• 0 Posts
  • 23 Comments
Joined 10 months ago
cake
Cake day: February 3rd, 2024

help-circle

  • Do you use bash? If not, which one do you use? zsh, fish? Why do you do it?

    Mostly fish, because it just feels much more modern than bash, it has good built-in autocomplete and I don’t have to install millions of plugins like of zsh.

    Do you write #!/bin/bash or #!/bin/sh? Do you write fish exclusive scripts?

    #!/usr/bin/env bash Occasionally I also write fish scripts. Just replace sh with fish.

    What should’ve people told you what to do/ use?

    zoxide

    general advice?

    As @crispy_kilt@feddit.de already suggested, use shellcheck.

    is it bad practice to create a handful of commands like podup and poddown that replace podman compose up -d and podman compose down or podlog as podman logs -f --tail 20 $1 or podenter for podman exec -it “$1” /bin/sh?

    I don’t think so


  • Basically every bank blocks Tor and many even block VPNs. Also, Tor Browser is not particularly secure. It’s been designed for fingerprinting resistance and network anonymity through the Tor network. The Tor Browser is based on Firefox, which lacks many important security features like site isolation, Control Flow Integrity or any meaningful sandboxing. I absolutely hate Google and their monopolistic business practices, but Chromium is by far the most secure browser. Especially when it’s running on a secure mobile operating system. GrapheneOS goes even further than Android and deploys a hardened memory allocator (which was actually ported from OpenBSD), which significantly reduces the risk for memory coruption. On the newest generation of mobile SOCs (ARMv9), GrapheneOS enables memory tagging by default. Again, find me a desktop platform with MTE. This once again proves my point that mobile devices are simply more secure. Every single piece of hardware and software in your phone has been built with a strong focus of security.

    Or, better, use monero.

    I absolutely agree on this one. Look at the Lemmy instance I’m on. I’m a big fan of Monero, but unfortunately there aren’t many places that accept XMR.



  • I’m talking about the security model of the platform, not the way you use your devices. If you do your online banking in a browser on your computer and your system gets infected with malware, that malware can access all the files on your computer. Including application data of your browser. It can access your cookies, which your bank’s website uses to store your login information. Such an attack is impossible on a mobile device, since apps can only access their own data, and inter-process communication is heavily restricted. Additionally, mobile operating systems like Android have complex permission systems, as well as kernel-based mandatory access control like SELinux/SE for Android. Your typical desktop OS has none of that. Android also has a strong implementation of Verified Boot, which makes sure that malware can’t persist on your system partition, even after your device gets infected. I recommend this video if you want to learn more about mobile device security: https://youtu.be/yTeAFoQnQPo











  • I wouldn’t actually selfhost email, it’s not particularly easy and there are many issues you will probably encounter. I recommend ProtonMail, it’s $3.50/month if you only need email and for $8/month you also get calendar, cloud storage, a password manager and a great VPN. Also, they are very focused on privacy and encryption and their apps are open source. Alternatively you can go with IVPN or Mullvad, both are great. Digitalocean has been fine in my experience, have you had any issues with it?





  • Sure, but I don’t want to. SPAs are nice, but I also try to include a JS-free fallback solution that is loaded when the client doesn’t support Javascript. I think this is the best approach to web development. A good example for this is LocalMonero’s No-JS mode. You can use the toggle in the upper-left corner to disable all Javascript on the website, and it will still have most features. I love it.