Welcome to Friendica.Eskimo.Com

Home of Censorship Free Hosting

 Eskimo North Linux Shells, E-mail, Virtual Machines, Web Hosting.

E-mail, Web Hosting, Linux Shell Accounts terminal or full remote desktops.

Sign Up For A Free Trial Here

Please tell your friends about federated social media site that speaks several fediverse protocols thus serving as a hub uniting them, hubzilla.eskimo.com, also check out friendica.eskimo.com, federated macroblogging social media site, mastodon.eskimo.com a federated microblogging site, and yacy.eskimo.com an uncensored federated search engine. All Free!

lemmy - Link to source

Which of the 3 standard compression algorithms on Unix (gz, xz, or bz2) is best for long term data archival at their highest compression?

I have a lot of tar and disk image backups, as well as raw photos, that I want to squeeze onto a hard drive for long term offline archival, but I want to make the most of the drive's capacity so I want to compress them at the highest ratio supported by standard tools. I've zeroed out the free space in my disk images so I can save the entire image while only having it take up as much space as there are actual files on them, and raw images in my experience can have their size reduced by a third or even half with max compression (and I would assume it's lossless since file level compression can regenerate the original file in its entirety?)

I've heard horror stories of compressed files being made completely unextractable by a single corrupted bit but I don't know how much a risk that still is in 2025, though since I plan to leave the hard drive unplugged for long periods, I want the best chance of recovery if something does go wrong.

I also want the files to be extractable with just the Linux/Unix standard binutils since this is my disaster recovery plan and I want to be able to work with it through a Linux live image without installing any extra packages when my server dies, hence I'm only looking at gz, xz, or bz2.

So out of the three, which is generally considered more stable and corruption resistant when the compression ratio is turned all the way up? Do any of them have the ability to recover from a bit flip or at the very least detect with certainty whether the data is corrupted or not when extracting? Additionally, should I be generating separate checksum files for the original data or do the compressed formats include checksumming themselves?

This entry was edited (5 hours ago)
in reply to HiddenLayer555

lemmy - Link to source

DasFaultier

You're asking the right questions, and there have been some great answers on here already.

I work at the crossover between IT and digital preservation in a large GLAM institution, so I'd like to offer my perspective. Sorry of there are any peculiarities in my comment, English is my 2nd language.

First of all (and as you've correctly realizes), compression is an antipattern in DigiPres and adds risk that you should only accept of you know what you're doing. Some formats do offer integrity information (MKV/FFV1 for video comes to mind, or the BagIt archival information package structure), including formats that use lossless compression, and these should be preferred.

You might want to check this to find a suitable format here: en.wikipedia.org/wiki/List_of_… -> Containers and compression

Depending on your file formats, it might not even be beneficial to use a compressed container, e.g. if you're archiving photos/videos that already exist in compressed formats (JPEG/JFIF, h.264, ...).

You can make your data more resilient by choosing appropriate formats not only for the compressed container but also for the payload itself. Find significant properties of your data and pick formats accordingly, not the other way round. Convert before archival of necessary (the term is normalization).

You might also want to consider to reduce the risk of losing the entirety of your archive by compressing each file individually. Bit rot is a real threat, and you probably want to limit the impact of flipped bits. Error rates for spinning HDDs are well studied and understood, and even relatively small archives tend to be within the size range for bit flips. I can't seem to find the sources just now, but iirc, it was something like 1 Bit in 1.5TB for disks at write time.

Also, there's only so much you can do against bit rot on the format side, so consider using a filesystem that allows you to run regular scrubs and so actually run them; ZFS or Btrfs come to mind. If you use a more "traditional" filesystem like ext4, you could at least add checksum files for all of your archival data that you can then use as a baseline for more manual checks, but these won't help you repair damaged payload files. You can also create BagIt bags for your archive contents, because bags come with fixity mechanisms included. See RFC 8493 (datatracker.ietf.org/doc/html/…). There are even libraries and software that help you verify the integrity of bags, so that may be helpful.

The disk hardware itself is a risk as well; having your disk laying around for prolonged periods of time might have an adverse effect on bearings etc. You don't have to keep it running every day, but regular scrubs might help to detect early signs of hardware degradation. Enable SMART if possible. Don't save on disk quality. If at all possible, purchase two disks (different make & model) to store the information.

DigiPres is first and foremost a game of risk reduction and an organizational process, even of we tend to prioritize the technical aspects of it. Keep that in mind at all times

And finally, I want to leave you with some reading material on DigiPres and personal archiving on general.
* langzeitarchivierung.de/Webs/n… (in German)
* meindigitalesarchiv.de/ (in German)
* digitalpreservation.gov/person… (by the Library of Congress, who are extremely competent in DigiPres)

I've probably forgotten a few things (it's late...), but if you have any further questions, feel free to ask.

EDIT: I answered to a similar thread a few months ago, see sh.itjust.works/comment/139223…

Wikimedia list article

Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)

DasFaultier

2024-09-15 05:43:25

lemmy - Link to source

This is my day job, so I'd like to weigh in.

First of all, there's a whole community of GLAM institutions involved in what is called Digital Preservation (try googling that specifically). Here in Germany, a lot of them have founded the Nestor Group (www.langzeitarchivierung.de) to further the case and share knowledge. Recently, Nestor had a discussion group on Personal Digital Archiving, addressing just your use case. They have set up a website at meindigitalesarchiv.de/ with the results. Nestor publishes mostly in German, but online translators are a thing, so I think you will be fine.

Some things that I want to address from your original post:
* Keep in mind that file formats, just like hardware and software, become obsolete over time. Think about a migration strategy for your files to a more recent format of your current format falls out of style and isn't as widely supported anymore. I assume your photos are JPGs, which are widely not considered safe for preservation, as they decay with subsequent encoding runs and use lossy compression. A suitable replacement might be PNG, though I wouldn't go ahead and convert my JPGs right away. For born digital photo material, uncompressed TIFF is the preferred format.
* Compression in general is considered a risk, because a damaged bit will potentially impact a larger block of compressed data. Saving a few bytes on your storage isn't worth listing your precious memories.
* Storage media have different retention times. It's true that magnetic tape storage has the best chances for survival, and it's what we use for long term cold storage, but it's prohibitively expensive for home use. Also, it's VERY slow on random access, because tape has to be rewound to the specific location of your file before reading. If you insist on using it, format your tapes using LTFS to eliminate the need for a storage management system like IBM Spectrum Protect. The next best choice of storage media are NAS grade HDDs, which will last you upwards of five years. Using redundancy and a self correcting file system like ZFS (compression & dedup OFF!) will increase your chances of survival. Keep you hands off optical storage media; they tend to decay after a year already according top studies on the subject. Flash storage isn't much greater either, avoid thumb drives at all cost. Quality SSD storage might last you a little longer. If you use ZFS or a comparable file system that provides snapshots, you can use that to implement immutability.
* Kudos for using Linux standard tooling; it will help other people understand your stack of anything happens to you. Digital Preservation is all about removing dependencies on specific formats, technologies and (importantly) people.
* Backup is not Digital Preservation, though I will admit that these two tend get mixed into one another in personal contexts. Backups save the state of a system at a specific point in time, DigiPres tries to preserve only data that isn't specific to a system and tends to change very little. Also, and that is important, DigiPres tries to save context along with the actual payload, so you might want to at least save some metadata along with your photos and store them all in a structure that is made for preservation. I recommend BagIt; there's a lot of existing tooling for creating it, it's self-contained, secured by strong checksums and it's an RFC.
* Keep complexity as low as possible!
* Last of all, good on you for doing SOMETHING. You don't have to be perfect to improve your posture, and you're on the right track, asking the right questions. Keep on going, you're doing great.

