sysadmin

joined 1 year ago
MODERATOR OF
 

Privacy Front-end Nitter:

https://xcancel.com/carlrichell/status/1815498238285562127

https://nitter.privacydev.net/carlrichell/status/1815498238285562127

Extracted from Twitter:

The first alpha release of Pop!_OS 24.04 with COSMIC will be released August 8th.

@jeremy_soller , Maria, and I join the System76 Transmission Log pod to chat about how COSMIC came to be and where it’s headed.

https://system76.transistor.fm/10

 

On their order page, it says "Ships within two weeks"

Cheers!

6
dbrand Framework 13 Skin (www.youtube.com)
submitted 11 months ago by sysadmin to c/[email protected]
107
submitted 1 year ago* (last edited 1 year ago) by sysadmin to c/[email protected]
 

Ever thought, "Why should I care about online privacy? I have nothing to hide." Read this https://www.socialcooling.com/

credit: [deleted] user on Reddit.

original link: https://old.reddit.com/r/privacy/comments/savz9u/i_have_nothing_to_hide_why_should_i_care_about/

u/magicmulder

The main issue isn’t that someone would be interested in you personally but that data mining may put you in categories you don’t want to be in. 99.9% correlation of your „likes“ and follows to those of terror suspects - whoops you’re a terror suspect yourself. You follow heavy metal bands and Harley Davidson? Whoops, you have a 98% likelihood of drinking and smoking, up goes your insurance rate. And so on.

u/Mayayana

Indeed. But most people here seem to have misunderstood your post. One of my favorite examples is from Eric Schmidt, chairman of Google, whoo said in an interview (on youtube) that if you think you have something to hide then maybe you shouldn't be doing what you're doing. (Like maybe the Jews on Kristallnacht shouldn't have been living in their houses?) Schmidt was later reported to have got an apartment in NYC without a doorman, to avoid gossip about his promiscuous lifestyle. :)

u/SandboxedCapybara

I always thought the like "no bathroom door," "no curtains," or "no free speech" arguments always fell flat when talking about privacy. Sure, as people who already care about privacy they make sense, but for people who don't they are just such hollow arguments. I think a better argument is real life issues that people always face. The fact that things like their home address, social security number, face, email, phone number, passwords, their emails and texts, etc could be out there for anyone to see soon or may already be is almost always more concerning for people. People trust companies. People don't trust people.

u/Striking-Implement52

Another good read: https://thenewoil.org/why.html 'I've Got Nothing to Hide' and Other Misunderstandings of Privacy

etc

 

Even after all these years firefox keeps using mozilla hidden directory instead of XDG base directories. For how long will this continue?

Watch https://bugzilla.mozilla.org/show_bug.cgi?id=259356 for updates to this request.

~/.mozilla/firefox/ is a mish-mash of data, config, and cache. It's not simple to unravel that. Beyond that, it would be a breaking change, and that requires more caution.

credit: u/yo_99 on Reddit.

original link: https://old.reddit.com/r/firefox/comments/vkgk78/why_does_firefox_keeps_using_mozilla_directory/

[–] sysadmin 12 points 1 year ago

There are two main aspects to coreboot in my opinion that differentiate it from other firmware ecosystems:

The first is a strong push towards having a single code base for lots of boards (and, these days, architectures). Historically, most firmware is build in a model I like to call "copy&adapt": The producer of a device picks the closest reference code (probably a board support package), adapts it to work with their device, builds the binary and puts it on the device, then moves to the next device.

Maintenance is hard in such a setup: If you find a bug in common code you'll have to backport the fix to all these copies of the source code, hope it doesn't break anything else, and build all these different trees. Building a 5 year old coreboot tree on a modern OS is quite the exercise, but many firmware projects are near impossible to build under such circumstances.

With coreboot, we encourage developers to push their changes to the common tree. We maintain it there, but we also expect the device owner (either the original developer or some interested user) in helping with that, at least with testing but more ideally with code contributions to keep it up to current standards of the surrounding code. A somewhat maintained board is typically brought up to latest standards in less than a day if a new build is required, and that means that everybody has an easy time to do a new build when necessary.

