oh, sorry about that, I didn’t realize this could be bad for mobile users. All I needed was a command that could display all system info like distro name and version, kernel version, DE version, etc, I didn’t necessarily need the distro logo and some other useless info in there.
the little effort involves taking the piss, just taking ourselves less seriously, we’re only messing around online. And btw no info in neofetch is relevant :P
Seriously, unless you are extremely specialized and know exactly what you are doing, IMHO the answer is: Always (and even being extremely specialized, I would still enable a firewall. :-P)
Operating systems nowadays are extremely complex with a lot of moving parts. There are security relevant bugs in your network stack and in all applications that you are running. There might be open ports on your computer you did not even think about, and unless you are monitoring 24/7 your local open ports, you don’t know what is open.
First of all, you can never trust other devices on a network. There is no way to know, if they are compromised. You can also never trust the software running on your own computer - just look at CVEs, even without malicious intentions your software is not secure and never will be.
As soon as you are part of a network, your computer is exposed, doesn’t matter if desktop/laptop, and especially for attacking Linux there is a lot of drive by attacks happening 24/7.
Your needs for firewalls mostly depend on your threat model, but just disabling accepting incoming requests is trivial and increases your security by a great margin. Further, setting a rate limit for failed connection attempts for open ports like SSH if you use this services, is another big improvement for security. (… and of course disabling password authentication, YADA YADA)
That said, obviously security has to be seen in context, the only snake oil that I know of are virus scanners, but that’s another story.
People, which claim you don’t need a firewall make at least one of the following wrong assumptions:
Your software is secure - demonstrably wrong, as proven by CVEs
You know exactly what is running/reachable on your computer - this might be correct for very small specialized embedded systems, even for them one still must always assume security relevant bugs in software/hardware/drivers
Security is a game, and no usable system can be absolutely secure. With firewalls, you can (hopefully) increase the price for successful attacks, and that is important.
You may also want to check up on regulations and laws of your country.
In Belgium, for instance, I am responsible for any and all attacks originating from my PC. If you were hacked and said hackers used your computer to stage an attack, the burden of proof is upon you. So instead of hiring very expensive people to trace the real source of an attack originating from your own PC, enabling a firewall just makes sense, besides making it harder on hackers…
That’s a strange law. That’s like saying one should be held responsible for a thief stealing their car and then running over someone with it (well, perhaps an argument could be made for that, but I would disagree with it).
Seriously, unless you are extremely specialized and know exactly what you are doing, IMHO the answer is: Always
In what capacity, though? I see potential issues with both server firewals, and client firewalls. Unless one wants their devices to be offline, there will always be at least one open port (for example, inbound on a server, and outbound on a client) which can be used as an attack vector.
Distro Hopping seems to be such a big part of the “Linux experience.”
It’s not, it’s just a way to find the distro that suits you best.
If you’re already satisfied with what you have, there’s no reason to change and you’re not missing out on anything. If you’re ever curious about other distros, install Virtualbox and try them in a VM.
I stopped distro hopping years ago when I started using Linux MX (Debian based), I’m so happy with it that I have no intention to change ever again.
The only other distro I really like is LMDE (Mint based on Debian instead of Ubuntu), so I put that one on my laptop (MX on my gaming desktop).
I guess this is to figure out what is also possible on Linux, and getting to know that not all problems or missing features apply to other distros.
Sometimes you can lwarn amazing stuff, like a KDE distro can be customized to your liking while a Gnome desktop is a nearly forced workflow and design but can be slightly changed with buggy extensions.
I have a Surface Laptop 5 as my work laptop. I hate it with passion, it’s one of the worst laptops I ever used.
Beyond the lack of IO (not even a fucking hdmi port) and the piss poor cooling, the USB C display isn’t connected to the integrated GPU, it uses a different display adapter that is so bad the mouse stutters on high res displays.
The built-in display has a 3:2 aspect ratio. I wanted to use a lower resolution so I could disable scaling (having different scaled monitors is annoying to use), none of the “supported” lower resolutions are 3:2 and they all have ugly black bars.
It has a touch screen, but the lid only opens about 120 degrees, making it completely useless.
And it uses “special” locked down hardware that is very hostile to other operating systems like Linux.
I don’t think surface would make for a good work laptop, but I have amazing experience so far with using it for the ocassional traveling, or just as a carry-on.
I just Parsec into my desktop at home, and can comfortably work without having to deal with performance, and Surface is amazing for that.
I also really like the pen support, so I can make notes or draw bascially anywhere.
And I also use it for DJing, where it works pretty well and is compact enough to not be a bother carrying it around.
Yup. I think I needed to manually install the touch keyboard. But once installed, it works as expected. Touch the screen or remove the physical keyboard, and touch mode gets activated. Whenever touching a text field, the soft keyboard pops out. It’s massive, though (well, about the same size as the one for Windows).