Come back at me if you have any further questions.


Home

Home - Startseite der Website meindigitalesarchiv.de
meinDigitalesArchiv.de

This entry was edited (2 hours ago)
in reply to DasFaultier

lemmy - Link to source

RiverRabbits

danke für deinen Beitrag! Auch wenn ich dir Frage nicht gestellt hab, war dein Post super informativ und hab auch echt was gelernt 😀
Besonders die Perspektive, wie in deinem Feld an das Thema herangegangen wird ist für Laien sehr wertvoll um ein Gefühl für die wichtigen Aspekte zu erkennen!
(und denke mal, bei dem Username, dass du deutsch sprechen kannst haha)
This entry was edited (2 hours ago)
in reply to arsus5478

lemmy - Link to source

[object Object]

If you're seeing squares instead of characters, it sounds more like you lack the proper fonts. Installing something along the lines of noto-fonts-cjk should resolve that.

My personal choice between ibus and Fcitx5 would be Fcitx5. Ibus feels more integrated with GNOME environment, whereas Fcitx5 feels less so. Fcitx5 also has more features too, such as having a keybind that changes your language profile. This is what I do so that AltGr switches between English and Japanese, or English and Korean. Either way, both should achieve the same basic goal.

Don't forget to set a bunch of environment variables too.
```

This entry was edited (2 days ago)
in reply to arsus5478

lemmy - Link to source

Novaling

I've never used xfce, I used Gnome previously and currently KDE Plasma, and I liked fcitx for both. However I had a bug with Anki where it wasn't able to change language inputs with fcitx, so I had to switch to iBus. Both work fine, although I liked that Fcitx showed the conversion preview without having to hit tab, while iBus does.

The squares is probably a font issue, this article might help. You can easily switch input for both apps and set up your own shortcut combo.

This entry was edited (1 day ago)

lemmy - Link to source

Old laptop suddenly won't recognize Linux boot drive

I'm in a really weird situation, yesterday I installed Linux (Fedora Kinoite) on my mothers laptop (An old Asus F550C) and it worked perfectly fine. Great! Or so I thought.

We needed a few files from Windows 10, so I put that drive in, put the files on a USB stick, put the Linux drive back in and... Nothing? It recognizes the drive, but not the Linux boot option.
I put the drive in my pc and it works fine, the boot drive is also still detected in the laptop just fine.

What the hell could it be??

  • The laptop is fine (Windows drive works perfectly)
  • The drive is recognized in bios (But not the boot option)
  • The drive works fine in my desktop and can boot to Fedora
  • The laptop can boot to the USB drive I used to create the install
  • Yesterday it worked just fine
  • I went through the bios, but can't find any settings related to this (Secure boot did not fix it)

Update: the issue is solved! Windows somehow wiped the efiboot entry.

I mounted the drive from a live usb and ran

sudo efibootmgr --create --disk /dev/sda --part 1 --label "Fedora" --loader '\EFI\fedora\shimx64.efi'


After rebooting, the system works again!

This entry was edited (2 days ago)

lemmy - Link to source

need a simple sketching software for linux desktop (with real world dimensions)

Is there any simple vector drawing application that can let me make rough sketches with arbitrary units?

For example, I want to be able to draw a rectangle that is exactly 2'6 x 12".

If I scale it by 50% it should be 15" x 6". I want to be able to measure distances. I don't want to keep track of a scale/conversion/ratio in my head, that's a perfect job for computer.

In the old Sketchup software (RIP) you could type the measurements in while drawing or manipulating objects. It was extremely fast and intuitive. I don't need 3d modelling; it was just a great UI.

All I can find is CAD and it is way overkill. Not gonna design a cotton gin or a circuit board. I just want to make a simple floor plan to see if the furniture would fit the way I want to arrange it. Or estimate material requirements for projects.

Desired features: Layers, customizable/smart keyboard shortcuts, colors, rectangle circle lines, transform/scale/skew/rotate, group/lock objects, rulers grids guide snapping.

anything?

lemmy - Link to source

sshPilot is now on Flathub

I'm excited to let you know that sshPilot is now available on Flathub:
flathub.org/en/apps/io.github.…

It’s an intuitive, fast SSH connection manager with features like terminal tabs, a built-in SFTP file manager, port forwarding, key transfer (ssh-copy-id) and more and is optimized for fast navigation with keyboard.

In addition to the dual-pane file manager, the latest release adds a macOS bundle, a keyboard shortcuts customizer and support for grouping servers.

Technical notes:

The app doesn't use any custom configuration, it loads and saves standard ssh/config files.

It has an optional Isolated (sandboxed) mode which is enabled by default in the Flatpak. With this mode the app keeps its own sshconfig separate, which might be useful if you want to keep things isolated from your regular ~/.ssh/config.

The app is still under heavy development and more features and enhancements are planned.

How to get it?

Downloads for linux and macOS are available from the website or project page on GitHub.

The non-Flatpak versions (RPM, DEB and Arch packages) have extra features including:

  • Custom terminal (use your favorite terminal: Ghostty, Kitty, Alacritty, etc are all supported)
  • File management with Nautilus/Dolphin etc. using GVFS/GIO (you can still enable and use the built-in file manager)

Homepage: sshpilot.app/

I'd love to hear your feedback/thoughts.

This entry was edited (3 days ago)
in reply to Mactan

lemmy - Link to source

mlfh

/var is often where processes dump a lot of data (logs, databases, etc), and subpartitioning of /var sets a cap so that when too much data is dumped there, the application crashes instead of the whole system. /var/log is often recommended to be subpartitioned separately as well, so that logging can still go on if the application data fills up and crashes.

These kinds of overruns can be intentional DOS attacks, also, so the subpartitioning is often a security recommendation. NIST 800-171 requires separate partitions for /var, /var/log, /var/log/audit, and /var/tmp

This entry was edited (1 day ago)

piefed - Link to source

Printers for Linux

Time for 2025 printer research!

Have been stalling getting a new printer since this HP has been doing me fine since way back. But of course we need to prepare for the inevitable firmware updates and subscription raises that will lock us in.

What I've heard is best:
- Laser Printers
- Brother branded

Recently though, Brother started doing the funky like all other printer companies. This stopped me last time when I was about to buy one.

I won't get into the details as to where I've found and read this information because it's in the back of my mind.

And since I'm really just here to ask:
WHAT KIND OF PRINTER YOU GOT, LINUX USERS?

Preferably under $200.

EDIT: Scanning + Printer + Copier combo is the ultimate goal, but whatever else works too. Preferably wifi connected. But I can make some Ethernet cables.

