Thinking of trying to morph my Leap workstation into Tumbleweed (and potentially Slowroll once that project matures enough). I’ve seen that you can do it . I reckon I can rollback relatively easily via the BTRFS snapshots if it goes sideways, but just curious to see what others’ experience with doing so has been.
I have used TW for years, and never got bothered by a breaking change for more than a day. And that only happened twice.
The only thing that keeps bothering me with Opensuse is their obsession with asking for a root password (and not for yours if you are an administrator, I mean the root user password) for every damn thing. Even installing a fucking user Flatpak requires a fucking root password !
Like I said, last time I checked even a “user” level Flatpak required to use the root password to install. But it may have changed (for the better) since, which is a good thing.
Still, my main point is that most the paranoia of the default OpenSUSE settings is way overboard, and should be toned down quite a lot. A lot of action that would ask for the user password, if not no password at all, requires the root password on OpenSUSE.
I want to use OpenSUSE over Ubuntu or Fedora, I even started contributing back with some package updates here and there, but I just can’t because of those bothering root password prompts everywhere.
(I know that this is about selfhosting, but I am forced to use cloud services due to it not being viable to selfhost because of DSL internet speeds in my house, and I need this to be accessible outside my home.)...
You may want to take a look at Fairphone if you want a phone that gets updates for a long time. The current one will be supported at least until 2028, maybe 2031.
This will be a quick post. We have received a phishing mail to our [email protected] mail address telling that they are “lemmy.world Security Team”, telling that they will “disconnect” your account from our instance. This is ofc, not us. Do not fall for it! The attached image is how the mail looks like....
Both are instructions sets. They are part of the equation that gives a CPU its “power”, but it isn’t the only reason.
What gives ARM its power efficiency edge is its smaller instructions set, which translate to smaller die size to do the same work, which is also its Achilles heel as it means that some workload that uses those missing instructions need to be either translated by the hardware or the software, or it will just not work. Both have their own inconvenience (bigger die size and less energy efficiency or bigger overhead and slower execution.
But for workloads that do not use x86’s specificities, ARM is very competitive.
People who have turned to X for breaking news about the Israel-Hamas conflict are being hit with old videos, fake photos, and video game footage at a level researchers have never seen.
The components to make the phone able to decode FM radio take place. Which, in such small device, is valuable. If you really need FM radio for emergency situations, why not take a dedicated miniaturized FM radio receiver?
There is no such thing as “free” functionality in hardware. Old SoC may have had this functionality, but it was at the cost of some die space, that has since been reclaimed by other function more useful to most users.
Not the same radio frequencies, not the sames technologies (analog vs digital). Those radio hardware are very specialized, and won’t work on frequencies or technologie they are not meant to.
I’m reopening this topic for the time being, after cleaning up de xenophobic/bigot comment. Please stay civil, remember to criticise ideas, and not people.
As I said in your last post, excessive self-promotion is against the rules (rule 3). What made me remove it isn’t the content, but rather the lack of content. It was kinda just a link to your new community. 😅
For the this one you took the time and effort to make an elaborate post, opening it up to discussion. That’s better imo.
Some other mods may argue that the last paragraph asking to check your profile may be a self-promotion in disguise (so rule 3, again), so maybe remove that. Other than that it looks good to me.
This post has been reviewed as valid by the mod team
For everyone infosec culture, hashing and salting password consist in using one-way mathematical functions to encrypt passwords. It is a very commonly used security practice to make it more difficult for an attacker that was able to steal a database to obtain the password. As the website is unable to decrypt said password (thank to the one way mathematical function), the only way to send you back your password in this manner is to have it unhashed and unsalted in his database.
But
In the current case, this is a registration email, which may have been sent before the initial hashing and salting. In this case we cannot say for sure if Larion Studios indeed have unhashed and unsalted password in his database.
The concept of hardware key is precisely to be removed as soon as you are not in front of the device.
In my case, I’m using one this way. It is tethered to myself with a metal chain, so as soon as I’m not in front of my computer, they are separated and my sensitive data protected. Of course it won’t prevent someone from threatening to harm me in order to get access to said key, but he might as well do the same to get access to any kind of password.
Unfortunately I’m in one of those jurisdiction where you have to give password if asked by a competent authority (France). If confiscation during transit is a threat in any place I go, my FIDO2 key take another route than I do.
If the authorities ask you for your password to unlock a device for a valid reason, it is legitimate for them to be able to force you to reveal your password. Even taking it into account, you can refuse, but you’ll be fined for it.
Those access are logged, and pretty limited if they want to use it as proof against you later. Even if they find something damning against you, if the procedure isn’t respected, they cannot use it against you.
I don’t know why you need such tight security that it has to protect against legitimate law enforcement, but if they really want to get to your data, you can trust me, no amount of TPM, security keys and the like will prevent them to lock you up untill you give them your keys.
Except if you cannot, in which case a removable hardware key which do not stay with you unless you are actively use it is the only solution. Most of them have passkeys to prevent them to be used if stolen.
