I just use termux + the simple http server built into python
Fun fact: you don't need to add the nixpkgs channel for the determinate systems installer, even when using channel commands or other things since it adds an option to your nix.conf to reference the nix flake for nixpkgs.
I don't know how to update this flake though.
Zotero is a citation manager, with a firefox extension to save an article (but really, a tab) with one click.
It also has fulltext search. You can search snapshots of everything you save.
"But I can't save all my tabs at once"
(There are some solutions, but nothIng official)
Save as you go. Computers simply don't have enough ram for 2000 tabs.
Anyway, it also seems to be able to run javascript plugins, and I saw you have some experience with that.
It also has support for folders, so you can organize it a bit better than tabs work for that.
There's also the needy users that create tickets for every prompt, dialog, message, delay.... Pretty much anything that could happen at all ever, whether it affects their ability to do their work or not.''
This could be weaponized incompetence. "Oh I keep having issues with my computer that interfere with my work, so I can't work and IT is incompetent and can't help me, look at all these tickets and how long IT takes. I just can't get any work done!"
You could say the same thing about sudo. Sudo's codebase is massive, compared to alternatives like doas, but it comes with many features doas does not have, like being able to ask a remote LDAP server if a user will be able to escalate.
I find it absurd that we have just simply accepted the idea of a setuid binary with built in networking code, as our primary admin escalation tool. 100,000+ lines of C code, code that has had multiple buffer overflow exploits*, in a setuid binary, just for temporary admin privileges. Does that seem necessary to you?
Polkit provides an alternative to that. If you don't need the features, then fine, you don't have to use run0 — but then you can't use sudo without being a hypocrite. No longer do I have to have rely on a setuid binary that tries to do everything in one program when I really need sudo's features, instead polkit handles authentication (including asking remote resources if an action is okay), and run0 handles actual escalation.
In another comment in this thread, you mention sudo being lightweight — which is outright false. Compared to doas or su, it's extremely heavyweight, and with that complexity comes more risk of vulnerabilities. You also mention pkexec, for executing with polkit, but pkexec is also setuid, and has many of the same pitfalls.
*Buffer overflow exploits in sudo:
No one complained when s6, another init system, also offered a sudo alternative (before systemd did, too). But when Poettering does it, it's bad and wrong and ununixlike!
Maybe setuid has been extremely problematic, and more than one entity has sought alternatives?
Yeah, I read that manual but it didn't answer my question.
The big problem is that the arch wiki describes a setup with nested subvolumes first (in a subvolume below @ or whatever your root subvolume is), but then suggests in a tip to use a subvolume directly below the top level subvolume. The limitations mentioned in that manual don't seem to apply to either setup, as they would prevent swap from working, which is not the case. I have tested both setups and they work fine — or so it seems. I'm worried there is some hidden gotcha I'm missing.
in addition to that, some of those limitations simply don't apply to my setup, as I only have a single device.
According to the archwiki article on a swapfile on btrfs: https://wiki.archlinux.org/title/Btrfs#Swap_file
> Tip: Consider creating the subvolume directly below the top-level subvolume, e.g. @swap. Then, make sure the subvolume is mounted to /swap (or any other accessible location).
But... why? I've been researching for a bit now, and I still don't understand the benefit of a subvolume directly below the top level subvolume, as opposed to a nested subvolume.
At first I thought this might be because nested subvolumes are included in snapshots, but that doesn't seem to be the case, according to a reddit post... but I can't find anything about this on the arch wiki, gentoo wiki, or the btrfs readthedocs page.
Any ideas? I feel like the tip wouldn't just be there just because.
https://tryhackme.com/games/koth
There is also overthewire warzone, a private network simulating the entire ipv4 internet, where any device is fair game for hacking.
It's bad to brush your teeth after eating.
The reason for that is that when acids are in the mouth, they weaken the enamel of the tooth, which is the outer layer of the tooth,” Rolle says. Brushing immediately after consuming something acidic can damage the enamel layer of the tooth.
