Crowdstrike didn’t target anyone either. Yet, a mistake in code that privileged, resulted in massive outages. Intel ME runs at even higher privileges, in even more devices.

I am opposed to stuff like kernel level code, exactly for that reason. Mistakes can be just as harmful as malice, but both are parts of human nature. The software we design should protect us from ourselves, not expose us to more risk.

There is no such thing as a back door that “good guys” can access, but the bad guys cannot. Intel ME is exactly that, a permanent back door into basically every system. A hack of ME would take down basically all cyber infrastructure.

Cal state northridge?

https://wiki.archlinux.org/title/List_of_applications/Internet#Pastebin_services

That pages shows how to use curl to upload to 0x0.st.

I’ve used the pastebinit program listed on that page to upload to paste.debian.net, but it supports other sites as well.

https://docs.linuxserver.io/images/docker-webtop/

https://github.com/89luca89/distrobox/blob/main/docs/posts/run_latest_gnome_kde_on_distrobox.md

Might be what you want.

So, you might be misunderstanding how BTRFS snapshots work.

A BTRFS snapshot is not a complete copy of the system, but rather, merely a recording point, and only CHANGES between the current system and the snapshotted system actually take up space. Like, if you snapshot a system, and then install 1 GB of updates, that snapshot only takes up that 1GB of differences in the system.

It’s exactly because of this, that it’s somewhat difficult to shuffle BTRFS snapshots around.

So, you can use BTRFS send/receive to send subvolumes to other btrfs devices.

So, snapshots are really just a subvolume that only takes up the difference between your main subvolume that you use, and the snapshot subvolume. You can use btrfs send/receive to send them them to another btrfs partition… but I don’t know if sending subsequent backups will deduplicate data properly.

What you might want instead, are rsync backups. Timeshift also supports rsync backups, which copy all the data over to any device using rsync for the initial backup, but then use hardlinks to store only the changes between the backups for subsequent backups. Similar to btrfs — but simpler, is my understanding.

Yeah, but idk if phones can use joycons in the double joycon mode. My understanding is that it requires either root or a physical adapter of some kind.

If I am being honest, I prefer the Switch form factor with the dumb little controllers

Android phone + Telescopic gamepad + winlator might be what you want…

(Or you can use one of the switch emulators on android…)

Because forgejo’s ssh isn’t for a normal ssh service, but rather so that users can access git over ssh.

Now technically, a bastion should work, but it’s not really what people want when they are trying to set up git over ssh. Since git/ssh is a service, rather than an administrative tool, why shouldn’t it be configured within the other tools used for exposes services? (Reverse proxy/caddy).

And in addition to that, people most probably want git/ssh to be available publicly, which a bastion host doesn’t do.

So, I’m not gonna pretend flatpak doesn’t use more space then normal apps, but due to deduplication (and sometimes filesystem compression), flatpaks often use less space than people think.

[nix-shell:~/Playables/chronosphere]$ sudo /nix/store/xdrhfj0c64pzn7gf33axlyjnizyq727v-compsize-1.5/bin/compsize -x /var/lib/flatpak/
Processed 49225 files, 21778 regular extents (46533 refs), 22188 inline.
Type       Perc     Disk Usage   Uncompressed Referenced
TOTAL       53%      898M         1.6G         3.6G
none       100%      499M         499M         1.0G
zstd        34%      399M         1.1G         2.6G

[nix-shell:~/Playables/chronosphere]$ du -sh /var/lib/flatpak/
1.7G    /var/lib/flatpak/

I only have one flatpak app installed, and du says that takes up 1.7 GB of space… but actually, when using a tool that takes up BTRFS transparent compression into account, only half of that space is used on my disk.

I recommend using compsize for a BTRFS compression aware version of du and flatpak-dedup-checker for a flatpak filesystem deduplication aware checker of space used.

I think flatpak absolutely does use up more space, because yes, it is another linux distro in your distro. But I think that’s a tradeoff people accept in order to have a universal package manager for graphical apps.

Also, you can flatpak cli tools. They are just difficult to run at first because you have to do the flatpak run org.orgname.appname thing, but you can alias that to a short command. Here is a flatpak of micro, a terminal based text editor.

(I prefer nix for cli tools though, and docker/podman/containers for services).

So based on what you’ve said in the comments, I am guessing you are managing all your users with Nixos, in the Nixos config, and want to share these users to other services?

Yeah, I don’t even know sharing Unix users is possible. EDIT: It seems to be based on comments below.

But what I do know is possible, is for Unix/Linux to get it’s users from LDAP. Even sudo is able to read from LDAP, and use LDAP groups to authorize users as being able to sudo.

Setting these up on Nixos is trivial. You can use the users.ldap set of options on Nixos to configure authentication against an external LDAP user. Then, you can configure sudo

After all of that, you could declaratively configure an LDAP server using Nixos, including setting up users. For example, it looks like you can configure users and groups fro the kanidm ldap server

Or you could have a config file for the openldap server

RE: Manage auth at the reverse proxy: If you use Authentik as your LDAP server, it can reverse proxy services and auth users at that step. A common setup I’ve seen is to run another reverse proxy in front of authentik, and then just point that reverse proxy at authentik, and then use authentik to reverse proxy just the services you want behind a login page.

I just realized… a previous lemmy post I saw appears to be this sign.

https://discuss.tchncs.de/post/21651766

The solution to what you want is not to analyze the code projects automagically, but rather to run them in a container/virtual machine. Running them in an environment which restricts what they can access limits the harm an intentional — or accidental bug can do.

There is no way to automatically analyze code for malice, or bugs with 100% reliability.

Master Archer

Addictive arcade game about archery. Reminds me of flappy bird, not in the raw mechanics, but in the way they are both addicting in the same manner.

Free Rider HD

Simple bike racing game, although the player is very fragile, which adds some difficulty. Playable in browser.

All the maps are user created content.

PhobosLabs

This site has a few high quality browser games. The one I come back to is X Type, a bullet hell shoot-em up that has ever expanding enemy ship sizes, and never ends. It gets hard fast.

I also like Xibalba, which is a Doom/Wolfenstein style game playable in the browser.

The creator also did a rewrite of quake in 13 kb of javascript

Keep Out!

A webgl/browser based 3d dungeon crawler with proceduraly generated levels.

Spent

A short questionaire game that demonstrates the difficulties of poverty.

Cave Noire

Gameboy roguelike that is simple, but very elegant.

Sadly, since romhacking went down, I don’t think it’s possible to find the translation patch for it, unless they uploaded it to the internet archive.

Mole Mania

Gameboy puzzle game. Very high quality.

Bonk.io

A simple but elegant io game. You are a ball, and you want to knock other balls to the ground.

One thing I like is that rounds in small, 4 person lobbies, rather than the massive worlds of other io games. Although you can’t really make friends, you can know personas, and it’s more personable.