This entry was edited (3 days ago)
in reply to TurkeyDurkey

lemmy - Link to source

NutWrench

I've got 2 Brother printers that work just fine with Linux Mint, the Brother L2640 and L2685. They're both black and white toner cartridge printers that use either wireless or a USB cable connection. I print maybe a dozen pages a day on both printers and replace the cartridges ever 4-5 months or so. I can get third party replacement toner cartridges on Amazon for around $25 for a 2-pack. Replacement drums are about $25-30 every 3 years or so.

lemmy - Link to source

FLX1s is Launched

Mobile phone Debian based

Edit: more alternative sailmates.net/actors/

Companies selling phones with alternative mobile OSes

Name URL Available pre-installed OSes
Furi Labs furilabs.com/ FuryOS
Murena murena.com/ /e/OS
Pine64 pine64.org/, pine64eu.com/ postmarketOS, Mobian, Manjaro+Plasma Mobile
Purism puri.sm/ PureOS
Volla volla.online/ Ubuntu Touch, Volla OS
Jolla/Reeder jolla.com/ Sailfish OS


FLX1s is Launched - FuriPhone FLX1s Linux Phone

It is with great excitement that we can now release the FLX1s. Pre-sales are open and the phone is in production which is due to complete end of October 2025. Following that we can start shipping.…
wayne (Furi Labs: Planned Permanence)
This entry was edited (3 days ago)

lemmy - Link to source

Gaming on Linux, -
I know im not the only one, trying to get gaming on linux, but im different 😀
I am hooked on Flightgear, (the flight gear group on lemmy seems dead) but im right now playing it (still as a novice) on my Lenovo T470 with Fedora. So well its running okay, but the graphics, especially the suroundings just dosnt look like wheni see thoese vids online about flightgear. So i was wondering, and dreaming about a desktop PC, running linux, that is capable of delevering better graphics in Flightgear.i dont know anything about building a pc, but do you have a recommended setup of all hardware i schould get, and software, to get Flightgear up and running more beautyfull? Im also considdering of using steam as a gameshop. Im such a noob, that i would prefer exsact list of what hardware i schould use. Btw i would like to build my own pc, because im not a fan of thoese gamercomputers with all the colourrd light insight.
in reply to with chicken

lemmy - Link to source

utopiah

No idea about Flightgear but to get super niche X-Plane works in VR on Linux, including with flight simulator joysticks.

I can't help you with your specific setup but my point is that gaming on Linux works very well unless you need kernel level anti cheat which at this point is pretty much only a portion of competitive gaming.

I don't see anything on protondb.com/search?q=Flightge… though so not a good sign.

lemmy - Link to source

Proposal for improved COSMIC apps:

So, I think cosmic apps should support whatever the global menu protocol is called, and have the top bar be ssd. The ssd would use the global menu protocol to add the already existing menu bar to the titlebar.

This would have quite a few benefits, including

  • Making every third party app with a menu bar look more native, with them getting a COSMIC-style titlebar.
  • Making COSMIC apps integrate nicer with other desktops, especially for people who use a mac-style global menu.
  • A more unified and flexible desktop experience overall.

Obvious problems being what to do with other buttons in titlebars(I propose to just move them to wherever else would make sense) and what to do on desktops with no server side decorations like GNOME. Also, on other desktops that have ssd, but don't put the global menu anywhere, there would have to be a more classic, less elegant menu bar.

This proposal definitely has downsides, but I think it'd be a definite improvement and align with COSMIC's philosphy, so tell me what you all think!

Also, if any system76 employees are reading this, pretty please 🥺 ?

This entry was edited (3 days ago)
in reply to MonkderVierte

piefed - Link to source

verdare

I’m going to provide the counter opinion here: I prefer CSD. SSD gives you a consistent title bar across applications, but it can cause a wildly inconsistent look within a single app. Part of the application is being themed by a different piece of software that doesn’t know anything about it.

I also like apps being able to make use of some of the extra space in the titlebar if they want to.

lemmy - Link to source

[Discussion] Which Soulslike will you be playing this weekend?

Sorry, day late with this one.

Not currently playing any soulslikes - got stuck on League again 🤦🏻‍♂️

What about you? Also, would you like these posts to be a weekly or a bi-weekly thing? The response to these posts has been pretty good the past couple times, but maybe there's just not too many different people coming here where it would warrant a weekly check-in.

Feel free to cast a vote here: strawpoll.com/wby5Q3YL1yA

Thanks!

Should "Which Soulslike will you be playing this weekend?" be a weekly or a bi-weekly thin... - StrawPoll

What is your opinion? Vote now: Weekly, Bi-weekly
StrawPoll

piefed - Link to source

JD Vance suggests trans people pose a “domestic terrorist threat” & FBI plans to target trans people - LGBTQ Nation

JD Vance suggests trans people pose a “domestic terrorist threat” & FBI plans to target trans people - LGBTQ Nation

The suspect's alleged trans girlfriend is cooperating with investigators, but rightwingers are still using her identity to blame trans people.
John Russell (LGBTQ Nation)
in reply to Philote

lemmy - Link to source

ReversalHatchery

I guess they are aware that a smaller group of people are contemplating of getting rid of them in a less peaceful way somehow. with this, they can smear trans people, manufacture a reason to get rid of them, to reduce their rights, and also further turn people against each other by claiming that these trans people and everyone opposing maga are terrorists
This entry was edited (4 days ago)

lemmy - Link to source

New to Proxmox, Facing Issues with Homelab Setup - Need Advice

cross-posted from: lemmy.buddyverse.net/post/5454

Hello everyone, I’m fairly new to Proxmox and struggling with my homelab setup. I have two machines running Proxmox 9: an HP EliteDesk 800 G5 Mini (Core i7-9700) and a Dell OptiPlex 7070 Micro (Core i3 9th gen). I’m running into several issues and would appreciate your insights.
  1. Networking Issue on EliteDesk: I have two VMs (both Ubuntu Server 24.04 LTS) on the same bridge. If I stop or shut down one VM, the other loses internet connectivity. Local access to applications still works. Any ideas on why the bridge is behaving this way?
  2. Backup Setup on OptiPlex: I’m running a Proxmox Backup Server VM with Backblaze B2 as an S3 datastore. This is working fine so far.
  3. Backup Problems on EliteDesk: I’m using default LVM-thin for VMs. Backups take a very long time and often freeze at 1-2%. Shutting down the VM cleanly afterward is nearly impossible. I’ve tried both Stop and Snapshot modes, but the issue persists. When a VM becomes unresponsive, it triggers the networking issue above. Would switching to ZFS help? If so, how can I migrate without losing any data?
