The M6117C also isn’t the original and not that old. Also the 8MB of RAM aren’t true to the original.
I’m not sure. I occasionally use emulation. And I think it’s fine. Unless you’re a speed runner and need everything to be exact to the frame timing, you won’t notice. Certainly not for a desktop UI like the Win 3.11 on the photo. I guess it depends on the use-case.
Something like a FPGA or an ESP32 can also be repaired, replaced, programmed and most of the things a CPU or different architecture can do. And if the emulation layer doesn’t have too many flaws, it’ll be pretty realistic. Not exactly the same thing, but I think it’ll do for practically any use-case. And it comes with other benefits.
I think you’re allowed to do it just for the sake of it. But I often see people using an original SNES because “emulation is shit” and then they proceed to connect it to the TV set in their livingroom, which isn’t even close to the original experience because it adds lots of latency and doesn’t have interlacing and the colors are different than on a CRT, too. I think that’s just having strong opinions despite being uneducated. And I think I’m equally as well off with my Raspberry Pi and Emulationstation. (Which can also run DOS games.)
In the end everyone is entitled to their opinion. But this also isn’t the original (You can get an old Laptop… I have one with an 486.) But this isn’t the original but a replica. And it’s debatable (in my opinion) whether it’s the CPU architecture that does the realism, or other factors. I think for realism, you’d need a black and white liquid crystal display, a NiMH battery that degrades fast if you don’t charge it right and half the amount of RAM at most. And maybe just a floppy drive. The CPU is something you wouldn’t notice with the current state of technology.
Agreed. I think most prominently competitive gaming; development where you need to assure it later on actually works as intended on the target platform; and business stuff where parties are obliged by contract to guarantee something works flawlessly and keeps running that way - are good examples.
That laptop doesn’t look to me like it was intended to do any of that, so that’s maybe why I’m being a bit negative here. It’s cool and a nice idea, though…
(And we already have ARM-based retro machines, FPGA clones if popular processors available. So there is no need for them to do the exact same thing.)
Yesterday, there was a live scheduled by Louis Grossman, titled “Addressing futo license drama! Let’s see if I get fired…”. I was unable to watch it live, but now the stream seems to be gone from YouTube....
I’d be interested, too, if he and FUTO got to terms with their community and if they learned how licensing and trademarks work… Last thing I remember he claimed lots if things that weren’t true. And FUTO didn’t really address anything.
Grocery store prices are changing faster than ever before — literally. This month, Walmart became the latest retailer to announce it’s replacing the price stickers in its aisles with electronic shelf labels. The new labels allow employees to change prices as often as every ten seconds....
Seems the two German supermarket chains really like to have the same infrastructure everywhere. Everywhere I go the Aldis look exactly the same. They have slightly different products depending on the country. But the price tags, interior, … is basically the same. Okay and we don’t have “Flaschenpfand” everywhere… (deposit on the plastic bottles and the machines where you can return bottles.) I bet all of this makes it a lot easier for their techs and management. And it could also explain why they sometimes redo a store that still looks fine and fit it with the latest shenanigans.
And as an aside: I’ve shopped in the first Aldi store ever. It’s not far from where I live.
I am planning to create an open source project for a web application whose entire premise is to provide an otherwise paid service for free, so I am not planning to commercialize the project. This project is also a passion project. I seek to improve my skills by working on the application and I am not looking forward to expand it...
Those top level domains aren’t set in stone. The majority of TLDs can be used by anyone. It’s more what kind of image you want for your company/project. Lots of open-source projects have .org domains or .io
But you can choose whatever you like. Even a country domain is okay. But I personally wouldn’t choose .com for something open source. Look at the prices and go for .org unless that’s substantially more expensive with your registrar. (My opinion.)
If you want Linux on your phone. But Android is probably easier to use. Something like LineageOS or /e/ works pretty well. I’m not sure what kind of phone to recommend for that.
Our results show that women's contributions tend to be accepted more often than men's [when their gender is hidden]. However, when a woman's gender is identifiable, they are rejected more often. Our results suggest that although women on GitHub may be more competent overall, bias against them exists nonetheless.
I see Github as a mere tool. As I could use a proprietary operating system like Windows on my development computer, I can use Github to distribute the code. It doesn’t have that severe consequence to the open source project itself and works well. And it’s relatively transparent. Users can view issues etc without submitting to Microsoft. And it’s been the standard for quite some time.
I’m far more concerned with FLOSS projects using platforms like Discord, which forces their users to surrender their privacy and that actively contribute to the enshittification of the internet. I wouldn’t want to be part of that.
I think that’s a good question. And a nice video. The findings in the paper seem to arrive at that conclusion and we might need to find a better approach. Mind that (as he pointed out) it doesn’t rule out growth in AI. It just hints at probable stagnation with the current methods. I’m already fascinated by the current tech and the new possibilities. But AI is really hyped as of now and I too, think we should take the claims of the big AI companies with a grain of salt. I’m sure the scientists at OpenAI are already concerned with exactly this as they do research for the next generations of ChatGPT. It’s a bit of a bummer that lots of the research get’s done behind closed curtains and we’re going to have to wait for a bit longer to find out.
Seems in this case they got own domains and independent stores.
And Aliexpress and Temu are very different. Aliexpress seems to be a halfway decent platform. Never had any major issues with them, except what’s to be expected when importing stuff from China. I think it’s very similar to ordering the same thing on eBay.
Temu isn’t. That platform is made to harvest data and prey on their “customers”.
And I can’t comment on Wish. I haven’t been interested in cheap crap.
It’s a shame that nowadays everything “needs” a phone number. I just put in a proper prefix code and then all zeroes as a number if some company forces me to. That works for some of the websites. Some stores even print that on a shipping label. So it might supposedly be there for a reason. But I’ve never heard this helps if a parcel gets lost or something. They won’t call anyways and the real reason is they can store it in some database and depending on the exact business do all kinds of other stuff with it.
