Comments by "" (@dingokidneys) on "Brodie Robertson" channel.

  1. I'm a KeepassXC user on Debian 12. I support a keepassxc-minimal and a keepassxc (full-fat) version so as not to break existing users ingrained workflow. The Yubikey issue is particularly egregious.
    126
  2. This sort of thing is a GREAT way to learn about something; i.e. RiskV and emulation. Just working through the examples in a training course will never make you think and understand to the depth that something like this will. Yes, the final result is utterly futile, but the process to get there is amazing, rewarding and really beneficial to the person who did this. In the early 1990's, I once wrote a standard C library for 16 bit Small-C in Small-C and assembler and I learned so much thereby. I then actually used it to build some useful software all because I didn't have access to a "real" C compiler. No rational person would do that now when you can download a Linux distro with a fully featured C compiler (and many other languages) for nothing. The person who wrote this ... <chef's kiss> ... What a magnificent maniac!
    41
  3. I read that Ken Thompson story back in the 1990's and it's coloured my view on computer security ever since. It didn't make me paranoid but it did make me consider who I was effectively trusting and what their intentions and motivations might be. Life is complicated.
    24
  4. The 'man' page is 571 lines long. It does a lot that a single person on a single laptop/desktop does not need, as Brodie said. It allows for fine grained control over user access to privileged resources which is great on a multi-user supercomputer on a research or educational campus but kinda overkill for a dude on his lappy.
    18
  5. I think you win for being the old guy in this comment section. I was only 27 in 1988 and never had seen QDOS. I got to play with an HP3000 in high school in 1978 on which I tried to write a simple game, then got to play with an Apple II running Visicalc in Uni as well as another Unix system (don't know what) for "Programming" in Basic on an honest-to-god teletype. Didn't get my hands on another computer until I was working and got to build analytics spreadsheets on a Fujitsu mainframe. Then a PC turned up at work with an 80286 CPU and a colour display. The boss was amazed that I could make it draw pie charts. He thought we were really at the cutting edge of technology in 1987.
    8
  6. In the early 2000's, keeping my kids Windows systems patched against the latest vulnerabilities was a constant manual effort. They left home before MS started automatically updating the OS and by that time I was using Linux exclusively. A few years ago, I found the Debian 'unattended-upgrades' package and set that up. It's great. It keeps me patched against security vulnerabilities while still letting me control when I upgrade to the latest "Feature updates" or even the latest OS version. I have it running on every Debian or derivative box I have. I just check from time to time what else is available to upgrade and when I feel they've got to critical mass or there's something I think would be a benefit, I upgrade it.
    8
  7. Thanks for this analysis. I'd read about this but couldn't really put it in context. You're breakdown really clarified the issues and the risks so very well. Cheers.
    7
  8. I'd love to see a Wireshark analysis of this distro.
    7
  9. Yes! Cygwin, I used that for years at work on XP as I could get things done so much faster using things like Bash scripts, awk, Perl, curl, etc. Could even run an Xorg server and run graphical apps from my home machine over SSH. Almost made XP tolerable.
    7
  10. Can't wait for my AI nose-hair trimmer.
    7
  11. The only issue, and it's a small one, is that they state that they built it from the ground up, which they obviously did not. Other distros generally give credit to the upstream - "Based on Ubuntu/Debian/Arch" whatever. Mint do this explicitly on their website and I think within other documentation on their distro.
    6
  12. From the posting in the video, it looks like a wrapper around systemd-run which as you say is functionality that has been there a long time. My first reaction was "Oh, no!" but as the explanation went on I thought "This sounds pretty reasonable actually." Lennart seems to be one of those people who is (painfully for me) right about what he says. Sadly, I'll probably have to learn some new stuff; more about systemd and a bit about polkit.
    6
  13.  @THEMithrandir09  As I understand from the posting in the video, it's almost a wrapper for systemd-run so all the weighty stuff is there already. Still not sure that I like the polkit stuff but if you're a real sysadmin - not like me - you probably need to know that stuff anyway.
    6
  14. I came to the GUI thing kicking and screaming. "You'll have to take my command line access from my cold dead hands." All my first computing experiences up through punch cards, teletypewriters, CRT TTYs and DOS were command line and I resented work imposing Win3.1 on us. I'd fire the machine up then drop immediately to the DOS prompt. All through the Win9x, WinXP, Win7 and Win10 years at work, I'd always have a command line open somewhere because am I going to do file management with a GUI, like an animal? With Linux as my daily driver since the kids got their own machines in the early 2000's and didn't need mine for school, I've always had a terminal open somewhere. It's my happy place.
