System-wide/background push-to-talk (PTT) voice chat without registration or having to run my own server (to replace Discord)?
kevincox @ kevincox @lemmy.ml Posts 6Comments 809Joined 4 yr. ago
kevincox @ kevincox @lemmy.ml
Posts
6
Comments
809
Joined
4 yr. ago
This is my dream. However I think my target market is smaller and less willing to pay (personal rather than business). However maintenance is low effort and I want the product for myself. So even if it doesn't make much or anything I think I will be happy to run it forever.
The ultimate dream would be to make enough to be able to employ someone else part time, so that there could be business continuity if I wasn't able to run it anymore.
There is definitely isolation. In theory (if containers worked perfectly as intended) a container can't see any processes from the host, sees different filesystems, possibly a different network interface and basically everything else. There are some things that are shared like CPU, Memory and disk space but these can also be limited by the host.
But yes, in practice the Linux kernel is wildly complex and these interfaces don't work quite as well as intended. You get bugs in permission checks and even memory corruption and code execution vulnerabilities. This results in unintended ways for code to break out of containers.
So in theory the isolation is quite strong, but in practice you shouldn't rely on it for security critical isolation.
where you have decent trust in the software you’re running.
I generally say that containers and traditional UNIX users are good enough isolation for "mostly trusted" software. Basically I know that they aren't going to actively try to escalate their privilege but may contain bugs that would cause problems without any isolation.
Of course it always depends on your risk. If you are handing sensitive user data and run lots of different services on the same host you may start to worry about remote code execution vulnerabilities and will be interested in stronger isolation so that a RCE in any one service doesn't allow escalation to access all data being processed by other services on the host.
IMHO it doesn't majorly change the equation. Plus in general a single-word comment is not adding much to the discussion. I like Podman and use it over Docker, but in terms of the original question I think my answer would be the same if OP was using Podman.
To be fair this doesn't sound much different than your average human using the internet.
The Linux kernel is less secure for running untrusted software than a VM because most hypervisors have a far smaller attack surface.
how many serious organization destroying vulnerabilities have there been? It is pretty solid.
The CVEs differ? The reasons that most organizations don't get destroyed is that they don't run untrusted software on the same kernels that process their sensitive information.
whatever proprietary software thing you think is best
This is a ridiculous attack. I never suggested anything about proprietary software. Linux's KVM is pretty great.
I think assuming that you are safe because you aren't aware of any vulnerabilities is bad security practice.
Minimizing your attack surface is critical. Defense in depth is just one way to minimize your attack surface (but a very effective one). Putting your container inside a VM is excellent defense in depth. Putting your container inside a non-root user barely is because you still have one Linux kernel sized hole in your swiss-cheese defence model.
I never said it was trivial to escape, I just said it wasn't a strong security boundary. Nothing is black and white. Docker isn't going to stop a resourceful attacker but you may not need to worry about attackers who are going to spend >$100k on a 0-day vulnerability.
The Linux kernel isn’t easy to exploit as if it was it wouldn’t be used so heavily in security sensitive environments
If any "security sensitive" environment is relying on Linux kernel isolation I don't think they are taking their sensitivity very seriously. The most security sensitive environments I am aware of doing this are shared hosting providers. Personally I wouldn't rely on them to host anything particularly sensitive. But everyone's risk tolerance is different.
use podman with a dedicated user for sandboxing
This is only every so slightly better. Users have existed in the kernel for a very long time so may be harder to find bugs in but at the end of the day the Linux kernel is just too complex to provide strong isolation.
There isn’t any way to break out of a properly configured docker container right now but if there were it would mean that an attacker has root
I would bet $1k that within 5 years we find out that this is false. Obviously all of the publicly known vulnerabilities have been patched. But more are found all of the time. For hobbyist use this is probably fine, but you should acknowledge the risk. There are almost certainly full kernel-privilege code execution vulnerabilities in the current Linux kernel, and it is very likely that at least one of these is privately known.
It is. Privilege escalation vulnerabilities are common. There is basically a 100% chance of unpatched container escapes in the Linux kernel. Some of these are very likely privately known and available for sale. So even if you are fully patched a resourceful attacker will escape the container.
That being said if you are a low-value regular-joe patching regularly, the risk is relatively low.
Docker (and Linux containers in general) are not a strong security boundary.