  4. Hardware Acceleration for Jellyfin: On the EliteDesk, I’d like to enable hardware acceleration for a VM running Jellyfin (in Docker) using the i7-9700’s UHD 630 iGPU. Can anyone recommend a clear guide specific to this CPU? The Proxmox documentation isn’t very detailed for Intel GPUs.

The networking issue is the most frustrating. Has anyone encountered similar bridge problems? Any advice on fixes or next steps would be greatly appreciated. Thank you!

in reply to mitexleo

lemmy - Link to source

tvcvt

  1. This sounds like a weird one. It would be helpful to have some more info about your network. Would you share your PVE host’s /etc/network/interfaces file and the config file for the VMs (from /etc/pve/qemu-server)?
  2. Excellent
  3. I think ZFS would likely help since it can make use of block level snapshots. I think the way to move things over would be to create a ZFS datastore in Proxmox and then just migrate each VM’s disk.
  4. Personally I think this is a bit simpler in an LXC container and there are a bunch of tutorials to help. These two are similar to my own setup:

- blog.bekh.fr/jellyfin-lxc-with…
- wundertech.net/installing-jell…

Hope some of that helps

lemmy - Link to source

Plasma Crash?
After a random amount of time plasma just crashes. No other graphical issues and I am not sure what is causing this. I am assuming some config somewhere copied over with my home folder? because i did a clean install for the lols. If anyone knows what I am doing wrong respectfully let me know. sorry for being stupid

PrivateBin

Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.
PrivateBin
This entry was edited (4 days ago)

lemmy - Link to source

How to save iptables rules in Debian and Ubuntu?

I'm trying to set up some iptables rules in both Debian and Ubuntu, but I'm not sure how to make them persistent. As far as I understand the iptables package in the debian and Ubuntu repos is actually iptables-nft meaning I'm actually creating nftables rules, so I'm supposed to use iptables-nft-save to save them instead of using the normal method for iptables or nftables? But that command just seems to produce an output that doesn't match the syntax for iptables or nftables and the man page is not very helpful.

I'm also confused why Ubuntu does seem to have the /etc/iptables/rules.v4 and v6 files but Debian doesn't? Both seem to have /etc/nftables.conf as well but I'm not sure if that's even used (the Ubuntu machine has a bunch of iptables rules already defined which don't show up there but do show up in nft list ruleset)

in reply to arsus5478

lemmy - Link to source

MonkderVierte

xfce-panel -p/--preferences (missing in settings window)

Or

Right-click somewhere on a empty panel space > "panel" > "panel settings" (choose your panel if multiple) > tab "objects". Edit "window buttons" or whatever object you have there (each has their own settings dialog).

Normally, there should be a "properties" on right-click on the respective object for direct access. But that's missing in "window buttons".

This entry was edited (4 days ago)

ActivityPub - Link to source

Abrindo o código #13 – Novo Cadastro Nacional de Pontos e Pontões de Cultura


A próxima edição do Abrindo o Código será a #13, da ação de formação continuada promovida pela Rede Nacional de Produtoras Culturais Colaborativas.

Nesta edição, Adriana Veloso e Thiago Skárnio irão apresentar o Mapas Culturais é uma plataforma de software livre desenvolvida para o mapeamento colaborativo e a gestão de políticas culturais, permitindo que gestores, agentes e o público em geral possam explorar, compartilhar e divulgar a cena cultural de seu território. Além dessa função de divulgação, a ferramenta também é amplamente utilizada por estados e municípios para gerenciar editais e seleções públicas. Sua arquitetura foi concebida em um modelo federativo, garantindo que diferentes instâncias governamentais possam adotar e adaptar o software livre à sua realidade, mantendo ao mesmo tempo a possibilidade de uma integração em nível nacional. A oficina oferecida irá guiar os participantes na utilização desta plataforma, mantida pelo Ministério da Cultura, e apresentar suas funcionalidades mais recentes. O encontro será uma oportunidade de mostrar as principais funcionalidades do novo Cadastro Nacional, como a atualização cadastral, as páginas dos Pontos e Pontões, além dos filtros e do mapa. Haverá também espaço para tirar dúvidas e debater estratégias de mapeamento.

Adriana Veloso é Doutora em Ciência Política pela Universidade de Brasília (2020). É mestre em Design de Interação pela Universidade de Brasília (2015), Especialista em Design de Interação pela PUC Minas (2013) e bacharel em Comunicação Social – Jornalismo – pelo Centro Universitário de Belo Horizonte (2008). Tem publicações acadêmicas, em jornais e revistas, além de artigos para web. Atua como pesquisadora nas áreas de cultura digital, educação e novas tecnologias, inovação aberta, software livre, produção audiovisual, usabilidade/ux e gestão de redes.

Thiago Skárnio é produtor multimídia e fundador da Alquimídia, uma associação dedicada ao fomento da Cultura Digital no Brasil, onde continua atuando. Paralelamente, coordena a @GaneshaPress, uma agência digital voltada para a comunicação para a Economia Criativa, e integra a Rede de Produtoras Culturais Colaborativas e a Rede Cultura Viva de Santa Catarina.

Serviço:

Atividade online:

24/09/2025 às 18h30

O link da atividade online será enviado às pessoas que se inscreverem, preenchendo e enviando este breve formulário.

Arte: Léo Guedes

Related Images:


#13

This entry was edited (5 days ago)
in reply to geneva_convenience

lemmy - Link to source

GiorgioPerlasca

Similar actions has been made by both sides:

  • In October 2023, four NATO reconnaissance aircraft (an RQ-4 Global Hawk, a Bombardier Challenger 650 Artemis, and two P-8A Poseidons) conducted flights approximately 150 km from the Crimean coast.
  • In August 2023, MQ-9 "Reaper" and TB2 "Bayraktar" drones conducted reconnaissance over the Black Sea but were intercepted and diverted by Russian Aerospace Forces fighters.

lemmy - Link to source

Tar did a weird thing today

I'm so baffled I had to ask – why this behaviour?

cd /var/www/html
tar czf ~/package.tgz admin/* api/* mobile/*

I do this, and the resulting package doesn't include a couple of hidden files – api/.htaccess and admin/.htaccess. However...
cd /var/www/html
tar czf ~/package.tgz *

This time the hidden .htaccess files are there.

Does anybody have enlightenment to offer as to why?

in reply to eldavi

lemmy - Link to source

Matth78

On Thunder I have no excerpt and I find really annoying all those who post link without comments. They are just doing clickbait like any news aggregator. If I want that there is already google news for instance...
So I value those who add a comment to their post and say why they post it and find it interesting. Isn't Lemmy all about sharing thought, so does poster except other to do it for him and just want to have popular posts?
This entry was edited (4 days ago)

lemmy - Link to source

F-Droid blog post about Google's and Apple's (non)compliance with the EU's DMA
I found this post quite interesting. While i already knew a few things its interesting to get a look at how scummy these companies behave at public events hosted by the European Comission.