Hmm, I think summarization is a bad example. I’ve read quite some AI summaries that miss the point, sum up to a point where the simplification makes sth wrong or the AI added things or paraphrased and made things at least ambiguous. Even with the state of the art tech. Especially if the original texts were condensed or written by professionals. Like scientific papers or good news articles…
What I think works better are tasks like translating text. That works really well. Sometimes things like rewording text. Or the style-transfer the image generators can do. That’s impressive. Restoring old photos, coloring them or editing something in/out. I also like the creativity they provide me with. They can come up with ideas, flesh out my ideas.
I think AI is an useful tool for tasks like that. But not so much for summarization or handling factual information. I don’t see a reason why further research coudn’t improve on that… But at the current state it’s just the wrong choice of tools.
And sure, it doesn’t help that people hype AI and throw it at everything.
For me, Google video search, Google books (Internet Archive is good, but doesn’t always have the same stuff), Adobe InDesign (but in the process of learning LaTeX), and Typewise. As for the Google stuff, I liked Whoogle a lot, but almost all their instances seem to have been blocked or shut down. Also, apologies if this is...
It kind of ties into their argument that it’s more complex than that. And I’d agree. People always want simple answers to complex truths. Could very well be the case that you can’t say if Brave is “the best” without analyzing the threat scenario. Or even after doing that you end up with a list of both pros and cons.
I’d argue it’s not a defeatist attitude, since they included the proper solution. To “need new laws”. And that’s how we generally do it. We disallow companies ripping off people, despite that maybe providing a better profit margin. We force water parks to implement some minimum standards to prevent accidents, despite not caring about safety would cost them less. I’d argue it’s the same here. Just blaming it on the user isn’t the proper thing to do. It just doesn’t work for the general audience. Yes, you could do the water park inspection yourself, everyone could do some research which one is safe… And following that analogy everyone could get educated and use cash and GrapheneOS. But it’s not the correct approach to the issue as a whole. And it doesn’t really work.
That is correct. And I think the same dynamics are at play with some of the other currently discussed topics. For example things like recycling and the switch to renewable energies. You as an individual can do something about it. And it’ll make a difference for you and your life. And that’s also enough for me to do it. But it doesn’t really change anything in the broader picture. The rules foster egoistical behaviour. You’ll often suffer and have a competetive disadvantage against the people who think about themselves first. That’s why companies won’t participate in making the world a better place, because they have to stay competetive. And also 90% of people are somewhat uneducated and just think about themselves.
I think regulation is the only way to tackle these issue. Yes, you can pay attention to privacy and do recycling. But it won’t really do anything of substance for the environment or what companies try to do with your data. And it won’t change the situation.
They’re not infringing on your copyright, because you agreed to the following:
[…] you grant Reddit the following license to use that Content: When Your Content is created with or submitted to the Services, you grant us a worldwide, royalty-free, perpetual, irrevocable, non-exclusive, transferable, and sublicensable license to use, copy, modify, adapt, prepare derivative works of, distribute, store, perform, and display Your Content and any name, username, voice, or likeness provided in connection with Your Content in all media formats and channels now known or later developed anywhere in the world. This license includes the right for us to make Your Content available for syndication, broadcast, distribution, or publication by other companies, organizations, or individuals who partner with Reddit. You also agree that we may remove metadata associated with Your Content, and you irrevocably waive any claims and assertions of moral rights or attribution with respect to Your Content.
Is that an EULA? I thought that was for buying software? I mean I’m pretty sure we have other forms of contracts here in the EU?! Like Terms of service.
Is that a known fact about Reddit’s terms of service / “EULA”, or something you made up?
And some EULA’s are valid in the EU. Just not the American ones that you get to read after you bought something.
Ah, that makes more sense. But the GDPR also doesn’t regulate the actual content. It is about personal data. You can revoke consent processing that. But that doesn’t necessarily touch copyright and the content of some text you licensed to someone. I think copyright is seperate. I mean it’s a bit more complicated, there is some overlap…
I think this is the issue here. OP is mixing content copyright with the GDPR. But the GDPR regulates personal data, not copyright on text. And that’s what Reddit is trying to sell, the content of posts, not their user’s personal data… So the GDPR doesn’t apply to that. Hence Reddit say they aren’t violating anything, because the copyright is in the ToS.
I think that’s also my issue with the original letter. It wants to sound official and legalese, but it confuses several things. Intellectual property, copyright and privacy /data protection laws. I don’t think the author(s) understand the GDPR. It includes a definition what personal data is. And the letter is mostly talking about something unrelated. Also there are additional requirements. For example identifiability. And they also fail to address any of that… I also don’t like some of the things Reddit does, but I think this is just not a well reasoned argument. If I were in customer support or a lawyer, I’d brush it off, too.
Hehe, you got your answer. You’re lokking at the places where 0.05% of the users are discussing their problems and some others share their crazy customizations that aren’t possible with anything else. And it seems like 95% of users having issues to you.
I’d argue Linux is way more stable than Windows. If that’s your perspective. (Unless you do silly stuff.) But less stable than for example MacOS. It depends on which Linux Distro we’re talking about. I’d say it’s MacOS > Linux > Windows. With the biggest step down from Linux to Windows.
You’re right. It’s an oversimplification I made there. I recently tried MacOS in a VM and I talked a bit to people. You usually get a really smooth desktop experience. Apps are sandboxed, there is a fine permission system, they keep their stuff together and don’t spread them across the filesystem. I think(?) the software brings their libraries along? Usually a used Macbook Pro is still fine and runs fast after 6 years. I think MacOS really shines on the desktop.
On Linux it’s a bit more diverse. I mean we have the XDG specification file locations. But there’s also lots of ‘grown’ stuff. We’re still working on the sandboxing. And you get a different experience depending on the distro you’re trying. And I’d prefer Linux on a server every time. It really excels for that use case and on the server we have Linux > everything else. And as a matter of fact I personally also prefer Linux on the desktop. And my Debian is also still running perfectly 6 years after I initially installed it. Had some minor issues with NVidia during the times, but that’s to be expected and it wasn’t that hard to fix. I wouldn’t have had issues had I not mixed in testing and unstable, but there are lots of guides and tutorials around for the common woes. Which makes my argument a full circle.
Hello, for a few days I have been looking at how to make a git repository to store a free font so that everyone can use it, modify it and redistribute it, the thing is that many have different ways of distributing the source code, and it is not very clear how. Do it in a way that is similar to an open source program. The...
