- 1 Post
- 30 Comments
Short TL;DR: nothing burger
Longer TL;DR: Linus sees bad changes to the git tree by Kees Cook that he interprets as being of human origin and intentional, calls them “malicious” changes and orders that Kees Cook’s privileges be revoked. Turns out that the “git-filter-repo” tool being used was actually the culprit as it is very powerful and incorrect usage explains the changes. Discussion then moves toward implementing safety checks in the tooling. Kees gets his permissions back.
14·1 month agoFor those out of the loop: https://news.itsfoss.com/organic-maps-fork-comaps/
Wow this is big news, Comaps is the fork of Organic Maps: https://news.itsfoss.com/organic-maps-fork-comaps/
Let’s be careful to remember that there are different levels of effort and understanding required for different levels of security and privacy. GrapheneOS has taken the approach of offering harm reduction, with sane defaults and options that allow advanced users to take near-complete control over their device (within the limits of the Pixel hardware). This is obvious by their inclusion of the sandboxed Google Play Store as a major feature of the OS, as it is much better than the situation on Google’s Android. It is also not installed by default, forcing users to at least somewhat educate themselves in order to install it.
Accrescent is right in line with this philosophy, and is also not installed by default. Of course if your threat model (or desire) is to achieve the highest level of online anonymity and to have a completely FOSS system, you should not use it… of course you probably shouldn’t use FDroid either, in that case, and should build from source. However, you are clearly in a situation where your threat model does not require those lengths, and FDroid is more of a principled choice.
I think its pointlessly inflammatory to call Accrescent “dangerous” just because it allows for non-FOSS software. Now if you want to criticize whether or not it is fulfilling its stated goals, that is another story.
7·1 month agoNo, he had access but clearly the router admin interface wasn’t set up to allow remote access. He then needed to access the router from a browser inside the LAN, and he did have the proxmox host configured correctly to access remotely.
Yeah knocking them over while active would probably not be the best, you can even hear the stress on the spindle bearings if you rotate a running hard drive. However you should be free to mount them (securely) in almost any orientation given the discussion in this old post: https://www.silentpcreview.com/forums/viewtopic.php?t=21533&postdays=0&postorder=asc&start=0
CIA surveillance birds 😱
For accessing reddit behind a vpn there is a very reliable system of frontends. Here is the instance I use: https://redlib.freedit.eu/
2·2 months agohttps://github.com/jersou/mouse-actions
It’s recommended by the easystroke dev too: https://github.com/thjaeger/easystroke/wiki
🤔 shit… you right
Then why does the post say “we are looking” as if you are part of a group or team related to this?
Lmao this is amazing. The future is now…
The openSUSE matrix server had this happen last year, and the admins came up with a good solution of bots that seems to keep things very clean now. I’m sure they might be happy to help if you asked in their admins group
If you set up the system like openSUSE then it makes sense snapper would work. I’d look at the openSUSE docs, its not like btrfs is different in Gentoo right? https://en.opensuse.org/SDB:BTRFS#Default_Subvolumes
0·4 months agoMaybe because… automatically recording calls is literally illegal in some places around the world? It should probably be user choice to opt in to that so it wouldn’t be on by default. And then, if you have it on while travelling, you could forget and break the law when going through a jurisdiction that does not allow it. Better to explicitly allow for each call, like it does currently.
71·5 months agoYeah… I’m laughing at this guy saying the AUR is much better than installing from a random Github repo. Same level of trust haha.
Also, not everybody NEEDS to know how something works to use it. And, just getting someone onto Linux in the first place with a 90% working system seems better to me than them working hours and hours to build a minimal system in Arch … because it would take even more hours to replicate their workflow on Windows or Mac. I think this is a great example of “perfect is the enemy of good” when trying to get people to adopt something.
However, I definitely believe that if you want perfection, you go to Arch or a derivative and you do it yourself, no automation. But that should be a choice… I do plan on one day switching from Tumbleweed to Arch, but I am not ready for the time commitment. Plus, NVIDIA finally fixed their shit, so I want to enjoy playing games for a while now that the weird issues and visual artifacts caused by the old non-explicit-sync drivers are gone!
Yeah I actually am slowly realizing that I agree with that. Lots of bigots in Phoronix comment sections… and that doesn’t even include the obviously psychotic rants, its just the ones that unashamedly shit on DEI all the fucking time
Depends on what your definition of winning is. If we reach a state where it is literally impossible to run your own software without heavy hardware modification, which would exclude 99.9% of users, that would be like big tech winning in my book. That’s why right to repair is important, and we probably also need laws to prevent OEMs from disallowing the use of alternate OS.