MalReynolds @ MalReynolds @slrpnk.net

Posts

11

Comments

1,030

Joined

2 yr. ago

Thinkpads have long had first tier linux support, in fact many models have shipped with linux for at least a decade (?), checking that is a really good way to be sure, but you're going to be fine with W, P, T, X lines, many enthusiasts make light work. They were deployed (might still be) to Red Hat kernel devs for a long time, which helps things along. Fingerprint drivers tend to be proprietary and hit or miss, but passwords work.

Honestly learning to install linux yourself, and configure it to your liking, is actually, imo, a really important path to learning and you're likely doing yourself a disservice avoiding it. It's part of the avoidance of vendor lock in you want. Installation is surprisingly easy now, start with something simple, Mint is often recommended these days, find a decent, recent, youtube and you'll probably be up and running in an hour. Find the apps you need for your workflow (which will take considerably longer). Get familiar with the terminal. Best thing you can do after that is burn it down and install a new distro, leaving any mistakes behind, keeping your list of apps. Arch if you want to get really deep into it, or Fedora / Bazzite are good choices and very stable. Best of luck.

Well done.

Please let Dutton (also, Voldemort, Potatohead etc, Australian conservative leader) be next :)

I replied to @muntedcrocodile@lemm.ee and understood the question like “Is distrobox as secure as QubesOS?”, which I replied with “No”.

Ahh, fair cop. Good point on Secureblue, but my threat model doesn't take me there.

Eh, it's fedora under the hood with SELinux enabled, and immutable, better than most security wise, I didn't say much more.

Bazzite is the better distro because you install things in a distrobox. Muck around, break things in there, but your main distro stays safe, secure and stable.

Hear hear, and manufacture drones (aerial, not just naval), lots of drones, just look how effective they are in Ukraine. As long as you keep AI out of it. Wow, that vid is 8 years old now, still effective. You could literally encircle the country in overlapping drone ranges for less than one sub I'll bet. Sure would be nice to lead instead of follow for once.

Perhaps not saved, but I'd venture the most significant nail in the coffin of the scientific publishing mafia so far, pursued with integrity and honor. The rise of open publishing that followed is very telling, and in my mind directly attributable to Alexandra's work and it's popularity, they know they need to adapt or (probably and) die.

Still need to work on the publish or perish mentality, getting negative results published, and getting corporate propaganda out of the mix, to name a few.

You can cycle the smaller drives to cold backup, that's not a waste. You do have backups, which RAID is not, right?

Sure, works fine for inference with tensor parallelism, USB4 / thunderbolt 4/5 is a better (40Gbit+ and already there) bet than ethernet (see distributed-llama). Trash for training / fine tuning, that needs higher inter GPU speed, or better a bigger GPU VRAM.

Yeah, I have a broader view of the phrase, which includes complacency (not actively working at alternatives) as well as just voting, seems most agree with you.

Valid point.

many people believe that “funding” something equals to “controlling” it.

Pretty much the definition of soft power, which an awful lot of politicians believe in.

US funding having been a toxic source of dependency, and it being better in the long run to get money elsewhere.

Yup, pretty much my intent, that and the insecurity it engenders, rather surprised by the reaction.

How could you read it that way ? I'm saying eventually they were going to conflict with the interests of the US (oligarchs and techbros) and lose funding. Shocker, it happened under cheeto.

Not a good thing, just an inevitable one, as they conflict with the interests of the US (oligarchs and techbros).

Oh No ! Leopards Ate My Face.

Better off in the long run.

I took some trouble to make it a higher priority in my personal SearxNG engine In counterpoint, when it actually throws something up, I listen.

Fair enough, I got the wrong impression with the post (which I did read) finishing with

It is not impossible to circumvent these issues, for instance by paying for a jmp.chat phone number with monero XMR. In this case you don’t actually have the sim, but rather access it remotely over XMPP. If you do this over Tor very little can be used against you.

and so on, which I found wanting from a privacy perspective at the implied threat level. No phones (or perhaps faraday bags, or aircraft mode, if tested, depending on threat model) is a much more astute take home, hence the spycraft suggestion.

Anyhow, best of luck.

Agreed, and now I'm whistling.

So, your key takeaway seems to be getting an untraceable phone number. From an opsec point of view I see a few problems.

First, this is implicitly aimed at going against state level actors, which is a whole other game than random internet services. With that in mind...

You assume TOR is actually anonymous, but it has been shown that with enough compromised exit nodes that fails. It's also a NSA project originally, which may or may not be relevant, the code may be good and is open and has had eyes on, but at the least shows they are intimately familiar with it.

You assume acquisition of Monero is uncompromised and untraceable. Perhaps cash at a machine might be pretty good, but a camera could easily invalidate it, or the machine itself be compromised, wouldn't be hard to imagine a profit motive or false flag driving that.

What's the security implications of the XMPP protocol ? Just using TOR may not be enough (I don't know, just asking the questions). What about the other end of the phone call?

One approach, especially for local efforts, is just using old school spycraft, dead drops, one time pads etc.

You asked for feedback.