Yup. You can only add the nopax flag as root, so if your system is already hosed, not much else you can protect. Root has access to ring 0 so anything goes with access like that. Stuff like pax would slow them down for sure and stop script kiddies, but root access is root access.

No privileged accounts can’t do anything with the nopax flag. That’s why you should configure your system to not run things as root as much as possible. Personally; on desktops, I don’t even use a sudoer natively. I have to su into my sudoer account in order to run root commands.

GrSecurity adds so many layers of protections to the kernel. They are literally decades ahead of the vanilla Linux kernel in terms of security. With all of the hardened GrSec settings checked/configured correctly, it stops the majority of 0 ring exploits (at least when I was running it before they went full GPLv2).

PaX is an awesome part of GrSec. Mprotect stops any read and write and execute access to memory in both user and kernel lands (only rx or wx). Stuff like web browsers won’t work unless you have a program to mark it in elf to not use pax. However, this kills a lot of exploits with that turned on by itself (though there are probably work arounds if you are developing exploits which the other features would hopefully catch). That’s why people installed 3rd party unmainlined security patches, but that’s just me maybe idk.

I hope this venture will be more fruitful than the copy paste code that people kept trying to push to the hardened Linux kernel project (despite the maintainers best intentions and countless efforts to stop that)

Uhh sir Linus, this is a Wendy’s Linux kernel.

.

Why force your political beliefs on something that has nothing to do with?

Its about the same difference, but you can definitely tell the difference between 1600p and 720p.

I got a onexplayer for like $600 and it has the 7840u in it. No matter how you slice it, the 7840u is much more powerful than the steam deck. However, it doesn’t do well in low tdp. That’s what the steam deck is best at - low tdp gaming and battery life.

But so long as I’m near an outlet, I can play more AAA games and on much higher resolution and graphics than the steam deck for however long I’d like. On battery, only about 3-4 hours vs 6-8 hours on a steam deck.

I think the main reason Firefox isn’t on there is because redox os doesn’t use Wayland and x11. Porting firefox would be a massive effort unfortunately.

😂

If you want something like Mac, use elementary os.

For me, its the way they used procedural generation. Like its literally the same exact points of interests on every planet.

I remember going to a planet full of high level fauna and discovering a cave where you find a dead pirate that says these things are everywhere ahhhh. I thought it was cool. Next planet I went to had no fauna, and sure enough that same cave and dead pirate was in there saying the same thing with absolutely no fauna or enemy NPCs in there.

Its like they made 20 unique assets for the procedural generation tool to pick from. This is the exact laziness I found and drove me away from ESO. Just the same experience, with maybe a different faction here and there but the same points of interest over and over.

Other than that, I liked it. Basically skyrim in space. But very empty and they forced you complete like a 2 -3 hour mission before stuff opened up to you. And another 20 or so hours before a mission locked skillset is introduced. Huge waste of time IMO.

Its an alright game if you have a lot of time to kill.

Me thinks its time to delete twitch account

If libre/open office isn’t your thing, there’s always cloud based ones like office365 and google docs.

I also found this. Never heard of some of these things, so I can’t really recommend them.

https://itsfoss.com/libreoffice-alternatives-linux/

You can also use ms word in wine if you’re writing. However; if you’re opening docs from the internet, I wouldn’t recommend opening them up in anything running in wine. Remember, wine is a windows emulator based on windows 2000.

Good find! I want to test this out this weekend :)

Look for something that can do rtsp streaming. Reolink, amcrest, ect. Its all cheap Chinese cameras that almost definitely dial out to some Chinese server.

What I do is have all cameras connected on a wireless router with no internet, use zoneminder on a Linux that is connected to my home network via Ethernet and the camera network via WiFi, and allow https into my home network from my VPN

Tell me, how is Zelinsky not a fascist? He and his government has been persecuting the Ukrainian Orthodox Church for well over a year now, countless Nazi groups in his military wearing pagan Nazi symbols. Heck, Canada recently “honored” a general that was literally in the Nazi army back in WW2 and Zelinski said he’s a “Ukrainian hero”

But the add-on isn’t sandboxed like in chrome. Like i remember, depending on if you use an external MAC like apparmor or not, where if you’re runnimg in Linux and you’re using Firefox, websites could steal your ssh keys from ~/.ssh/

Malicious addons or websites could easily do the same thing, and steal your bitwarden credentials. Unless you have the premium version, you can’t put otp on it.

deleted by creator

My biggest problem is the security and sandboxing around Firefox. I use both, but I feel my passwords are safer in Chrome tbh

Memory eternal

In the realm of firewall applications, i use the following: ° Ipfire is easy to use, but lacks ipv6 support and it doesn’t have otp. It has lots of packages though.

° Alpine is good, if you don’t want a GUI or want to spend time figuring out how to build a web ui (really good for beginners as its mostly xml)

° openwrt is good fit for low end hardware (SPARC or arm processors mostly) but also works on x86.

° opnsense - like pfsense, but more up to date. Has some quirks in it (like if you block both incoming and outgoing, but just want to allow 80/443, the rules look weird…like the direction you have to allow is in, but destination is 80/443. Very strange bug that isn’t in pfsense).

° hardenedbsd firewall - literally just opnsense but with hbsd’s fully patched kernel. No repo though.

That being said, you can make any distro a firewall, just use iptables/pf/ipfw/ipfilter rules through command line, and you can add anything in that distros repo you can think of.

Personally, I’d advise to use opnsense over pfsense. Opnsense kernels are more up to date, and the devs are less toxic.

Ipfire is a Linux alternative that is easy to use, just no otp.