• 0 Posts
  • 35 Comments
Joined 1 year ago
cake
Cake day: June 5th, 2023

help-circle

  • Just gave it a try… Doesn’t appear to work for browser default search settings? I do a search and see results for about 2 seconds before it then shows their search page. I used https://www.qwant.com?q=%s for the query. Liked the search results I tested it with but not being able to use the search bar for quick searches is a deal breaker for me :(


  • What I did was just buy the tv I wanted for the hardware and block it from internet access by Mac address, then plugged it into the network with eth. I then put dns blocks on every request it made (I log things before blocking them, and did this on the scenario a kill switch gets messed up or something) and installed the media software from there. Smart tv made private.




  • If you’re very technical and understand Linux, security, etc in great lengths (such as how to setup your own iptables rules with looking for help or creating your own scripts), and really know what your doing, a rooted non-gapps lineageos (optionally microg) is a great choice, as long as you install things like AFWall+ and such to lock it down a ton. Heavy emphasis on “understanding” what you’re doing here, since if you don’t, a rooted device could be bad on security.

    If you’re not at that comfort level or have the time for that kind of stuff, GrapheneOS (unfortunately on pixel) is the best option.

    If you don’t want to give Google any of your money, and you don’t want to go into the super low level system control with root, the best option is probably still lineageos with microg (or without if you don’t need push notifications for anything).






  • Probably already said here, but it’s going to just come down to your end goal to know what distro fits what you’re looking for.

    I am personally a huge fan of Gentoo, another distro that’s all about “from the ground up” approach. It’s actually where I started with Linux and is how I became as proficient in it as I am today. In fact my internal server that does everything is running Gentoo as it’s OS… Has never had any problems in the last decade that would require a reinstall or anything crazy like that.

    But even as much love as I have for Gentoo, I have Linux Mint installed on my laptop. Why? Because it’s just more convenient when I need my full focus on the 10 other personal projects I’m working on… Also amazing on the gaming front. Doesn’t have nearly as much bloat as some other Ubuntu-based distros on first install, has a huge community support, and is just great all around to have.



  • Why not just self host? What happens when/if their service goes down without any warning? You lose everything?

    Got my things all on a server with RAID for redundancy and backup weekly to an external (encrypted) device, monthly to another that doesn’t stay at home. Also means I don’t have to rely on the Internet to use all my services if the ISP goes down, the firewall explodes, etc. Self hosting is the way to go!



  • Mikelius@beehaw.orgtoLinux@lemmy.mlGrub-btrfs troubles
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Edit: autocorrect being annoying

    Again, no Ubuntu expert here, so do this at your own risk (someone jump in and say this is a bad idea if it is). Not irreversible as you can just revert what I’m telling you via live CD, but just wanted to leave the warning.

    If uname -r shows the old kernel *-24, and grub update is choosing that instead of *-25, perhaps Ubuntu relies on the last change/created date or something weird. What you can check is if *-24 AND *-25 show up in /usr/src. If both are there, do (as root/sudo): mv /usr/src/*6.2.0-24* /root. Now run grub-update again. I think it should tell you which version it chose for the boot menu.

    Next try: grep 6.2.0 /boot/grub/grub.cfg to verify you see the new version.

    • If you see it, reboot and see if it starts with it. If you can’t boot, go through the liveCD and move that directories back to /usr/src, chroot to the drive (see https://www.turnkeylinux.org/docs/chroot-to-repair-system for how to do this properly), and after chrooting, run grub-update again.
    • If you don’t see it or get nothing back from grep, move the directory back and re-run grub-update to avoid not being able to boot back in. This wasn’t the fix we were hoping for.

    ^ this is all assuming Ubuntu puts its kernels in /usr/src and uses that location as reference to what’s available/installed. If you see nothing there, then something else will need to be attempted

    Edit 2: another thing to check is if the compiled kernels are in /boot. Basically follow the same instructions above but use /boot/*-24 instead. This might actually be what needs to be done now that I think about it, not necessarily /usr/src.


  • I don’t, but that’s because of how I have things setup around the network. While most people here say it’s because they don’t need it, I am in a position that I need SOMETHING simply because others in the household could bring in malware and rather than trust them to make smart decisions, I proactively monitor all network activity for anything unusual. That being said, I have clamAv installed and run a weekly scan, but my real “antivirus solutions” are as follows: A syslog server that’s connected to grafana/MySQL and alerts me based on very specific criteria. Along this, I’ve got my network firewall configured to block all “untrustworthy countries” in and out 100%, as well as use an IDS/IPS (also connected to syslog for alerts). Lastly, an internal DNS which grabs from like 20 sources that include some reliable lists with malware domains and such, and a custom list of my own that I add to as useful security news feeds hit my RSS feed with urls in their blog posts.

    Actually got a list of other things going on in the network to make it even more secure, but just wanted to list the main things that’ll give you a step up in the anti-malware front.

    None of this is buletproof without proper care for how you use the Internet, though.

    • Check for router/modem/firewall updates weekly if they can’t be auto updated
    • never click any links in an email even if you feel you know you trust it (exception to this would be something you KNOW is coming into your inbox, such as an account registration verification)
    • avoid tiny urls or suspicious looking urls when possible
    • don’t open ports unless you really really really know what you’re doing. If you absolutely need to open a port, then for the love of god define the source IP address/CIDR. Opening ports to the world includes opening them to cyber criminals
    • turn off upnp, I don’t care what that game or service you use says, it doesn’t need it

    You get the idea. My message got way too long and turned into a rant lol.