ShellMonkey

ShellMonkey, 1 day ago

3 things I’m still looking to get in one distro and Windows will be gone. Not looking to have my desk/lap turn into another ad platform like phones did.

Easy drive mapping for remote shares, most have this but some are a bit clunky.

Solid games support, mostly a WINE thing. One called Bazzite looks promising with a pile of pre-configured profiles.

Easy and reliable connection to a DC so the same creds can be used across multiple machines. This is probably the hardest part in Nix at this point.

Otherwise pretty well every app I use is web based and hosted on some local server, or has a Nix native variant.

ShellMonkey, 1 day ago

Probably worth a shot. I’ve gotten it working on a version of Ubuntu in the past, but it was far from the simplicity of select domain, give join creds, and reboot that it is with Windows yet.

ShellMonkey, 14 hours ago (edited 14 hours ago)

I have not, the last time I made a real effort at moving to Nix for games was quite a while ago. The big factor is if I can get GOG working since that’s the preferred platform here.

ShellMonkey, 14 hours ago

I know it exists, have gotten it working with one of those AD compatible samba based DCs before, but not without some messing about. I’d really like to see it as simple as it is in Windows before saying it’s a drop in replacement.

Tried the other day with Mint and ran into something where one of the searches promoted manually editing the hosts file to point to the DC and Kerberos address. That kind of thing shouldn’t be required and is the kind of buggery I’d like to see sorted out.

ShellMonkey, 2 days ago

I’ve been a user of GOG for a while principally because of the no-drm ability to download a copy of what you bought. When the library starts getting past a certain size though you start to wonder about those things like what if the producer has a falling out and wants to yank it from the platform, does it vanish from my library then too? Are there contracts that say ‘forever’ when they offer it? Would love to find some ‘download all’ option to take a full copy offline of the bought items at once but it’d probably overrun the monthly ISP limits even if they had one.

Seen too many things on Netflix or Spotify that I liked vanish because ‘fuck off, we can’ and although I never anticipated it being ‘bought’ in those cases it does give a lot of justification to find alternate means to reestablish that access.

ShellMonkey, 3 days ago

Nuking anything is never the right decision unless you’re heating up some leftovers. There is no such thing as a justified mass destruction weapon.

ShellMonkey, 6 days ago (edited 2 days ago)

Claim: if you use HTTPS you are safe!

Overall a solid writeup, but this part could use some clarification. Assuming the VPN client doesn’t leak DNS this is only a concern after exploitation by DHCP option.

Another thing that might be noted, since this is a DHCP based issue the window for compromise is largely going to be at the time of connection unless the server has a particularly short lease time. If there are multiple DHCP servers on the same network answering requests it’s bound to raise some alarms if someone is watching the network so it makes 3rd person exploitation a very noisy method since you would have a race for who offered the lease first.

Edit: Really this attack isn’t just a problem for VPNs but could apply to any network connectivity. A rouge DHCP sever can cause all sorts of havoc. There used to be an single button APK called ‘firesheep’ that would do similar to this by presenting itself as the gateway, although that wouldn’t have allowed for the specific split routing config option push.

ShellMonkey, 6 days ago

https://lemmy.socdojo.com/pictrs/image/7e31cdc7-384b-4791-b637-ddbd9be198fc.png

Discover/offer/request/acknowledge since it didn’t make a pretty picture for me.

Basically it’s just a case of who answers first. A DHCP discover is a broadcast message since the client doesn’t know where or even if there is a server on the net. Whoever gets back to the client first with an offer though will end up with the request/ack following up and get to provide whatever options they push along with the offer.

ShellMonkey, 6 days ago

It says right in there that they can’t see what you are sending or receiving, but seeing the SNI provides content on what you’re doing. Not seeing where it’s false at all.

Using that SNI header profile though if one was inclined and the site doesn’t enforce HSTS it would be simple enough to proxy traffic through their gateway, or to creating a phishing duplication of the site with a DNS redirect.

ShellMonkey, 6 days ago

WiFi pineapples are fun that way. I’ve taken one out on a drive going to our cabin in scanning mode and picked up 100+ different SSIDs along the way. It can also respond as a wildcard to any request that comes by or just be obnoxious and advertise them all at one.

Never setting an ‘auto connect’ for unsecured WiFi is a must in that case. Secured not so much an issue unless the interceptor has the key for the network at least.

ShellMonkey, 6 days ago

Most mobile devices these days default to using a random spoofed MAC, so I have a hard time seeing how that’s effective unless it’s done as a whitelist only.

