• 2 Posts
  • 54 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle


  • If you’d like to look into it further. the +i flag in chattr is setting an attribute making the file (everything in Linux is a file, so yes this even means directories) immutable. When a file is immutable, it isn’t possible to change the ownership, group, name, or permissions of the file, nor will you be able to write, append, or truncate the file.

    It’s been a while since I’ve used it, but I don’t believe it’s possible to have an immutable directory where you can still modify the contents therein, but I may be misremembering that. It would seem unlikely since adding content to the directory should require that you modify the links for the directory, which shouldn’t be allowable with an immutable object?

    It’s possible that the +a chattr attribute may achieve what you’d prefer. I believe that flag will make it so that files (and again, everything in Linux is a file) can be created and modified, but never deleted. I’ve actually never used this one, but I can foresee how this still may not be ideal for your wishes since updates to games may expect to be able to delete old content which would be thwarted here. 🤷


  • You or I might, but companies have a constant flow of new middle management who want to make their KPIs this quarter and will shove their own mother in front of an oncoming train to get there. Corporations don’t learn, doubly true for corporations like Apple who have basically captured an audience within their walled garden, the motivation is always all the money now, not some money consistently forever.

    Even when you have a company like Samsung with their exploding battery fiasco. Sure they have protections now in place against designing a new product with bad batteries, but give it some time and they’ll do it again when a middle manager (who wasn’t there the first time) ignores the recommendations of their engineers and the company guidelines so they can save $0.001/phone by using a slightly inferior battery design and net that neat bonus for keeping costs down. It will always happen.





  • If gaming with Nvidia hardware is your primary concern, then maybe Bazzite would suit you. It’s based on Immutable Fedora, with tweaks to give it a SteamOS like experience. It offers Gnome or KDE for the desktop, and supposedly has everything dialed in for gaming. I’ve heard a bunch about it doing great with Nvidia cards and gaming in general, I suspect that you’d be able to do everything else you might need via the desktop it provides, but I have no knowledge of how it handles multiple monitors so maybe therein lies the fatal flaw.


  • If you use a fancy official VPN client from Mullvad, PIA, etc, you won’t need this since most clients already have a kill switch built in (also called Lockdown Mode in Mullvad).

    According to the researchers

    The result of this is the user transmits packets that are never encrypted by a VPN, and an attacker can snoop their traffic. We are using the term decloaking to refer to this effect. Importantly, the VPN control channel is maintained so features such as kill switches are never tripped, and users continue to show as connected to a VPN in all the cases we’ve observed.

    Killswitches are insufficient protection since the TunnelVision attack never disables the VPN tunnel. The TunnelVision attackers are instructing your physical layer connection to route everything through a node of their choosing rather than killing your VPN connection, and since the VPN connection never drops, a killswitch will never engage. The VPN stays up, thinking it is doing a good job, but in the meantime your network interface has been instructed to route no traffic through the VPN and instead route everything to the location of the attacker’s choosing. I have heard that a couple of VPNs think their clients are not vulnerable here, but I haven’t seen independent conclusive proof one way or the other yet.

    I suspect that your “Solution” also fails to mitigate the issues in TunnelVision because it allows LAN access to the physical interface. In a TunnelVision attack the hostile has to be on your LAN (or rather the same LAN you are on since I suspect that “The coffee shop wi-fi” is the more likely network for an attack like this) already, so if they’re going to tell your interface to route traffic somewhere else, in all likelihood that somewhere else will already be in the same LAN you are and their exfiltration will be allowed under your configuration.


  • I don’t have a problem with people who are okay with it getting it.

    My apologies if I implied that you did, that was not my intent.

    But they aren’t really an alternative to, say, YouTube. […] I just would prefer to pay for them with money rather than with data.

    Sorry, that was my point though, without the tracking, you’re not getting YouTube, or most of Google’s services as we know them. The Google secret sauce is that they know enough about their users to curate an experience per user. That’s largely why competitors to Google services rarely take off, the competitors lack enough individual user knowledge to make an experience that is better than what Google can offer for most users.

    The services more or less are what they are because of the breadth of what and how Google knows to shape the experience for an individual, and that’s why Workspace accounts still track what they do. Google would be providing their paying customers with a lesser experience if they genericized everything you’re interacting with in those content related services due to a lack of learned data and behaviors per user. Which is probably not what the average user wants if I had to guess?

    Heck, even paid YouTube Premium still needs your tracking data or it’s just going to show you whatever popular rage bait is trending day to day with the general public? Or maybe just an unfiltered firehose of all the hours of nonsense that is uploaded every minute to the platform? I guess you could treat it as a whitebox video hosting site, but where does the money come from if YouTube can’t make guarantees to advertisers that their ads will be seen by people who might care about the ad, and how do the content creators make money if YouTube can’t get advertisers on board, and who is making interesting content if they have to pay to host it themselves because advertisers aren’t paying that cost for them? I think my point is that if you pull the tracking and user knowledge out of the Jenga tower, the whole thing just crashes down.


  • I actually consider the tracking of my browsing/watching history to be integral to the search experience. It’s why when I search for Python, I get results about the programming language and not snakes both in Search and YouTube. Or why Commodore gets me the computer and not naval crap. Or any number of other things that steer their search results towards things in my interests and away from junk I don’t care about.

    An ad blocker in my browser keeps anything else they’re targeting at me through their scraping out of my hair while also blocking a load of what they might learn about me from third party sites, so I’m not terribly bothered what they think they know about me, they’re not getting access to the bulk of the stuff I’d consider personal, and the junk they do track is kept so that they can get me results that will matter to me instead of generic crap.