EC DMA compliance workshops | F-Droid - Free and Open Source Android App Repository

At the beginning of summer, the European Commission held a series of “DMA2025 complianceworkshops” to let thepublic post questions to the “gatekeepers” as de...
f-droid.org
in reply to unexposedhazard

lemmy - Link to source

eldavi

The Google and Apple lawyers seemed to share the tactic of just running out the time as much as possible. They went overtime on their presentations, which were largely marketing speech and fluffy statements. They gave long winded answers which adeptly avoided actually answering the questions that were posed. “Malicious compliance” seems to be the Big Tech game plan here.


and they wonder why lawyers are hated.

in reply to Ulrich

lemmy - Link to source

CocaineShrimp

I fully flipped over every device in my house off windows about a week or two ago, and so far so good!

I've been daily driving linux on my personal laptop since 2009 (16 years now!?) for school / work / personal work-esque stuff, and my work laptop is now OSX. A few weeks ago I flipped my gaming machine from windows to popOS and been quite pleasantly surprised at how well gaming on Linux is these days. So much so, I convinced my wife to let me flip her gaming machine to Linux as well.

The only hiccup I've recently had was having to deal with windows-only, non-steam software. Ie. insta360. Luckily, there are compatibility layers / emulators I can use to be able to run it. It's slow, but good enough.

At this point, there's no good reason for me to go back to Windows or anything Microsoft. It's even become a red flag when I hear a business is using Microsoft's products. I want to hope Microsoft gets a wake up call at some point soon and turns the ship around, but I think they've got too many big-company deals to have to worry about their consumer products being shite.

lemmy - Link to source

Birdtray on Debian is extremely self-deprecating...

Perhaps only mildly interesting but I just did an apt show for birdtray on Debian 13 and got this in the second paragraph of the description:

It is a nasty hack -- an external process looking at Thunderbird's
insides, it suffers from problems like noticing new mails only after a
delay, having to restart Thunderbird just to hide its window, etc --
you'd want to use an extension like firetray instead -- but, it is
likely that support for Thunderbird XUL extensions will be dropped soon,
possibly by the time you read these words.


Not used to seeing this kind of language in the Debian repos tbh.

in reply to TotallynotJessica

lemmy - Link to source

JillyB

One of my friends is nonbinary but they looks super masculine. Deep voice, into powerlifting, etc. I introduced them and their girlfriend to my parents when they were in town. Later my mom was so confused. "How can someone be attracted to women if they're non-binary"? She has been a high school teacher for forever. She's had plenty of students that were trans or used different pronouns than she assumed. I was so surprised that this sort of thing would slip through the cracks.

lemmy - Link to source

Does zram impede disk cache?

cross-posted from: swg-empire.de/post/4511580

In my relentless pursuit of trying to coax more performance out of my Lemmy instance I read that PostgreSQL heavily relies on the OSs disk cache for read performance. I've got 16 GB of RAM and two hdds in RAID 1. I've PostgreSQL configured to use 12 GB of RAM and I've zram swap set up with 8 GB.

But according to htop PostgreSQL ia using only about 4 GB. My swap gets hardly touched. And read performance is awful. Opening my profile regularly times out. Only when it's worked ones does it load quickly until I don't touch it again for half an hour or so.

Now, my theory is that the zram actually takes available RAM away from the disk cache, thus slowing the whole system down. My googling couldn't bring me the answer because it only showed me how to set up zram in the first place.

Does anyone know if my theory is correct?

lemmy - Link to source

Being a "middle" user is the most difficult

By this i mean, grandma checking her email and the IT pro with 10 NAS setup are the perfect linux users.

But us in the middle who pretend we're smart...its a damn hard road. And then helping others to switch when youre not yet a pro is even harder, though a good learning experience.

Getting games to work perfectly, audio issues, Bluetooth issues, vr setups are far harder to do, running older obscure software, hooking up obscure hardware, using external drives, music production, these are some examples of things that will be extremely hard on linux vs windows for the majority of middle users.

However id say it is worth it if you like learning thousands of weird terms and phrases and putting in many hours of frustration to solve a problem. (Have you tried using floop to Docker the peeble?). It is very satisfying fixing an issue and figuring out why it happened!

Still, when im forced to use windows I see how bad its become, so im sticking with linux!

This entry was edited (1 week ago)
in reply to bridgeenjoyer

lemmy - Link to source

Crozekiel

This is strictly my personal experience and is not meant to negate someone else's experience.

I disagree, as a middle user myself, I've had much less problems since the switch to Linux. I don't own a VR setup, so can't speak to that, but I have used basically everything else you've mentioned since switching without issues. Older software seems to work better on Linux than windows 11 in my experience. The rare stumble I've had was easily remedied by searching forums and wikis.

Most windows problems I've had to search for solutions in the last several years led to either blind registry changes, following some useless wizard that rarely fixes the problem, or a nothing-burger circle where the OP ended up either giving up entirely or re-installing windows to avoid the problem. I've very much had better luck actually fixing a problem in Linux than just avoiding it.

in reply to bridgeenjoyer

lemmy - Link to source

ki9

As a more advanced user, I have to say, the problems don't stop. Computers will never be "solved". They just keep making new puzzles forever. That's whats fun.

The more advanced you get, well you can solve the easy problems off the top of your head, but now you have new problems and there are zero search results for your error message. If you can't figure it out from the docs or irc you just have to read source code.

I try to document stuff as I find it, even if it means resurrecting an ancient thread. I often search for things and get one result, and it's me answering my own question a few years ago.

lemmy - Link to source

Sonetimes i feel like its a lot of work to stick with linux

Then im forced to use windows at work and get locked into a 45 minute forced update.

Not to mention how horribly slow win11 is even on 64 gb ram and an i7.

And the bloatware. Never seen so much bloat (and ai slop shit) ever before. And start menu ads. Yay.

How do people use this trash!

in reply to bridgeenjoyer

lemmy - Link to source

utopiah

