moonpiedumplings

joined 2 years ago
[–] moonpiedumplings 1 points 6 minutes ago

I use a wacom intuos + xournal++.

The wacom is nice because it has bluetooth and pretty much "just works" on Linux.

Xournal++ lets me edit pdf files and/or export stuff as pdf. I also like that I can add text with xournal++.

[–] moonpiedumplings 13 points 23 hours ago* (last edited 23 hours ago) (1 children)

Because you can run a "rootfull xwayland" session which is essentially an X11 session but rewritten to be more maintanable.

After this, it's a lot harder to be opposed to the loss of X11, because you don't really lose it.

[–] moonpiedumplings 1 points 1 day ago

I switched to fennec and it's basically instant. Fennec also gets ublock origin, a much better adblocker. But I've been too lazy to switch before this.

[–] moonpiedumplings 1 points 1 day ago (2 children)

Anubis takes around 5 minutes on cromite browser.

1000079022

It doesn't work at all for users without javascript. The creator of anubis is investigating an alternative

It's a lot more complex than "enable everywhere immediately".

[–] moonpiedumplings 8 points 2 days ago* (last edited 2 days ago) (1 children)

Try translated Chinese web serials.

Try 40 milenniums of cultivation. It's half fantasy though, with it's own magic system. Actually, most web serials I read are fantasy, I haven't seen much sci fi.

There are also actual novels though, like the 3 body problem, which was popular enough to get adapted to a netflix series but I only really care about web serials.

[–] moonpiedumplings 20 points 1 week ago (1 children)

The mitre cve database is more like that big block just below what's being pointed too.

But it does look like they have a backup plan: https://www.thecvefoundation.org/

[–] moonpiedumplings 4 points 1 week ago (2 children)

I thought you were going to link to this.

[–] moonpiedumplings 3 points 1 week ago (1 children)

Joysticks on the bottom again... whyyyyy...

My hands find that setup so uncomfortable, I wish they would put them on the top.

[–] moonpiedumplings 5 points 1 week ago

All these people explaining that server side anti cheat is "easier". Let me explain to you the real reason why games use client side anti cheat:

  1. It used to be, gamers could self host servers. These servers, would almost always have an active moderator who would instantly ban any cheater. I've watched quite a few cheaters get instabanned on games like this.
  2. But then, companies decided to deny gamers the control and ability to self host their own server which they could moderate. They decided to force everyone to play on one server — their server.
  3. However, they quickly realized that they were unable, or unwilling to spend money on moderators to ensure a high quality experience.
  4. Ergo — client side anti cheat. In addition to continuing their control over servers, now they also gain a degree of control over clients.

I've heard one rebuttal to this: Not all cheaters can be spotted by a human, sometimes they pretend to be a really good player.

To be blunt: I don't really care. I don't really understand why people care about that kind of cheater either. The point of kicking cheaters is to keep the game fun by not having everybody get crushed. But if the cheater is just like another good player, then they're just another good player to me.

I used to play this browser game, https://krunker.io. It's a browser based FPS game, and due to being browser based it was really, really easy to write cheats. The devs gave up after like a month, and simply stopped updating the anti-cheat, opting for a different system instead — deputization. Players would become "krunker police", and while playing, if a cheater was reported, then they would anonymously, and silently watch, and then take action.

It worked pretty well, then krunker got bought by a mobile gaming company and the game lost a lot of members. But I think the original io browser game is still under full creative control by the devs though, it's just the discord, facebook, and mobile versions of the game that are enshittified.

Anyway, when I was playing a few months ago, I encountered a cheater in one of our lobbies. They were trolling, while advertising cheats. But there were like 5 good players in the lobby, it was a cracked lobby, and we stomped them. They couldn't even make it to top 4/8 people.

Imagine aimbotting, advertising those aimbots, and still getting stomped. We called them out on that, and they just left. And that moment was a shit ton of fun.

But anyway, in the comments, I see some of this same sentiment that companies parrot: That cheaters are inherently bad, and need to be stopped because cheating is bad. This frustrates me because cheaters are not the only entity which can make a game unfun, there are also other toxic elements which should be moderated, but are often not, because of the focus on cheaters.

Play with cheaters, or play without DRM/Kernel level anti-cheat, pick one

Like this snipped from one of the comments below.

But people do cheat with DRM/Kernel level anti-cheat? I can think of 3 ways to do it off the top of my head:

  • Undetected virtual machine
  • Physical device that uses DMA to modify memory
  • Editing of device drivers that have DMA access

And I especially hate this particular dichotomy because, by assuming DRM/Kernel level anti-cheat is invincible, it creates a sort of "blindspot", where when someone does cheat, they may not get noticed because it's assumed they are unable to cheat in the game, which is not the case.

[–] moonpiedumplings 1 points 2 weeks ago (1 children)

I don't think so, now. You'll have to do those yourself.