Source: https://www.cuimc.columbia.edu/news/brushing-immediately-after-meals-you-may-want-wait
Xplore file browser
It's trivial to replace the independent pieces of xplore, but it has so many features in one app that I just can't let it go. It's got dual pane file browsing, disk usage chart, smb, ftp, and many other cloud storage connections. It also handles many types of compression.
It's become my main offline music player as well, because it has the simple ability to shuffle a folder of music, which is all I really need.
It can also view installed apps, export them to apk, and view and modify appdata (as non root!).
However, freshtomato is another router firmware, that isn't as feature rich or well supported as opwnwrt, but is focused on supporting broadcom chipsets.
https://wiki.freshtomato.org/doku.php/hardware_compatibility
I flashed it to my netgear router with a broadcom chipset, it works wonderfully!
Its like people only watched the opening scene and the one in which he murders Allen.
And the business card scene. But yeah, I think a large portion of people didn't watch the actual movie, and only saw those three clips on youtube (including me).
I can spiral my tongue, so that the front part is fully upsidr down - but only to the left. I can't rotate it to the right at all for some reason, it's like the equivalent muscles are missing.
After Twitter went to shit, where else do customers have to go for customer support like this?
Admittedly, I didn't read the article, but I have seen plenty of other cases woth cloudfare or other big providers where people have only been able to set things right by kicking up a fuss on social media --- like that recent one with amazon aws.
Old version docs tend to offer you a redirect to more recent docs
Sadly, the docs, I've worked with (openstack and ansible) frequently, don't do this. They have a button to go to the latest version of the docs, but not to the equivalent page on the latest version. This means I have to find the equivalent page again, from the integrated search usually.
And yes, a lot can change between versions. New features can get added that solve your problems or older stuff can get removed.
Putting something on GitHub is really inconsequential if you’re making your project open source since anyone can use it for anything anyway,
Except for people in China (blocked in China) or people on ipv6 only networks, since Github hasn't bothered to support ipv6, cutting out those in countries where ipv4 addresses are scarce.
So yes, it does matter. Both gitlab and codeberg, the two big alternatives, both support ipv6 (idk about them being blocked in china). They also support github logins, so you dob't even need to make an account.
And it's not a black or white. Software freedom is a spectrum, not a binary. We should strive to use more open source, decentralized software, while recognizing that many parts are going to be out of our immediate control, like the backbone of the internet or little pieces like proprietary firmware.
Ventoy. I love it so much, being able to have more than one bootable iso and storage on a usb.
Although, it is slower to boot the more folders you have, since it scans all folders, but this is configurable
I use nix-shell to get the ventoy cli for when I need to install it to a usb stick.
I agree with this.
Sometimes I've seen people complain about people using asklemmy for not askreddit style questions, but I actually think that's ok and I'm in favor of that as it means more discussion, content, and visibility.
Eventually asklemmy will reach "critical mass", and split into more niche communities.
I've been watching this for a while now.
Most interesting is:
https://github.com/snowfallorg/nix-software-center , a GUI software center for nix
And https://github.com/snowfallorg/nixos-conf-editor , a GUI config editor for nix
I've recently done some talks for my schools cybersecurity club, and now I want to edit them.
My actual video editing needs are very simple, I just need to clip parts of the video out, which basically every editor can do, as per my understanding.
However, my videos were recorded from my phone, and I don't have a presentation mic or anything of the sort, meaning background noise, including people talking has slipped in. From my understanding, it's trivial to filter out general noise from audio, as human voices have a specific frequency, even "live", like during recording or during a game, but filtering voices is harder.
However, it seems that AI can do this:
https://scribe.rip/axinc-ai/voicefilter-targeted-voice-separation-model-6fe6f85309ea
Although, it seems to only work on .wav audio files, meaning I would need to separate out the audio track first, convert it to wav, and then re merge it back in.
