@TCB13@lemmy.world cover
@TCB13@lemmy.world avatar

TCB13

@TCB13@lemmy.world

This profile is from a federated server and may be incomplete. Browse more on the original instance.

TCB13 ,
@TCB13@lemmy.world avatar

So... why don't you transition to Debian and use it for the next 20 years? :)

TCB13 ,
@TCB13@lemmy.world avatar

You can always do what a lot of people are doing, use Debian as your base OS and install all software via Flatpak, solid OS with the latest software. Doesn't get any faster :P

TCB13 , (edited )
@TCB13@lemmy.world avatar

None, because a phone is useless without applications.

Edit: I'm all for a truly open-source phone with no tracking but at some point things must be useful as well and applications from the Play Store or App Store are something people have to get and use everyday. For instance in my country, if you exclude browser-based banking no bank will work those Linux phones and the NFC / contactless payment system here requires either Apple Pay, Google Wallet or a proprietary app develop by a banking alliance. Govt provides electronic versions of your identity card, driving license and a ton of other cards related to the govt that also require an Android/iOS app they make... Even something simple like setting up a TP-Link Tapo wireless security camera will require an app these days.

TCB13 ,
@TCB13@lemmy.world avatar

Oh yeah, my bank will definitely support Linux phones lol

TCB13 ,
@TCB13@lemmy.world avatar

If your banking app is proprietary

Are you drunk, what bank doesn't have a proprietary application? lol

TCB13 ,
@TCB13@lemmy.world avatar

Yes, even GrapheneOS or Calyx will provide a much better experience.

TCB13 ,
@TCB13@lemmy.world avatar

TL;DR: If you just care about having something that works reliably then install Debian + GNOME + Software as Flatpaks. You’ll get a rock solid system with the latest software.

About the desktop environment: the “what you go for it’s entirely your choice” mantra when it comes to DE is total BS. What happens is that you’ll find out while you can use any DE in fact GNOME will provide a better experience because most applications on Linux are design / depend on its components. Using KDE or XFCE is fun until you run into some GTK/libadwaita application and small issues start to pop here and there, windows that don’t pick on your theme or you just created a Frankenstein of a system composed of KDE + a bunch of GTK components.

TCB13 ,
@TCB13@lemmy.world avatar

I had a lot of issues when installing Debian after some days, because of a non-optimal suggested partitioning layout, misconfigured mirror-server list or network for example.

For what's worth I never had those kinds of issues with the Debian installer, to me it seems that anyone capable of installing Windows 10/11 is capable of installing Debian on the bases of "next > next > next" everything as defaults and will get to a working desktop.

I've seen a few people complaining about the Debian installer but I never had issues at all. From servers to laptops always seems to get things right for me.

TCB13 ,
@TCB13@lemmy.world avatar

Maybe something (very) hardware specific?

(Hypothetically) How terrible would Privacy be if using dial-up internet in modern day?

I was born in 2002 and wasn't really much exposed to the internet until 2012. I saw my older brother and sister watching YouTube on my Dad's laptop in 2007 with a (presumably ethernet) cable, but I'm sure they weren't using dial-up, and I think most people had abandoned it by that time....

TCB13 ,
@TCB13@lemmy.world avatar

how dial-up worked, and saw that it was still possible to set up in modern-day; so it got me wondering what the privacy implications would be if I hypothetically were to use it. I imagine it would be terrible!

Actually we would be way better if anyone was still using a 56k dial-up. Just think about it, with 56k websites couldn't store 2000 different cookies and run 30000 XHR requests to 3rd party analytics companies as it would take more time to get them than actually load the content. :)

Either way the fact that you're running on a dial-up doesn't mean your connection isn't secure, PPPoE can be used in the same way is used for FTTH links and it allows IP security features like authentication and encryption to be implemented.

TCB13 , (edited )
@TCB13@lemmy.world avatar

Paying for piracy is pointless and stupid. Piracy means free and solid access to content and paying for it means the complete subversion of that. 👎 👎

For that I would be better by just paying for some stupid streaming service and having something more convenient / not having to deal with anything.