[–] moonpiedumplings 1 points 2 weeks ago* (last edited 2 weeks ago) (3 children)

Which means my distro-morphing idea should work in theory with OpenStack

I also don't recommend doing a manual install though, as it's extremely complex compared to automated deployment solutions like kolla-ansible (openstack in docker containers), openstack-ansible (host os/lxc containers), or openstack-helm/genestack/atmosphere (openstack on kubernetes). They make the install much more simpler and less time consuming, while still being intensely configurable.

[–] moonpiedumplings 2 points 2 weeks ago (5 children)

Personally, I think Proxmox is somewhat unsecure too.

Proxmox is unique from other projects, in it's much more hacky, and much of the stack is custom rather than standards. Like for example: For networking, they maintain a fork of the Linux's older networking stack, called ifupdown2, whereas similar projects, like openstack, or Incus, use either the standard Linux kernel networking, or a project called openvswitch.

I think Proxmox is definitely secure enough, but I don't know if I would really trust it for higher value usecases due to some of their stack being custom, rather than standard and mantained by the wider community.

If I end up wanting to run Proxmox, I’ll install Debian, distro-morph it to Kicksecure

If you're interested in deploying a hypervisor on top of an existing operating system, I recommend looking into Incus or Openstack. They have packages/deployments than can be done on Debian or Red Hat distros, and I would argue that they are designed in a more secure manner (since they include multi tenancy) than Proxmox. In addition to that, they also use standard tooling for networking, like both can use Linux Bridge (in-kernel networking) for networking operations.

I would trust Openstack the most when it comes to security, because it is designed to be used as a public cloud, like having your own AWS, and it is deployed with components publicly accessible in the real world.

 

See title

 

See title

 

I find this hilarious. Is this an easter egg? When shaking my mouse cursor, I can get it to take up the whole screens height.

This is KDE Plasma 6.

 

I find this hilarious. Is this an easter egg? When shaking my mouse cursor, I can get it to take up the whole screens height.

This is KDE Plasma 6.

27
Introducing Incus 6.7 (www.youtube.com)
submitted 5 months ago by moonpiedumplings to c/linux
 

Incus is a virtual machine platform, similar to Proxmox, but with some big upsides, like being packaged on Debian and Ubuntu as well, and more features.

https://github.com/lxc/incus

Incus was forked from LXD after Canonical implemented a Contributor License Agreement, allowing them to distribute LXD as proprietary software.

This youtuber, Zabbly, is the primary developer of Incus, and they livestream lots of their work on youtube.

11
Cuttle (en.m.wikipedia.org)
 

This card game looks really good. There also seems to be a big, open source server: https://github.com/cuttle-cards/cuttle

 

Source: https://0x2121.com/7/Lost_in_Translation/

Alt Text: (For searchability): 3 part comic, drawn in a simple style. The first, leftmost panel has one character yelling at another: "@+_$^P&%!. The second comic has them continue yelling, with their hands in an exasperated position: "$#*@F% $$#!". In the third comic, the character who was previously yelling has their hands on their head in frustration, to which the previously silent character responds: "Sorry, I don't speak Perl".

Also relevant: 93% of paint splatters are valid perl programs

 

https://security-tracker.debian.org/tracker/CVE-2024-47176, archive

As of 10/1/24 3:52 UTC time, Trixie/Debian testing does not have a fix for the severe cupsd security vulnerability that was recently announced, despite Debian Stable and Unstable having a fix.

Debian Testing is intended for testing, and not really for production usage.

https://tracker.debian.org/pkg/cups-filters, archive

So the way Debian Unstable/Testing works is that packages go into unstable/ for a bit, and then are migrated into testing/trixie.

Issues preventing migration: ∙ ∙ Too young, only 3 of 5 days old

Basically, security vulnerabilities are not really a priority in testing, and everything waits for a bit before it updates.

I recently saw some people recommending Trixie for a "debian but not as unstable as sid and newer packages than stable", which is a pretty bad idea. Trixie/testing is not really intended for production use.

If you want newer, but still stable packages from the same repositories, then I recommend (not an exhaustive list, of course).:

  • Opensuse Leap (Tumbleweed works too but secure boot was borked when I used it)
  • Fedora

If you are willing to mix and match sources for packages:

  • Flatpaks
  • distrobox — run other distros in docker/podman containers and use apps through those
  • Nix

Can get you newer packages on a more stable distros safely.

 

cross-posted from: https://programming.dev/post/18069168

I couldn't get any of the OS images to load on any of the browsers I tested, but they loaded for other people I tested it with. I think I'm just unlucky. > > Linux emulation isn't too polished.

 

I couldn't get any of the OS images to load on any of the browsers I tested, but they loaded for other people I tested it with. I think I'm just unlucky.

Linux emulation isn't too polished.

view more: next ›