The reason is simply that the Linux kernel is far too large and complex of an interface to be vulnerability free. There are regular privilege escalation and container escapes found. There are also frequent Docker-specific container escape vulnerabilities.
If you want strong security boundaries you should use a VM, or even better separate hardware. This is why cloud container services run containers from different clients in different VMs, containers are not good enough to isolate untrusted workloads.
if Gossa were to be a virus, would I have been infected?
I would assume yes. This would require the virus to know an unpatched exploit for Linux or Docker, but these frequently appear. There are likely many for sale right now. If you aren't a high value target and your OS is fully patched then someone probably won't burn an exploit on you, but it is entirely possible.
I like trains because they are much more comfortable than airplanes (especially with TSA gymnastics) and I can do something interesting or productive rather than try to focus on the road for hours on end.
More likely the overlap of "running on Linux" and "needs to run AV software for compliance" is much smaller than "running on Windows" and the latter.
I'm sure people would notice if all of the major online services started crashing.
There are a few reasons. Some of them are in the users' interest. Lots of people phrase their search like a question. "How do I turn off the wifi on my blue windows 11 laptop?"
While ignoring stopwords like "the" and "a" has been common for a while there is lots of info here that the user probably doesn't actually care about. "my" is probably not helping the search, "how" may not either. Also in this case "blue" is almost certainly irrelevant. So by allowing near matches search engines can get the most helpful articles even if they don't contain all of the words.
Secondly search engines often allow stemming and synonym matching. This isn't really ignoring words but can give the appearance of doing so. For example maybe "windows" gets stemmed to "window" and "laptop" is allowed to match with "notebook". You may get an article that is talking about a window of opportunity and writing in notebooks and it seems like these words have been ignored. This is generally helpful as often the best result won't have used the exact same words that you did in the query.
Of course then there are the more negative reasons.
- Someone decided that you can't buy anything if your product search returns no results. So they decided that they will show the "closest matches" even if nothing is anywhere close. This is infuriating and I have stopped using many sites because of it.
- If you need to make more searches or view more pages you also see more ads.
There are some password managers where you need to either manually look up passwords and copy+paste or autotype them or select the correct password from a dropdown. Some of these will come with an optional browser extension which mitigates this but some don't really tract domain metadata in a concrete way to do this linking.
Some examples would be Pass which doesn't have any standard metadata for domain/URL info (although some informal schemes are used by various tools including browser-integration extensions) and KeePass which has the metadata but doesn't come with a browser extension by default.
The reason I say browser password manager is two main reasons:
- It is absolutely critical that it checks the domain to prevent phishing.
- People already have a browser and are often logged into some sort of sync. It is a small step to use it.
So yes, if you want to use a different password manager go right ahead, as long as it checks the domain before filling the password.
I don't think that is quite accurate.
We discovered many more Pluto-or-larger sized things that were closer to the sun than Pluto. It became increasingly obvious that there was nothing special about Pluto and we either needed to add hundreds of planets or "demote" Pluto.
You probably mean TOTP. OTP is a generic term for any one-time-password which includes SMS-based 2FA. The other main standard is HOTP which will use a counter or challenge instead of the time as the input but this is rarely used.
Tips for being secure online:
- Use your browser's password manager to generate random passwords.
- In the rare case you need to manually enter your password into a site or app be very suspicious and very careful.
- Never give personal information to someone who calls or emails you. If necessary look up the contact info of who called you yourself and call them back before divulging and details. Keep in mind that Caller ID and the From address of emails can be faked.
- Update software regularly. Security problems are regularly fixed.
That's really all you need. You don't even need 2FA, it is nice extra security but if you use random passwords and don't enter your passwords into phishing sites it is largely unnecessary.
I'm not an expert on modern alarm systems but it seems that it is very common and fairly inexpensive to have cellular data backup. Not every system has it, but many do. In that case cutting the main connection will likely result in someone appearing on site fairly quickly.
Many cameras also have some form of local buffering. So even if you are gone before someone does show up you still may find yourself recorded.
But at the end of the day just put a bag over your head and you can be gone by the time anyone shows up without leaving a meaningful trace. Other than the very top-end system security systems just keep the honest people honest.
Instead of system wide PTT per-app you may consider some software that mutes your mic for all apps as PTT, then just leave the mic "active" per-app.
I don't know if a tool that will do this but on my mouse I have configured a mic mute toggle. So I push to start and stop. However technically I don't think there is any restriction to setting up PTT via this mechanism.