Long live torrents.

TCB13 , (edited )
@TCB13@lemmy.world avatar

I won't pay for piracy and that includes a pointless piece of shit VPN that won't protect you anyways if things get serious.

TCB13 , (edited )
@TCB13@lemmy.world avatar

If "feds decide to do something about piracy" I'm sure as shit your cheapo VPN isn't going to protect you against them. People bought into all the marketing from VPN providers, that's what's really going on.

TCB13 ,
@TCB13@lemmy.world avatar

C'mon you've plenty of private trackers you can join with an invite from someone else and nobody will easily track you like they can do in public torrents.

TCB13 ,
@TCB13@lemmy.world avatar

But man, paying for pirated content? Even if you ignore everything else, it's over the line.

TCB13 ,
@TCB13@lemmy.world avatar

Are you 12?

TCB13 , (edited )
@TCB13@lemmy.world avatar

https://iknowwhatyoudownload.com/en/peer/ – Plug your IP into that. Private tracker torrents are still visible to the public.

What you're saying isn't correct, at least for properly configured private trackers and clients.

I did try that website and that's the thing, the only torrents that show up are public ones. Torrents from private trackers like iptorrents are not showing on that list as expected. They don't show, because they can't access them, just read their about page and you'll understand why:

Our system collects torrent files in two ways: parsing torrent sites and listening DHT network

Any private tracker worth your time has DHT/PEX disabled for their torrents because if they didn't then the torrents were essentially public.

TCB13 ,
@TCB13@lemmy.world avatar

I do have an argument: https://lemmy.world/comment/7648533

Any free private tracker worth your time has DHT/PEX disabled thus making their torrents invisible for your typical govt / private entity searching for pirates. If those torrents aren't public and can't be searched indexed via DHT then the ISP or whatever knows you're using the bittorrent protocol but they don't know for what content. This particularly correct if you use sane settings in your torrent clients such as a blocklist + requiring encryption for all connections.

If you do those simple things and a use a private tracker you trust then your ISP/Govt can't point fingers at you, they've no way of knowing what you're downloading.

TCB13 ,
@TCB13@lemmy.world avatar

That’s exactly what I said it’s for “to check and make sure your configuration is correct”.

What you said was: "Private tracker torrents are still visible to the public" and this isn't true.

TCB13 ,
@TCB13@lemmy.world avatar

You’re not paying for the content, you’re paying for the server upkeep.

This is a very, very questionable statement, we all know that people do profit from selling access to piracy.

TCB13 ,
@TCB13@lemmy.world avatar

The thing is that private tracker aren't visible on that link.

TCB13 , (edited )
@TCB13@lemmy.world avatar

Nope, not a child. I just don't care specially when it comes to certain topics, or my English is actually bad.

But seriously, why would we pay for piracy by financing greedy VPN companies when you can get 98% of the security for free by using a good private tracker + requiring encryption?

TCB13 ,
@TCB13@lemmy.world avatar

Piracy isn’t purely about getting things for free, it’s about convince and preserving digital media too.

I agree with you when when it comes to preservation and sometimes even quality. But when it comes to convince nothing beats Netflix.

TCB13 ,
@TCB13@lemmy.world avatar

Here's a revised flowchart for you:

  • You need professional software like MS Word, Autodesk, Adobe, NI Circuit Design for collaboration with others > Stick with windows;
  • Any other case > Install Debian + GNOME + Software as Flatpaks. You'll get a rock solid system with the latest software;

Done.

TCB13 ,
@TCB13@lemmy.world avatar

Debian 12 has had at least two system breaking bugs in the last month or two,

What are you talking about specifically? I do manage dozens of Debian 12 servers and run it in one of my desktop machines since the release I didn't run into any issues so far, stable as usual but I would be interested in knowing about those.

I honestly don’t understand the love for Debian either.

Because, like Ubuntu, it's truly community driven, not subject to the whims of some corporation and more stable than the others.

Also recommending GNOME to anyone used to Windows is just going to frustrate them if they’re already hesitant.