I’d stick with the licenses made for fonts or in use by other font projects, as there are some specifics to fonts licensing.
Choose a name
Sign up and create a repo. Upload your project.
That is the “get it out there” step. If you want to be open, generally speaking you want to include a LICENSE file, your creation in the format you’re editing it and other people can load and edit it, too. And the exported file in case of something like this, so people can directly use it without learning how to convert a font into a format that is usable. It’s also good practice to include a README.md with explanations and a summary of what this is.
I think that’s a sound approach for open source. And it’s generally alright to learn as you go. Even if you don’t get everything perfect at once, the most important thing is that it’s available. People might pick up on it. And they will file bug reports and issues if they like it some other way. So you’ll be directed into the right direction anyways. And once you have something to show off, you can start talking about it or make people aware of its existence.
(And maybe skip all the boilerplate and complicated extra stuff at first. You don’t need an AUTHORS file, no code of conduct, no documentation if there isn’t anything complicated to explain… Just stick to the important stuff and don’t make it unnecessarily complicated and distracting for your users.)
I think the more important file is the fontforge one. As this is the thing people can edit and build upon. (the “source”)
The otf, ttf and woff are just a bonus for people who don’t want to install fontforge and and go through the process of exporting it themselves.
Ultimately it’s your decision what you release. It’s a similar concept whether you share a cake, or a recipe for a cake. The free software / open-source movement is concerned with sharing the recipes. That’s why they share source code and files in the format they’ve edited it in. (And often include instructions on how to build it, since that is usually a bit more complicated with software.) It enables people to also load it in their editors and customize it, adapt it to their use-cases and fix issues.
You can also just publish the end-result, which are the otf and ttf files in your case. But people can’t really modify or customize those. It’d be called a freeware font, then. It’d help people who just want to use it, but doesn’t provide much more.
I’d invite you to upload both the sfd and the resulting otf and ttf. Usually that’s how people do it. Distributing digital files comes at practically no cost. On the internet you can share a recipe and the actual cake alongside at no extra cost.
I’m setting up a laptop with Mint (Cinnamon) for a person who needs text-to-speech software. It seems like most of the nice-sounding ones are proprietary. Any recommendations for FOSS alternatives? And any ideas why this is an underdeveloped area for open source?
It’s been an underdeveloped topic for some time. espeak-ng is available on most distros and has some integrations available that somewhat tie it into the desktop. There are more modern solutions that sound way better. For example Coqui’s xtts2, maybe Piper which is part of Home Assistand nowadays. If your language is English, you got quite some more solutions available to choose from. But it’s a mixed bag if they sound nice, are easy to install (that also depends on which Linux distro you use and if it’s available as a package) and if they tie into the rest of the system. I’m not an expert on this, but I’d also like to have TTS and STT available on my Linux desktop witout putting to much effort into it.
I am forced to use some proprietary software at work. The software lets users export custom functionalities. You can then share these to other users. I have made some that are pretty simple, but greatly enhance the use of the application using its native tooling....
Yes, as long as you don’t link in their libraries or incorporate other parts of their code, you should be able to license your extensions and stuff that ties into some APIs as you like.
Companies usually like permissively licensed projects like MIT, Apache or BSD. But if you want them not just to take your work, a copyleft license like one of the GPL licenses is a good choice.
And maybe clean the insides of your laptop, that’s probably the first thing that could solve the issue. See if all cables are still locked in their connectors. Maybe take out the SSD, clean the contacts and you can use compressed air to clean the socket. But be careful, you want to do it right or you might cause damage. No dampness or water, it has to be either isopropyl alcohol or dry. And don’t use a rag that introduces static electricity. And no workshop air compressor. Maybe something like a paintbrush is better suited. And don’t just shove the vacuum in. I’ve done that and it might dislocate small components or key-caps and suck them in and it’s a major annoyance to get them out of the vacuum cleaner bag 😆 Just be a bit careful. But I already had something like loose connectors/components cause random errors. Especially in equipment that is moved around or gets dropped occasionally. After 5 years, you might also find some dust inside. At least it used to be that way, It seems to be less of a problem with modern laptops. And more and more stuff gets soldered anyways.
And don’t do too much if you’re not comfortable with that. IMHO the SSD should be a safe thing to touch for most people. But it’s really easy to break or bend some tiny contacts from other components or ribbon cables. And there are consumer devices that aren’t really meant to be serviced. I wouldn’t disassemble such a model without prior experience. If it’s still working you might also leave it as is. Do backups. Storage devices often fail even without prior warning.
Yes, there are laws against doxxing in several countries.
There is no technical aspect stopping it. Every website has your IP, sometimes also the people you chat with or write emails to, as this might (or might not) be part of the meta-information.
An IP address is a boring piece of information. Usually you can just infer the country and which internet service provider someone uses. You’d need to sue the ISP or get a court order to get the name and address of who’s using that IP number.
Running these services is a lot of work and requires some skill, at least to do it sustainably. Usually it’s certain people who are dedicated enough and willing to put in the effort… They are motivated to build something or help people. That’s what drives them. It’s somewhat unlikely but not impossible that they participate in malicious behaviour. Sometimes internet drama happens. But users aren’t stupid either.
(But people who want to destroy and troll, rarely have the character traits to succeed at something like this. You’d pass on easier methods to wreak more havoc, to instead spend time learning webhosting, Linux, build up a community and maintain the server… You wouldn’t do all of that unless it were worth it. I can only imagine that happening in a targeted attack that pays a good amount of money. Or a really good amount of internet fame because you doxxed a high-profile celebrity or something like that.)
What’s your question? I mean different types of services exist. You’re currently on a platform powered by volunteers. If you don’t like it, there is alternatives like Reddit which is a commercial / for-profit company.
We have projects like Lemmy, Linux and the whole Free Software which somewhat relies on kindness and giving. It’s the same for charity, your schools extracurricular club where parents and teachers volunteer their time and energy. Or bring cake to a special day.
