I’m waiting for the followup to this where he’s going to talk about Ubuntu Touch:
troed
HW/FW security researcher & Demoscene elder.
I started having arguments online back on Fidonet and Usenet. I’m too tired to care now.
- 0 Posts
- 49 Comments
Joined 2 years ago
Cake day: June 12th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
No the EU law does not require manufacturers to disallow unlocking the bootloader. Actually, it specifically says the law should NOT be used as an excuse to do that.
The law requires high security when it comes to the radio (baseband) part of the phone - and that has always been a separate enclave anyway compared to the OS.
Happy Asahi Linux user (Macbook Pro M1) here. Also very happy to be a monthly sponsor of the project.
81·26 days agoTwo of those are here! waving
Read the article. Can’t imagine anyone who has ever worked with software development not agreeing with Linus here.
Santa switched OS for all the elf slave laborers
I think it’s all AI generated
For some reason DHL managed to get a null-string into their system a few years back, which meant that any DHL shipments to me - no matter what the seller had entered - had “null” as the receiver in the system.
Everything else was fine, address and tracking numbers sent to me etc - but I did have a few interesting discussions at pickup locations that wanted to see identification matching the name in the system …
Never had a systemd caused DNS issue.
Unix grey beard here.
Yes. Distros with systemd are simply easier to maintain.
Brought to you by (us) security researchers who will happily come in and sort out your security issues later. For a very hefty hourly fee.
So? Pubkey login only and fail2ban to take care of resource abuse.
22·4 months agoOne Steam using family member here went from Windows to Linux during May. They did their part.
9·5 months agoI went from Seafile to Nextcloud with family file sharing as the primary usage. I’m using the AIO docker installation without issues.
This might not help, but I never experienced the issues you had.
(I moved away from Seafile due to - in my opinion - it dying a slow death with less and less support)
Still no. Here’s the reasoning: A well known SSHd is the most secure codebase you’ll find out there. With key-based login only, it’s not possible to brute force entry. Thus, changing port or running fail2ban doesn’t add anything to the security of your system, it just gets rid of bot login log entries and some - very minimal - resource usage.
If there’s a public SSHd exploit out, attackers will portscan and and find your SSHd anyway. If there’s a 0-day out it’s the same.
(your points 4 and 5 are outside the scope of the SSH discussion)
Feel free to argue with facts. Hardening systems is my job.
This is not “the correct answer”. There’s absolutely nothing wrong with “exposing” SSH.
A few replies here give the correct advice. Others are just way off.
To those of you who wrote anything else than “disable passwords, use key based login only and you’re good” - please spend more time learning the subject before offering up advice to others.
(fail2ban is nice to run in addition, I do so myself, but it’s more for to stop wasting resources than having to do with security since no one is bruteforcing keys)
I went from Emby to Jellyfin as they started their enshittification journey. I don’t really notice it being less polished.
Will Nextcloud run apps not marked as compatible with that version?