- Joined
- Mar 17, 2019
for anyone who has ever interacted with an SAP system or SAP implementers, that sounds like a reason to kill myself before ever running SUSE
The Linux Thread - The Autist's OS of Choice
- Thread starter tehpope
- Start date
-
Want to keep track of this thread?
Accounts can bookmark posts, watch threads for updates, and jump back to where you stopped reading.
Create account
- Joined
- Mar 30, 2023
so i only now noticed that Watchtower has been abandoned and my container was stuck in a failure loop. is there anything that's a direct replacement for keeping docker images up to date, or at least something that will give me a login message when I ssh into my server?
- Joined
- Jan 22, 2018
SuSE is still pretty legit. If I ever want to switch from Fedora, I'd go back to SuSE.
Sveny Mausehund
kiwifarms.net
- Joined
- Sep 17, 2024
Came at my man with two commands, ssh-keygen and ssh -i to upload the key but thats no good, this is better (i have no idea what any of those words mean)
- Joined
- Mar 23, 2020
As long as you do not buy anything from the U*ited S*ates or G*rmany, and only run 100% FOSS firmware a la Atheros WiFi cards/dongles + Coreboot (with me_cleaner, of course), you can reasonably assume that you are mostly clean of hardware-level spyware. If you want to go even further beyond the autistic pale, binwalk is your friend.
- Joined
- Nov 17, 2023
So I guess your whole room is a Faraday cage to prevent someone sniffing your monitor from distance and all traffic in and out is audited.
No WiFi signal can break through either?
Also have you audited all binaries that are required for hardware init? Microcode in your CPU? Microcontrollers in your drives?
No WiFi signal can break through either?
Also have you audited all binaries that are required for hardware init? Microcode in your CPU? Microcontrollers in your drives?
- Joined
- May 12, 2017
Except glowniggers across the world still have ways of penetrating your FOSS defenses because going the full-FOSS hardware stack with LGA775/AM1/AM2 CPUs, dubious fixes like me_cleaner, and a "FOSS" BIOS stack like coreboot necessarily means you'll be running ancient hardware with decades-old vulnerabilities that Intel, AMD, et al documented but never fixed because it's so many generations removed from current.
Also, the FSF's position on "FOSS firmware" is laughably inconsistent because of one gigantic loophole: binary firmware is 100% halal provided that it's physically flashed onto the device and the user has no way of flashing new firmware onto it. So your Atheros, Realtek, Ralink, Intel, etc firmware blobs still exist, but they're just outsourced to your device itself.
This is how companies like ThinkPenguin, Framework, and System76 (among others) are able to get away with selling FOSS-friendly wireless devices: because they don't know, let alone care, about binary firmware being read-only and hard flashed onto the shit they're peddling. The reason why binary firmware exists in the Linux kernel is primarily a convenience for hardware manufacturers who'd rather give the kernel the firmware rather than waste time and OEM resources to bake the firmware onto their hardware. Coreboot even does similar shit where they need vendor firmware to a certain degree, that firmware is still binary-only but freely redistributable, and that's why we have Libreboot.
- Joined
- Dec 12, 2022
Finally took the plunge and installed Ubuntu on my main laptop, a Lenovo with an Nvidia video card. Pretty much seamless install off of a USB drive. Nvidia drivers seem to be working.
I like the app menu in Mint better than the Androidesque thing Ubuntu has going on but both are miles ahead of the shitty way Win11 does it.
Installed Dash to Dock and Dash to Panel to put things in the places I'm used to.
I really like being able to find solutions using Terminal that I can just copy and paste instead of Windows where MS has changed things up in the GUI so that the advice from last year is no longer useful. Managed to get Chrome touchpad gestures working this way. Command prompt doesn't scare me. I grew up using DOS.
The only thing I miss are a few customized touchpad gestures I used in Chrome. For example, I'd drag three fingers down for reload. I'd like a gesture for that instead of right-clicking and selecting reload.
Things seem more responsive than Win11 and more logical, in general.