The second aspect is our separation of responsibilities: Where BIOS mandates the OS-facing APIs and not much else (with lots of deviation in how that standard is implemented), UEFI (and other projects like u-boot) tends to go the other extreme: with UEFI you buy into everything from build system, boot drivers, OS APIs and user interface. If you need something that only provides 10% of UEFI you'll be having a hard time.

With coreboot we split responsibilities between 2 parts: coreboot does the hardware initialization (and comes with its build system for the coreboot part, and drivers, but barely any OS APIs and no user interface). The payload is responsible for providing interfaces to the OS and user (and we can use Tianocore to provide a UEFI experience on top of coreboot's initialization, or seabios, grub2, u-boot, Linux, or any program you build for the purpose of running as payload).

The interface between coreboot and the payload is pretty minimal: the payload's entry point is well-defined, and there's a data table in memory that describes certain system properties. In particular the interface defines no code to call into (including: no drivers), which we found complicates things and paints the firmware architecture into a corner.

To help payload developers, coreboot also provides libpayload, a set of minimal libraries implementing libc, ncurses and various other things we found useful, plus standard drivers. It's up to each coreboot user/vendor if they want to use that or rather go for whatever else they want.

credit: [deleted] user on Reddit.

 

Hi everyone, I have just recently found out there is a thing like coreboot/libreboot, and I like the concept of it: fast(er), secure, open source, easy to flash and non-brickable process.

I’ve been trying to understand the basics behind it and it’s too difficult for me. I have some basic understanding of what BIOS / EFI is. And as I understand it, the core/libreboot is an open-source replacement for it. Great!

But what I’m interested in is understanding, how it manages to be better than the OEM’s BIOS? I understand that the nature of open-source is better than closed source software, but what I don’t understand is how this project manages to be better for end-user?

As I get it, it’s similar to Custom ROMs on Android. There is an OEM’s rom — say, Samsung — it makes its version of Android, and it’s good (in terms of how it works with the hardware), but usually with tons of bloatware and OEM never updates the phone after a customer bought it. Here we have Custom ROMs, like CyanogenMod / Lineage OS / Pixel Experience / etc. etc. Those ROMs somehow manage to keep the software updated for much longer time-frame, having extra functionality and even working faster. (Frankly, I don’t understand how do they manage to do that as well, and why it’s so difficult for OEMs.)

Is this something similar? I can understand the (ineffective) processes of big corporations, but I cannot understand how the developers manage to keep those things better, lighter, etc. Say, whether the OEM’s firmwares somehow bloated? Why is so then? Why won’t a big company like Gigabyte, Asus, Acer, etc. also use this product, why do they write so-closed-source BIOSes and EFIs then, if they can use something lighter and faster, and in so many ways better? As it’s advertised on the website of coreboot.

I’m not sure I keep the question simple, for others to understand, but if talking about the real hardware. Say, I have Asus MAXIMUS IV GENE-Z motherboard. Can I install coreboot on it (seems like yes, according to the website https://coreboot.org/status/board-status.html#asus/maximus_iv_gene-z), and if I can, will it miss some functionality comparing to its original EFI? I mean not that I need it, but I’m interested whether there’s something special in original firmware or not. There are many things on the website, at ‘ROG Exclusive Features’ and ‘Special Features’ sections, but I’m not aware if it’s something special or it’s just some marketing bullshit, is it located in the firmware, or it’s something entirely different they speak of in that section?

Please pardon me if the question is too newbish and was answered somewhere. I’ve tried to do my search and found no information on my question. I would appreciate any comment on this topic. Thanks!

edit: Found Why use coreboot? (reddit post) And it’s an interesting read itself, but it’s not the question I’m trying to find answer to.

credit: u/walteweiss on Reddit.

original link: https://www.reddit.com/r/coreboot/comments/bgjzth/how_does_coreboot_manage_to_be_better_than/

[–] sysadmin 1 points 1 year ago

Thank you for your interest :) Can you reply to the post on c/veracrypt so I can make you mod?

[–] sysadmin 1 points 1 year ago

off topic, to see the logo.svg:

/usr/share/icons/pop-os-branding

[–] sysadmin 1 points 1 year ago

I read between the lines, that you are aware of TOS.

So yes you can have ONE free account.

Each family member can have their own free account.

