• 0 Posts
  • 19 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle

  • If you’d like to look into it further. the +i flag in chattr is setting an attribute making the file (everything in Linux is a file, so yes this even means directories) immutable. When a file is immutable, it isn’t possible to change the ownership, group, name, or permissions of the file, nor will you be able to write, append, or truncate the file.

    It’s been a while since I’ve used it, but I don’t believe it’s possible to have an immutable directory where you can still modify the contents therein, but I may be misremembering that. It would seem unlikely since adding content to the directory should require that you modify the links for the directory, which shouldn’t be allowable with an immutable object?

    It’s possible that the +a chattr attribute may achieve what you’d prefer. I believe that flag will make it so that files (and again, everything in Linux is a file) can be created and modified, but never deleted. I’ve actually never used this one, but I can foresee how this still may not be ideal for your wishes since updates to games may expect to be able to delete old content which would be thwarted here. 🤷


  • The Nissan Connect stuff doesn’t work anymore for any of the 2016 Leafs, they used a form of cell service that is no longer in operation.

    I swapped a nice Kenwood head unit into my Leaf for a couple hundred dollars. It maintains the backup camera, steering wheel controls, and the built in USB port while offering a larger screen and touch screen controls for Android Auto or Apple Car Play if you want them. It’s awesome and I highly recommend it for anyone who wants a short range commuter car.



  • If gaming with Nvidia hardware is your primary concern, then maybe Bazzite would suit you. It’s based on Immutable Fedora, with tweaks to give it a SteamOS like experience. It offers Gnome or KDE for the desktop, and supposedly has everything dialed in for gaming. I’ve heard a bunch about it doing great with Nvidia cards and gaming in general, I suspect that you’d be able to do everything else you might need via the desktop it provides, but I have no knowledge of how it handles multiple monitors so maybe therein lies the fatal flaw.


  • I assume this is a Stargate thing and that there aren’t actually that many Skeptical Guide podcasts out there.

    I haven’t got any dog in the Stargate fight, I’ve seen the original movie (good) and watched the Richard Dean Anderson TV series (better than the movie) for a while before it just fell off my radar? I’ll take your word for it that Stargate Universe is the lesser of the Stargate properties.

    SGU in my comment obviously is referring to the Skeptics Guide to the Universe aka, the linked podcast.


  • If you use a fancy official VPN client from Mullvad, PIA, etc, you won’t need this since most clients already have a kill switch built in (also called Lockdown Mode in Mullvad).

    According to the researchers

    The result of this is the user transmits packets that are never encrypted by a VPN, and an attacker can snoop their traffic. We are using the term decloaking to refer to this effect. Importantly, the VPN control channel is maintained so features such as kill switches are never tripped, and users continue to show as connected to a VPN in all the cases we’ve observed.

    Killswitches are insufficient protection since the TunnelVision attack never disables the VPN tunnel. The TunnelVision attackers are instructing your physical layer connection to route everything through a node of their choosing rather than killing your VPN connection, and since the VPN connection never drops, a killswitch will never engage. The VPN stays up, thinking it is doing a good job, but in the meantime your network interface has been instructed to route no traffic through the VPN and instead route everything to the location of the attacker’s choosing. I have heard that a couple of VPNs think their clients are not vulnerable here, but I haven’t seen independent conclusive proof one way or the other yet.

    I suspect that your “Solution” also fails to mitigate the issues in TunnelVision because it allows LAN access to the physical interface. In a TunnelVision attack the hostile has to be on your LAN (or rather the same LAN you are on since I suspect that “The coffee shop wi-fi” is the more likely network for an attack like this) already, so if they’re going to tell your interface to route traffic somewhere else, in all likelihood that somewhere else will already be in the same LAN you are and their exfiltration will be allowed under your configuration.


  • I’ve never listened to Rogan*, but I think https://www.theskepticsguide.org/podcasts does an excellent job of talking about current news and science items in an easily digestible format that mostly avoids bullshit while probably filling the same gee-whiz niche that people expect from Rogan? It’s a panel, so not a single muscular male host, but I think if your sibling is pursuing Rogan because they think it’s helping expose them to new interesting ideas, SGU is a vastly superior route to that end.


    *I actually think my only Rogan exposure has been the SGU talking about how he more or less just believes the last thing anyone told him, whatever that might be, which seems… less good?





  • I’ve dabbled with Linux on Mac hardware a couple of times and I’ve got to say that Linux DEs generally hew closer to Windows conventions than Mac ones and I found using the Mac keyboard with Linux to be a dreadful experience without the fact that the chiclet keyboards are the worst shit I’ve ever put my fingers on.

    I very quickly snagged a standard mechanical qwerty 104 key with brown switches and cursed every moment that I had to use that abominable keyboard built into the stupid MacBook. Apple seems determined to do things different for the sake of different as much as they possibly can and trying to adapt all their nonsense to the Win/Lin way of doing things made my life worse in numerous ways (most DEs have great remapping for keys and such, but it gets messy fast if you’ve got apps from different paradigms.)

    I’d very much recommend against going out of your way to get a Mac keyboard for using Linux unless you enjoy fighting against things. But hey, if that’s your kink, then a Mac keyboard with Linux would be my recommended way to go.


  • My suggestion would be to reframe your thesis. Rather than consuming content, change your perspective to one where you are appreciating art.

    The world is vast and full of amazing things, you don’t need to feel like you’re wasting time when you dedicate that time to appreciating art that you love. There are books, games, movies, short form video essays, podcasts, and all sorts of things that are real expressions of the human experience from different angles, which is what art is, and there’s nothing wrong with appreciating that art, learning something from it, and growing your understanding.

    Unless you’re harming yourself or others by enjoying the art you enjoy, just keep on doing it.

    That said, if you really want something else, gaming is (IMO) a great way to spend some time, tabletop or video. Learning a programming language is another one and can lead to very fulfilling paths where you can make things that you enjoy and easily share them with others.



  • A process running as root does not need a prompt or any user interaction to do whatever the hell it wants on most (nearing ALL, but I’d be wary of absolutes with Linux) systems. I’m unaware of any means that a Desktop Environment could restrict a process running with root permissions by requiring an interactive prompt of some sort for anything. If your DE is running as root, all of its children are also running as root (unless you’ve rigged things up to run explicitly as other users) which means just about anything you are doing could be running rampant malicious actors on your system and nothing would seem amiss until it made itself evident.

    Now, it does seem unlikely that anyone has written any malicious code that would run in a browser expecting to be root on a Linux system, so that’s likely the saving grace here, but that’s only security through obscurity and that’s not much to hang your hopes on for any system you care about.