I like the app menu in Mint better than the Androidesque thing Ubuntu has going on but both are miles ahead of the shitty way Win11 does it.
Installed Dash to Dock and Dash to Panel to put things in the places I'm used to.
I really like being able to find solutions using Terminal that I can just copy and paste instead of Windows where MS has changed things up in the GUI so that the advice from last year is no longer useful. Managed to get Chrome touchpad gestures working this way. Command prompt doesn't scare me. I grew up using DOS.
The only thing I miss are a few customized touchpad gestures I used in Chrome. For example, I'd drag three fingers down for reload. I'd like a gesture for that instead of right-clicking and selecting reload.
Things seem more responsive than Win11 and more logical, in general.
- Joined
- Jan 22, 2018
- Joined
- Apr 1, 2024
I think that's just them trying to be realistic. If the end user can't do anything about the glowie firmware blobs it's a bit unreasonable for them to say you should run freesoftware firmware on it.
- Joined
- Dec 28, 2014
I miss Novell. It was just so absolutely rock solid stable. I once worked somewhere they'd had a Novell server in a closet and it had been there for over a decade, and when it went bad, nobody working there had any idea where it even was. Turned out it for some goddamn reason was in a maintenance closet on the other side of the building. And it was a big building.
It wasn't Novell that was the problem. It was that dust bunnies had blocked the fan and it overheated. Dust bunnies removed and a dose of duster for the rest of it, and it was back on.
Arguably Intel's Management Engine (hardware-level) is spyware, or at least a back orifice that allows you to be pozloaded.
Last edited:
- Joined
- May 12, 2017
Honestly, all the Novell drama was decidedly before my time. I started daily driving Linux around 2010-2011ish as a grossly unsupervised minor on the internet, and by that point, Novell was either outright acquired by Attachmate or was seeking a buyer because they got too big for their britches. Not entirely sure what the situation was, but at some point, Novell as a company was wholly liquidated and its assets/IPs spread out across several if not dozens of other entities.
With hindsight, Novell's acquisition of SUSE was a blessing in disguise because SUSE wasn't at risk of getting acquired by a "hostile" third party like Red Hat before getting absorbed and ultimately dissolved within their product catalogue. The patent deal with Microsoft in 2006 was also critical for getting Microsoft to even acknowledge Linux beyond Steve Ballmer's hostility to FOSS and the whole embrace, extend, extinguish rhetoric that got leaked decades ago. Causal relationships are rough to discern from a point of hindsight, but that patent deal with SUSE is what ultimately paved the way for Azure to rely entirely on Linux, while also contributing back once Ballmer left and Nadella entered the fray.
I can appreciate Novell for what they accomplished historically, but it's also easy to see why they received such acrimony throughout their lifetime. Novell was one of the players behind that 1990s lawsuit with AT&T that stalled FreeBSD development iirc. I mean hey, that lawsuit was the reason why we got the Linux kernel in the first place. Novell oversaw the growth of SUSE Linux Enterprise, yet SLES/SLED paled in comparison to RHEL, Ubuntu, and other such alternatives. All the while, they kept burning cash thanks to terrible business decision after terrible business decision.
One must wonder, however, if years if not decades of bad acquisitions and litigation that ended in settlement were ultimately what led to Novell going tits-up in the first place.
- Joined
- Feb 17, 2025
The FSF is anything but realistic when it comes to ryf certification
If you ever look into companies that have tried to get ryf certification they will find any little thing they can to deny you certification
Even if your hardware is 100% FOSS if you wire your gpu connectors wrong they'll deny it on that alone
Its why your only real option is a 10+ year old thinkpad or a 4 core power9 server if you want truly FSF approved hardware. Nobody with modern tech can make it in such a way that the FSF can approve it because they're stuck in the fucking 80s
Unintelligence Score
kiwifarms.net
- Joined
- May 29, 2025
Why use Linux for free when you can pay someone to super fuck it instead?
- Joined
- Apr 1, 2024
That doesn't really comment on what I was saying.