Should you have problems, you can contact support.

Or some says:

You can have more than one free account, provided you don't create too many, and there is no official limit on how many are too many.

a few answers given by Proton Mail Team in the past to that recurring question :

While you can have more than one free account — say, a backup email address — having too many free accounts is not considered an acceptable use of our service. Also please note that attempting to create multiple accounts will trigger more difficult verification methods such as Email or SMS.

https://www.reddit.com/r/ProtonMail/comments/kvym8o/is_it_allowed/gj3nlp6 (beware!)

As free accounts are subsidized by paying users, you cannot have too many free accounts. If you would like to have multiple addresses, you need to get a ProtonMail Plus or Professional plan.

https://www.reddit.com/r/ProtonMail/comments/lh2s23/help_me_my_email_was_disabled_due_to_abuse_and/gmvaxuo (beware!)

Generally, having multiple free accounts is not considered an acceptable use of our service to prevent abuse. However, if you don't use ProtonMail for bulk-signups, creating free accounts for others, sending spam, and other prohibited activities listed in our Terms and Conditions, you have no reason to be worried.

https://www.reddit.com/r/ProtonMail/comments/latls7/re_free_accounts_and_pricing/gluioph (beware!)

Generally, having multiple free accounts is not considered an acceptable use of our service to prevent abuse. However, if you don't use ProtonMail for bulk-signups, creating free accounts for others, sending spam, and other prohibited activities listed in our Terms and Conditions, you have no reason to be worried.

Alternatively, our Plus plan allows you to add five additional email addresses to your existing one, making it easier to have various addresses and manage them from a single mailbox.

https://www.reddit.com/r/ProtonMail/comments/mlkewt/multiple_protonmail_accounts/gto3fad

As we point out in our FAQ, generally, having multiple free accounts is not considered an acceptable use of our service, as it has often been misused and abused. However, if you don't use ProtonMail for bulk-signups, creating free accounts for others, sending spam, and other prohibited activities listed in our Terms and Conditions, you have no reason to be worried.

https://www.reddit.com/r/ProtonMail/comments/oaeyjp/is_multiple_accounts_prohibited/h3jahf7 (beware!)

[–] sysadmin 2 points 1 year ago

Looking at the published feature set of Cryptomator, it seems to be exclusively a file-based container. Whereas VeraCrypt additionally offers partition (including the system partition to protect the OS) and whole drive encryption.

Creating a quick Cryptomator vault, I noticed the key generation was automatic, VeraCrypt includes user-based input (mouse movement) as part of its key generation. In my opinion, done right / taken seriously, this offers better entropy.

VeraCrypt offers 15 encryption and 4 hash algorithms to choose from.

VeraCrypt also offers PIM (Personal Iterations Multiplier) modification / customization.

VeraCrypt can use a keyfile.

VeraCrypt offers hidden volumes for plausible deniability.

Looks like Cryptomator sets up a fairly deep directory structure, creating an encrypted file for each file added to the vault. This eludes to not only how many files are in the vault but also reveals size and date/time information. VeraCrypt’s container is just a single file of predetermined size, date/time stamp update is optional but off by default.

I believe these items make VeraCrypt more secure but at the cost of requiring the user to be more sophisticated.

I’m not a hater, Cryptomator’s ease of use may offer encryption to someone who may not otherwise leverage it and that is valuable.

Depending upon use case, performance may come into play which may be worth measuring.

[–] sysadmin 1 points 1 year ago

The two programs are used for different things. VeraCrypt encrypts your disk, Cryptomator encrypts per file. It means the file/folder structure is not encrypted, but at the same time you can sync encrypted files over the cloud. VeraCrypt doesn’t encrypt files on the file system itself, it encrypts the whole file system.

[–] sysadmin 1 points 1 year ago

Cryptomator is first and foremost meant to backup files on a cloud service, adding end-to-end encryption.

Vera Crypt is meant to encrypt a bunch of files, a disk partition or a system disk locally.

Both of them are needed, but their use case is completely different. You could use Vera Crypt to encrypt files before backing them up in the cloud, but it would be very inconvenient.

I think you can use Cryptomator for local encryption as well, but I'm not sure how it compares with Vera Crypt in that use.

view more: next ›