kixik

joined 3 years ago
sorted by: new top controversial old
Do you encrypt your drives and why or why not? in c/[email protected]
[–] [email protected] 2 points 2 weeks ago (2 children)

Can you explain why if someone get access to your encrypted disk, they would have access to its contents?

If you use the LibreWolf browser, you may want to read this. in c/[email protected]
[–] [email protected] 1 points 3 weeks ago

Phoenix is not a browser, is it? AFAIK it's a similar user.js to Arkenfox... They claim to be better, and have their on comparison, but I don't know:

https://codeberg.org/celenity/Phoenix/wiki/Comparison

Arkenfox has been like the default user.js for privacy... Perhaps phoenix already is better...

Does LibreWolf have add-on signing? in c/[email protected]
[–] [email protected] 1 points 3 weeks ago

Maybe @[email protected] or @[email protected]. BTW I remember about [email protected] but I think it didn't survive, and on lemmy instances this is the only Librewolf community.

Immutable Distro Opinions in c/[email protected]
[–] [email protected] 1 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Well it's a bit confusing. On Guix' wiki General features you can read:

Guix keeps track of these references automatically so that installed packages can be garbage collected when no other package depends on them - at the cost of greater storage requirements, all upgrades in Guix are guaranteed to be both atomic and can be rolled back.

The roll-back feature of Guix is inherited from the design of Nix and is rarely found in other operating systems, since it requires an unorthodox approach to how the system should function (see MicroOS).

And then on its wiki Guix System (operating system) Roll-back you can read:

This is accomplished by a combination of Guix's functional package manager, which treats each package and system configuration as an immutable and reproducible entity,[58] and the generation system which maintains a history of system configurations as "generations."

So the system configurations on a Guix system are actually immutable, as opposed to regular gnu+linux distributions, which can change the system configuration on the fly. What else is immutable on Guix, I can't tell, but at least you can not change its system configs. What is atomic is the upgrades.

I'm not sure, but as Guix borrowed these properties from Nix, I'd think this applies to Nix as well.

In other words, at least the Guix system has immutable components. And further, the system config which is immutable, is also declarative. Combining those two things might be intimidating, since it's not like on the fly one can go and change the system config, which might be required when debugging some misbehavior, and it's what most distros document, then one needs to learn about guile, and a bit about functional programming I guess or at least their basics... Deploying systems might take advantage of such declarative configurations though...

Does LibreWolf have add-on signing? in c/[email protected]
[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago) (2 children)

It's been a while since extensions need to be signed for FF to enable them. Not sure if Librewolf build scripts do something about it, but the config is not configured by default:

% grep xpinstall.signatures.required /usr/lib/librewolf/librewolf.cfg
%

and if you look for it on about:config, it's enabled. So far it's functionality is mainly to sort of not allowing dangerous extensions, though that promise can't really be fulfilled, and besides, and it's true the feature can be abused, but it's not something new for FF, not sure why that petition is showing up just now, hmm. For the apps I use, this hadn't posed a problem on Librewolf so far.

But it's been a while I don't see Librewolf devs around this community and the other lemmy one I know [email protected] seems abandoned. Perhaps someone is familiar with Librewolf build scripts...

Does anyone here use GNU Jami? in c/[email protected]
[–] [email protected] 2 points 3 weeks ago

Regarding omemo, dino is getting there, see its closed issue 1609. Not sure why it has taken them too long for a new release, but they have the stuff already merged.

Are there any working instances of Invidious left? in c/[email protected]
[–] [email protected] 1 points 3 weeks ago* (last edited 3 weeks ago)

Ups, I just got to enjoy piped and in particular pipeline on gnu+linux and libretube on AOSP.

Pipeline in particular allows to totally avoid electron (freetube), and in both cases the piped instance is the one communicating with youtube, not me, :) And both applications support sponsorblock (tubular does, but newpipe doesn't). But not talking directly to youtube is a win. Did I mention dropping another electron app, :) ?

But... I installed pipeline from AUR, because I don't like flatpak... Not sure if other user repos offer it as well...

How to harden fennec for privacy? in c/[email protected]
[–] [email protected] 2 points 3 weeks ago

I'm interested on what changed that make it differ from Mull in a non recommended way. Are you referring to their 1st MR? where they outline:

  • Replaced Arkenfox & Brace preferences with ones from Phoenix 2025.01.06.1...
  • Added support for Google Safe Browsing (Safe Browsing is disabled by default and can be enabled by setting the following preferences to true in about:config)

I understand Mull was using arkenfox which is sort of the go-to reference, and now ironfox move to phoenix. The safe browsing is the same approach Librewolf follows, though I don't like their comment on a proxy. I don't like their choice of the brave search engine, but I always replace that with searxng tweaked a bit.

The MR doc doesn't look too terrible, but don't know about the changes themselves.

Top 3 best SMS replacement apps? in c/[email protected]
[–] [email protected] 3 points 3 weeks ago

As mentione SMS is by no means secure, and although silence hadn't gotten any update, still works as a champ on Android 15.

Are there any working instances of Invidious left? in c/[email protected]
[–] [email protected] 7 points 3 weeks ago (1 children)

What works for me is freetube on desktop, and tubular/newpipe on AOSP.

Reminder to anyone using Mull browser: it is no longer supported and will be missing updates for these android specific CVEs in c/[email protected]
wlroots compatibility in c/[email protected]
8
Dependency cycle on Arch (btw) (lemmy.ml)
submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]
2 comments fedilink
 

cross-posted from: https://lemmy.ml/post/21673875

Cross posting so that the OP realizes this community is alive. I have no issues with qemu, which is installed on my system with no issues.

