/tech/ - Technology

>>takes forever to receive security updates
marge
>>no protection from rootkits whatsoever
>only way to (somewhat) protect yourself from keyloggers is by installing an unfinished and broken display server
use flatpaks nigger

>>5987
>just use flatshit bro
>even doe that has nothing to do with kernel rootkits
ah yes another completely broken and bloated "sandbox" that gives you sense of false security
you only solidify the notion that uninformed freetards use Linux.

>>5986
>abysmal security practices
like throwing proprietary binary blobs into your kernel?
>takes forever to receive security updates
this is false btw
>no protection from rootkits whatsoever
x86 itself is backdoored, so is ARM. if you run proprietary software on ring 3, you have to expect that it reaches ring 0 if it really wants to. there is no need for "sandboxing" memes and "mitigations", all they realistically do is make everything more complicated, more prone to breakage, and slower.
>only way to (somewhat) protect yourself from keyloggers is by installing an unfinished and broken display server
also a lie, gayland CAN be keylogged, try wshowkeys.
oh by the way, gayland FORCES you to run shit like xdotool equivalents as root, such "security" right?
>muh keyloggers
dont install proprietary insecure garbage, i want to be able to keylog myself without root perms, and i want complete control over my computer. i decide what runs on it, not someone else, so i don't have to worry about "hecking keyloggers" or malware. just dont install malware you stupid retard.
>half assed mitigations knocked off from Grsec project
mitigations are a meme, imagine wasting 20$ of your CPU performance so intel has their latest backdoors in your CPU rather than old ones script kiddies figured out how to use.
>CFI
this one of many reasons why lunix became slower and more broken than it ever was before
>performance is first
kek, where?
i wish it was like that.
>gives everyone a completely false sense of security
youre right about this one chud.
>>5987
>gives every program full R/W access to your $HOME by default
>"le hecking sandboxing doe!1!"
>have to install everything twice now because you have 2 package managers
>flatshit literally only exists for debian tards who can't install software, and for fedora niggers who want to install pooprietary malware
>flathub is a cesspool full of malware
>>5988
>"sandboxing" gives you a false sense of security
exactly. treat your system as if there was zero security to begin with, people say "durr hurr GNU schizo take your meds" because i run nearly everything as root and exclusively use 15+ year old librebooted thinkpads with mitigations disabled and lack of any microcode updates, but they'll see that i was right once they get assraped by proprietary ""vulnerabilities"" that give some proprietary malware ring 0 access out of nowhere, this constantly happens and will keep happening because lunix is a big bloated clusterfuck nobody can actually audit properly.

>>5988
tell me how a flatpak can rootkit your kernel apart from glowniggers trying too hard like eternal blue

>>6005
it gives every program full R/W access to your $HOME
tl;dr
echo "alias sudo='malicious shit that grabs your password'" >> ~/.bashrc

this nigger is growing on me

>>6006
not my problem as my .bashrc is owned by root

>>6008
this is not the default and will never be the default. if you have to make your environment variable configuration read-only at the user level, you have screwed up. If one line in a bashrc can reflash your unsecure, unlocked bios with a malware infested one then you don't have a secure system.

>>6013
i run everything as root and reflashing my firmware is as easy as flashrom -p internal -w file.rom
>>6008
mental illness

>>6014
echo "flashrom -p internal -w /dev/urandom" > ~/.xinitrc

genius design.

>>6030
dont use iomem=relaxed then
also, it wouldnt be a problem because reflashing takes 2 minutes.

I just use my distro's official repos and I'm fine.

Viruses in wincuck were such a big deal because they didn't have a windows store since the very beginning.

>>6035
>I just use my distro's official repos and I'm fine.
nigger

>>6031
add a sed command to add iomem=relaxed to the bootloader cmdline in the xinitrc then

>>6037
you still need root for this
>>6035
>"store"
pathetic.
>>6036
>NOOOOooooOOOOO YOU HAVE TO USE MAKE INSTALL AND UNPACK TARBALLS MANUALLY!!!!!!!!!!!1111!!!1!

>>6044
>i run everything as root
also just alias apt, pacman, emerge, hrt-get, etc. to the payload.

>>6046
why would i do this?
im not retarded.

>>6053
sir this was a joke, install GNU before believing wintoddler cope

>>6056
No it will be done by some script that finds an exploit into userspace.

>>6075
>some script
>implying i run random scripts from the internet
again, im not retarded and dont run software that does things i dont want it to do and cant control.

>>6082
really? you compile everything from source checking every line for backdoors?

Updates are frecuent as shit when u use rolling release distros dumb windowsCUCK

>>6006
>Keeping shit that matters at home
Ngmi

>>6082
To be fair you can get fucked over even if you think you are getting stuff from repos.
MITM is a thing. Remote code execution is a thing even if you don't install stuff and shit.

>>6057
>sir this was a joke
that's how it always start...

A penguin could NOT hold a handgun up to the roof of their mouth.

>>6085
>not physically owning your servers and having 100% control and ownership over it
>>6083
yes, for stuff that matters
i audited X11, the shit in my kernel, and my WM
i didnt audit soystemdick or shit like dbus doe, its way too messy and im gonna put in some effort to get rid of it in the future, HyperbolaBSD whenever its finished perhaps
>>6086
thats why signatures and hashes exist, every sane package manager will check them by default and will require you to manually bypass them if you wanted to do that for some reason
>>6108
*HIS