Debian testing, then upgrade it as they make major releases. I have yet to have a single Debian upgrade go wrong on Desktop or Server. It is basically magic.
user28282912
joined 2 months ago
Assuming that:
- your Linux Laptop uses wlan0 for its wireless connection and your home network uses 192.168.1.x for IP space.
On the Linux laptop:
- as root or with sudo -- enable IP forwarding and load the change with sysctl -p.
sudo sysctl net.ipv4.ip_forward=1 ## updated edit thanks to folks pointing out my typo.
sudo sysctl -p
- if you have ufw installed and running -- setup a NAT masquerading rule for any hosts forwarding IPv4 traffic to it.
add this line to /etc/ufw/before.rules file right after the "*nat" line
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.1.1/24 -o wlan0 -j MASQUERADE
On the mac:
- set your IP address manually to be on the same LAN as the Linux laptop, but for the gateway address... point that at the IP for the Linux Laptop.
Is it easier to secure, monitor fewer, bigger reactors or thousands of* small ones? Accidents are still going to happen and I know which scenario makes more sense to me. Especially in light of Trump's recent push to deregulate nuclear energy, kill the EPA, and pretty much any other kind of sensible management efforts of technology that is great until something goes wrong then it quickly becomes a multi-generational clusterfuck.
Solar, batteries and long-range transmission infrastructure just makes too much sense I guess.
Darwin just getting ever more creative over time.
This is like that part in Don't look up when the Jennifer Lawrence's character tells her BF to wait 6 months before she meets his mother.
Because every single foreign government hacks every other foreign government every single chance they get. If I get any say in the matter I'd rather keep my list of enemies as small as possible(aka only the US government). Most rational people would agree with that. At least you have some say in accountability for the US government, in theory at least.
I feel like every time this topic comes up people forget all of this and also forget that China's energy, automotive, literally every industry in China is controlled by PRC/CCP, 100%. Even the US/China joint ventures have to follow rules laid out by the PRC/CCP.
Ignore the idiot posting about this RAT.
If you want to secure your Linux system, use ClamAV, a local firewall like UFW or even opensnitch for a start. Also use your head when adding apps to your system. Stick to the official repos from your distro. Things like Arch's AUR, random PPAs in Ubuntu and any random github project are going to be much riskier by their very nature so act accordingly.
If you need to risky stuff, do it a VM and network that guest into a private internal network that can only exit over a companion PFSense VM that is dual homed to the regular LAN and the private internal network. Take a snapshot of the risky guest before you use it in a session and when you are done, roll back to your clean snapshot.
Store your passwords in something like Keepass(strong master password!) and then use syncthing to push copies of the database to at least one other box locally or in the cloud if you really have to.
It seems to just be more attack surface for very little actual gain on JS. At least with JS I have NoScript, Ublock and some actual say over what loads/runs on my box. For this reason, I usually just disable all wasm/webgl/webrtc until I find out that I actually need it which for me is basically never or only for very short periods.
Some upgrades require human input like when core service config files upgrades are offered. (ex. would like to update /etc/samba/smb.conf with the maintainer's version or keep your own?)
In my experience this can occasionally cause background apt processes to hang while they wait for your answer to that kind of question. There is a debconf trick you can try. debian_frontend=noninteractive. You can create your own cronjob, as root, that runs a script with this export command, apt update, then apt dist-upgrade -y.
view more: next ›
Thanks for noticing that. I certainly missed the '=1' bit.