It is a LOT of work indeed! In fact I even commented on that hours ago in lemmy.ml/post/36231170/2112411…

... but as you mention the alternative is ALSO a lot of work PLUS frustrations.

So between learned helplessness and tiring empowerment the choice remains obvious.

FWIW whenever it feels like it's "too much" I reminder myself how I browse through obscure man pages decades ago... to still find them useful today! It's crazy that so long after learning about tools like more or grep is useful on :

  • a desktop
  • a console (SteamDeck)
  • a mobile phone (which basically didn't exist back then)
  • a VR headset (yes, via termux)
  • the "cloud" (as in fine it's just a server)
in reply to lorty

lemmy - Link to source

HiddenLayer555

Worse, it preserves "special" files like the ones in /dev or /var which aren't removable by anyone other than root. Love extracting a system file backup in my file server as a regular user in order to get just a few files out of it, and promptly not being able to fully delete it afterward without SSHing into the server and using sudo.

I don't get how a regular user can even create files like that. Sounds like a security vulnerability.

This entry was edited (1 week ago)

lemmy - Link to source

Spain’s PM calls for Israel to be banned from sports events after Vuelta race abandoned

The final stage of the 2025 Vuelta, a España in Madrid, had to be abandoned after huge pro-Palestinian protests over 100,000 people reportedly took to the streets. The demonstrators targeted the Israel-Premier Tech cycling team, accusing Israel of committing atrocities in Gaza. Things got tense, with clashes between protesters and police, and the race couldn’t continue.

Spanish Prime Minister Pedro Sánchez expressed admiration for the protesters and even suggested that Israel should be excluded from international sporting events until its actions in Gaza change. That statement hasn’t gone over. Well, opposition leaders in Spain have slammed him for encouraging unrest and risking the country’s image. Israel responded by barring two Spanish ministers from entering.

Beyond the politics, this raises big questions about safety at sporting events and whether cycling teams might boycott races involving Israel-Premier Tech in the future. Sports and politics are colliding in a way that could have long-lasting effects on international competitions.


Spain’s PM calls for Israel sports ban as rocket-launcher contract reportedly cancelled

Pedro Sánchez speaks after Gaza protesters forced cycle race’s early end, while €700m deal with Israeli defence firm said to be off
Sam Jones (The Guardian)

lemmy - Link to source

Something is preventing shutdown...

Does anyone how how I can diagnose and fix this problem:

Sometimes, but not always, when shutting down the process does not actually complete and the computer does not turn off.

The screen turns off but the keyboard backlight is still responsive, the fan is still going and the power-on LED is lit. Because the screen is turned off I can't interact graphically with the computer and have to just hold down the power button and do a hard reboot.

I haven't tested it properly but I get the feeling it happens more often if I have been doing audio work.

Debian 13
GNOME 48
Intel Core Ultra 7 Laptop

lemmy - Link to source

I must have died and gone to heaven [nushell]

I've been trying nushell and words fail me. It's like it was made for actual humans to use! 🤯 🤯 🤯

It even repeats the column headers at the end of the table if the output takes more than your screen...

Trying to think of how to do the same thing with awk/grep/sort/whatever is giving me a headache. Actually just thinking about awk is giving me a headache. I think I might be allergic.

I'm really curious, what's your favorite shell? Have you tried other shells than your distro's default one? Are you an awk wizard or do you run away very fast whenever it's mentioned?

nushell giving nice table outputs to `ls | where type == symlink | sort-by modified` and `ps | where mem > 200MB | sort-by name`

lemmy - Link to source

ANZ, NAB and ‘Bigger for You’ Bendigo’s ever bigger greed
It is not only about closing branches, or sacking workers, or making efficiency improvements through the use of clever algorithms, such as artificial intelligence.
This is about one of the pillars of the community, our banks – which provide jobs and safeguard our savings, and help small businesses start and succeed – abandoning their traditional role of serving the community to become profit machines.


I'm posting this mainly to remind everyone member owned banks exist
- P&N/BCU
- VicBank
- Great Southern Bank
- Police Bank
- Bank Australia
- People First Bank
and quite a few others

I have nothing but praise for the customer service of P&N. Services and rates are comparable if not better than the big banks.

Corporate banks have boars elected by investors and are motivated to skim as much of your money as possible. Member elected boards are elected by you and are motivated to provide a good service.

lemmy - Link to source

Update: I did it! Old: Help! Installing Linux with no external media.

Edit: holy shit, I did it! The install media is booting off a little SSD partition! It was ultimately quite simple. Will update with instructions once done, for posterity.

Edit 2: I did it...and you can too! Here's what I did to install Linux from a disk partition on a gen 1 Surface Go with no functioning USB ports. I don't know if it's the ideal process, but it worked for me. Suggestions for refinements are gratefully accepted.

Prep Step: Make enough room for your partition and empty space for Linux by shrinking your Windows system partition. I made a 6 GB partition and left 30 GB free for Linux. If diskmgmt is being an asshole about it, turn off your page file and hibernate, then reboot to clear both files. Windows is now struggling along with a ~22 GB partition, 4 GB of free space, all visual enhancements turned off, and no page file. Tough shit, Windows: you exist to install Linux now.

Hot tip: you may have rebooted Windows a bajillion times already. If you're logged into a microsoft account, those jackanapes will lock your system down for two hours for excessive booting. It happened to me twice. Just select "forgot my password/pin", reset it, and you should get back in. Fuck you, Bill Gates!

  1. Download the install ISO for your desired Linux (or whatever, you're an adult) distro.
  2. Create a FAT32 partition with enough size for the contents of your install media.
    2.1 Optional: Name it something silly to blow off steam.
  3. Copy contents of ISO to new partition.
  4. Turn off secure boot in UEFI settngs since Grub2Win is NOT "secure" in the eyes of UEFI.
  5. Download and install Grub2Win.
  6. In Grub2Win, click "view partition list". Save the UUID of the partition you made for the install files for later use. It'll say it's not a legitimate EFI. Just ignore it - you don't need its validation.
  7. Click "Manage Boot Menu", then add a boot entry. I selected the template for Linux Mint, the distro I was installing, and used the example code to start. Don't save it yet, you need to fill in more info.
