This happens every fucking winter and not just with these trash cans but all cars. In most of our streets the streetcars don’t have a dedicated and separated lane (or signal priority), making them pretty much just worse buses that stop in the middle of the street, making you cross a car lane on the way to the sidewalk.
Personally I don’t go with full disk encryption for backups. I use Borg that encrypts its repositories on a plain ext4 partition, and the key is saved in the config file (wrapped in passphrase of course). Obviously it just moved the problem of what to do with the passphrase… I also have Vaultwarden (with a separate backup mechanism).
Hey, hope you are recovering from this ordeal. I attribute some of the oddities in your post to panicked writing, but it would be great if you can clarify these points:
listed as .BRM for windows 6
What does that mean?
As soon as they saw me, they wiped everything from my home folder, everything that wasn’t a base part of kde was gone
What do you mean base part of KDE? Did they delete more than just the home directory?
because since they schroot, none of those processes were available to me to view
Why wouldn’t you be able to view processes running in schroot? Doesn’t it use the same pid namespace and uses the same /proc as the init process?
I went digging and found the schroot under /run/ I took a look at the properties and the env showed 128.7TB of storage
You wrote in a comment “that was the server farm rooted into me”. Why do you think that is the case?
Also, it’s not quite clear what the screenshots are meant to show. The first two are a list of files in your home directory, showing it’s not empty. So did they wipe everything or not? How are we supposed to know what those files are and what you expect should be there… And then the other screenshots are of you trying to recover files from the disk image.
I understand if you don’t, but do you actually have any evidence of an attack? Like cellphone video of the screen while you are seeing suspicious activity on Wireshark? I can definitely understand being more concerned with minimizing the damage once you realize files are being deleted than gathering evidence. But can you for example fish out that .dll file from the disk image?
Had to think about it… The answer is nowhere. I built my digital life around Linux for 23 years.
I have elaborate Procmail rules that sort out the mail. It’s not a very modern solution and the syntax is quite horrible, but it works quite well.
I think that’s the issue. It’s xhost + if I remember correctly.
No, secondary clipboard Ctrl+v paste is a Windowsism
It could also be that the app is looking at parameters other than the hash (which would probably be that of the certificate authority rather than the domain’s certificate), like the CN, which is potentially fakeble. You can also try to mess with the APK file, maybe find the strings associated with the certificate check and replace them. I won’t fault the app’s authors for making such a check though, MITM is so easy to do without certificate validation.
I use Linux on my work computer
still it is concerning, that any program can know about the sites I visit
As other noted, that’s the case in Linux, by default all processes are equal, so if your shell process can access a file, the Firefox process can access that file.
But there are in fact many ways to sandbox processes and prevent exactly what you are worried about. One way is to install applications via Flatpak (or Snap), that can limit what files the app can see, while still running as your user.
If there is an app you need and don’t trust that’s not available as a flatpak (or snap), there are ways to sanbox it manually. It does require some tinkering, but people can help you on !linux@lemmy.ml
I don’t really need the encryption
In this case I’d say, LUKS is an overkill and just complicates your life. Try to think of a worst case scenario and what you are trying to protect against. Full disk encryption protects you against someone physically and clandestinely tampering with your server to compromise you by altering your OS, I’d say most selfhosters aren’t at risk of this (I do use LUKS on my laptop, because if I’m not available to decrypt the drive then there’s no reason for it to get decrypted). My approach to the server is to have encrypted directories as needed. For example the SFTP directory, the logic being that some of what’s there may be sensitive, so encryption at rest prevents leakage after the drive is eventually disposed of. But my Git repos (including private ones) and calendar aren’t encrypted at rest. Other services (e.g. Matrix, Borg, Vaultwarden) provide E2E so don’t really need further encryption.
As the article says, there are different flags flown there all the time, including the Israeli flag, the arguments against flying the Palestinian flag specifically don’t make any sense. I’m unfortunately out of town now, I would have loved to be there.
Exposing stuff to the internet shouldn’t be that scary… I haven’t had any incident so far in 8 years. Yes, you see plenty of illegitimate access attempts in the logs, but if everything is properly patched, it should be OK.
Vaultwarden isn’t actually susceptible to man-in-the-middle attacks, since the passwords are encrypted and decrypted on the end device. But some relevant metadata do go over the connection so it’d better have TLS.
How the mighty have fallen. I got my OnePlus One in 2015 with CyanogenMod preinstalled (although I reinstalled the vanilla OS after, and rooted it easily). Enshitification indeed, no brand is safe.
No, I think they should ignore it and let the British government do what they will. Again, they are not bound by UK legislation. Similarly they don’t block Chinese IPs because of censorship laws over there.
I’m not an expert but I feel like organizations like Wikipedia that are not based in the UK and do not do business in the UK shouldn’t fight or comply with this nonsense. If the British government instructs ISPs to block access to Wikipedia, let them, and see the uproar it generates.
Does it actually happen to people? All servers I worked with both had a back door (or two), and someone at the data centre (during work hours at least) you could contact in an emergency.
There are jobs with flexible hours and partial or full work from home arrangements, and more importantly jobs where you can feel some amount of purpose and personal growth instead of just making money (mostly for someone else, i.e. shareholders). To get such a job you might have to get some specialized skill, or just get lucky.