Date: Tue, 17 Oct 2023 03:17:36 +0300 From: turistu To: oss-security@…ts.openwall.com Subject: with firefox on X11, any page can pastejack you anytime...
There’s one tiny little problem with the hijack scenario – people only ever paste from the primary selection immediately after selecting something themselves (and thus overwriting whatever was in there). That’s precisely because the primary selection is so easy to overwrite (basically when you select anything), so you want to select and then immediately paste so you don’t lose it.
So in reality this scenario in which a random page injects something in the primary selection and the user pastes it sometime later in a terminal, of all things, probably has like a million to one chance of occuring.
PS: Also, just for trivia, any user who’s been around the console for a while will hit Ctrl+C out of reflex when confronted with unexpected output, not Enter.
You can use the guide to install just Jellyfin and Qbittorrent.
You’ll have to do what the *arr are doing manually — search torrents yourself and track down each episode etc., then add them to Qbittorrent, then transfer the files to where Jellyfin expects them when they’re done downloading, look for subtitles etc.
It’s not as nice as the *arr setup because it can’t “take requests”, basically you have to be the one to get the stuff that your friends and family ask for and manage it with Jellyfin… on the other hand it’s much faster to get going — and you can always add *arr stuff later, one by one.
The GNOME Foundation is thrilled to announce the GNOME project is receiving €1M from the Sovereign Tech Fund to modernize the platform, improve tooling and accessibility, and support features that are in the public interest....
You can use Fuse to encrypt files on the fly using a wide assortment of schemas. The trick is to make it available at the right time to all the desktop apps (as the environment is starting up).
All of this is available already, for example I’m encrypting the files I sync to Dropbox and I mount the decrypted version to a dir on my desktop on startup. It’s not the entire home dir but you get the idea. It’s just gonna need some polish to become really smooth and user friendly.
Mandrake was pretty cool. The original user-friendly distro. I’ve never used it (was too deep down the rabbit hole running Red Hat to try something “friendly”) but I remember there was a bit of hype going back in the day about it.
What are your ‘defaults’ for your desktop Linux installations, especially when they deviate from your distros defaults? What are your reasons for this deviations?...
Well for one thing their driver support is apparently “harrowing”. 😊
I will never understand why people choose distributions that will brick themselves when the wind blows, so they add snapshot support as a band-aid, and then they celebrate “woo hoo, it takes pre and post snapshots after every package install!”
How about using a distro where you never have to restore a snapshot…
I also have 64 GB and yes, it gets used. For very low quantities, mind you, we’re talking couple hundred KB at most, and only if you don’t reboot for extended periods of time (including suspend time).
Creating a big swap is not needed, but if you add one that’s a couple hundred MB you will see it gets used eventually.
You don’t have to create a swap partition, you can create a swap file (with dd, mkswap, swapon and /etc/fstab). You can also look into zswap.
Swap is not meant as overflow “disk RAM”, it’s meant as a particular type of data cache. It can be used when you run out of RAM but the system will be extremely slow when that happens and most users would just reboot.
So what should happen when the user installs a service that needs an open port in order to work? Presumably the whole point of installing it being to, you know, use it.
And my point is that it’s not normal to fear updates. Any updates, but especially updates to essential packages like the kernel or graphics driver.
If you’re using the experimental branch of a distro or experimental versions of packages on purpose then snapshots are a good tool. But if you’re using a normal distro and its normal packages you should not have to resort to such measures.
I’ve never had a problem with ext4 after power failure.
Zram is not a substitute for swap. Your system is less optimal by not having at least a small swap.
Firewalls should never default to on. It’s an advanced tool and it should be left to advanced users.
Not to mention how much grief it would cause distro maintainers. If they don’t auto configure the firewall they get blasted by people who don’t know why their stuff isn’t working. If they auto configure they get blasted by people upset that the auto configurator dared change their precious firewall rules. You just can’t win.
I use a seedbox to run qBittorrent with Jackett, and have a bunch of sources on there. I know there are other methods, but that works for me and I’m comfortable with it....
Netflix “4K” is often hit and miss. It doesn’t always stream at a high enough bitrate even if it’s labeled 4K. Basically it’s anybody’s guess what encoding you’re gonna get at any given moment. I imagine that makes ripping quality very random.
I was wondering if a VPN would add any kind of security or privacy if one is connecting to a host with a client/browser that supports DNS over HTTPS and that host supports encrypted client hello. Is there a way for the ISP or anything in between to shape traffic or even know what is being accessed? The only thing that should be...
To add to what the others have said, a VPN requires one end to authenticate to the other. Regular HTTP and DNS connections don’t.
If you need to access a service remotely, doing it over VPN requires the user to authenticate (to use the VPN).
If you simply expose the service publicly, even if the connection to it is encrypted, it doesn’t prevent random strangers from accessing it or trying to break in.
Windows as a software package would have never been affordable to individuals or local-level orgs in countries like India and Bangladesh (especially in the 2000’s) that are now powerhouses of IT. Same for many SE Asian, Eastern European, African and LatinoAmerican countries as well....
group policies, single sign on, and so on. It’s possible to do that on Linux, but not as easily.
