Aside from nightly, I thought the repo release was up to date? I’m pretty sure its included in the default repo for Fedora.

Is this sarcasm about git/svn or are you serious?

Knowing full well this would be coming from a FAANG company, a funnier answer would be to replace the switch with the equivalent smarthome switch, and then spend the next 20 minutes explaining their uttery stupid network pathway from your phone, through the cloud, back to your device to turn on a lightbulb.

Stack Overflow was the antithesis of “Just say something wrong on the internet so that someone will correct you with the real answer” because none of the negative threads actually answered the question lol.

idk let’s ask yaml

zsh was and I think still is technically an extended superset of bash.

It’s pretty much exactly what you’re looking for if you want bash scripting with fish features and plugin extensibility.

The downside is you gotta take some time to set up your .zhrc and choose if you want to use a backend like oh-my-zsh.

I think the reason its on MIT license was because it was essentially just a bunch of scripts bundled together and maintained by a wide variety of people with no intention of making it the default shell like fish or bash is.

How I sleep knowing Fedora + podman actually uses safe firewalld zones out of box instead of expecting the user to hack around with the clown show that is ufw.

I could be wrong here but I feel like the answer is in the docs itself:

If you are running Docker with the iptables or ip6tables options set to true, and firewalld is enabled on your system, in addition to its usual iptables or nftables rules, Docker creates a firewalld zone called docker, with target ACCEPT.

All bridge network interfaces created by Docker (for example, docker0) are inserted into the docker zone.

Docker also creates a forwarding policy called docker-forwarding that allows forwarding from ANY zone to the docker zone.

Modify the zone to your security needs? Or does Docker reset the zone rules ever startup? If this is the same as podman, the docker zone should actually accept traffic from your public zone which has your physical NIC, which would mean you don’t have to do anything since public default is to DROP.

Ah I said it backwards lol.

Yeah same with libhoudini. Problem is I could only get fortnite to execute with libndk, but it would crash when trying to do stuff with Vulkan. Would seem to complelty ignore libhoudini which was weird.

And before anyone asks, not because I want to play Fortnite, but because I inadvertently left some poor kid on Fedora where they can play all of their favorite games perfectly fine except fortnite lol.

Biggest two issues with Waydroid are x86 to ARM translation and correct GPU passthrough:

https://github.com/waydroid/waydroid/issues/2115

In theory, you should be able to just play Fortnite on linux this way, but I haven’t been able to get it to launch like this guy did.

People have also been calling Waydroid dead for a while now which I dont know how true it is.

Same, I enjoy the classic shared library and package system which I still feel is superior to flatpak versions in most cases, even ignoring the technical aspects of each.

Tried silverblue once and it just felt more like android to me, and I even found myself using RPM layers almost immediately for core things that dont ship as Flatpak because its infeasible.

Plus Bazzite has its own release schedule which I feel like slightly removes the benefit of Fedora kernels being cutting edge, with critical packages updated almost as fast as Arch.

The good thing though is that it’s much more dummy proof, so I would feel comfortable letting anyone use it with zero experience, whereas I only recommend Fedora to those who have an inherent interest in Linux.

wth is the point of a guest network if you have 443 blocked lmao.

Even my VPN port is 443 so it gets past basic port filtering because HTTPS is usually the only one allowed compared to other protocols.

“Man if we had the original source code, it’d be so much easier than reverse engineering this binary in Ghidra”

The source code in question:

This one is funny because it 100% still exists somewhere, but I haven’t had the chance to verify it again.

Okay so basically its a data recorder box (ex: brainbox) that connects to a bunch of industrial sensors and sends the data over the network with your preferred method.

Builtin firmware gives you an HTTP webui to login and configure the device, with a user # and password.

I think the user itself had a builtin default admin which was #0, which everyone uses since there wasn’t really much use for other users.

Anyway, I was looking at the small JS code for the webui and noticed it had an MD5 hashing code that was very detailed with comments. It carefully laid out each operation, and explained each step to generate a hash, and then even why hashes should be used for passwords.

Here’s the kicker: It was all client side JS, so the login page would take your password, hash it, and then send the hash over plaintext HTTP POST to the server, where it would be authenticated.

Meaning you could just mitm the connection to grab the hash, and then login with the hash.

I sat there for like 10 minutes looking at the request over and over again. Like someone was smart enough to think “hey let’s use password hashing to keep this secure” and then proceeded to use it in the compleltly wrong way. And not even part of like a challenge/handshake where the server gives you a token to hash with. Just straight up MD5(password).

It was so funny because there were like a hundred of these on a network, so getting a valid hash was laughably easy.

I never got to check if this was fixed in a newer firmware version.

I think I’ve only ever been banned from one community, and it was an NCD clone run by the reddit equivalent sub.

The fact that you can say pretty much anything here is probably lemmy’s biggest advantage, despite it being such a low bar these days lol.

They technically already did this with Android which all ship custom kernels and closed source driver blobs.

Of which Google successfully lobbied the government to keep foreign competition out, which has lead to the soft death of AOSP as everyone else has forked into a new OS or accepts google’s terms to use their gapps suite.

Best thing about Linus is that he immediately tells these megacorps to f off every time they make a PR with even a remotely questionable purpose.

If they really want to achieve something technical without scrutiny, there’s FreeBSD right there. Implement it and make a future PR if it actually improves something.

Otherwise, critical choices within the Linux kernel will affect everyone, and could very easily lead to abuse without any proper moderation.

Google already has a hit order out on JPEGXL simply because they know that AVIF will save them on cloud storage cost, so they’ve effectively banned it from the browser space since they own Chrome and have enough leverage over Firefox.

Making the mother of all omlettes here, Jack. Can’t fret over every egg!

Couldn’t you just lazy build your own images if you don’t trust the source?

Even then most of these containerized apps can be run perfectly fine as a host binary, you just have to make your own start script and a systemd unit which isn’t that bad.

You could then build a completely custom image if you’d like, or move it into a VM if you don’t like the idea of running it baremetal.

How does it compare to Photoprism? Been on that solution for a while and I really like it, but have seen lots of people suggest Immich as well.

EDIT: https://github.com/photoprism/photoprism

Ubuntu and Docker.

Really? Netplan alone disqualifies Ubuntu as a “friendly stable starter distro”, and I can guarantee you that your guide will somehow become outdated with a single new Ubuntu release, or some poor soul who accidentally selected an LTS release.

Docker doesn’t matter as much, but there’s a reason beyond just FOSS licensing why podman exists.

Would highly recommend Debian instead.

I started on Ubuntu similar to this many years ago and both the server and desktop experience was not fun at all.

HEVC support is enabled for Firefox 134

Cool for anyone not using AV1 which I assume is a big chunk of the userbase because not everyone has good AV1 hardware acceleration lol