sylver_dragon

Team speak? What year is it?
I remember hosting a teamspeak server for folks I played Wolfenstein: ET with. In the early 2000’s.

While I don’t know the specific post you are referring to, Malware exists for Linux. Here’s a great overview from last year. If someone wants to argue, “oh it’s from a security company trying to sell a product” then let me point you at the Malware Bazaar and specifically the malware tagged elf. Those are real samples of real malware in the Linux specific ELF executable binary format (warning: yes it’s real malware, don’t run anything from this site). On the upshot, most seem to be Linux variants of the Mirai botnet. Not something you want running, but not quite as bad as ransomware. But, dig a bit and there are other threats. Linux malware exists, it has for a long time and it’s getting more prevalent as more stuff (especially servers) run on Linux.

While Linux is far more secure than Windows by design, it’s not malware proof. It is harder for malware to move from user space into root (usually), but that’s often not needed for the activities malware gets up to today. Ransomware, crypto miners and info stealers will all happily execute in user-land. And for most people, this is where their important stuff lives. Linux’s days of living in “security through obscurity” are over. Attackers are looking at Linux now and starting to go after it.

All that said, is it worth having a bloated A/V engine doing full on-access scanning? That depends on how you view the risk. Many of the drive-by type attacks (e.g. ClickFix, fake tech-support scams) all heavily target Windows and would fail on a Linux system. The malware and backdoors that come bundled with pirated software are likely to fail on a Linux system, though I’ll admit to not having tested that sort of thing with Wine/Proton installed. For those use cases, I’d suggest not downloading pirated software. Or, if you absolutely are going to, run those file through ClamAV at minimum.

Personally, I don’t feel the need to run anything as heavy as on-access file scanning or anything to keep trawling memory for signatures on my home systems. Keeping software up to date and limiting what I download, install and run is enough to manage my risk. I do have ClamAV installed to let me do a quick, manual scan of anything I do download. But, I wouldn’t go so far as to buy A/V product. Most of the engines out there for Linux are crap anyway.

Professionally, I am one of the voices who pushed for A/V (really EDR) on the Linux systems in my work environment. My organization has a notable Linux footprint and we’ve seen attackers move to Linux based systems specifically because they are less likely to be well monitored. In a work environment, we have less control over how the systems get (ab)used and have a higher need for telemetry and investigation.

That of ServiceNow, whose tools help businesses automate various tasks, dropped by 13%

If AI can kill ServiceNow, I’ll happily praise our new AI Overlords. I’m sure ServiceNow can be really good. I’ve just never seen it in practice. Perhaps we just never paid for the “interface which doesn’t suck” module.

Yup, I’d never consider Greene an ally. But, the enemy of my enemy is a useful tool against my enemy. The more conservative voices calling out Trump’s corruption and self-serving, the better. The MAGA base is never going to listen to anyone who is politically to the left of Atilla the Hun, but someone like Greene may be able to peel a few of them off into the “disaffected, non-voters” camp.

Principal photography on Greta Gerwig’s adaptation of The Magician’s Nephew

Color me truly surprised. From the headline, I expected yet another The Lion, The Witch and the Wardrobe remake. I always assumed that The Magician’s Nephew would never be turned into a film. It’s just such a big break from the previous books.

What a shite take from the man who has no sense of real-world costs.

He also has no understanding of inflation. Lowing interest rates with rising inflation will, almost certainly, drive up home prices. As there will be more dollars chasing a limited supply. The problem is that this sort thing has a bad habit of going poorly. Investors have just gotten addicted to cheap credit. The US Fed is supposed to be the adult in the room, but The Pedo in Chief is doing his best to undermine that safeguard.

A-fucking-men.
I’m in a similar boat house. We bought in 2011, used a USDA loan and were able to pick our place up for a song ($160k). It now has a “value” of ~$360k. And all that extra “value” is doing for me is increasing taxes and insurance costs. I’m not planning on selling any time soon, so my home “price” going up is a net negative. Sure, we might sell in a decade or so, but today’s price won’t have a major impact on that.

What I’m getting at is, this doesn’t benefit homeowners, it benefits housing investors, who are the group Trump really wants to prop up.

What? You’re telling me the pedophile, racist, Nazi sympathizer, billionare son of a racist, Nazi sympathizer who made the family’s billions by wartime real estate profiteering is more interested in protecting real estate profiteering than helping people? Color me shocked, absolutely shocked, I say. Well, not that shocked.

I ditched cable TV over a decade ago for a simple antenna (and wrote a notable Reddit post on the antenna while I was at it). That was done because I was tired of my wallet being raped each month, because I had to buy a higher bundle to get the channels I wanted. I was stuck with cable internet for a number of years afterwards, as it was the only option in my area. Then T-Mobile offered up 5G based internet in my area at a low price. That was around 6 years ago and I haven’t looked back.