While I get your point and I like XFCE very much, the “what you go for it’s entirely your choice” mantra when it comes to DE is total BS. What happens is that you’ll find out that while you can use any DE in fact GNOME will provide a better experience because most applications on Linux are design / depend on its components. Using KDE/XFCE is fun until you run into some GTK/libadwaita application and small issues start to pop here and there, windows that don’t pick on your theme or you just created a frankenstein of a system composed by KDE + a bunch of GTK components;

TCB13 ,
@TCB13@lemmy.world avatar

there are other word processors that are at least as good

Their only problem is that this isn't true. :P LibreOffice and friends might work for quick jobs in isolation and whatnot but once you've to collaborate with others and use advanced features like macros it's game over.

For what's worth LibreOffice can't even keep the default spacing on a bullet list consistent with what MS Word does and this is an issue if you share a document in works with someone else and then things appear in different places / pages.

TCB13 ,
@TCB13@lemmy.world avatar

That's because NextCloud is still the typical piece of shit of a software that never delivers as promised.

Simply setup a Webdav server with Nginx or use LoFloccus and sync the bookmarks with something like Syncthing.

TCB13 ,
@TCB13@lemmy.world avatar

Yes, I love it and don't get me wrong but there are many downsides and they all result from poor planning and/or bad decisions around how flatpak was built. Here are a few:

  • Poor integration with the system: sometimes works against you and completely bypasses your system instead of integrating with it / using its features better. To me it seems more like the higher levels are missing pieces to facilitate communication between applications (be it protocols, code or documentation) and sometimes it is as simple as configuration;
  • Overhead, you'll obviously end up with a bunch of copies of the same libraries and whatnot for different applications;
  • No reasonable way to use it / install applications offline. This can become a serious pain point if you're required to work in air gapped systems or you simply want to level of conservation for the future - it doesn't seem reasonable at all to have to depend on some repository system that might gone at some point. Note that they don't provide effective ways to mirror the entire repository / host it locally nor to download some kind of installable package for what you're looking for;
  • A community that is usually more interested in beating around the bush than actually fixing what's wrong. Eg. a password manager (KeePassXC) and a browser (Firefox/Ungoogled) both installed via flatpak can’t communicate with each other because developers seem to be more interested in pointing fingers on GitHub than fixing the issue.

Flatpak acts as a restrictive sandbox experience that is mostly about "let's block things and we don't care about anything else". I don't think it's reasonable to have situations like applications that aren't picking the system theme / font without the user doing a bunch of links or installing more copies of whatever you already have. Flatpak in general was a good ideia, but the system integration execution is a shame.

TCB13 , (edited )
@TCB13@lemmy.world avatar

but I suspect something will come along to address these issues and snatch the market away from Flatpak.

I believe it could only be fixed by a team from GNOME or KDE, they're the one in a position to develop something like Flatpak but deeply integrated with the system instead of trying to get around it.

For what's worth Apple did a very good job when it came to the isolation and containerization of desktop applications, but again only possible because they control both sides.

Apple enforces a LOT of isolaton, they call it sandboxed apps and it is all based on capabilities, you may enjoy reading this. Applications get their isolated space at ~/Library/Containers and are not allowed to just write to any file system path they want.

A sandboxed app may even think it is writing into a system folder for preference storage for example - but the system rewrites the path so that it ends up in the Container folder instead. For example under macOS apps typically write their data to ~/Library/Application Support. A sandboxed app cannot do that - and the data is instead written beneath the ~/Library/Containers/app-id path for that app.

And here's how good Apple is, any application, including 3rd party tools running inside Terminal will be restricted:

https://lemmy.world/pictrs/image/1d4655fa-f956-47fe-8797-130741a2e6bb.png

https://lemmy.world/pictrs/image/54effa3d-9f3b-48fc-a1a1-457d6d6b484b.png

I bet most people weren't expecting that a simple ls would trigger the sandbox restrictions applied to the Terminal application. The best part is that instead of doing what Flatpak does (just blocking things and leaving the user unable to to anything) the system will prompt you for a decision.