It is just as easy, if you have a sysadmin who knows what they’re doing. Which is the case for Microsoft too, you need someone knowledgeable for the implementation and management anyway.
This is where Windows being “free” and everywhere comes in, everybody buys Microsoft without a second thought.
I would argue there’s nothing to snip in the bud, since the home PC is a dying breed anyway. It is increasingly only used by hobbyists and professionals. Some people will use a laptop issued from work but the choice of OS in those cases is seldom theirs. Other than that it’s all phones, tablets, consoles, TVs etc.
That’s very common with Microsoft products too. Their vendors get to use @microsoft.com emails (distinguishable by an extra “v”) so they frequently pose as “auditors” to pressure businesses into buying licenses.
It’s a grey area because a business with all licenses in order would not care either way, but software being what it is it’s hard to stay compliant all the time even if you try, and that’s when the vultures descend.
For example say you appoint a new CTO and they realize your company of 200 PCs uses pirate Office copies, so they buy 200 genuine licenses, but they’re cut short of actually installing the matching Office version because Office is a piece of malware-acting crap and is actually very hard to completely purge from a domain install. So they end up holding correct licenses but using technically pirated versions. This is where a genuine audit would not care (you paid for the newer version and are using the older, crappier version; due to their fault, I might add? you do you Microsoft got paid) — but an unscrupulous vendor would try to scare you into paying more to “fix it”.
Finally got back into sailing the high seas and, first thing i did after getting plex set up was get parks and rec since ive missed it so bad after it left netflix. Its great so far but occasionally it loses track of what ive watched and picks up in the middle of like 9 episodes back?...
Hi, I’m trying to find the subtitles for Harmy’s “Despecialized” Star Wars remakes and I was wondering if anybody has any ideas. The original website for Project Threepio points at a blog that seems abandoned and an old private tracker (MySpleen) that never opens to public anymore. Even just the English subs would be...
Despecialized are sub-720p edits based mostly on the Blu Ray 2011 release of the original cuts, with some parts sourced from LaserDisc, DVD, film reels and original matte paintings. It’s a work of love that took the HD Blu Ray version and video-edited frame by frame it to look like the original release. It’s a much better watch than the special editions rips, even though those rips have better resolution.
The 4k editions are high resolution scans from original film reels, they are typically found as 1080p and 4K.
If you don’t mind 25-50 GB per movie then the 4k are the way to go, otherwise get the despecialized (they’re under 2GB).
With Firefox on X11, any page can pastejack you anytime (www.openwall.com)
Date: Tue, 17 Oct 2023 03:17:36 +0300 From: turistu To: oss-security@…ts.openwall.com Subject: with firefox on X11, any page can pastejack you anytime...
The complete guide to building your personal self hosted server for streaming and ad-blocking powered by Plex, Jellyfin, Adguard Home and Docker. (lemmy.dbzer0.com)
The complete guide to building your personal self hosted server for streaming and ad-blocking....
GNOME Recognized as Public Interest Infrastructure (foundation.gnome.org)
The GNOME Foundation is thrilled to announce the GNOME project is receiving €1M from the Sovereign Tech Fund to modernize the platform, improve tooling and accessibility, and support features that are in the public interest....
Linux Distribution Timeline (upload.wikimedia.org)
A really neat graphic I randomly stumbled across on Wikipedia....
Your chosen desktop Linux defaults?
What are your ‘defaults’ for your desktop Linux installations, especially when they deviate from your distros defaults? What are your reasons for this deviations?...
Have 4K TV show torrents entirely disappeared from public trackers?
I use a seedbox to run qBittorrent with Jackett, and have a bunch of sources on there. I know there are other methods, but that works for me and I’m comfortable with it....
Is a VPN needed with DNS over HTTPS and Encrypted Client Hello?
I was wondering if a VPN would add any kind of security or privacy if one is connecting to a host with a client/browser that supports DNS over HTTPS and that host supports encrypted client hello. Is there a way for the ISP or anything in between to shape traffic or even know what is being accessed? The only thing that should be...
Random thought: Windows is largely successful because of Piracy
Windows as a software package would have never been affordable to individuals or local-level orgs in countries like India and Bangladesh (especially in the 2000’s) that are now powerhouses of IT. Same for many SE Asian, Eastern European, African and LatinoAmerican countries as well....
New to plex.....sometimes it loses track of my TV show?
Finally got back into sailing the high seas and, first thing i did after getting plex set up was get parks and rec since ive missed it so bad after it left netflix. Its great so far but occasionally it loses track of what ive watched and picks up in the middle of like 9 episodes back?...
Subtitles for the despecialized Star Wars fan remakes?
Hi, I’m trying to find the subtitles for Harmy’s “Despecialized” Star Wars remakes and I was wondering if anybody has any ideas. The original website for Project Threepio points at a blog that seems abandoned and an old private tracker (MySpleen) that never opens to public anymore. Even just the English subs would be...