The cable companies sat on their laurels while the world moved on. They are now shocked that their terrible offerings for terrible prices are falling to real competition. Sure, I fully expect the new carriers to do everything in their power to enshitify their service offerings. That’s the nature of business/ But, with the market open to competition, there is now a real opportunity for us customers to shop around and get a less shitty experience. Broadband internet is a commodity and is completely fungible. Prices should be falling and it was only rent seeking rules keeping the prices up.

It tends to be much more focused on bringing products to market, but of course they do. The transistor, the base unit of all of the microchips which make this conversation possible, came out of Bell Labs. And, as much as we might hate them for it, you have companies like Monsanto doing a lot of work on chemical engineering and genetics. Much of the work on AI (for good or slop) is being done in private sector labs now. Aeronautics research happens heavily in companies like Boeing and Airbus, though they are often working hand in hand with government labs (e.g. NASA, JPL, EASA).

Where Universities and Government really shine are areas like basic research and research which doesn’t have obvious commercial applications. Which is why support for those organizations is so critical. Those areas of research often have long term effects and can result in entirely new areas of knowledge, research and products.

It’s easy to think of large corporations as soulless organizations hell bent of accumulating wealth at the cost of anything else, because they are. But they are also surprisingly good at focusing wealth and effort to find new ways to do things cheaper, faster and more efficiently. Specifically because those things make money. Veritasium had a video on a good example of this recently.

This is it exactly. I made a hard cut with Reddit, but I’ll admit to missing the sysadmin subreddit. The place was full of very smart, helpful people and also cranky. The PowerShell subreddit was another great resource. I haven’t been willing to go back, but those sorts of communities only exist when you hit a certain mass of people on a platform.

Steam is certainly in a dominant market position. They had a large first mover advantage and have also done a lot of work to make and keep gamers happy with the platform. That said, I can understand companies being upset at the 30% Steam tax on sales. It’s a pretty large cut and other stores (e.g. Epic) have tried to compete based on that cost. The problem being that many games have massive Steam libraries and want to keep everything on one place and they aren’t really affected by the cost to the devs; so, without a significant reason to change, they won’t. It also doesn’t help that some competitors (e.g Epic) have been user hostile in the past and so don’t have a high level of trust. Steam has also built a lot of goodwill with power users for their work on Proton.

While I do think there needs to be healthy competition for storefronts, as long as Steam resists the temptation to enshitify their dominant market position, I don’t see them losing market share in any meaningful way. Perhaps it would be better if Steam were spun off from Valve, putting them Valve on equal footing with other devs. But, video games aren’t really fungible. It’s not like I’m going to say, “oh darn, Kingdom Come is too expensive, I guess I’ll buy Half Life instead”. They are just fundamentally different games and if I want to play the first one, I’m not able to get that by buying the second. So, the price of one of them isn’t really a factor in pushing me towards the other. Though, Valve might use Steam to push one game over the other, and that could be something that is a problem.

I can think of a couple of reasons off the top of my head.

You don’t say, but I assume you are working on-site with your work system. So, the first consideration would be a firewall at your work’s network perimeter. A common security practice is to block outbound connections on unusual ports. This usually means anything not 80/tcp or 443/tcp. Other ports will be allowed on an exception basis. For example, developers may be allowed to access 22/tcp outbound, though that may also be limited to only specific remote IP addresses.

You may also have some sort of proxy and/or Cloud Access Security Broker (CASB) software running on your work system. This setup would be used to inspect the network connections your work system is making and allow/block based on various policy settings. For example, a CASB might be configured to look at a domain reputation service and block connections to any domain whose reputation is consider suspect or malicious. Domains may also be blocked based on things like age, or category. For this type of block, the port used won’t matter. It will just be “domain something.tld looks sketchy, so block all the things”. With “sketchy” being defined by the company in it’s various access policies.

A last reason could be application control. If the services you are trying to connect to rely on a local program running on your work system, it’s possible that the system is set to prevent unknown applications from running. This setup is less common, but it growing in popularity (it just sucks big old donkey balls to get setup and maintain). The idea being that only known and trusted applications are allowed to run on the system, and everything else is blocked by default. This looks like an application just crashing to the end user (you), but it provides a pretty nice layer of protection for the network defenders.

Messing with the local pc is of course forbidden.

Ya, that’s pretty normal. If you have something you really need to use, talk with your network security team. Most of us network defenders are pretty reasonable people who just want to keep the network safe, without impacting the business. That said, I suspect you’re going to run into issues with what you are trying to run. Something like SyncThing or some cloud based storage is really useful for businesses. But, businesses aren’t going to be so keen to have you backing their data up to your home server. Sure, that might not be your intention, but this is now another possible path for data to leave the network which they need to keep an eye on. All because you want to store your personal data on your work system. That’s not going to go over well. Even worse, you’re probably going to be somewhat resistant when they ask you to start feeding your server’s logs into the businesses log repository. Since this is what they would need to prove that you aren’t sending business data to it. It’s just a bad idea all around.