Before I go learning how to do this, I'm wondering if there is already an existing FOSS video editor, or plugin to an editor that lets me filter the video itself, or a similar software that works on the audio of videos.
cross-posted from: https://programming.dev/post/6822168
I was watching a twitch streamer play the game pogostuck (A game similar in frustration and difficulty to Getting over it with Bennett Foddy — Don't Fall!).
They were also reading chat at the same time (usually out loud, as well). Multitasking.
Lots of sources (here's one) say that true multitasking is impossible. Rather, it's very fast switching, where there is a degradation of performance.
Knowing this, I naturally made it my mission to trip the streamer up with seemingly benign messages.
I was sharing some actual information about another streamer who beat another game, but a made a typo something like:
> I remember a streamer beat the game a game ...
And I noticed how much more the streamer struggled to read this compared to previous, accidental typos (missing spaces, extra spaces, etc.). He spent a good 5 seconds on this message, and during the process, he fell really far. 😈
So I decided to do some testing. Inserting words, swapping them around, and whatnot, to see what tripped him up the most. Most typos didn't affect him.
There was one typo that tripped him again, where I said something like:
> If it wasn't for a for
So it seems to be repetition? But I couldn't always replicate this with other forms of repetition.
Later on, I copied the two guards riddle, with an alteration:
> One of the guards always lies and the other always lies as wekk. You don't know which one is the truth-teller or the liar either. However both guards know each other
Sadly, I didn't cut the part about "don't know which is truth teller or liar" out.
The streamer spent a good 5 minutes interpreting this puzzle, and eventually interpreting it as the original puzzle. Then, he was trying to solve a riddle, game, and read chat all at once.
He was stuck on the bottom until he gave up on the riddle (I revealed that I meant what I said when I said both guards lie). 😈
Anyway, that was a bit off topic but still relevant.
I'm wondering if any studies have been done on this? I know studies have been done on human's ability to read words with the letters partially scrambled, but what about typos?
How can I improve my distraction game (with plausible deniability of course)?
I was watching a twitch streamer play the game pogostuck (A game similar in frustration and difficulty to Getting over it with Bennett Foddy — Don't Fall!).
They were also reading chat at the same time (usually out loud, as well). Multitasking.
Lots of sources (here's one) say that true multitasking is impossible. Rather, it's very fast switching, where there is a degradation of performance.
Knowing this, I naturally made it my mission to trip the streamer up with seemingly benign messages.
I was sharing some actual information about another streamer who beat another game, but a made a typo something like:
> I remember a streamer beat the game a game ...
And I noticed how much more the streamer struggled to read this compared to previous, accidental typos (missing spaces, extra spaces, etc.). He spent a good 5 seconds on this message, and during the process, he fell really far. 😈
So I decided to do some testing. Inserting words, swapping them around, and whatnot, to see what tripped him up the most. Most typos didn't affect him.
There was one typo that tripped him again, where I said something like:
> If it wasn't for a for
So it seems to be repetition? But I couldn't always replicate this with other forms of repetition.
Later on, I copied the two guards riddle, with an alteration:
> One of the guards always lies and the other always lies as wekk. You don't know which one is the truth-teller or the liar either. However both guards know each other
Sadly, I didn't cut the part about "don't know which is truth teller or liar" out.
The streamer spent a good 5 minutes interpreting this puzzle, and eventually interpreting it as the original puzzle. Then, he was trying to solve a riddle, game, and read chat all at once.
He was stuck on the bottom until he gave up on the riddle (I revealed that I meant what I said when I said both guards lie). 😈
Anyway, that was a bit off topic but still relevant.
I'm wondering if any studies have been done on this? I know studies have been done on human's ability to read words with the letters partially scrambled, but what about typos?
How can I improve my distraction game (with plausible deniability of course)?
