway. A modern system can also include geofencing and even positional data (if someone falls down), takes it off, or battery runs low and automatically alert. Just like redcare, the modern systems are manned 24/7 just the same.

Sometimes old school is not best.

obfuscation should be done for FUN by PROGRAMMERS to SCARE python programmers. It should NOT be a MANDATORY feature of a language.

<snorts in perl>

Ever read some of the microsoft forums? Just as many people seeking help there - the only difference is we don't have an over eager paid employee replying with scripted answers which don't help.

Linux is as simple or as complicated as you want it to be. Most of the mainstream distros "just work" on most hardware. I've installed Mint, Rocky, Ubuntu and Debian on laptops and desktops for relatives, including those who aren't remotely technically gifted. It was as easy/easier as Windows to install, set up and get running. The users are happy - they can use cheaper hardware (and don't need to upgrade a perfectly good laptop for Windows 11) and are entirely free of software costs and subscriptions. Everything works and things don't break - just like Windows and Macs. Most people just want their computer to turn on and let them run stuff. All three do that equally as well.

I've also installed linux on hardware clusters costing hundreds of thousands of pounds and that definitely wasn't a simple or quick process, but that's the nature of the task. Actually, installing the base os was probably the easiest part. Windows just isn't an option for that.

You ask a fair question - you're not unique in your viewpoint and that's probably hampered takeup more than anything else. What makes you a bit better than most is that you actually ask the question and appear to be open to the answers.

That last point is often under-appreciated in its importance, especially when dealing with hundreds of servers.

htop on our vms and clusters, because it's in all the repos, it's fast, it's configurable by a deployable config file, it's very clearly laid out and it does everything I need. I definitely would not call it bloated in any way.

My config includes network and i/o traffic stats, and details cpu load type - this in particular makes iowait very easy to spot when finding out why something's racking up big sysloads. Plus, it looks very impressive on a machine with 80 cores...

My brain can't parse top's output very well for anything other than looking for the highest cpu process.

But - ymmv. Everyone has a preference and we have lots of choice, it doesn't make one thing better or worse than another.

Zoneminder

Indeed. I've been using ZM for personal and commercial camera setups (for up to 32 cameras) since around 2006. Great piece of software - does what it does quietly and without fuss and is completely free.

Many/most password managers do TOTP in their browser extensions already - at least on paid tiers. (Bitwarden, Lastpass for sure).

It's the only way a team can effectively use TOTP, which still offers a lot of protection.

OP definitely wanted an argument - but it can only have been for imaginary internet points.

Arguing with an AI is pointless - it's intellectual masturbation - and using biased and weak examples is, if anything, going to train the opponent to be more dumb. (Anyone else remember teaching Megahal to swear on IRC?)

To be fair, Emacs has had a package for that for years.

Can't get any worse and might even get better if there's enough shareholders who understand how to run a business and can keep a stupid ceo in check.

It takes years to build a good reputation in OSS, and only one dumb thing (like opt-out of personal data) to ruin it.

(Yes, IPs may be considered personal data in that they can be used to identify individuals, and so subject to the GDPR and, potentially, the very high fines associated with that. Unless you're evil, don't collect any personal or identifying data unless you absolutely have to, and very triple sure the user knows what you're sending and why)

We are writing to inform you that we have discovered two Home Assistant integration plug-ins developed by you ( https://github.com/Andre0512/hon and https://github.com/Andre0512/pyhOn ) that are in violation of our terms of service

Did the guy explicitly agree to their Terms of service? If not, how can he be in breach of them?

cease and desist all illegal activities

What illegal activities exactly?

Feels like unenforceable scare tactics, but IANAL.

The CEO just does what the board are pushing for

Too many people don't understand this.

Usually[1], CEO's exists mostly to be the public fall guy for the faceless board's decisions, and those are mostly shaped by the shareholder's unending drive for profit. The only real subtlety is whether that drive for profit is short or long term, which drives expansion policy.

[1] Certain high profile CEOs excepted, who have a lot of weight with the board's direction because they founded the company or are considered too valuable to lose.

Very poor title, like someone's just got their "Big Book of Clickbait"

Everything is under attack all the time, and everything is never-before-seen until it's seen.

Mate, why wait?,

Run to Linux, don't just run from Windows.