I believe this was the best way to go about things but it would require to get a DE team to make it in a cohesive and deeply integrated with the system. Canonical could do it... but we all know how Canonical is.

TCB13 ,
@TCB13@lemmy.world avatar

While what you say is true, the "portals" were an afterthought, an imposition to developers and a cumbersome and poorly documented solution. Just like the theming and most other things.

Instead of bluntly blocking things why can't Flatpak just simulate a full environment and just prompt the user whenever some application wants to read/write to file / unix socket at some path? A GUI capable of automatically enumerating those resources and a bunch of checkboxes like "app X and Y both have access to socket at /var/run/socketY would also solve most of the issues.

TCB13 ,
@TCB13@lemmy.world avatar

Because the user getting a hundred popups on app start for various files the app needs isn’t exactly a usable experience

It doesn't but until apps can declare on a simple config file what paths they require that's the way things should work. I guess that would motivate the developers who are packing into Flatpaks to properly list whatever files the application requires. If they don't, then the application will still work fine but be a bit annoying.

Also, blocking the app’s main thread (which is the only way you could do this) is likely to break it and cause tons of user complaints too.
Aside from apps using the APIs meant for the purpose of permission systems, there’s no good way to make it work.

Yet, macOS does and things don't go that bad, on the example how do you think they do it for command line tools? The system intercepts the request, show the popup and wait for the user input. I've seen the same happening with older macOS applications that aren't aware it could happen and yes, the main thread is blocked and the application seems to crash.

I thinks it's way better doing it this way and still have a somewhat productive container and isolation experience than just bluntly blocking everything - something that also breaks apps sometimes.

TCB13 ,
@TCB13@lemmy.world avatar

This video was all cool until he said "using spicy remote desktop protocol". That's when I knew it was all the typical bs guide that results in a slow system not usable for anything remotely close to real time. Also the guy is running without any GPU acceleration making things very bad.

TCB13 ,
@TCB13@lemmy.world avatar

Putting performance aside, you can but still raises some legal and billing questions.

TCB13 ,
@TCB13@lemmy.world avatar

I agree with you, but still the portuguese law is equally a violation of the EU human rights agreement.

TCB13 ,
@TCB13@lemmy.world avatar

Kind of, the law doesn’t actually say that it only applies to ISPs… technically speaking the Portuguese law could be applicable and enforced with a VPN provider is a court decided to do so. The legislation is kind of written in a vague way that may apply to more than just ISPs. So far they only pressured ISPs to block websites.

TCB13 , (edited )
@TCB13@lemmy.world avatar

but the processes are so fucking long that getting something blocked takes time, our ISPs fight almost every time (...) The only actual option to get something out of the internet is to find the server and shut it down.

Not the case at all around here (Portugal), the blocks are quick and ISPs don't even complain, they simply comply. What the law says is that there's a govt entity called IGAC that is allowed to ask ISPs to block a website (domain name) as long as the website is flagged as containing / hosting piracy or other form of copyright infringement. The only requirement is that IGAC has to notify the website owner asking to remove the content prior blocking. After 48 if the website is still hosting said content then IGAC will ask the ISPs to block it.

Since this is all DNS based one can, obviously, set their DNS servers as Google or Cloudflare and bypass the block. Now the problem is that this is all fun and games until someone in the govt decides to go against Cloudflare and other DNS providers, the law would allow them to easily do it the way its written.

TCB13 ,
@TCB13@lemmy.world avatar

Just because something is “technically” possible doesn’t mean its scalability and costs are a actually considerable option.

Any mid-range / price firewall solution is capable of effectively blocking most VPN solutions. Both OVPN and Wireguard VPN traffic is trivial to identify as such and block. Here's an example and another.

Btw, I’ve never seen something like that, my VPN worked even in China, and that must mean something…

China's great firewall works a little bit differently. They aren't actively blocking certain kinds of traffic by default because that would mean a large DPI effort they don't want to undertake. Also if you google a bit about it you'll find that people's experiences are mostly "my VPN worked fine for a day/week/month and then it was blocked". It seems they've some IPs and domains blocked and the rest is some kind of machine learning that applies rules as it sees fit, this guy here has a good analysis of it.