If what you seek is a repairable phone, check out the Fairphone 5. Got mine for a week now (transparent édition), incredible little machine. Not as waterproof as an IPhone, but way more repairable. And supported until at least 2028 (maybe 2031).
Since the game isn’t quite finished yet I’ve resorted to making development logs on YouTube that goes over how I create different systems of my game. It’s a 2.5D beat-em-up RPG that follows a hero looking for a lost prince....
After talking with the other moderators and watching the video in his entirety, we debated if we should remove this post. Most of us agreed that this fall under Rule 3 as you can be interpreted as trying to surf on the Unity-hate wave. Thus, excessive self-promotion.
Most of your video is about your developing your game, with a part about the Unity controversy at the end (from 4:06 to 5:48). We’d like you to reflect that in your title. As it is the first time, and your video itself being interesting, I won’t remove this post, if you change the title to something better reflecting the video content.
Have you been spending hours trying to pass a level? Or maybe you are completely addicted to a newly bought game. Do you have a question about a game or would like to share something else? In the Weekly Discussion Thread, you can do it all!...
I saw a chance to academically cooperate with an university in Dresden. I wanted to learn more about the city and found this: www.bbc.com/news/world-europe-50266955(Sorry for a BBC link)....
That not a shower tought. This is more in line with an “asklemmy” or something like that.
In another hand, even if it is true, you’d be able to add your non-far-right ideas in the mix, and tip the balance in the right (well, left in this case) direction.
Our world is going to shit because we are shutting ourselves into our own little echo-chamber, with fuel both extreme as it prevent people to see the nuances that make the real world.
The same can be said from many other political trends. Staline was a mass murderer too, but many communist downplay it a way or another.
In both case, they only see what they want to see. They don’t have the courage to go and see the other side viewpoint.
But if we don’t even make the effort to go and talk with them, can we even ask them to do the same?
No matter how extreme some people’s views can be, they are the result of their lives. Being a positive part of their life, while disagreeing with them, is also a way to convince them to consider changing their views.
In my case I already tried to contribute to OpenSUSE, but to keep interest I want to be able to daily drive it. But for now there is a significant number of blockers that prevent me from doing this.
First, the unconfigured default state where Root and only him can do privilegied talks. OpenSUSE is the only distro, to my knowledge, to leave Sudo unconfigured. This result in asking for root password for literally any task. And even once Sudo had been properly configured, Polkit rules are so tight you need to type Root password for many thing more user friendly distroes like Fedora and Ubuntu execute without asking for any password.
And the bloat of the packages patterns are horrible. The base install comes with multiple softwares that are either usefull to almost no one, or that do the same thing as other does. Like xterm installed alongside Gnome Terminal by default, or tigervnc and Gnome Connexion.
It is horrible enough for me to have started my own repositories on OBS to be able to remove some of this bloat by building my own preconfigured package and less bloated patters.
Hey everyone, how do you evaluate the company Proton AG, the owner of Proton Mail and Proton Pass? I’m in the process of migrating some accounts to their platform, but I’ve always been wary of using a password solution, especially after the LastPass incident. I used to use Keepass stand alone, but it’s quite cumbersome....
All Proton services are e2e encrypted, so even if they are breached, there is little data available without having to crack each user keys.
Still, the password manager is still new, and there is still a lot to iron out. So I would advise against using it as main password manager. But it is promissing.
I uses Proton services for a long time, and am a paid user for more than 6 years (and more if you count when I was on the free version). I never had any problem with them, and had at worst a day of downtime when they got ddos some years ago.
Services are solid and well designed, feedback are listened to, only downside is a closed-source backend (but the frontend is open-source, if I recall well).
Only thing to take into account. If you loose your password somehow, you loose all your data. So keep the recovery keys very preciously.
I’m not a proton employee, so I can’t give you the exact process used, but basically Protonmail probably uses asymmetrical encryption to encrypt incoming emails as soon as they receive it.
Asymmetrical encryption uses two keys. A public one, and a private one, both linked together by two one-way mathematical function. The public one can be used by anyone to encrypt a message using said one-way function, but cannot be decrypted without using the private key, which is itself encrypted by your password (which is both unknown to Proton, that why you cannot recover your data if you forget your password), and probably other parameters like your main Protonmail email address.
Now, on the client side, your password (and any other parameters) are used to locally decrypt the private key, which in return is used to locally decrypt the data send by Protonmail servers.
Sure, it isn’t true E2E encryption, but it is the closest to it you can get while talking with another server that do not support E2E encryption.
But there is more. If you send an email to another Protonmail client, said email will be truly E2E encrypted as both client will have access to each other public key, allowing them to encrypt the message on the client side, which will prevent Protonmail from ever read it. If I’m not mistaken, sames goes with any PGP enabled client (like Thunderbird with the Enigmail addon).
J’ai découvert un truc intéressant. N’importe qui peut ouvrir n’importe quelle instance Lemmy avec un simple serveur. C’est la force du Fédiverse, mais c’est aussi une faiblesse. N’importe quel spammeur peut créer une instance pour pourrir les autres, ou diffuser du contenu problématique (pédo par exemple)....