    5
  15. 'su -c' doesn't work on my Debian 12 system where the root user is locked and has no password. This type of configuration is becoming more common. As I understand it, the run0 functionality is already in systemd-run and run0 is more like a wrapper than an additional thing. It actually sounds depressingly rational to me.
    5
  16. Counterpoint: Skipping the snapshots saves disk space and improves performance, and borking and either fixing or reinstalling is rite of passage for Linux users. Fixing a truly borked install gives you wizard cred, but lots of practice installing Linux systems, with different partitioning schemes, filesystems and MBR vs UEFI is good stuff too. Still use a VM, but work without the net sometimes.
    4
  17. As a boomer myself I say Hey! Boomers built a lot of that technology to begin with. Just kidding. I'm pretty sure that when Win10 goes down for the count, I'll move my 67 year old brother's machine over to something like Mint Cinnamon, maybe with a Win10 type ricing so he doesn't blow the seat out of his diaper. He'd barely notice as long as Chrome, Facebook, his banking and Thunderbird for e-mail all show up where they were.
    4
  18. That was immediately what I thought as well though I guess you could allocate a partition then delete when all partitioning is done which might leave a block of disk that you could hide stuff in. It didn't look like there was any significant amount of space missing from allocated partitions however so that's just paranoia on my part. 🥸
    4
  19. Using a Windows style interface on Linux is like visiting France and only eating at McDonalds. You can do it but why wouldn't you try something different? Broaden your horizons. You can always go back to what you know and is familiar if you don't like it.
    4
  20. Nevertheless, you made me think about just how I'd verify if this was a problem and how I'd get around it if an unknown password was set there. I may well be wrong but I'd try booting from recovery media and then copying the password hash from a known account into the hash field of /etc/shadow. That or copy the whole root entry from an unlocked, password set root account on another system into this /etc/shadow. Maybe it'd work; maybe it'll bork your system completely but it sounds like something I want to try out.
    3
  21.  @BrodieRobertson  I wouldn't have bothered to edit it. Your pinned comment is quite enough in my view and the original bit made me stop and think which is always a useful thing to do.
    3
  22. Your explanation of the cause of the problem, which starts at 10:30, should have been up front. Everything else then comes into perspective. Good explanation by the way. A key element of the problem is that System76 is defining what is a "critical part" of the Pop!_OS system when they put it all together; not Debian when they build a distribution of interconnectable packages that are essentially a Lego set for the user to build a functioning system out of.
    3
  23. My second child was born in 1988 when DOS 4.0 came out. I was 27 and working as an accountant with a specialty in IT auditing. Also tech support for the audit team which meant I got to do many installs of DOS and WordStar along with fixing what had been borked and building backup and menuing systems for all the teams machines. Also wrote various utilities in whatever languages I could get from shareware distributors which included Modula/2, Small-C and assembler. Good times.
    2
  24.  @BrodieRobertson  Can you just restore the original? I like this video. Could you add a text overlay at the /etc/passwd point saying "Got it wrong - see comments"?
    2
  25. I have a couple of old Dell laptops with Broadcom wifi chips that require the b43xx drivers. I also have a USB 802.11n wifi dongle that's so tiny it's barely there. I won't be asking for b43xx support to remain in the kernel as it's very reasonable to retire old decrepit stuff and I can just use my tiny dongle (heh heh) if I need wifi. I could also replace the wifi card with something more up to date if I really needed it.
    2
  26.  @miavelvet  I'm a Debian user of many years and the setup has just got easier and easier. However, I hear that MXLinux - based on Debian - is a nice setup.
    2
  27.  @zeckma  It's still possible, with sudo privileges, to unlock root and set a password. It's just not the standard configuration and so 'su -c' won't work on systems using the standard configuration where you don't have authority to make changes to root functionality on.
    2
  28. I've been running a Snowflake docker instance for about a month now. However it's not an ideal setup in that I'm behind a restricted NAT. I've had nearly 3000 connections so far this current month but I'm not sure if people are getting real benefit because the up/down traffic figures seem very small. As a proxy, I'd have expected to see bigger numbers but not understanding the protocol I can't say for sure if this is a problem. I don't want to essentially be a hindrance or bottleneck to users who need internet access so you tell me if this is expected or not; e.g. over one hour recently I had 8 connections with 129Mb down and 8.7Mb up and this seemed to be a big data hour. If I'm better off just running it in my browser I'll do that but if it's useful I'm happy to dedicate some RaspberryPi compute and some of my fibre bandwidth to help out Tor.