ShellMonkey, 7 days ago

Edwards described critics of his underage marriage stance as “an army of control freaks that want to entice a pregnant woman into an abortion rather than allow a marriage”

The guy goes on about personal freedom but then puts it as an either/or that someone gets pregnant and they have one of two choices…

ShellMonkey, 7 days ago

Chances are unless you’re actively trying to avoid it the toothpaste you use has it already. I’m not aware of any particular benefits or detriments to having it in the water supply versus the more direct application route.

ShellMonkey, 5 days ago

Fair point, useful for the city but not missing out on anything by having a private well then though.

ShellMonkey, 6 days ago

It’s pretty much the same thing that ‘tile’ does, it’s scary that they do this as an opt-out though. Having that as a system level function effectively means they can enable or disable it at will without having to have a separate app.

One more bug to sort out with notifications and I’m full time onto GraphineOS.

ShellMonkey, 6 days ago

As useful as tile is ideal to me. Don’t allow for the global tracking but let’s me make my keys or wallet make a noise when I misplaced them.

ShellMonkey, 8 days ago

github.com/smdgames/reactle

Easy enough to change that

ShellMonkey, 8 days ago

Such a charming and rational fellow that one

ShellMonkey, 9 days ago (edited 5 days ago)

Short version of this attack, it involves split routing for the tunnels. A lot of clients will have a default route-all to send traffic through the VPN. There is however a limitation to this because the tunnel itself needs a route from the local nic to connect to the VPN endpoint and establish the tunnel, otherwise you end up with a chicken and egg where you can’t establish the VPN. By taking advantage of the DHCP option to set preferred routes (really anything more specific than 0.0.0.0/0) it can tell the host system to send the specified traffic through the local gateway rather than the tunnel’s virtual adapter.

One relatively simple fix if you happen to have a fancy router/firewall on the edge of the network that handles the VPN would be to use policy based routing rather than relying on the underlying network configuration. Static route tables would be possible too, but in theory that could be overridden by just sending a more specific route again than what was set statically.

ShellMonkey, 10 days ago

So now you can have the devs that shun the cheat of having AI write their code instead copy-pasting from stack overflow’s AI written code.

ShellMonkey, 10 days ago

Hardly the only, but not always the case either. I’d put some of it down to rose-colored nostalgia, some to the given fact that so much today is buying a base framework game and then selling 276 ‘addons’ to make it complete, and part to that back when systems didn’t have the power they do now developers couldn’t rely so much on all the flashy imagery and effects so they put more effort into the story and unique gameplay. A lot of smaller studio games pull that latter part off today still, but they’re sometimes harder to find.

ShellMonkey, 10 days ago

I guess it depends on what you’re looking for and what you consider flashy. I tend to do most of mine from GOG these days just out of a preference for avoiding DRM on principal. Found a few interesting ones just of the ‘cheap enough that it doesn’t matter if it’s not great’ types.

A major marker of quality for me tends to be if something just feels polished, like the menus make sense rather than looking like someone just stuck things where they could without though, but it could still run on a potato without making things melt.

ShellMonkey, 10 days ago

So I’ll prefix with a certain level of TLDR since that’s a big wall of text that online forms like this aren’t particularly conducive to.

As a broad take though, I see two frameworks for men’s ‘rights’ though.

There are the sorts clamoring for a reversion to old ways of patriarchal orders, who look to see things in this working man supporting a household and holding a veto-wielding authority over social and domestic order as a golden era perfection. This form is dead, regressive, and a vestige of an imagined past that will not come back.

There’s another side though that fights against the still common perceptions that men must adhere to certain standards of behavior. The self-reliant, stoic, resilient sort that if they ask for help are considered failed in some fundamental way. This is speaking from an American standpoint since I have little context for other places cultural norms, but despite being publicly said (and in many places honestly held) that these norms are not the case there’s still an underlying current that reinforces these standards. These challenges are quite relevant and alive today.

It’s something of a multi-generational battle to alter what’s expected of men in the modern world. That’s the kind of men’s rights that we shouldn’t be so quick to dismiss as an irrelevant.

ShellMonkey, 10 days ago

Shortly after the net neutrality rules where first revoked mine sent a message asking me to opt out of gathering data for sale, so defiantly not always the case. Not trusting some checkbox to prevent them from doing so in the future got everything that can be put through tunnels since.

ShellMonkey, 10 days ago

Yeah, glibness aside though I really don’t know of any particular spaces. There’s a couple farmlands I’ve seen around that welcome ‘vanners’ but I get the impression those are more by choice folks that essentially camp here and there. Kind of the commune thing where they travel the country and live anywhere they want for a month or two.