I’d suspect Paperless is going to run into similar issues. It’s a pretty obvious way for you to steal company data. Sure, this is probably not your intention, but the network defenders have to consider that possibility. Again, they are likely to outright deny it. Though if you and enough folks at your company want to use something like this, talk with your IT teams, it might be possible to get an instance hosted by the business for business use. There is no guarantee, but if it’s a useful productivity package, maybe you will have a really positive project under your belt to talk about.

FreshRSS you might be able to get going. Instead of segregating services by port, stand up something like NGinx on port 443 and configure it as a reverse proxy. Use host headers to separate services such that you have sync.yourdomain.tld mapped to your SyncThing instance, office.yourdomain.tld mapped to your paperless instance and rss.yourdomain.tld mapped to FreshRSS. This gets you around issues with port blocking and makes managing TLS certificates easier. You can have a single cert sitting in front of all your services, rather than needing to configure TLS for each service individually.

Large companies are already heavily involved in Linux. Based on this data some of the biggest contributors this year were Meta and Google. Both companies are at the forefront of enshitification of the internet, but they built their mountains of shit on a foundation of Linux.

This strategy really depends on their ability to bribe President Trump for a pardon.

Theoretically you could hit replacement rate by making everyone a millionaire but I don’t know how that could work.

I doubt this would work. Financially, my family is towards the middle of that chart now. We were lower when we had our first kid and only a bit improved when we had our second. And honestly, it was pretty touch and go whether or not we would have the second. Our first was a handful as a baby and it left us wondering if we could handle a second. Thankfully, he calmed down a lot (or we just got used to the new normal) by the time he was pushing 18 months. After we had the second one though, I fully embraced the “cut my nuts off” solution to birth control (vasectomy). I don’t regret that choice at all. None of that was ever about finances. It was simply about the fact that raising children is hard and takes a lot of time.

Ultimately, I think the decline in birth rates isn’t about finances or selfishness, it’s just a change in social norms. Society has spent decades training people to the “nuclear family”. Movies, TV, and other media has pushed the “2 kids and 1.5 dogs in a home in the suburbs” for so long, that people internalized it. So, folks who do want to have kids shoot for that. Having 4 or 5 kids is now seen as an oddity, rather than the norm.

There is also a much better acceptance of women as something other than a walking womb to be filled. We no longer look at an unmarried woman in her 20’s or 30’s as some sort of spinster to be shunned. Sure, negative stereotypes still exist (e.g. Crazy cat lady); but, it’s much rarer for fathers to be selling off their 16 year old daughters to 40 or 50 year old men as child brides to be kept barefoot, pregnant and in the kitchen for the next 30+ years of their life. Women are expected to have full lives now, which may or may not involve raising children. As one might expect, many have taken full advantage of that and simply chose to not have any. This move from what amounts to sexual slavery to being treated as an actual person is going to mean there are fewer women having children and many of them delaying until they are actually old enough to make an informed decision about it.

So a couple possibilities come to mind:

1. Someone else has your password. Do you have kids and do they have access to devices which may have your Google account linked? You may want to change your password (use something long, hard to guess and unique).
2. Your local system is compromised in some way. This would be a really odd way for someone to use that access, but it’s always possible. Take a look at the apps and any browser extensions you have installed and make sure there isn’t anything you don’t recognize.
3. There is some sort of Cross Site Scripting (XSS) vulnerability which is being leveraged to subscribe you to stuff. I would expect Google to be better than to have an XSS on YouTube (they bought Mandiant a while ago, FFS). But, big companies doing stupid things is common enough. When you got the pop-up, was it in the YouTube app or a web browser. Did you have other tabs open? Other background processes from sketchy apps?
4. It is Google, them doing shitty things to their product (that’s you) for their customers (the advertisers paying for your eyeballs) is basically their business model. Don’t like it, de-google your life (warning: this is actually really hard).

Well, here’s my TIL:
Fun fact: the earliest known appearance of the F-word in the English language is “Roger F$#%-by-the-Navel” who appears in some court records from 1310-11.

More info.

Ya, I actually run both uBlock Origin and NoScript in my browser on my phone and personal machine (desktop). On my work laptop, those are a no-go. So, I get the full ads experience on my work machine when traveling.

I run Pi-Hole in a docker container on my server. I never saw the point in having a dedicated bit of hardware for it.
That said, I don’t understand how people use the internet without one. The times I have had to travel for work, trying to do anything on the internet reminded me of the bad old days of the '90s with pop-ups and flashing banners enticing me to punch the monkey. It’s just sad to see one of the greatest communications platforms we have ever created reduced to a fire-hose of ads.

Ya, he’s not gonna be found “safe”. The last few nights have been well below freezing in much of Virginia. With a gun and a lack of cold weather gear, there’s not a lot of safe outcomes available. Though I’d guess he hasn’t noticed the drop in temperature.