  8. Examine the boot.cfg file present in the distro install media for required parameters, then find the location of the linux kernel (vmlinuz) and initial ramdisk image (often initrd.lz or initrd.img) files. I literally just copied the "linux /casper/vmlinuz..." line to get my parameters.
  9. Update your code in the boot entry. Here's what mine ended up looking like:


set rootuuid=9889-99F1
getpartition  uuid  $rootuuid  root
g2wsetprefix
linux   /casper/vmlinuz    root=UUID=$rootuuid persistent boot=casper username=mint hostname=mint iso-scan/filename=${iso_path} quiet splash --
initrd  /casper/initrd.lz
if [ $? -ne 0 ] ; then g2werror Linux load error ; fi

  1. Save the boot entry. Reboot your system, then select your shiny new boot entry. Linux should start. Be patient, it's slow AF. Select the installation shortcut to get started. Everything proceeded smoothly for me.
    Note: I left my Windows install as ANY perturbations to UEFI settings end up with it reverting to the Windows boot manager, which points at the Windows install only. If I didn't have Windows to run Grub2Win, I'd be out of luck.
  2. After installation, I found the boot manager went back to the default Windows one and updating through Grub2Win did exactly nothing. I ended up uninstalling, then reinstalling Grub2Win, then it was fixed. Mostly. It still didn't have a Linux boot entry.
  3. Manually add your Linux boot entry. Similar to the install media, you need to tack on some paramaters. Here's what I ended up with, with the UUID being that of the new Linux install partition:


set rootuuid=4d23295b-03db-49d4-858b-e7403d983269
getpartition  uuid  $rootuuid  root
g2wsetprefix
echo Boot disk address is  $root
echo The boot mode is      Partition UUID
linux   $pathprefix/vmlinuz    root=UUID=$rootuuid    verbose
initrd  $pathprefix/initrd.img
if [ $? -ne 0 ] ; then g2werror Linux load error ; fi

And that should do it! Secure boot remains off as Win2Grub's EFI isn't signed by Microsoft, so turning it back on will revert the system to the Windows boot manager. Just to tie things up: Fuck you, Bill Gates!

Hope that helps, and good luck!

Original:
This is a weird one. My partner was gifted a Surface Go model 1824 (gen 1) by their best friend, who unexpectedly died a couple of weeks back. It's nearing the Windows 10 end of support date, so my plan was to install Mint, but there's a hitch: the only goddamned USB port on the system is shot. It's the USB controller, which I've given up on trying to fix as it looks like a hardware issue.

I still want to install Linux because this thing now has super sentimental value. I've freed up 16 gb on the SSD, so I have some space to work with. There's a micro SD slot that still functions, but the stupid system doesn't support booting from it (although a Reddit post suggested you can still do so if you set it up in Grub, which I don't know how to do properly at all). The only thing I can think of is installing something on a partition or partitions that acts as install media, but I have no idea how to do that.

Ive tried using Grub2Win's ISOboot function with the Mint install ISO and I can get it to start, but it stalls out waiting ad nauseum for DHCP. I think it thinks it's a PXE install. Maybe my parameters are set wrong? Actual PXE is a no-go because no network adapter. I tried intently staring at the Mint ISO, then staring at the tablet; no data was transferred, but I did develop a headache.

I'm so, so stumped. Any ideas, anyone?___*___**___*-

This entry was edited (4 days ago)

lemmy - Link to source

Set any application as Plasma background

cross-posted from: social.librem.one/users/dos/st…

Set any application as Plasma background

Missing your favorite xscreensaver hack? Have an old Windows screensaver that works under Wine? Want to have htop as your wallpaper? Or maybe you'd like to write your own screensaver in Godot? This addon lets you use any application as a Plasma wallpaper or screensaver.

invent.kde.org/dos/plasma-wall…

store.kde.org/p/2318884/

#kde #plasma #wayland #gnu #linux
@kde @kde @kde


#gnu

These are public posts tagged with #gnu. You can interact with them if you have an account anywhere in the fediverse.
Mastodon hosted on librem.one

Sebastian Krzyszkowiak

2025-09-13 18:45:29

mastodon - Link to source

Set any application as Plasma background

Missing your favorite xscreensaver hack? Have an old Windows screensaver that works under Wine? Want to have htop as your wallpaper? Or maybe you'd like to write your own screensaver in Godot? This addon lets you use any application as a Plasma wallpaper or screensaver.

invent.kde.org/dos/plasma-wall…

store.kde.org/p/2318884/

#kde #plasma #wayland #gnu #linux
@kde @kde @kde


Sebastian Krzyszkowiak / plasma-wallpaper-application · GitLab

KDE Invent (Gitlab)
GitLab

mbin - Link to source

Γιατί στη Βόρεια Ελλάδα τα τρένα πηγαίνουν τόσο αργά;


 Γιατί στη Βόρεια Ελλάδα τα τρένα... #Greece
news247.gr/magazine/reportage/…

Γιατί στη Βόρεια Ελλάδα τα τρένα πηγαίνουν τόσο αργά;

Το NEWS 24/7 μετρά τις ταχύτητες των τρένων, εξετάζει την κατάσταση του δικτύου στη Βόρεια Ελλάδα και αναρωτιέται γιατί η Ελλάδα δεν έχει διεθνή σιδηροδρομικά δρομολόγια.  
Αλέξανδρος Λιτσαρδάκης (News 24/7)

lemmy - Link to source

[Solved] [OpenSUSE Tumbleweed] Can't install Nvidia drivers

Yesterday, I did a fresh install of OpenSUSE Tumbleweed on my NVidia-powered machine (GeForce GTX 1060 6gb). When installing, I enabled Secure Boot.

By default, the distribution comes with nouveau drivers, and the process of installing official NVidia drivers is outlined here:
en.opensuse.org/SDB:NVIDIA_dri…

I successfully added openSUSE-repos-Tumbleweed-NVIDIA as per the guide; first oddity is that by default it shipped with openSUSE-repos-MicroOS-NVIDIA, which got uninstalled as a conflicting package, despite this being Tumbleweed. (I later tried to rollback and do these steps with openSUSE-repos-MicroOS-NVIDIA installed instead, to no avail)

Next, as per the guide, I tried to do zypper install-new-recommends. After installation, I rebooted the machine. Upon login, resolution was forced to low.

inxi -G has shown N/A in the driver field.

I've rolled back via snapper rollback, confirmed that nouveau drivers are back in place (resolution was back to normal, inxi -G has shown nouveau), and tried to install nvidia-video-G6 using YaST. It has automatically installed all dependencies as well.

Upon login, I faced the same issue - resolution degradation and N/A in the driver field.

Troubleshooting for this issue has shown that secure boot may not allow these drivers to be launched without importing the respective key, as listed in the same Nvidia drivers article. However, the file that needs to be imported is not at the suggested location (/usr/share/nvidia-pubkeys/); in fact, /usr/share only had nvidia folder, which didn't seem to contain any keys.

As a workaround, I attempted to disable secure boot by entering:
mokutil --disable-validation. A menu appeared on reboot, through which I disabled secure boot. Further launches had "launching in insecure mode" notice.
mokutil --sb-state output is SecureBoot disabled.

Then, I tried to install the driver again, as described above. Still no luck, and same issue.

So, what else could be the issue and what do I do about it next? Thank you in advance for any replies!