- Joined
- Mar 30, 2023
I've been having a very annoying issue with Linux Mint where my system will randomly hang when i try to put it to sleep, and I haven't been able to fix it. I believe it's related to either the drivers for my Nvidia 1660 super, or a firmware bug, but I figure that I might not have the same issue with a different distro. I feel like I'm comfortable enough to go with a more advanced distro, as long as after setup it's still fairly stable and won't brick itself just because I ran the updates without reading all of the notes first. What would be a reccomendation for a distro that's significantly different but I don't have to baby all the time? So far I'm preparing to try Artix (the KDE qt community edition with openRC) with Zorin OS as the fallback if the attempt is catastrophic.
- Joined
- Apr 1, 2024
It definitely sounds like an nvidia issue.
I've heard about that exact problem happening when waking up from suspsend. I think it should be covered in the arch wiki, and maybe the gentoo wiki.
- Joined
- May 12, 2017
See, I understand the calculus. What I don't understand is why they go through such absurd lengths to moralise about firmware if we already have industry-wide concessions made to hardware vendors about their firmware in the first place. The whole raison d'être for Linux-libre should've gone out the window the moment that Intel ME and AMD PSP came to light and how the security calculus became "trust Intel and AMD to push out microcode updates." If you're cool with running Linux-libre without the microcode updates, I could at least respect that choice insofar as sticking to your ideological convictions to the fullest logical extent possible, regardless of drawbacks. But you actually have people teaching Linux-libre users how to install the microcode updates while omitting all the other firmware. I'm sorry, but at that point, why not just run the regular Linux kernel? If you wanna pick and choose the firmware your kernel has, why not compile your own custom kernel instead of modifying the binary after the fact?
I AM UNDOUBTEDLY FIZZED8%
kiwifarms.net
- Joined
- Jul 14, 2025
- Joined
- Mar 23, 2020
Not yet, but I will once I get my MNT Reform and or Argon One Up + Radxa RK3588 CM5. Fully open boot chain (except ram init), baby!
Priv/sec is not a one and done type deal, you have to play at angles that give you the maximum benefit with minimum voodoo. A lot of the blob fear comes from a lack of understanding, and this is by design, proprietary software wants to be opaque. Even so, you don't need to be scared of every single blob. Like @jeff7 said, SSDs have blobs, HDDs have blobs, HDMI has blobs, it goes on. It is impossible to be free of it all. What you can do, is risk reduction. The IME is a high-risk blob because it has its own networking stack for OOB communication, which felts you from the get-go.
Modern Libreboot/Coreboot + me_cleaner get you a very good length of the way towards de-glowniggerification. Take the T480/580/X280 for example: if you want to take the purist stance, it is technically running a full Intel Management Engine kernel, but said kernel is effectively trapped in a boot loop because the Host Embedded Controller Interface & Network stack are completely gone, alongside other blobby code. Mate Kukri, the guy who wrote the deguard utility that busted Boot Guard on Sky/Kaby Lake boards, has said as much himself. WiFi is always insecure, Etherner is the white man's way. If you fear fingerprinting or Libre kernel vulnerabilities, run everything in a container a la Qubes, Whonix, bubblewrap etc.
Everything else is pedantry. What felts people who want to be private is almost always OpSec related. 99% of privacy is just keeping your mouth shut and not getting caught doing something that'll get you cottonmouthed. Use throwaway accounts, buy hardware in person, do cash only payments, I could go on. Having good general opsec and running up to Kaby Lake boards with Coreboot + me_cleaner gives you the best bang for your buck. You don't need to be scared of WiFi or HDMI sniffing if you don't have a neon sign nailed to your forehead reading "I LOVE <insert glowie bait here>". The position of "but what about <thing>!?!?!? Why bother if they can do <thing>???" is defeatist and gay. If you want to play that game you can use shielded cables and stick a signal jammer next to your computer. TEMPEST has been a thing since forever and people have been using RTL-SDR recievers to test leakage and fuck with it using weird shit like conductive paint or mesh fabric curtains. Where there is a will there is a way, all that matters is how much convenience you are willing to sacrifice to find it.