And with the “trust”: I think it’s more nuanced. You also rely on other peoples kindness to stop at the red light at a traffic junction and not crash into you at full speed. Theoretically nothing is stopping them. It’s the same concept, you’re forced to cooperate sometimes and rely on other people to abide by the law and also cooperate. It regularly works fine. Just make a good choice whom you trust and why.
You don’t need to worry about your IP. It’s really not a big deal if people know it… I’d have a look at who’s running a service once I upload private documents with my finances etc, photos of me… More than random ramblings. And experience shows also the services that don’t rely on volunteering aren’t a safe bet. Most of the big companies and platforms have been hacked. haveibeenpwned.com lists my email AND password has been lost at least 3 times by the big players.
And regarding you specifically… I already know enough about you by reading your public posts. You’re probably from the USA. At least I didn’t find comments in other languages, and statistics tell me people here are either american or german. You use Android, know what FOSS is, seem to like it and play things like Supertuxkart. You like to waste some of your time in meme communities and casual conversation and just created this account yesterday. And you talk a certain way which makes me think this isn’t your first time on the internet. What else am I supposed to deduct by knowing your IP?
You’re right asking the question “should I trust you with my data”. That is why I don’t use Facebook, Microsoft, bonus cards, TEMU…
I mean we’re often predctable, and while Lemmy is somewhat diverse, most people I meet here are either American or German and males from, lets say 20-40. And there are certain types prevalent. Like the Meme-Lord, the casual Linux expert, the normal guy or the agitated opposer. Some people fulfill multiple categories or like being a bit schizophrenic on the internet. But I’ve also met people with crazy niche interests, or trying new things, so there is that.
And I can’t really tell: Playing devil’s advocate, participating in memes and internet culture and having multiple sock-puppet accounts for different use-cases are fairly common and make it difficult to judge a person. And my own behaviour is also very different in real-life than what I do here.
It’s been the same on Reddit, so I think with lots of people coming from there, it’s just the logical consequence that we get the same demographics here. My perspective might be a bit skewed on that… I’ve also talked to some British and Canadian people here. There’s some server statistics (on Fediverse observer or something) that reflect a similar thing with the origin of the servers. Ultimately I like platforms like this for connecting people all across the world.
We’re also regularly debating Flatpak here. That password managers don’t tie into the browser and the desktop themes don’t apply. It’s also not the best solution and regularly confuses newer users.
I’d be happy if people just cut down on advertising Chrome/Firefox and LibreOffice via Flatpak to new users. They should use the packaged version. That’s why we have distributions, to make the whole system a smooth experience and everything tie together.
Flatpak is slowly getting there and I think at least some distros have it preconfigured so the default GTK themes are in place.
Ultimately, I’d like sandboxing to be available natively in Linux, at least for desktop applications. And we can talk about a packaging format that is available to the user, allows pulling software directly from the upstream project, includes libraries and runtimes.
But with this approach you take over the answering questions to newbies… Why doesn’t the webcam show up in the videoconferencing? Why doesn’t my GTK / QT themes apply to some software and it’s a 2 page tutorial with lots of command line commands to fix that? Why can’t I install Firefox add-ons and on Windows and MacOS everything just works? Why is Linux so complicated and regularly stuff doesn’t work?
I had this argument multiple times now. There is an easy solution: Do it the other way around until you know what you’re doing and about the consequences. Distributions are there for a reason. They put everything into one package and do testing to make sure everything works together. They provide you with security patches if you choose the right distro. LibreOffice and a Browser even come preinstalled most of the times. If you do away with all of that, it’s now your job to tie the software into your desktop, your job to handle the sandboxing if there is addons that need to pierce the sandbox. Your job to make sure the Flatpak publishers do quick updates and keep the runtimes up-to-date if a security vulnerability arise within an used library…
I’m not directly opposed to using Flatpak. I’m just saying there are some consequences that aren’t that obvious. There are valid use-cases and I also use Flatpak. But in my experience hyping some of the available technologies without simultaneously explaining the consequences is regularly doing a disservice to new users.
I mean it’s not even my own problem. I just have Spotify, Microsoft Teams and Zoom installed that way, and a few pieces of software that I’m testing. I use a rolling distro so I have the most recent versions of every software I need anyways. And I have the skills to configure stuff. So I myself don’t have an use-case for a spyware-riddled Chrome browser from Flathub or something. I have a nice LibreWolf from the unstable channel of my distro. Steam and all the other stuff is there, too. And it works almost flawlessly. Why would I trade that in for a 4GB version of the same software that has downsides?
It’s the newer users I’m concerned with. Their sub-par experience of Linux.
This is what I mean:
github.com/keepassxreboot/keepassxc/issues/7352 (Maybe Keepass works as of now(?) I don’t think so but I haven’t tried. At least some addons do. But other’s don’t. It requires the permissions to be configured by the prople preparing both flatpaks that want to talk to each other.)
All the issues people had with Steam, the graphics drivers, attaching gamepads/controllers or headsets, getting Discord and extras working. (Some of that seems to have been resolved in the meantime. They put quite some work into it.)
Some distros don’t update Flatpak packages as part of their standard update mechanism. You need to learn to regularly run “flatpak update” or learn how to activate that.
I have some packages still rely on old runtimes that are missing security patches. I suppose it’s the same for a lot of other people. And there isn’t a mechanism to warn you. You also need to learn how to figure that out.
I don’t remember which of the video conferencing solutions this was, but I remember fighting with the webcam permissions and advice on the internet was to disable sandboxing entirely. I set the permissions a bit better but then also screen sharing wouldn’t work.
As I said, it’s okay for someone like me - and probably you - to use, and I don’t complain. I’m glad I have Flatpak available as a tool. But look at the issues I’ve linked above and the steep learning curve for the beginner. They need to learn what GTK is, what QT is, what desktop they use, learn what Flatseal is, use the CLI. They have no clue why it is even required to do that much work to get their Keepass set up. And that it’s not Linux’ fault but their decision from 2 weeks ago to install the browser that way. And their experience is just worse than it needs to be. And this isn’t unsubstianced, I’m speaking from experience. I’ve answered these questions over and over again. It’s already annoying to get the NVidia stuff set up reliably, find new software and adapt your workflow. And the switch from X11 to Wayland broke things like screen sharing/recording, anyways. And we’re now piling 20 other things on top, to learn and do manually if you happen to be one of the users who don’t use the default standard setup.