Posting here as there doesn't seem to be an active Arch Linux community.

I noticed while updating my system today that I have a bunch of qemu packages I don't recall installing. So I took a look at why they were there and found this:

Name            : qemu-base
Required By     : qemu-desktop
Install Reason  : Installed as a dependency for another package

Name            : qemu-desktop
Required By     : None
Optional For    : qemu-base
Install Reason  : Installed as a dependency for another package

It seems like qemu-desktop was a dependency for something I later removed and pulled in qemu-base. However, because of the dependency cycle, they aren't showing up as orphans and has just been hanging around in my system along with 150mb of other dependencies.

Correct?

Edit: Adding clarification on why this was cross posted, and no I'm not the OP.

416
Phoronix: Several Linux Kernel Driver Maintainers Removed Due To Their Association To Russia (www.phoronix.com)
-5
Youtube: Free Software Is Under Attack? (Will You Help Defend It?) (youtube.com)
 

cross-posted from: https://lemmy.ml/post/21522958

(cross-posted from: https://lemmy.ml/post/21522265)

A group of people including Drew DeVault are trying to cancel RMS again, basing their claims on ancient misinterpreted quotes. Stallman may be controversial, but these activists are just acid for the entire Free Software movement.

12
Bleepingcomputer: Mozilla fixes Firefox zero-day actively exploited in attacks (www.bleepingcomputer.com)
 

Darn, and I just got Librewolf upgraded to 131.0, meaning needing to wait further for 131.0.2.

107
Firefox Rolls Out Total Cookie Protection By Default | The Mozilla Blog (blog.mozilla.org)
 

Is this total cookie protection something embedded, not requiring any user intervention? I know with librewolf we get the strict enhanced cookie protection mode, but I don't know if for this total protection there's something required, if not turned on by default...

Greetings !

222
ZDNET: 20 years later, real-time Linux makes it to the kernel - really (www.zdnet.com)
15
anonymous blog preserving author identifier digital signature or similar (lemmy.ml)
 

Hello !

I'm wondering if there's some blogging mechanism which would allow some sort of unique digital signature (PGP perhaps) to prevent personification, but which allows non traceable and fully anonymous author. Not looking for blockchain like stuff (apart from the layer Monero adds, blockchains are totally transparent, traceable and non anonymous). Not looking for bigotry, attacking people or anything like that.

The idea is to be able to share ideas, even corporate related, without being afraid of retaliations whether at work, corporations or governments. Expressing something at pubic might bring unexpected consequences, particularly if not aligned by the corporation one works on if that's the case, or might provoke AI, bots, or paid/unpaid people looking around, to include anyone in a particular list, without even warning the writer about it.

So I was looking if such thing is possible, and if it exists. Social networks of course wouldn't be an option, they're not anonymous, and at contrary can be used to cross-reference and trace people.

If such solution doesn't exist, I'm wondering if something based on gnuNet might get close, although gnuNet is not meant to make users anonymous. Or perhaps something based on i2p.

Of course the digital signature should be used exclusively for the blog posting, and can't be associated to any real email, host, or whatever...

Feedback on the blog posts should also be allowed to anonymous people with their own unique digital signatures. But this is harder, since depending on the technology, not sure if moderation would be allowed, or even if it would make sense, in which case, no blog feedback should be allowed, though no feedback is really a down side for blog posts. Maybe allowing just the original post to remove feedback. Some other down side, but that's unavoidable, is the lack of non on thread feedback, meaning giving feedback through email or any other medium, since if that was available would make the writer non anonymous...

If such thing is not available, and eventually based on something like gnuNet or i2p, most probably clients would be needed to write blogs but another one that would offer some sort of RSS/atom functionality for the blog to be accessible from current RSS/atom readers.

2
Dhole Moments: Against XMPP+OMEMO - Dhole Moments (soatok.blog)
 

This blog post, and some of its comments are pretty interesting and concerning at the same time. Not really sure if in the end that means that nothing other than centralized controlled messaging can be as cryptography safe.

Any comments?

14
not syncing xmpp community from slrpnk.net? (lemmy.ml)
submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/[email protected]
8 comments fedilink
 

Hello, [email protected] was locked by my mods, and continued on [email protected] which is entirely fine given federation, so I guessed I could follow it on the lemmy sort of synced space/community, [email protected], where I can post to the slrpnk community without having an account there. But for some reason recent posts on slrpnk real xmpp community are not showing on [email protected], like if they're not syncing anymore.

Any way to remediate it?

1
Is there an issue with federation between lemmy.ml and slrpnk.net? (lemmy.ml)
 

Hi !

As I have account on lemmy.ml, I look into the lemmy community created on slrpnk.net through the federated lemmy community, but its contents don't match the ones on the original slrpnk community. There are some messages missing.

Not sure if this is something someone would care, but I was planning to look at the contents through the lemmy instance, where I do have my account...

Greetings !

66
Firefox to collect your (anonymized) search data (blog.mozilla.org)
 

I believe the settings to disable this on Librewolf are set by default...

6
Anyone able to disable DeviceLockController app on LOS? (lemmy.ml)
 

Hey !

On LOS 21, the app DeviceLockController is there, but it can't be stopped neither disable, at least from my side.

There's another one I don't trust, Android System Intelligence, but I could stop it and disable it.

Those two apps really are scary to be part of LOS. Is anyone aware of bugs on LOS about getting rid of them?

How about DeviceLockController? A reasonable way to disable it without risking too much bricking the phone in the process?

Thanks !

view more: ‹ prev next ›