    2
  29. I'm running 32bit Alpine Linux on an old eeePC 701 that I wanted to be able to find some purpose for. The keyboard and screen are too tiny for me to do anything productive with a GUI on it so it's set up headless as a wifi scanning rig. Basically I'm using it like a Raspberry Pi and it works fine for the stuff I do with it. I think Alpine have no current plans to ditch 32bit at the moment.
    2
  30.  @dovonun  It can get pretty simple when you strip things down or build out a minimal system to suit just what you want to do. This is why so many IoT devices use Linux too. A full operating system in under a gigabyte of binaries and scripts. My Alpine system that I use as a wifi scanning appliance occupies 168Mb of disk space and runs in 36Mb of RAM at idle. You can either pick a distro that suits or build a system scaling from what I have running on a 32bit eeePC to massive multiuser system. It's up to you to choose what you want.
    2
  31.  @bsahin7110  OK, just tried single user. This does not work. If the root account is locked, the system won't open a terminal; password or no. If the root account is unlocked and a password exists, you get prompted for the password. Chroot also would not work as you are working with the running system credentials. If on the other hand you boot from SYSRESCD or Clonezilla or some such rescue disk, you are not using the system credentials and /etc/passwd and /etc/shadow are simply files with permissions that you can now bypass as the 'verified' root user of the rescue system.
    1
  32. My system is very old - built in 2013. I have a 120Gb Samsung SSD for the root file system and a pair of 2Tb Seagate HDDs in RAID1 for my home filesystem. It's Debian with Openbox and I started out on Deb 7 I think and have just upgraded again and again so now I'm on Deb 11. Because the home filesystem takes up so little space on the little 120Gb SSD I haven't had any problems with aging/write limiting. I've had two HDD failures on my home filesystem which I barely noticed. I just replaced the HDD, told the system to rebuild the RAID array and all was good. It is so reliable that it's actually pretty boring. :(
    1
  33. I think that Linus and Luke are approaching this like someone coming from a car with an automatic transmission to a motorbike which has a manual transmission and different dynamics. They will both get you from here to there but the approach is different. You have to be open to taking a different approach to solving the same problem because the underlying mechanism is different, and your experience will benefit from doing some upfront research and training.
    1
  34. I was just limbering up my fingers to write a comment about Busybox on Alpine when - Bingo! - you made exactly that point. Then I was thinking Desktop Environments and - Bong! - you hit that one too. So why the pointless comment? Food for the algorithm. Good video, and I hope DT is feeling better soon.
    1
  35. I guess that the .ZIP and .MOV domains were just a way of producing more real estate to sell but, Wow!, are they a dumb idea. Hopefully all rational organisations and tech savvy people will hard block .ZIP domains (and perhaps the .MOV) and they will just die on the vine.
    1
  36. Maybe NVidia sees a growing "gaming on Linux" market and is wanting to position itself to take greater advantage of that. Also possibly AI on NVidia on Linux?
    1
  37. Oooh yeah baby!! I've got to give that a try! That would be hilarious. I'll set my timezone as Beijing and my user name as Xi Jinping.
    1
  38.  @lis6502  Ironic this comment. I just had my system fail to boot because something went wrong with a BtrFS file system I had mounted via /etc/fstab and I couldn't access the single user (or 'safe' or 'recovery') mode as the root user was locked. Bummer. I had to resort to a Kali live-boot USB disk, mount the root filesystem and edit the /etc/fstab file to comment out the problematic mount. At the same time I also chroot'ed into the root filesystem, unlocked root and set a password. Rebooted and up she came in all her former glory except for all the VMs I had on that BtrFS filesystem. It looks like they are hosed. So you are absolutely right that not having a password on root can have it's own problems, but as long as you actually control the hardware and can manage what the machine boots from, you can recover. I put this comment here not to 'win' a point as what you said is valid, but for the information of anyone else who may find it informative.
    1
  39. This makes me think of the sign that says "Don't remove the safety guard and put your balls into the hydraulic press then press the 'GO' button." There will always be fresh blood stains to indicate that someone just had to ignore that sign.
    1
  40.  @agatemosu  Pick a place at random; Why not?
    1