Happy to help 😉
Served in the Krogan uprisings. Now I run a podcast
Happy to help 😉
Syncthing can do direct sync if you give the ip address to each node and you can disable relay servers .
Horrific, humanity terrifies me sometimes.
Kdeconnect works great too if you are using linux and android
Yeah this is a much better approach
You could just poll it every few minutes via a cronjob and only send a notification if the numbers have increased.
Personally I use miniflux too in docker but I dont have a need for notifications.
Could you just poll the miniflux db directly ?
On laptops yes, on my server no. Most of the data is photo backups and linux ISOs form over the years.
I’m curious to know about the distro maintainers that were running bleeding edge with this exploit present. How do we know the bad actors didn’t compromise their systems in the interim ?
The potential of this would have been catastrophic had it made its way into the stable versions, they could have for example accessed the build server for tor or tails or signal and targeted the build processes . not to mention banks and governments and who knows what else… Scary.
I’m hoping things change and we start looking at improving processes in the whole chain. I’d be interested to see discussions in this area.
I think the fact they targeted this package means that other similar packages will be attacked. A good first step would be identifying those packages used by many projects and with one or very few devs even more so if it has root access. More Devs means chances of scrutiny so they would likely go for packages with one or few devs to improve the odds of success.
I also think there needs to be an audit of every package shipped in the distros. A huge undertaking , perhaps it can be crowdsourced and the big companies FAAGMN etc should heavily step up here and set up a fund for audits .
What do you think could be done to mitigate or prevent this in future ?
Yes
I’m not a fan of any corporation, so they can get fucked too I won’t buy sony hardware but if they port a game to steam I want I’ll get in on sale.
I support valve with purchases on steam as it supports linux. There was also the fact that sony took the linux install option away from the ps2 (or was it ps3) .
For me its Ubisoft, EA and Nintendo.
Personally I would only use discs for an extra possible backup just in case.
I doubt it, they need to leave the scene as part of the deal. Could they come along and do something anonymously , sure but I doubt its worth the risk to them.
MVG dropped a video today giving his thoughts on it
And its gone
The devs had years of experience with 2 very successful emulators . Any new project would require some serious knowledge of the switch and low level programming in a variety of domains. There are a handful of people able to do that. Im guessing they were all either working on yuzu or ryujinx. The yuzu team is no longer allowed to work on emulation so that just leaves ryujinx who are already working on their own.
I want the forks to succeed but its not your standard program we are talking about. Then we have the fact that any successor would have an immediate target on them. Thats a tall ask for anyone.
Future Devs should take note here and develop anonymously and use git over i2p. Develop in private and push code and binaries to public facing mirrors under aliases using tor.
If you want donations accept monero or something.
Also make multiple forks during development and just have them scattered all over the place in the event one goes down. So each contributor has their own fork with its own branding or something.
Dont publish any instructions showing dumping keys or roms in any capacity representing the project. Do it as Joe Random a regular internet user and let it spread organically.
All we are seeing so far is updates to the read me files let’s see how we are in a few weeks.
It is the domain expertise that will really set things back. The citra/yuzu devs have to stay away from emulation so the new teams won’t have the same understanding and will be less effective. It is so specialized that I’m not sure how anyone can just jump in and pick it up.
I’m rooting for them anyway. They need to let go of discord either way , matrix private chats with encryption for dev communications.
Connect it to your PC or laptop and do a netinstall. Configure SSHD and a static ip. Plugin the disk to your server and then connect via ssh to admin it.
You could also set your laptop or PC to boot from the attached disk in the bios to test the services you want to start are starting