TCB13 , (edited )
@TCB13@lemmy.world avatar

That’s some authoritarian shitshow right there. But i think its not a violation of EU laws or agreements.

😂 😂 😂 well the irony is that this is the kind of "authoritarian shitshow" we got by electing the left. That and a tax on digital storage (flash drives, disks etc) because they might be used to hold piracy. Even phones are taxed.

TCB13 , (edited )
@TCB13@lemmy.world avatar

I mean if even one of those just shuts down service in or for Portugal the entire Internet is fucked instantly.

Yes, but what if the govt just politely tells them "look, we've a law about piracy and we think you should block websites at the DNS level like our ISPs are doing". Do you think Google / Cloudflare will fight it? They already have mechanisms for that in place for parental controls etc. so... the effort of adding a block list for a country shouldn't be a big deal.

TCB13 ,
@TCB13@lemmy.world avatar

Great piece of shit of a tax indeed.

TCB13 ,
@TCB13@lemmy.world avatar

As said, I’ve never seen a network that even tried to block any kind of VPN, and i have seen numerous networks… I kinda built them even. Good, i don’t think anyone outside of a clownshow authoritarian circlejerk would even try to do that.

All the serious companies (financial sector) I worked for so far did it, because as I linked is really easy with any cheap firewall solution.

clownshow authoritarian circlejerk

Well... a bank could be considerar that indeed, but you know, security concerns and all.

VPNs are very very necessary when you work with sensitive data in BtoB, wanna do remote checkup of a server? You better use a fucking VPN or you aint getting in.

So what? A company can use a firewall to block VPNs when the target IP isn't on some whitelist, or the source computer isn't authorized to use VPNs. On those high security setups at banks and whatnot client machines inside the company network won't need to touch a VPN to do a "remote checkup of a server" at some cloud provider as the network will be configured to internally route the traffic from all computers / users (backed by SSO/AD credential) to access those resources via a special VPN setup on some router / server.

Wanna help someone over TeamViewer? Thats not much different from a VPN…

Fortinet and WatchGuard can both distinguish a VPN from TeamViewer. They can actually do much more than that, even TeamViewer from RDP or VNC is just a couple of clicks on their UIs.

TCB13 ,
@TCB13@lemmy.world avatar

An Italian citizen or resident can go online and buy vpn service from me. There is not law im subjected to that says I can’t sell vpn services to Italians.

This isn't true. If you don't comply with the other law regarding the website blocks then the Italian govt will politely ask you to. If your business happens to be on another EU member state they might even try to get your local authorities involved in the asking. Either way, if you don't comply or they can't reach you (cause you're ouside the EU) they'll proceed to block your website / domains in Italy and no more business for you.

TCB13 ,
@TCB13@lemmy.world avatar

Its just impossible to even start a VPN from these systems unless you have administrator privileges, so im not used to your way of doing it.

That's also the policy for the majority of the machines/users but there are a few that do have admin privileges like IT teams and whatnot and even if they manage to install a VPN solution (the app would most likely get blocked by endpoint security either way) they couldn't communicate to the outside because the firewalls, as I described, are all set to block VPN traffic. Except for those situations I specified above.

The bottom line is: distrust everything, everyone and anything. Even if you can ensure nobody can install a VPN application on their computers, assume someone might get around that and add proper firewall checks and blocks as well.

TCB13 ,
@TCB13@lemmy.world avatar

You may face criminal charges if you’re from another EU country. Or if your business is very large the Italian government gets really interested they may be able to ask other govts for help.

foxy , to linux
@foxy@social.edu.nl avatar

Apparently my love language is installing @linux on the laptops of people I really care about.

TCB13 ,
@TCB13@lemmy.world avatar

As with providing any kind of support, it’s important to get out of your own head and understand what the person your helping wants and needs

Yes because someone that uses MS Word 6-8 hours a day certainly doesn't want to use Linux and have compatibility issues while sharing documents with others who do the same.

