occultist8128

might look on it!

The installation was a bit scary but not too bad.

i feel the same way since i never built my system from scratch before (i was a linux mint user, so a lil bit spoiled lol).

Then I was greeted by an HDD boot speed comparable to my gaming PC with an NVMe. I still miss that now when the PC is running Arch (btw).

that's wild! i was shocked when my old 32 bit laptop became usable again after installing void there.

When it comes to issues, I only remember a missing screenshot utility (fixed with 1 command) and fonts (can't remember if I ended up fixing it).

which screenshot app did you end up using?

i know. that's what i'm asking. which one is better, H265 with MP4 as container (since it's the standard) or MKV as container.. i do transcoding a lot but haven't experienced using MKV as the container. that's why i'm asking.

no problem!

void already comes with a pretty solid, hardened kernel setup by default. some of the security features it has out of the box include full ASLR, NX protection, protected symlinks and hardlinks, randomization for kernel heap and SLAB freelists, stack protection with GCC, and a bunch of other things like restricting access to /dev/mem, enforcing read-only kernel and module data, and more. the default bootloader setup also includes things like slub_debug, page_poison, and secure memory allocation. but the default void settings aren't hardened at 100%, because otherwise you would be using OpenBSD lol.

there's also a script called hardening.sh in the void-packages repo. i've seen some folks trying to bring Whonix-style features (i think its name is PlagueOS) or grsecurity/PaX-like standards to Void too, but that’s a pretty big undertaking.

this is the output of checksec --kernel on my machine

○ checksec --kernel
* Kernel protection information:

  Description - List the status of kernel protection mechanisms. Rather than
  inspect kernel mechanisms that may aid in the prevention of exploitation of
  userspace processes, this option lists the status of kernel configuration
  options that harden the kernel itself against attack.

  Kernel config:
/proc/config.gz

  Vanilla Kernel ASLR:                    Full
  NX protection:                          Skipped
  Protected symlinks:                     Enabled
  Protected hardlinks:                    Enabled
  Protected fifos:                        Disabled
  Protected regular:                      Disabled
  Ipv4 reverse path filtering:            Disabled
  Kernel heap randomization:              Enabled
  GCC stack protector support:            Enabled
  GCC stack protector strong:             Enabled
  SLAB freelist randomization:            Enabled
  Virtually-mapped kernel stack:          Enabled
  Restrict /dev/mem access:               Enabled
  Restrict I/O access to /dev/mem:        Enabled
  Exec Shield:                            Unsupported
  YAMA:                                   Active

  Hardened Usercopy:                      Enabled
  Harden str/mem functions:               Enabled

* X86 only:
  Address space layout randomization:     Enabled

* SELinux:                                No SELinux

  SELinux infomation available here:
    http://selinuxproject.org/

is it better than the H265 alone without changing the container format?

does MKV combined with H265 really do a thing?

reddit is so fucking weird nowadays

yes!

add the go binary path to your $PATH. i never use go before but i think its binary path is placed on ~/.go/bin. if it does exist, u can add this

# other configs..
export PATH="$HOME/go/bin:$PATH"
# other configs..

to your shell config (.bashrc or .zshrc). then reload the changes by source ~/.bashrc or source ~/.zshrc depends on ur shell.

reddit is banned in my country (ofc VPN will bypass it) but why bother use more effort if i got something legally available?

for anlytics? maybe?