And nothing of that is “bad” or can’t be fixed… We’re making progress with all of that. And we’ll get there. All I can say with my experience helping people with their Linux woes and the current state of Flatpak: The “use Flatpak for everything” mentality is causing issues for some newer users. And experience shows: They rarely understand the consequences but heard the hype about Flatpak. And few of them can explain why they used Flatpak over the proper packages in their distro.
So my opinion in short:
Flatpak is nice : yes
try a Flatpak first, then the distro package if it doesn’t work: hard no
you can get recent software on older distros with flatpak: yes
you can recommend Flatpak: Yes, if you also explain the consequences of the sandboxing and pulling things from potentially unreliable third-party sources. You’re doing people a disservice if you don’t.
Yeah, I think we should extend on the sandboxing features like AppArmor, SELinux and Flatpak for desktop use. Look at MacOS and Android and what they’re doing for desktop users. That is currently not the Linux experience. Ultimately I’d like my system to have an easy and fine grained system to limit permissions. Force third-party apps to ask permission before accessing my documents or microphone. have sane defaults. make it easy to revoke for example internet access with a couple of clicks. make it so I can open an app multiple times. and have different profiles for work, private stuff and testing. This should be the default and active in 100% of the desktop applications. And apps should all use a dedicated individual place to store their data and config files.
Librewolf and more […] used as Flatpak, […] its way more stable.
That’s just not true. I’ve been using Linux for quite a while now. And I can’t remember my browser crashing in years, seriously. Firefox slowed down a bit when I had 3000 tabs open, but that’s it. How stable is your Flatpak browser? Does it crash minus 5 times each year? How would that even work? And what about the theming and addons like password managers I talked about in the other comment? Use the distro’s packaged version. It is way more stable. And as a bonus all the edge-cases will now work, too.
Try a more managed and out-of-the-box solution first, then work your way down to the commandline. I’d recommend one of the NAS solutions like openmediavault (if they still do docker) or cockpit-project.org
That is the correct answer. You don’t read a book while doing the chores. I also don’t whip out a Terry Pratchett novel while commuting when I know I have to change trains in 10 minutes. A podcast will do and you can keep listening while waiting on the platform. In the car I often listen to music instead, but sometimes I get bored and I’m more in the mood for an interesting podcast. Especially if I’m stuck in the car for a bit longer.
When deliberately doing one thing only, I like to read. I can read the paragraphs as fast or as slow as I like or just skim them.
The “secret” is: You have to find the podcasts you like. Some are just chat and drivel, some are more condensed. You might also like Audiobooks with stories instead of factual information. I don’t think you can make an absolute statement. Well, unless your brain isn’t wired for audio content. I’d get that nothing appeases you if that were the case.
Nowadays everyone and their grandma has a podcast. Quality varies greatly and most of them are more talk and not anything of substance. it’s not easy to find the good ones in all of the noise. But they exist.
I’ve spent some time searching this question, but I have yet to find a satisfying answer. The majority of answers that I have seen state something along the lines of the following:...
Yes. At home this will run on your (wifi) router. But the standard rules on that are pretty simple: Discard everything incoming, allow everything outgoing. Companies might have a dedicated machine, something like a pfSense in a server rack at each of their subsidiaries and draw a perimeter line around what they deem fit, the office building, a department, or separate the whole company’s internal network from the internet. (Or a combination of those.) You just have one point at home where two network segments interconnect: your router.
I think it is important to distinguish between this kind of firewall and something that runs on a desktop computer. I’d call that a personal firewall or desktop firewall. It does different things: like detect what kind of network you’re connected to. Enable access when you’re at your workplace but inhibit the Windows network share when you’re at the airport wifi. It adds a bit of protection to the software running on the computer, and can also filter packets from the LAN. And it’s often configured to be easygoing in order not to get in the way of the user. But it is not an independent entity, since it runs on the same machine that it is protecting. If that computer gets compromised for example, so is the personal firewall. A dedicated firewall however runs on a dedicated and secure machine, one where there is no user software installed that could interfere with it. And at a different location, it filters traffic between network segments, so it might be physically at some network interconnect. There are lots of different ways to do it, and people apply things in different ways. Such a firewall might not be able to entirely protect you or stop malicious activity spread within the attached network at all. And of course you need the correct policy and type in the rules that allow people at the company to be able to work, but inhibit everything else. Perfection is more a theoretical concept here and nothing that can be achieved in reality.
[isolating the cheap chinese consumer electronics] As in blocking or restricting their communication with the rest of the lan in the router’s firewall, for example?
Yes, you’d need to separate them from the rest of the network so your router gets in-between of them. Lots of wifi routers can open an additional guest network, or do several independent WiFis. For cables there is VLAN. For example: You configure 4 independent networks, get your computers on one network, your IoT devices on another network, your TV and NAS storage on a third and your guests and visitors on yet another. You tell your router the IoT devices can’t be messed with by guests and they can only connect to their respective update servers on the internet and your smarthome. Your guests can only connect to the internet but not to your other devices or each other. The TV is blocked from sending your behavior tracking data to arbitrary companies, it can only access your NAS and update servers. The devices you trust go on the network that is easygoing with the restrictions. You can make it arbitrarily complex or easy. This would be configured with the firewall of the router.
But an approach like this isn’t perfect by any means. The IoT devices can still mess with each other. Everything is a hassle to set up. And the WiFi is a single point of failure. If there are any security vulnerabilities in the WiFi stack of the router, attackers are probably just as likely to get into the guest wifi as they’d get into your secured wifi. And then the whole setup and separating things was an exercise in futility.
would you be able to provide an example of how this [use a conventional firewall (or a VPN) to restrict access to that software to trusted users only] could be implemented? It’s not immediately clear to me exactly what you are referring to when combining “user” with network related topics.
