Flash drive hidden under the carpet and connected via a USB extension, holding the decryption keys - threat model is a robber making off with the hard drives and gear, where the data just needs to be useless or inaccessible to others.

There’s a script in the initramfs which looks for the flash drive, and passes the decryption key on it to cryptsetup, which then kicks off the rest of the boot mounting the filesystems underneath the luks

I could technically remove the flash drive after boot as the system is on a UPS, but I like the ability to reboot remotely without too much hassle.

What I’d like to do in future would be to implement something more robust with a hardware device requiring 2FA. I’m not familiar with low level hardware security at all though, so the current setup will do fine for the time being!

Free real estate 😂

BTRFS has encryption now? Yay!! I have been wrapping it inside a LUKS partition for years at this point…

Holy moly that is an absolute sh*t ton of ads!

Second this. Zorin OS, and Mandriva Linux (before they went bankrupt, and the community picked up development) were my first exposure to Linux over a decade ago, and the ux familiarity really helps a ton.

A lot of the other distros had funny stuff going on with multiple docks, open apps showing in the top dock, others looked like a Stardock Special and it was just a little confusing for younger me lol

X.509 certs are commonly used in TLS/HTTPS.

Why is one needed in your boot process?

Don’t know why but I found this funny

deleted by creator

I delete them from the ssh config folder after installation, along with the DSA and ECDSA keys. No ed25519? No auth.

Also prevents a handful of bots from attempting SSH login into your cloud infra, a lot of them don’t support ed25519 kex

Probably a good idea to look for a different client, call me tinfoil but I wouldn’t want to touch a very old mechanism that is supported/pushed by a very recognisable 3 letter agency

Disordered; especially, disordered in mind; crazy; insane.

This is hardly deranged, there is a lot worse than this which is more deserving of that description IMO lol

Or about the D.E.V.I.L.S. format listing option on ffmpeg

Very relaxing colour scheme, I like 👌

Thank you 😁

I think the authors should consider watermarking their stuff, particularly if it isn’t something recognizable like Strange Planet

The sense of entitlement in some of the replies on that post are absolutely awful

As for me personally, I want to love Wayland. It has great performance on ALL my devices, (except one with a nvidia GPU) and is super smooth compared to X11!

However… the secure aspect of Wayland makes it very difficult, if not impossible to easily get a remote desktop going. Wayvnc doesn’t support the most popular desktop environments depending on how Wayland was compiled, and the built-in desktop sharing on distros that have switched over to Wayland often require very specific Linux-only VNC and RDP clients, otherwise you run into odd errors.

I really hope the desktop sharing situation improves because it’s a pretty big showstopper for me. On X11 you just install & run x11vnc from a remote SSH session and you have immediate session access with VNC from Linux, Android, and Windows. If you want lockscreen access too then you run as root and provide the greeter’s Xauth credentials. But Wayland’s not so simple sadly AFAICT…

Waypipe is something I’ve found out about recently though, so need to check that out and see how well it works at the moment. If anyone has any helpful info or pointers please share, I’m completely new to Wayland and would appreciate it!

The SaaS or the Flathub one, or both?

Just checked the Flathub one and its accompanying repo, and could not find any mention of tracking or proprietary components…

Compared to Plexamp or Spotify on Flathub, where there is a prominent warning box notifying you about it being proprietary

Yikes, that is embarassing.

Is opencart written in PHP? Bcrypt has been a thing for decades now, and is literally a drop in replacement that handles salting et al. If the developer was hesitant to implement that, I’d rather go use Magento or shudder Shopify

Literally rent free lol

Dbrand has a really strong case here IMO, since they pretty heavily edit the internals and add a few easter eggs, which are still visible in Casetify’s final designs

Dbrand discovered Casetify allegedly copied 117 different designs, down to the many digital manipulations it made to the images. Dbrand says it holds registered copyrights for each of these products, all of which were registered before Casetify’s product launch.

Also, TIL:

Disclosure: The Verge recently collaborated with Dbrand on a series of skins and cases

You mean like a share button on a site that opens the lemmy Create Post page, on a user’s registered instance, with link address and title pre-filled?

I think the federated nature of Lemmy alone makes this more trouble than it’s worth, and you’d need to consider that Lemmy users don’t all use the same web interface - some use Photon, some use Mlmym, some use Alexandrite etc. These changes would need to be introduced in each individual one most likely…

I think it’s easier just to allow users to share the link to lemmy themselves. On desktop they can copy the link, on mobile they can share to Jerboa or whatever app, just provide the buttons for either I guess

The community itself has a separate rule 1 which would probably explain the ban

1. Be civil and nice.

A ban is a bit overkill IMO in either case, but can’t see the full thread context because of a bug in the web UI

I’m guessing quite a few users reported the comment since it was posted 3 days ago, since the ban enacted 20 hours ago is a full instance ban instead of just a community ban…