TCB13 , (edited )
@TCB13@lemmy.world avatar

I used to think that helping my other dumb grad mates with installing Linux made me look cool and I would be accepted. On the contrary, I looked like an idiot, now that I think of it. i became that weirdo support tech kid for the idiot professors, who could not tell the difference between Java and Javascript.

I guess the worst part is that people will eventually take advantage of you... and demand for more and more hours of your free support, hold whatever you installed against you like "after you did X... Y stopped working" etc. At the end of the day if you're proving free support it must be easy, quick why wouldn't they ask for more.

In their heads your efforts / help doesn't provide any value and if by any chance one day they are in a situation where you could bill them or someone for tech support they would rather call any other random tech support guy or company instead of calling you - after all they're looking for a "professional" now :)

TCB13 ,
@TCB13@lemmy.world avatar

Great post, lots of detailed information for new users. Now I'm gonna tell everyone what you conveniently omitted about what's driving immutable distros and what your "future" section should've looked like.

Immutable distros solve the same problem that was solved years ago with a twist: they're are all about making thing that were easy into complex, “locked down”, “inflexible”, bullshit to justify jobs and payed tech stacks and a soon to be released property orchestration and/or repository solution.

We had Ansible, containers, ZFS and BTRFS that provided all the required immutability needed already but someone decided that is is time to transform proven development techniques in the hopes of eventually selling some orchestration and/or other proprietary repository / platform in the likes of Docker / Kubernetes. Docker isn’t totally proprietary and there’s Podman but it doesn’t really matter because in the end people/companies will pick the proprietary / closed option just because “it’s easier to use” or some other specific thing that will be good on the short term and very bad on the long term.

“Oh but there are truly open-source immutable distros” … true, but again this hype is much like Docker and it will invariably and inevitably lead people down a path that will then require some proprietary solution or dependency somewhere (DockerHub) that is only required because the “new” technology itself alone doesn’t deliver as others did in the past.

People now popularizing immutable distributions clearly haven’t had any experience with it before the current hype. Immutable systems aren’t a new thing we've been using them since the raise of MIPS devices (mostly routers and IOTs) and we've have been moving to ARM and mutable solutions because they're objectively better, easier to manage and more reliable.

The RedHat/CentOS fiasco was another great example of these ecosystems and once again all those people who got burned instead of moving to a true open-source distribution such as Debian decided to pick Ubuntu - it’s just a matter of time until Canonical decides to do some move.

Nowadays, without Internet and the ecosystems people can’t even do shit anymore and the current state of things when it comes to embedded development is a great example of this. In the past people were able to program AVR / PIC / Arduino boards offline and today everyone depends on the PlatformIO + VSCode ecosystem to code and deploy to the devices. VSCode is "open-source" until you realize that 1) the language plugins that you require can only compiled and run in official builds of VSCode and 2) Microsoft took over a lot of the popular 3rd party language plugins, repackage them with a different license… making it so if you try to create a fork of VSCode you can’t have any support for any programming language because it won’t be an official VSCode build. MS be like :).

All those things that make development very easy and lowered the bar for newcomers have the dark side of being designed to reconfigure and envelope the way development gets done so someone can profit from it. That is sad and above all set dangerous precedents and creates generations of engineers and developers that don’t have truly open tools like we did.

This is all about commoditizing development - it’s a negative feedback loop that never ends. Yes, I say commoditizing development because if you look at it those techs only make it easier for the entry level developer and companies instead of hiring developers for their knowledge and ability to develop they’re just hiring “cheap monkeys” that are able to configure those technologies and cloud platforms to deliver something. At the end of the they the business of those cloud companies is transforming developer knowledge into products/services that companies can buy with a click.

TCB13 ,
@TCB13@lemmy.world avatar

😂 😂 😂

What counter arguments? If one doesn't understand how things like the Docker Hub, VSCode and the over-reliance on proprietary repositories is an issue I can't say much more. Immutable distros are just yet another door for that type of bullshit and it's a pretty obvious one.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • testing
  • tech
  • updates
  • drbboard
  • programming
  • til
  • wanderlust
  • bitcoincash
  • Sacramento
  • All magazines