gobbling871 @ gobbling871 @lemmy.world

Posts

2

Comments

134

Joined

2 yr. ago

I use restic (and dejadup just to be safe) backing up to multiple cloud storage points. Among these cloud storage points are borgbase.com, backblaze b2 and Microsoft cloud.

9/10 desktop applications I use are flatpaks. Am on Arch and even when there's an AUR for a package I'd prefer to use Flatpak. Just so I can use Flatseal to control permissions access on my applications.

I don't really care that much for Oracle's role in Linux but IBM's Red Hat is clearly the drunk guy here.

Yes. What they say and their actions are entirely contradictory in my own warped view.

But good thing am not the only one who seems to think so 🤪 as clearly Oracle and SUSE agree with this view.

Just because they said that they don't think RHEL clones contribute to the RHEL ecosystem doesn't mean that it is entirely true. Are you new to PR speak?

More contributions to Linux from parties other than RHEL don't help RHEL. That's literally the view they have taken since their announcement.

Jellyfin, AdGuard Home, Nextcloud, Syncthing, Invidious, SearxNG

Found the millenial.

I remember losing Google Authenticator data when I had to format my phone. This was years back and didn't have too many accounts setup. With Aegis I have an offline encrypted backup of all my 2FA codes so this is no longer a possibility. Before Aegis I was tempted to use Authy before I had to wait 24hrs to gain my access back after I reset my phone.

2FA on Android has always sucked (lazily created; app data CANNOT constitute and/or subsitute device trust). I wish I had got on to Aegis earlier.

fast way to get secure boot to work

vs best use of secure boot. Your pick.

Your GRUB can be encrypted behind FDE and iirc there is also an option to create a password for grub. So far I haven't seen cases of bootloaders being compromised/bypassed so we are not there yet.

Pretty sure there's not a lack of guides for setting up secure boot on Ubuntu/Debian, unless you are looking for something specific.

While I don't know how well your hardware can work with secure boot, this is a good guide to get started on Arch. https://swsnr.de/2022/01/06/install-arch-with-secure-boot-tpm2-based-luks-encryption-and-systemd-homed.html Don't know how well Debian supports any of the mentioned tools but you probably shouldn't be going with Debian's implementation of secure boot as it uses Microsoft's keys.

I use TPM pcrs 0,1 and 7 with no issues across reboots and zero prompts to unlock LUKS as dracut resigns my kernel images on every update.

Relatively fast updates, AUR, PKGBUILD, Downgrade, the Wiki, the community, not controlled by some corporate entity, no telemetry, and last but not least the logo ;)

Even though minimal, the risk of security patches introducing new changes to your software is still there as we all have different ideas on how/what correct software updates should look like.

Mostly because stability is usually prioritized above all else on servers. There's also a multitude of other legit reasons.

Nothing too fancy other than following the recommended security practices. And to be aware of and regularly monitor the potential security holes of the servers/services I have open.

Even though semi-related, and commonly frowned upon by admins, I have unattended upgrades on my servers and my most of my services are auto-updated. If an update breaks a service, I guess its an opportunity to earn some more stripes.

Most people do not have to a reason to care about privacy, until the day their private comms/data gets leaked and abused is when they will give a damn.

Opt-in = Low value metrics

Opt-out = Better metrics

If I read that right, looks like Fedora is justifying application of opt-out metrics as long as there's little/no PII present in the data collected.

That said, Fedora Legal has determined that if we collect any personally-identifiable data, the entire metrics system must be opt-in. Since we are only interested in opt-out metrics due to the low value of opt-in metrics, we must accordingly never collect any personally-identifiable data.

Looks like this statement contradicts with their goal.

Basically, have fine tuned my setup so much that it's almost impossible to think of another distro.

So many powerful tools that are not easy to find on other distros.