I mean something like: You have a network drive that you use to upload your vacation pictures to in case your camera/phone gets stolen. You can now immediately block everyone from all countries except from France, since you’re traveling there. This would be kind of a crude example but alike what we sometimes do with our credit cards. You can also set up a VPN that connects specifically you to your home-network or services. Your Nextcloud server can’t be reached or hacked from the internet, unless you also have the VPN credentials to connect to it in the first place. You obviously need some means of mapping the concept ‘user’ to something that is distinguishable from a network perspective. If you know in advance what IP addresses you’re going to use to connect, this is easy. If you don’t, you have to use something like a VPN to accomplish that, make just your phone be able to dial in to your home network. (Or compromise, like in the France example.)
I think this is decided by the Firewalld daemon, rather than the packet filtering firewall itself
Mmh, I probably was way to vague with that. This is done by something like FirewallD or whatever Windows or MacOS uses for this. AFAIK it then uses packet filtering to accomplish the task. Seems FirewallD includes the packet filtering too and not tie into nftables and transfer the filtering task to that. I don’t think OpenSnitch does things like that. I’m really not an expert on firewalls. I could be wrong. If you read the Wikipedia article (which isn’t that good) you’ll see there are at least 3 main types of firewall, probably more sub-types and a plethora of different implementations. Some software does more than one of the things. And everything kinda overlaps. Depending on the use-case you might need more than just one concept like packet-filtering. Or connect different software, for example detect which network was connected to and re-configure the packet filter. Or like fail2ban: read the logfiles with one piece of software and hand the results to the packet filter firewall and ban the hackers.
I don’t really know how the network connection detection is accomplished and manages the firewall. Either something pops up and I click on it, or it doesn’t. My laptop has just 3 ports open, ssh, ipp (printing) and mdns. I haven’t felt the need to address that and care about a firewall on that machine. But I’ve made mistakes. I had MDNS or Bonjour or whatever automatically shows who is on the network and which services they offer activated and it showed some of the Apple devices at work and I didn’t intend to show up in anyone’s chat with my laptop or anything. And at one point I forgot to deactivate a webserver on my laptop. I had used that to design a website and then forgotten about. Everyone in the local networks I’ve connected to in that time could have accessed that and depending on where I was that could have made me mildly embarassed. But no-one did and I eventually deleted the webserver. I think I’ve been living alright without caring about a firewall on my private laptop. I could have prevented that hypothetical scenario by using a firewall that detects where I’m at, but far more embarassing stuff happens to other people. Like people changing their name and then Airdropping silly stuff to people who are just holding a lecture, or Skype popping up while their screen is mirrored to the beamer infront of a large audience. But that has nothing to do with firewalls. Also, in the old days every Windows and network share was displayed on the whole network anyways. Nothing ever happened to me. And while I think that is not a good argument at all, I feel protected enough by using the free software I do and roughly knowing how to use a computer. I don’t see a need to install a firewall just to feel better. Maybe that changes once my laptop is cluttered and I lose track of what software opens new ports.
On my server I use nftables. Drop everything and specifically allow the ports that I want to be open. In case I forget about an experiment or configure something entirely wrong (which also has happened) it adds a layer of protection there. I handle things differently because the server is directly connected to the internet and targeted, and my laptop is behind some router or firewall all the time. Additionally, I configured fail2ban and configured every service so it isn’t susceptible to brute-forcing the passwords. I’m currently learning about Web Application Firewalls. Maybe I’ll put ModSecurity in-front of my Nextcloud. But it should be alright on it’s own, I keep it updated and followed best practices when setting it up.
[IoT devices] What would be a better alternative that you would suggest?
I really don’t have a good answer to that. Separating your various assortment of IoT devices from the rest of the network is probably a good idea. I personally would stop at that. I wouldn’t install cameras inside of my house and not buy an Alexa. I have a few smart lightbulbs and 2 thermostats, they communicate via Zigbee (and not Wifi), so that’s my separate network. And I indeed have a few Wifi IoT devices, a few plugs and an LED-strip. I took care to buy ones where I could hack the firmware and flash Tasmota or Esphome on them. So they run free software now and don’t connect to some manufacturers cloud. And I can keep them updated and hopefully without security vulnerabilities indefinitely, despite them originally being really cheap no-name stuff from china.
You can also set up a guest Wifi (for your guests) if you want to. I recently did, but didn’t bother to do it for many years. I feel I can trust my guests, we’re old enough now and outgrew the time when it was funny to mess with other people’s stuff, set an alarm to 3am or change the language to arabic. And all they can do is use my printer anyways. So I usually just give my wifi password to anyone who asks.
However, what I do might not be good advice for other people. I know people who don’t like to give their wifi credentials to anyone, since it could be used to do illegal stuff over the internet connection. That would backfire on who owns the internet connection and they’d face the legal troubles. That will also happen if it’s a guest wifi. I’m personally not a friend of that kind of legislation. If somebody uses my tools to commit a crime, I don’t think I should be held responsible for that. So I don’t participate in that fearmongering and just share my tools and internet connection anyways.
(And you don’t absolutely need to put in all of that effort at home. Companies need to do it, since sending all the employers home and then paying 6 figures to another company to analyze the attack and restore the data is very expensive. At home you’re somewhat unlikely to get targeted directly. You’ll just be probed by all the stuff that scans for vulnerable and old IoT devices, open RDP connections, SSH, insecure webservers and badly configured telephony boxes. Your home wifi router will do the bare minimum and the NAT on it will filter that out for you. Do Backups, though.)
some networks may block VPN related traffic
That’s a bummer. There is not much you can do except obfuscate your traffic. Use something that runs on port 443 and looks like https (i think that’d be a TCP connection) or some other means of obfuscating the traffic. I think there are several approaches available.
There does still exist the risk of a vulnerability being pushed to whatever software that you use – this vulnerability would be essentially out of your control. This vulnerability could be used as a potential attack vector if all ports are available.
But this is a really difficult thing to protect from. If someone gets to push code on my computer that gets executed, I’m entirely out of luck. It could do anything that that process is allowed to do, send data, mess with my files and databases or delete stuff. I’m far more worried about the latter. Sandboxing and containerization are ways to mitigate for this. And it’s the reason why I like Linux distributions like Debian. There’s always the maintainers and other people who use the same software packages. If somebody should choose to inject malicious code into their software, or it gets bought and the new company adds trackers to it, it first has to pass the (Debian) maintainers. They’ll probably notice once they prepare the update (for Debian). And it gets rolled out to other people, too. They’ll probably notice and file a bugreport. And I’m going to read it in the news, since it’s something that rarely happens at all on Linux.