    I think there’s a general misunderstanding that Google tracks stuff so that they can sell it, when the reality is that they keep it so they know where to target ads (that I never see) and so that they can provide results relevant to my interests so I’ll keep coming back to (not) see ads. They don’t sell the info they collect, they sell people the ability to run ads against that info. If they were selling the info itself, they’d be killing the golden goose. So long as they’re contractually not allowed to look at my mail and files, I’m good with the rest of what they take because it 100% goes into making a better experience for me using their services so long as I’m running Firefox/uBlock.

    That said, if you don’t want tracking being used to improve your search experience, a Workspace account indeed won’t get you 100% away from it. I tried using DDG for a while and I just couldn’t hang with it. Its lacking the little dossier that Google has on me made it so that I constantly had to work harder to find what I wanted vs a quick search on Google, and that’s what you’d get without the tracking and info collection. It wasn’t worth the tradeoff for me, maybe it is for you though?


  • if I could pay a privacy fee to Alphabet and not be logged and data-mined, I’d do that.

    It’s called Google Workspace and it’s decently nice. You can get a basic business starter account for something like ~$7 per month/per user + whatever you want to pay to register a domain each year. Takes a little bit of know how and you need to do some lifting for yourself that Google would otherwise shoulder for you, but it’s pretty nice and has more benefits beyond just the privacy implications, like 30GB of account storage and Google Meet conferencing for up to 100 people without time limits. On the downside, some stuff that needs to track your usage to function properly (Like YouTube video recommendations) just do not work with a Workspace account because they don’t track your preferences so they don’t have a way to build a recommendation profile for you.

    I’ve been doing it for years now and I appreciate it a lot. In the rare instances when I need to go do something on my old Gmail account it’s shocking every time how bad the unpaid versions of Google products have gotten.




  • Very true. Perhaps my statement which continued on beyond what you quoted didn’t make it clear, but I did point out what you said: “You’ve got brakes, but you’re without any of the assistance that the car normally provides” as well as stating later that you’ve got “naught but your unaided foot on the brake peddle” both of which were intended to say that it’s pretty hard to brake in most cars these days without power brakes.

    I don’t know how the Cybertruck breaks down on the easy <-> difficult manual braking spectrum, but I imagine that given the high gross vehicle weight and large wheels, it probably steers more towards the difficult end of the spectrum than the easy. Such a dumpster fire of a vehicle.


  • One has already been pulled, though seemingly for unrelated copyright issues?

    That said, I’m surprised that things have gotten to this point, I suppose time will tell once the property holders get involved how committed Apple is to this whole change, there’s still a lot of room to interpret the clause about conforming to all laws for the content that is being run in the app.

    Given that I didn’t think ANY emulators would make it into the Appstore, I’m going to retract my position. However, I think that we’re still in the “Fuck around” stage of things and there may yet be some “Find out” to come.


  • It is a ridiculously proven and safe technology.

    In Planes, where there are 3 or more levels of redundant power and hydraulic systems with an ability to fail down to a limited mechanical operation mode if all the other backup systems fail. It’s proven because they designed it with a stupid level of failsafes.

    There’s no redundant power in the Tesla Drive By Wire system, if the power is cut, you lose the ability to steer. You’ve got brakes, but you’re without any of the assistance that the car normally provides. It’s so fucking stupid I can’t believe it’s allowed on the road. If anything goes wrong that cuts power while you’re in motion, you’re suddenly captive in 3.3 tons of stainless steel without crumple zones, without the ability to steer, with naught but your unaided foot on the brake peddle to determine your outcome. It’s nothing like the multiple layers of failures you’d have to endure to find yourself in trouble in a plane both for the power and the hydraulics.




  • Bluetooth headphones are not modernity, they should of course be an option, but increasingly they are the only game in town. Wired is still king for loads of things, not the least of which is reliability.

    You wanna know how many times my wired Sennheiser’s have been unable to put music in my ear holes? Never. They always work. Care to guess how many wireless headphones have been able to provide sound every time I’ve wanted it without delay or failure? None. I’ve owned more than 2 dozen wireless this, that, and the other, headphones & earbuds, and none of them have been even a shadow of the reliability offered by my old wired headphones. Which is to say nothing of the fact that the wired experience usually sounds better (Still don’t think you can get any comfortable phat 600ohm monster cans that don’t have a wire) and has no issues with making sound when you’re in a space that is saturating the 2.4Ghz band (my Costco is usually so full of idiots on Bluetooth that you can’t get a reliable experience for anything from any wireless audio device.)

    You seem to think it’s “backwards rhetoric” to want a feature that will never be offered in a wireless setup, and that’s just fucked man. There are a wealth of reasons why wireless does not fully replace wired. It’s why anything that doesn’t have to move generally gets a fixed connection, it’s just more reliable and often more efficient. That’s not backwards, it’s just a priority that you don’t value above others. If landlines or floppy disks offered any advantages over anything else they’d still be around today (and arguably they are in some limited niches,) but the replacements for those technologies have had no downsides against their replacements while wireless tech still has some significant downsides (again, maybe you don’t weight the pros and cons the same, so this may not apply to you) against the technology they are meant to replace, and will likely never see 100% capture of their role as a result.

    TL;DR: Stop trying to frame this as some sort of crusade against the future, there are legit cases where wired is just better than wireless.