Yeah, that's what this uses. But copy's x86 emulator on their site does not have any sort of networking, while anura seems to use some kind of http proxy to have the vm be fully networked.
You can even install packages and run graphical apps in anura. (Very, very, very slowly).
Anyway the centralized nature of Revolt Chat makes it no very appealing for me.
I agree with this. I will probably stick with either matrix or xmpp due, to their federated nature, and strong E2EE. Matrix is a better discord replacement, as it has more features, is more standardized, has a better web client, and has "spaces", which are somewhat analogous to discord servers.
Xmpp however, is much more lightweight on both servers and clients than matrix, and it's E2EE works more reliably (none of that "failed to decrypt nonsense), and makes a better E2EE messenger.
Yes
https://moonpiedumplings.github.io/blog/kde-6/#drawing-tablets/
My understanding is that gnome also has support for drawing tablets built in, and there are also other apps to customize buttons.
No way to protect emails, google chats, or many other things AFAIK. Yeah, I hate it too.
Fun fact: you don't need to add the nixpkgs channel for the determinate systems installer, even when using channel commands or other things since it adds an option to your nix.conf to reference the nix flake for nixpkgs.
I don't know how to update this flake though.
Yes and no:
I use code-oss provided by the arch repos and it seems to automatically hook into thia. There is probably some way to add that to vscodium.
Don’t do unattended upgrades. Neither host nor containers. Do blind or automated updates if you want but check up on them and be ready to roll back if something is wrong.
Those issues are only common on rolling releases. On stable distros, they put tape between breaking changes, test that tape, and then roll out updates.
Debian, and many other distros support it officially: https://wiki.debian.org/UnattendedUpgrades. It's not just a cronjob running "apt install", but an actual process, including automated checks. You can configure it to not upgrade specific packages, or stick to security updates.
As for containers, it is trivial to rollback versions, which is why unattended upgrades are ok. Although, if data or configuration is corrupted by a bug, then you probably would have to restore from backup (probably something I should have suggested in my initial reply).
It should be noted that unattended upgrade doesn't always mean "upgrade to the latest version". For docker/podman containers, you can pin them to a stable release, and then it will do unattended upgrades within that release, preventing any major breaking changes.
Similarly, on many distros, you can configure them to only do the minimum security updates, while leaving other packages untouched.
People should use what distro they know best. A rolling distro they know how to handle is much better than a non-rolling one they don’t.
I don't really feel like reinstalling the bootloader over ssh, to a machine that doesn't have a monitor, but you do you. There are real significant differences between stable and rolling release distros, that make a stable release more suited for a server, especially one you don't want to baby remotely.
I use arch. But the only reason I can afford to baby a rolling release distro is because I have two laptops (both running arch). I can feel confident that if one breaks, I can use the other. All my data is replicated to each laptop, and backed up to a remote server running syncthing, so I can even reinstall and not lose anything. But I still panicked when I saw that message suggesting that I should reinstall grub.
That remote server? Ubuntu with unattended upgrades, by the way. Most VPS providers will give you a linux distro image with unattended security upgrades enabled because it removes a footgun from the customer. On Contabo with Rocky 9, it even seems to do automatic reboots. This ensures that their customers don't have insecure, outdated binaries or libraries.
Docker doesn’t “bypass” the firewall. It manages rules so the ports that you pass to host will work. Because there’s no point in mapping blocked ports. You want to add and remove firewall rules by hand every time a container starts or stops, and look up container interfaces yourself? Be my guest.
Docker is a way for me to run services on my server. Literally every other service application respects the firewall. Sometimes I want services to be exposed on my home network, but not on a public wifi, something docker isn't capable of doing, but the firewall is. Sometimes I may want to configure a service while keeping it running. Or maybe I want to test it locally. Or maybe I want to use it locally
It's only docker where you have to deal with something like this:
***
services:
webtop:
image: lscr.io/linuxserver/webtop:latest
container_name: webtop
security_opt:
- seccomp:unconfined #optional
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- SUBFOLDER=/ #optional
- TITLE=Webtop #optional
volumes:
- /path/to/data:/config
- /var/run/docker.sock:/var/run/docker.sock #optional
ports:
- 3000:3000
- 3001:3001
restart: unless-stopped
Originally from here, edited for brevity.
Resulting in exposed services. Feel free to look at shodan or zoomeye, internet connected search engines, for exposed versions of this service. This service is highly dangerous to expose, as it gives people an in to your system via the docker socket.
Do any of those poor saps on zoomeye expect that I can pwn them by literally opening a webpage?
No. They expect their firewall to protect them by not allowing remote traffic to those ports. You can argue semantics all you want, but not informing people of this gives them another footgun to shoot themselves with. Hence, docker "bypasses" the firewall.
On the other hand, podman respects your firewall rules. Yes, you have to edit the rules yourself. But that's better than a footgun. The literal point of a firewall is to ensure that any services you accidentally have running aren't exposed to the internet, and docker throws that out the window.
Well one way to lower it is to settle law around the death penalty it seems
Or you could just not kill people.
Using conservative rough projections, the Commission estimates the annual costs of the present system ($137 million per year), the present system after implementation of the reforms … ($232.7 million per year) … and a system which imposes a maximum penalty of lifetime incarceration instead of the death penalty ($11.5 million).
From amnesty USA. https://www.amnestyusa.org/issues/death-penalty/death-penalty-facts/death-penalty-cost/
Ted Kaczynski lived until 81 and absolutely deserved death.
And he did die. Does that not satisfy you?
Kidding, but it's not a matter of deserves. It's about the states power in relation to their citizens. The state shouldn't have the power over life and death, because power corrupts. Cases like this: https://innocenceproject.org/melissa-lucio-9-facts-innocent-woman-facing-execution/
The poor woman was interrogated for 5 hours straight by police into confessing her "crime", while pregnant with twins, after which she was sentenced to death (still alive btw, lawsuits still ongoing and sucking up taxpayer money, even 13 years later.). One of the influential things in her death was the District Attorney who was attempting to be reelected on a "tough on crime" platform.
Cameron County D.A. Armando Villalobos was running for re-election and seeking a “win,” and is now serving a 13-year federal prison sentence for bribery and extortion.
Of course, you made an argument about "what if we require really, really hard evidence"... but what evidence is greater than a confession? What if evidence is fudged? There can never be a guarantee, and we should design our systems to account for human error... or malice.
Prison should be a place to rehabilitate people first, and a place to remove dangerous people from society second. Not a political platform, like the death penalty is so often.
The death penalty is the ultimate form of virtue signaling. An expensive way to remove someone from society, when life in prison would have the same effects, relatively. Everybody dies eventually, no need to waste money on killing people early when we could be spending money on keeping people alive.
Then it's still a bad idea because of the literal cost to taxpayers.
Life in prison is $70,000 per year (paid by taxpayers, of course).
The legal battle around the death penalty is around $1.12 million, also paid around taxpayers
https://www.cato.org/blog/financial-implications-death-penalty
That's 14 times more expensive.
There are tons of things I would see the state spend money on rather than literally killing people. In the case of this, maybe mental health help for the victims.
https://en.wikipedia.org/wiki/Organic_Maps
Unironically, wikipedia is pretty good for getting official links to projects/websites. It's not a guarantee, but it's a lot betted than just googling it,