On the other hand it could happen not deliberately but just be vulnerable software. That happens and can be exploited and is exploited in the real world. I’m also forced to rely on other people to fix that before something happens to me. Again sandboxing and containerization help to contain it. And keeping everything updated is the proper answer to that.
What I’ve seen in the real world is a CMS being compromised. Joomla had lots of bugs and Wordpress, too. If people install lots of plugins and then also don’t update the CMS, let it rot and don’t maintain the server at all, after like 2 years(?) it can get compromised. The people who constantly probe all the internet servers will at some point find it and inject something like a rootkit and use the server to send spam, or upload viruses or phishing sites to it. You can pay Cloudflare $200 a month and hope they protect you from that, or use a Web Application Firewall and keep that up-to-date yourself, or just keep the software itself up-to-date. If you operate some online-services and there is some rivalry going on, it’s bound to happen faster. People might target your server and specifically scan that for vulnerabilities way earlier than the drive-by attacks get a hold of it. Ultimately there is no way around keeping a server maintained.
how did you go about installing your Nextcloud instance?
I have two: YunoHost powers my NAS at home. It contains all the big files and important vacation pictures etc. YunoHost is an AIO solution(?), an operating system based on Debian that aims at making hosting and administration simple and easy. And it is. You don’t have to worry too much to learn how to do all of the stuff correctly, since they do it for you. I’ve looked at the webserver config and so on and they seem to follow best practices, disallow old https ciphers, activate HSTS and all the stuff that makes cross site scripting and such attacks hard to impossible. And I pay for a small VPS. I used docker-compose and Docker on it. Read all the instructions and configured the reverse proxy myself. I also do some experimentation there in other Docker containers, try new software… But I don’t really like to maintain all that stuff. Nextcloud and Traefik seem somewhat stable. But I have to regularly fiddle with some of the other docker-compose files of other projects that change after a major update. I’m currently looking for a solution to make that easier and planning to rework that server. And then also run Lemmy, Matrix chat and a microblogging platform on it.
It would be a rather difficult thing to prove
And it depends on where you live and the legislation there. If someone downloads some Harry Potter movies or uses your Wifi to send bomb threats to their school… They’ll log the IP and then contact the ISP and the Internet Service Provider is forced to tell them your name. You’ll get a letter or a visit from police. If they proceed and sue you, you’ll have to pay a lawyer to defend yourself and it’s a hassle. I think I’d call it coercion, but even if you’re in the right, they can temporarily make your life a misery. In Germany, we have the concept of “Störerhaftung” on top. Even if you’re not the offender yourself, being part of a crime willingly (or causally adequate(?))… You’re considered a “disruptor” and can be held responsible, especially to stop that “disruption”. I think it was meant get to people who technically don’t commit crimes themselves, they just deliberately enable other people to do it. For some time it got applied to WiFi here. The constitutional court had to rule and now I think it doesn’t really apply to that anymore. It’s complicated… I can’t sum it up in a few sentences. Nowadays they just send you letters, threatening to sue you and wanting a hundred euros for the lawyer who wrote the letter. They’ll say your argument is a defensive lie and you did it. Or you need to tell them exactly who did it and rat out on your friends/partner/kids or whoever did it. Of course that’s not how it works in the end but they’ll try to pressure people and I can imagine it is not an enjoyable situation to be in. I’ve never experienced it myself, I don’t download copyrighted stuff from the obvious platforms that are bound to get you in trouble and neither does anyone else in my close group of friends and family.
I think an Application Layer Firewall usually struggles to do more than the utmost basics. If for example my Firefox were to be compromised and started not only talking to Firefox Sync to send the history to my phone, but also send my behavior and all the passwords I type in to a third party… How would the firewall know? It’s just random outgoing encrypted traffic from its perspective. And I open lots of outbound connections to all kinds of random servers with my Firefox. Same applies to other software. I think such firewalls only protect you once you run a new executable and you know it has no business sending data. If software you actually use were susceptible to attack, the firewall would need to ask you after each and every update of Firefox if it’s still okay and you’d really need to verify the state of your software. If you just click on ‘Allow’ there is no added benefit. It could protect you from connecting to a list of known malicious addresses and from people smuggling new and dedicated malware to your computer.
I don’t want to say doing the basics is wrong or anything. If I were to use Windows and lots of different software I’d probably think about using an Application Level Firewall. But I don’t see a real benefit for my situation… However I’d like Linux to do some more sandboxing and asking for permissions on the desktop. Even if it can’t protect you from everything and may not be a big leap for people who just click ‘Accept’ for everything, it might be a good direction and encourage more fine-granularity in the permissions and ways software ties together and interacts.
it could […] just be vulnerable software
I mean your webserver or CMS or your browser has a vulnerability and that gets exploited and you get hacked. The webserver has open ports anyways in order to be able to work at all. The CMS is allowed to process requests and the browser allowed to talk to websites. A maliciously crafted request or answer to your software can trigger it to fail and do something that it shouldn’t do.
[…] Matrix
Sure, I have a Synapse Matrix server running on my YunoHost. It works fine for me. I’m going to install Dendrite or the other newer one next. I’m not complaining if I can cut down memory consumption and load to the minimum.
Do you mean “held responsible” to simply stop the disruption, or “held responsible” for the actions of/damaged caused by the disruption?
Yeah, the issue was that it meant both. You were part of the crime, you were involved in the causality and linked to the damages somehow. Obviously not to the full extend, since you didn’t do it yourself, but more than ‘don’t allow it to happen again’. Obviously that has consequences. And I think now it’s not that any more when it comes to wifi. I think now it’s just the first, plus they can ask for a fixed amount of money since by your negliect, you caused their lawyer to put in some effort.