Launch a fresh docker container per SSH connection - GitHub - OverTheWireOrg/docker-tcp-switchboard: Launch a fresh docker container per SSH connection
cross-posted from: https://programming.dev/post/5669401
> docker-tcp-switchboard is pretty good, but it has two problems for me: > > * Doesn't support non-ssh connections > * Containers, not virtual machines > > I am setting up a simple CTF for my college's cybersecurity club, and I want each competitor to be isolated to their own virtual machine. Normally I'd use containers, but they don't really work for this, because it's a container escape ctf... > > My idea is to deploy linuxserver/webtop, as the entry point for the CTF, (with the insecure option enabled, if you know what I mean), but but it only supports one user at a time, if multiple users attempt to connect, they all see the same X session. > > I don't have too much time, so I don't want to write a custom solution. If worst comes to worst, then I will just put a virtual machine on each of the desktops in the shared lab. > > Any ideas?
Launch a fresh docker container per SSH connection - GitHub - OverTheWireOrg/docker-tcp-switchboard: Launch a fresh docker container per SSH connection
docker-tcp-switchboard is pretty good, but it has two problems for me:
- Doesn't support non-ssh connections
- Containers, not virtual machines
I am setting up a simple CTF for my college's cybersecurity club, and I want each competitor to be isolated to their own virtual machine. Normally I'd use containers, but they don't really work for this, because it's a container escape ctf...
My idea is to deploy linuxserver/webtop, as the entry point for the CTF, (with the insecure option enabled, if you know what I mean), but but it only supports one user at a time, if multiple users attempt to connect, they all see the same X session.
I don't have too much time, so I don't want to write a custom solution. If worst comes to worst, then I will just put a virtual machine on each of the desktops in the shared lab.
Any ideas?
So basically, my setup has everything encrypted except /boot/efi. This means that /boot/grub is encrypted, along with my kernels.
I am now attempting to get secure boot setup, to lock some stuff, down, but I encountered this issue: https://bbs.archlinux.org/viewtopic.php?id=282076
Now I could sign the font files... but I don't want to. Font files and grub config are located under /boot/grub, and therefore encrypted. An attacker doing something like removing my hard drive would not be able to modify them.
I don't want to go through the effort of encrypting font files, does anyone know if there is a version of grub that doesn't do this?
Actually, preferably, I would like a version of grub that doesn't verify ANYTHING. Since everything but grub's efi file is encrypted, it would be so much simpler to only do secure boot for that.
And yes, I do understand there are security benefits to being able to prevent an attacker that has gained some level of running access to do something like replacing your kernel. But I'm less concerned about that vector of attack, I would simply like to make it so that my laptops aren't affected by evil maid attacks, without losing benefits from timeshift or whatnot.
I found the specific commit where grub enforces verification of font files: https://github.com/rhboot/grub2/commit/539662956ad787fffa662720a67c98c217d78128
But I don't really feel interested in creating and maintaining my own fork of grub, and I am wondering if someone has already done that.
I'm having trouble with networking on linux. I am renting a vps with only one NIC, one ipv4 address, and a /64 range of ipv6 ones. I want to deploy openstack neutron to this vps, but openstack neutron is designed to be ran on machines with two NIC's, one for normal network access, and entirely dedicated to virtualized networking, like in my case, giving an openstack virtual machine a public ipv6 address. I want to create a virtual NIC, which can get it's own public ipv6 addresses, for the vm's, without losing functionality of the main NIC, and I also want the vm's to have ipv4 connectivity. I know this setup is possible, as the openstack docs say so, but they didnt' cover how to do so.
Docs: https://docs.openstack.org/kolla-ansible/latest/reference/networking/neutron.html#example-shared-interface
There is an overview of what you need to do here, but I don't understand how to turn this into a usable setup. In addition to that, it seems you would need to give vm's public ipv4 addresses, in order for them to have internet connectivity. I would need to create a NAT type network that routes through the main working interface, and then put the neutron interface partially behind that, in order for ipv4 connectivity to happen.
I've been searching around for a bit, so I know this exact setup is possible: https://jamielinux.com/docs/libvirt-networking-handbook/multiple-networks.html#example-2 (last updated in 2016, outdated)
But I haven't found an updated guide on how to do it.