So I could recommend a distro, as you asked (which would be Ubuntu) but instead I believe what’s better is making the switch… small!
In practice that means safety net and familiarity all around :
backup your data
backup your data… and not, that’s not a mistake, truly do it, now. Before you try something new, and scary. In fact… don’t touch your computer, get another one, a cheap one like a RPi4 or a relatively old laptop that a colleague hasn’t used for years.
copy, don’t move, your data to whatever distribution you picked
ideally have a dedicated hard drive in there for JUST the data, NOT the OS
play… have fun, truly. Try to use YOUR data, I mean the copy you have now that you don’t even care if you lose, and try to use them with the stock software that comes with your distribution, e.g OpenOffice or Blender or Kdenlive, or whatever you are into
delete it all! Don’t be afraid, you can do it, you have copies anyway
do it, again, again, keep a logbook or wiki or .doc file where you write down what you learn
rinse and repeat
this way you should find YOUR distribution in no time and you won’t be afraid of messing up!
Honestly it’s a fun adventure. I’ve been learning Linux and CLI tools decades ago and I’m still learning to this day so do not assume there is one solution you can find today and move, it’s a process, a long one, but a really empowering one IMHO.
That’s really what I’m doing on my debian server where I host my docker containers.
I don’t care if I brick my system while playing arround because every day at 00:00 a crontab job dumps all my database and saves all my docker volumes and docker-compose to an external HD and saves most important dotfiles and wireguard configuration.
Back Up and running in 30 min !
2 years in, still going strong and learning everyday something new, keeping everything I learn in a markdown file.
Personal CA with self-signed certificate by an intermediate CA chain
Wireguard tunnel routing all my devices traffic to protonVPN
Alot of docker stuff
Alot of networking stuff (DNS, cryptography…)
LVM, bash…
…
Wild ride, sometimes alot of frustration, but what an empowering experience !
Don’t. Arch, Ubuntu, Debian, OpenSUSE, and Fedora are used in the exact same way. Pick one of them and then trf different desktop environments, if you want you can download the configurations for distro from their source code
IF you want Steam, THEN please consider every variant in the official Ubuntu family.
Steam-support told me in their system, iirc in early 2023, that they ONLY support the Ubuntu family ( directly ).
As Linus Torvalds noted, it isn’t possible to release software that is going to work on all distros.
Even glibc has been broken by one, in that talk of his, and it wasn’t a niche distro, either, iirc.
Pick which subset you CAN afford to support, and do not add to that subset until you’re rolling in money, from your linux-customerbase.
( slight sarcasm on the last line, but business is business: destroying-resources costs, and if there is no benefit, it isn’t sane to continue doing it. )
Decide which capabilities/functions/apps you NEED, and then don’t even consider distros that break your required-set on you.
Other comments have hit this, but one reason is simply to be an extra layer. You won’t always know what software is listening for connections. There are obvious ones like web servers, but less obvious ones like Skype. By rejecting all incoming traffic by default and only allowing things explicitly, you avoid the scenario where you leave something listening by accident.
You should only hop if you know what you’re missing out on, if you don’t and don’t have any distro-specific problems, it’s just unnecessary. But if you really feel like it and have enough disk space, you can try dual-booting another distro and see which you like better.
I hopped because I wanted immediate updates and easy compiling (AUR) so I picked an Arch-based OS.
Distro hopping is pretty similar to changing instances on Lemmy. If you don’t have a reason, just keep using your current account.
A couple of decades ago, iirc, SANS.org ( IF I’m remembering who it was who did it ) put a fresh-install of MS-Windows on a machine, & connected it to the internet.
It took SEVERAL MINUTES for it to be broken-into, & corrupted, botnetted.
The auto-attacks by botnets are continuous: hitting different ports, trying to break-in, automatically.
I’ve had linux desktops pwned from me.
the internet should be considered something like a mix of toxic & corrosive chemicals: “maybe” your hand will be fine, if you dip it in for a moment & immediately rinse it off ( for 3 hours ), but if you leave you limbs dwelling in the virulent slop, Bad Things™ are going to happen, sooner-or-later.
I used to de-infest Windows machines for my neighbours…
haven’t done it in years: they’ll not pay-for good anti-virus, they’ll not resist installing malware: therefore there is no point.
Let 'em rot.
I’ve got a life to work-on uncrippling, & too-little strength/time left.
“but I don’t need antivirus: i never get infected!!”
then how come I needed to de-infest it for you??
“but I don’t need an immune-system: pathogens are a hoax!!”
get AIDS, then, & don’t use anti-AIDS drugs, & see how “healthy” you are, 2 years in.
Same argument, different context-mapping.
Tarpit was a wonderful-looking invention, for Linux’s netfilter/iptables, years ago: don’t help botnets scan quickly & efficiently to help them find a way to break-in…
linux
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.