I think OpenSnitch can do it roughly 2 different ways. Either you use an allow-list. That’s pretty secure. But it’ll severely interfere with how you’re used to browse the internet. You’re gonna allow Wikipedia and your favorite news sources, but you won’t be browsing Lemmy and just randomly clicking on articles and blogs since you have to specifically allow them in the firewall first. Or you’re using a deny-list. That’s something like what Chrome does, have a list of well-known malicious sites and it’ll ask you ‘Do you really want to visit that site? It spreads malware.’ It’ll add tremendously to security. But won’t protect you entirely. Hackers frequently break into webservers to spread malware from new servers. Ones that aren’t yet in the list of bad IPs. It’ll work for some time until the application firewall and the Chrome browser catches up and they’ll move on to a different server. You should definitely think about that and prevent being the millionths victim, however.
I think we’re talking about vastly different concepts here. Desktop computers and servers, consumers and enterprises are threatened in vastly different ways. And thus they need different solutions that handle the different threats. On a desktop computer the main way of compromising it is getting people to click on something. Or do whatever an official-looking e-mail instructs them to do. On a server that is meaningless. There isn’t that much random applications someone clicks on without thinking it through. There is no e-mail client on the server. But on the other side you’re serving random people from all over the world. Your connections are different, too. And if someone wants to upload their malware somewhere or send spam… They’re going to go for a server and not a desktop computer.
About the “Störerhaftung”: I think so, too. It’s been ridiculous and in the end the courts also ruled it’s against the law. The 100€ is also not something you have to pay. They want it and it’s just a way to settle out of court. If you pay them, they’ll promise to forget about this one time and not care about who did it. I think these kind of settlement exist all around the world and it’s not illegal. And the copyright has to find some means of pressuring people, even if it’s a bit shady, since such copyright offenses aren’t a major crime and courts are often times bothered with more important stuff.
$200-ish laptop with a 386 and 8MB of RAM is a modern take on Windows 3.1 era (arstechnica.com)
Pocket 386 supports external accessories and will just barely run Windows 95.
What happened to Louis Rossman's live yesterday?
Yesterday, there was a live scheduled by Louis Grossman, titled “Addressing futo license drama! Let’s see if I get fired…”. I was unable to watch it live, but now the stream seems to be gone from YouTube....
A supermarket trip may soon look different, thanks to electronic shelf labels (www.npr.org)
Grocery store prices are changing faster than ever before — literally. This month, Walmart became the latest retailer to announce it’s replacing the price stickers in its aisles with electronic shelf labels. The new labels allow employees to change prices as often as every ten seconds....
What domain name to choose for an open source website where I could ask for personal donations?
I am planning to create an open source project for a web application whose entire premise is to provide an otherwise paid service for free, so I am not planning to commercialize the project. This project is also a passion project. I seek to improve my skills by working on the application and I am not looking forward to expand it...
What used phone should I get to try alternative OS?
Hi everyone,...
Gender bias in open source: Pull request acceptance of women versus men (www.researchgate.net)
Our results show that women's contributions tend to be accepted more often than men's [when their gender is hidden]. However, when a woman's gender is identifiable, they are rejected more often. Our results suggest that although women on GitHub may be more competent overall, bias against them exists nonetheless.
Why FOSS projects are using proprietary, privacy invasive infrastructure?
As you can easily notice, today many open source projects are using some services, that are… sus....
Has Generative AI Already Peaked? - Computerphile (www.youtube.com)
Chinese network behind one of world’s ‘largest online scams’: Vast web of fake shops touting designer brands took money and personal details from 800,000 people in Europe and US, data suggests (www.theguardian.com)
A trove of data examined by experts indicates the operation is highly organised, technically savvy – and ongoing....
Cory Doctorow: What Kind of Bubble is AI? (locusmag.com)
[ANSWERED]libreoffice or onlyoffice?
.
What non-FOSS software have you been unable to quit?
For me, Google video search, Google books (Internet Archive is good, but doesn’t always have the same stuff), Adobe InDesign (but in the process of learning LaTeX), and Typewise. As for the Google stuff, I liked Whoogle a lot, but almost all their instances seem to have been blocked or shut down. Also, apologies if this is...
The Greatest Enemy of Privacy (blog.thenewoil.org)
There are many enemies of privacy. There are politicians claiming the (at best) misguided pretense of “protecting the children,” intellig…
Response from Reddit regarding GDPR violation
TL;DR: I got a response from Reddit that basically says they’re not violating anything....
thinking of trying linux,
My current issue is i see you guys constantly having issues, editing files etc....
How to distribute an open source font in a git repository?
Hello, for a few days I have been looking at how to make a git repository to store a free font so that everyone can use it, modify it and redistribute it, the thing is that many have different ways of distributing the source code, and it is not very clear how. Do it in a way that is similar to an open source program. The...
Text-to-speech options?
I’m setting up a laptop with Mint (Cinnamon) for a person who needs text-to-speech software. It seems like most of the nice-sounding ones are proprietary. Any recommendations for FOSS alternatives? And any ideas why this is an underdeveloped area for open source?
regarding fLoss licenses for customization on proprietary software?
I am forced to use some proprietary software at work. The software lets users export custom functionalities. You can then share these to other users. I have made some that are pretty simple, but greatly enhance the use of the application using its native tooling....
Is my NVME drive dying?
My laptop is working just fine. It’s from 2018 and it has an NVME drive....
I saw this question at ask lemmy and the answers were'nt much satisfactory or serious for my taste . So what stops admins from doxxing its users ?
Like even if they have nothing else they could just leak IP is there any law against it ? Or any technical aspect stopping them ?
Don't use Appimages (a writeup about all the reasons they are a pain for users) (github.com)
Appimages totally suck, because many developers think they were a real packaging format and support them exclusively....
I feel like I'm taking crazy pills
I installed a few different distros, landed on Cinnamon Mint. I’m not a tech dummy, but I feel I’m in over my head....
“Wherever you get your podcasts” is a radical statement (www.anildash.com)
I’m curious about building a laptop but am getting hung up on motherboards
I’m aware of things like framework and they’re a cool system, but they’re limited in what chipsets can be used by the mother boards they offer....
When do I actually need a firewall?
I’ve spent some time searching this question, but I have yet to find a satisfying answer. The majority of answers that I have seen state something along the lines of the following:...