Scoopta

joined 1 year ago
sorted by: new top controversial old
Is there a working method to use argon2id with encrypted /boot? in c/linux
[–] Scoopta 1 points 14 hours ago* (last edited 14 hours ago)

I am aware secure boot doesn't require a TPM, but I've always been confused by its purpose since it's trivial to disable. Makes sense if you use it in conjunction with TPM measurements. I personally encrypt all my filesystems except my /boot which is also my ESP, I use the efistub and that's good enough for loss of device. For a physical attacker with actual skills I'm SOL, it's not that I don't want to protect against it, I just couldn't figure out a reliable way to.

Is there a working method to use argon2id with encrypted /boot? in c/linux
[–] Scoopta 1 points 19 hours ago (2 children)

By that statement I take it then without TPM you basically can't have truly secure secure boot? Since the password is your protection from secure boot tampering but the TPM is your protection from password tampering

Is there a working method to use argon2id with encrypted /boot? in c/linux
[–] Scoopta 1 points 20 hours ago (4 children)

The last time I tried enabling a UEFI password clearing the CMOS would clear it. I haven't tried on my latest mobo...but I'm just putting it out there that SOME UEFIs do that

Is there a working method to use argon2id with encrypted /boot? in c/linux
[–] Scoopta 5 points 1 day ago (6 children)

I'd argue any solution necessitates secure boot, not just the efistub. If someone is determined enough to modify your kernel they'll be determined enough to modify your bootloader

Microsoft Please Fix in c/programmer_humor
[–] Scoopta 7 points 1 day ago

Yes, honestly this situation reminds me a lot of the LTT trying Linux and destroying his system by installing steam despite apt warning him in the best way it really could that he probably didn't want to do that. Sure the package shouldn't have been in that state in a stable distro but shit happens. It goes to that point of, users will go through great lengths to achieve the end goal blindly jumping past warnings on the way no matter how dire they might be.

Microsoft Please Fix in c/programmer_humor
[–] Scoopta 11 points 1 day ago (2 children)

It's not a bug, it's intentional. They consider changes to be any change since the last commit including in untracked files. They did update it to make this behavior a lot more obvious though.

Sorry, not sorry. in c/programmer_humor
[–] Scoopta 6 points 2 days ago (2 children)

Huh, weird. The rest of these are pretty closely related technologies but I'm not sure I'd consider a web framework and a pre boxed website builder all that similar

Sorry, not sorry. in c/programmer_humor
[–] Scoopta 8 points 2 days ago (4 children)

What is the ruby on rails supposed to be?...looks like ruby on rails with off colors to me, I can't place that logo. The rest of these are truly cursed tho

Microsoft Please Fix in c/programmer_humor
[–] Scoopta 2 points 2 days ago (1 children)

He said they're not going to change it, just make the dialog a lot more clear and add a second button to it that will only do a reset without the clean.

Is there a distro that has the performance characteristics of CachyOS, but based on Debian/Ubuntu instead of Arch? in c/linux
[–] Scoopta 2 points 3 days ago

I wonder the same especially because it won't do anything for the game itself. Yeah, all the system components the game uses might be a touch faster but the game itself won't be compiled with any of these optimizations.

Major Overhaul: OpenWrt Adopts Alpine's APK as New Package Manager in c/linux
[–] Scoopta 3 points 5 days ago* (last edited 5 days ago) (1 children)

He says it was unexpected but it's been being talked about on the GitHub for quite some time now. It was really just a matter of when they decided to do it.

Packaging in c/programmer_humor
[–] Scoopta 1 points 6 days ago

-_-...8 needs to die already. Most of my projects heavily depend on modern features, I even have one that straight up requires JPMS

6
Anyone know of other assigned /16s (self.ipv6)
 

TIL that apparently capital one was assigned the entire 2630::/16 block...which is the largest assignment I've seen to date. Does anyone know of other absolutely massive allocations...are there even any others this large?

8
Search engine recommendations (self.ipv6)
 

I've been using duckduckgo for years ever since I degoogled but I'm increasingly annoyed by its complete lack of IPv6 connectivity. I use NAT64 and so it works fine but it bothers me to use services that don't have v6. Does someone have a good non-google IPv6 search engine that's privacy respecting?

6
IPv6 subnetting thought experiment (self.ipv6)
submitted 1 year ago* (last edited 1 year ago) by Scoopta to c/[email protected]
16 comments fedilink
 

I'm curious about something so I'm going to throw this thought experiment out here. For some background I run a pure IPv6 network and dove into v6 ignoring any v4 baggage so this is more of a devils advocate question than anything I genuinely believe.

Onto the question, why should I run a /64 subnet and waste all those addresses as opposed to running a /96 or even a /112?

  1. It breaks SLAAC and Android

let's assume I don't care for whatever reason and I'm content with DHCP, maybe android actually supports DHCP in this alternate universe

  1. It breaks RFC3306 aka Unicast-prefix-based multicast groups

No applications I care about are impacted by this breakage

  1. It violates the purity of the spec

I don't care

What advantages does running a /64 provide over smaller subnets? Especially subnets like a /96 where address count still far exceeds usage so filling subnets remains impossible.

151
Don't test in production (programming.dev)
submitted 1 year ago by Scoopta to c/programmer_humor
0 comments fedilink
 
18
[Sway] Akame red (programming.dev)
 

This has been my setup for a long time now and I have to say I still absolutely love it.

  • Icons: Flat Remix Red Dark
  • Theme: Flat Remix GTK Red Darkest
  • Launcher: Wofi
view more: next ›