Pour le coup il y a probablement moyen de corriger ce problème en limitant l’affichage à “blocked by” (comme ça on peut savoir pourquoi lemmygrad est bloqué par lemmy.world), sans pour autant lister les instance bloqué par tel ou tel instance.
Comme ça les pedophiles auront à chercher specifiquement le nom de l’instance, qu’ils devront connaître à l’avance, plutôt que de se voir offrir une liste sur un plateau d’argent.
Video editor for Linux?
I’m looking for a program that can cut video, adjust exposure levels, color correct, stabilize and encode....
OpenSUSE Leap 15.5 -> Tumbleweed conversion
Thinking of trying to morph my Leap workstation into Tumbleweed (and potentially Slowroll once that project matures enough). I’ve seen that you can do it . I reckon I can rollback relatively easily via the BTRFS snapshots if it goes sideways, but just curious to see what others’ experience with doing so has been.
[Actu] Steam annonce le Steam Deck OLED (www.steamdeck.com) French
Plus rapides que Nintendo 🤡...
FCC to propose a minimum 100mbps to qualify as broadband, with a future goal of 1gbps (docs.fcc.gov)
Is it possible to run Nextcloud and Wordpress on one low-spec server? (using Docker/Podman)
(I know that this is about selfhosting, but I am forced to use cloud services due to it not being viable to selfhost because of DSL internet speeds in my house, and I need this to be accessible outside my home.)...
27th October is National Black Cat Day (UK) (feddit.uk)
Cats Protection UK Website - National Black Cat Day...
"Orange Cat" by Sarah Andersen (64.media.tumblr.com)
Source: Website - RSS
So long, small phones (www.theverge.com)
Bandit stole my seat. (lemmy.ninja)
Living up to his name.
Phishing Mails (lemmy.world)
This will be a quick post. We have received a phishing mail to our [email protected] mail address telling that they are “lemmy.world Security Team”, telling that they will “disconnect” your account from our instance. This is ofc, not us. Do not fall for it! The attached image is how the mail looks like....
Qualcomm will try to have its Apple Silicon moment in PCs with “Snapdragon X” (arstechnica.com)
The Israel-Hamas War Is Drowning X in Disinformation (www.wired.com)
People who have turned to X for breaking news about the Israel-Hamas conflict are being hit with old videos, fake photos, and video game footage at a level researchers have never seen.
POV) You use Windows 11 and set up Pihole for the first time. (sh.itjust.works)
This is AFTER debloating all the MS bs as much as I can....
Phones should have FM radio again (www.spacebar.news)
Chinese video games are on the rise, but I wish they got more respect (www.theguardian.com)
How the Assassin's Creed Mirage logo and its celebration of Arabic calligraphy came to life (www.gamesradar.com)
On the Radar | The making of the Assassin's Creed Mirage logo and its hidden meaning
Is anyone interested in a Disney Lorcana TCG Community?
Hey Everyone,...
Larion Studios forum stores your passwords in unhashed plaintext. (lemmy.world)
Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.
Question: is systemd-homed ready for everyday use yet?
Hi! I want to try out fedora workstation in the near future (once 39 is out) and was wondering if systemd-homed is ready for everyday use yet....
A new smartphone again? Rethink unhealthy culture of frequent upgrades (www.straitstimes.com)
SO. MUCH. THIS.
I had a journey (lemmy.ml)
Reading about FOSS philosophy, degoogling, becoming against corporations, and now a full-blown woke communist (like Linus Torvalds)
So, I'm making a game and making development logs of it to show how I'm making the game.
Since the game isn’t quite finished yet I’ve resorted to making development logs on YouTube that goes over how I create different systems of my game. It’s a 2.5D beat-em-up RPG that follows a hero looking for a lost prince....
The Weekly 'What are you playing?' Discussion - 25-09-2023 (lemmy.world)
Have you been spending hours trying to pass a level? Or maybe you are completely addicted to a newly bought game. Do you have a question about a game or would like to share something else? In the Weekly Discussion Thread, you can do it all!...
Dresden
I saw a chance to academically cooperate with an university in Dresden. I wanted to learn more about the city and found this: www.bbc.com/news/world-europe-50266955(Sorry for a BBC link)....
OpenSUSE seeks a Leap replacement, but will distro community rise to the challenge? (www.zdnet.com)
Seeking Input on Proton AG: Trustworthiness and Security
Hey everyone, how do you evaluate the company Proton AG, the owner of Proton Mail and Proton Pass? I’m in the process of migrating some accounts to their platform, but I’ve always been wary of using a password solution, especially after the LastPass incident. I used to use Keepass stand alone, but it’s quite cumbersome....
[fediverse] Chaîne de confiance entre instances
J’ai découvert un truc intéressant. N’importe qui peut ouvrir n’importe quelle instance Lemmy avec un simple serveur. C’est la force du Fédiverse, mais c’est aussi une faiblesse. N’importe quel spammeur peut créer une instance pour pourrir les autres, ou diffuser du contenu problématique (pédo par exemple)....