Solution that worked: instead of going for install-new-recommends, install the following package:

nvidia-driver-G06-kmp-meta

It should be available by default, but if not, add the respective repository by using this command:

zypper addrepo https://download.nvidia.com/opensuse/tumbleweed/

Thanks to Björn Tantau! The comment with the solution: swg-empire.de/comment/7201260

Update
Bug solved, fix should roll out in a few days:
bugzilla.opensuse.org/show_bug…

1249814 – TW generates wrong PCI Supplements for nvidia-open-driver-G06-signed KMPs

bugzilla.opensuse.org

Björn Tantau

2025-09-14 13:18:11

lemmy - Ссылка на источник

nvidia-driver-G06-kmp-meta should be the package to install. It should pull in the gl and video packages.

This entry was edited (1 week ago)
in reply to Allero

lemmy - Link to source

SomeRandomNoob

I tried my 1060 with Debian, Ubuntu and Mint. Didn’t get it to run (stable) with the Nvidia drivers. And it will only get worse from here (especially with wayland) because the driver version for these cards is no longer maintained.

If found an article* about arch and Nvidia with a few things I haven’t tried. I’ll give it another try. But I have no hopes on getting it to run stable.


NVIDIA + Wayland on Arch: A Comprehensive Setup Guide

Unlock the secrets to a flawless NVIDIA and Wayland setup on Arch. Follow our step-by-step guide for a hassle-free desktop experience.
Bobby Borisov (Linuxiac)

lemmy - Link to source

Whole home audio and AES67 in Pipewire

Is anyone using Pipewire's AES67 support? I'm looking to implement some form of whole home audio for an MPD or some other music server. I've played with a combined airplay sink and a couple Sonos speakers, but it's problematic and cuts out intermittently for a split second.

I'm only really able to use wifi at this point though, and don't want to run cables until I buy a house in the next few months. Though I will run some wired tests over coming months before that, and develop a plan. I've also looked into Snapcast, which is probably preferable to a combined Airplay sink.

And that's because I'm wary of planning to use an open source implementation to a very proprietary protocol long term. When I bought some Genelec speakers for my desk earlier this year, I stumbled across their networked speakers that support POE and AES67. I see Pipewire has AES67 support in the RTP sink, but there's not much out there about people trying to use this.

Has anyone around here gotten a chance to play around with it? How does it work? Any pain points?

in reply to jcarax

lemmy - Link to source

Antithetical

I don't know about AES67 but I've used Snapcast now for a few years and it works great. I use a central Mopidy service that streams to a few Snapcast clients connected to audio devices (not directly to speakers though). The clients run on normal PC hardware, Android and some on Pi's with DAC's from Hifiberry. The setup was very DIY but has been running very stable after that.

HiFiBerry

www.hifiberry.com
in reply to UheldigeBenny

lemmy - Link to source

atzanteol

So how can I as a new user make sure to have the most secure machine as possible?


That's not what you want. You want a reasonable level of confidence that your system is secure.

The process is similar to Windows - keep it up-to-date, use good passwords, don't run things as root (admin), and don't install things that are questionable.

The package manager under linux is where you should start, and that varys by distro some. But generally speaking things installed from there are "safe" and will be updated by the package manager when you do updates.

lemmy - Link to source

Hi, I want to install Linux along side Win 10.
Only beacuse there are a couple of softawares that I need that don't run well in Bottles (Nitro Pro and an old app for anothere thing). It's a laptop with CPU i7 and a NVIDIA graphic card 1050 ti. Which distro would be best suited for the task? Is Mint ok? Thank you.
Update: Setting the dual boot was getting messy, so I clean installed Mint. I'll try Windows VM later hoping it wont be too difficoult.
This entry was edited (1 week ago)
in reply to utnapishtim

lemmy - Link to source

Chaser

Another hint:
Even if Lutris claims to be for games, there are often install scripts for windows applications too. So it may be worth to try to run your apps with Lutris.
It should be in the mint packages (try sudo apt install lutris). Then you can add your software in Lutris with the upper left "+" button. Just use the search in the dialog box.
I managed to run FL Studio like this, exactly as performant as on windows. Good luck and welcome to the linux family!

lemmy - Link to source

Tyler Robinson In Custody As Charlie Kirk Shooting Suspect (Live)

Kirk's shooter, Tyler Robinson, has apparently turned himself in, apparently after confessing to his own father (?)

I've tried to capture the relevant bits of this extremely rapidly updating and currently in progress series of events.

9 a.m. EDT

While appearing on Fox and Friends, Trump said “I think, with a high degree of certainty, we have him in custody.”

Trump said authorities acted after receiving a tip from a minister who recognized the suspect from the images released by law enforcement.

The president said he believed the suspect’s father was also involved in arrest, but added that this information was still preliminary and the details could change.

9:15 a.m. EDT

Trump said he would attend a funeral next week for Kirk, “who should not be having a funeral right now,” when asked about his scheduled trip to the U.K. from Sept. 16-18.

9:30 a.m. EDT

The suspect was identified as Tyler Robinson, 22, from Utah, according to multiple reports citing people with knowledge of the investigation.

10:10 a.m. EDT

Utah Gov. Spencer Cox confirmed in a press conference Friday morning that a suspect named Tyler Robinson has been detained.


Apologies for this being a paywalled Forbes article.

https://www.forbes.com/sites/zacharyfolk/2025/09/12/charlie-kirk-shooting-suspect-tyler-robinson-detained-authorities-say-live-updates/

This entry was edited (1 week ago)

piefed - Link to source

Kirk Assassination, Propaganda of the Deed, and Luigi

According to AP, there were messages engraved on the casings in the Kirk shooting. They read:

  • One read, “hey fascist! catch!” with an up arrow symbol, right arrow symbol, and three down arrow symbols.
  • Another one read: “oh bella ciao bella ciao bella ciao ciao ciao,” Cox said.
  • The third fired casing read: “if you read this you are gay lmao.”


My first thought is. Whoever killed Kirk was clearly inspired by Luigi. The writing on the casings. The timing. It just makes sense.

Does this mean Luigi’s propaganda of the deed was successful? I think so. In any case, I wonder if this means there is more to come.

specific political action meant to exemplify and catalyse revolution

Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)

lemmy - Link to source

iwlwifi microcode error borks my entire system?(still broken)

I was having some iwl wifi microcode errors for
05:00.0 Network controller: Intel Corporation Centrino Advanced-N 6235 (rev 24)

which was making my system unresponsive to the point that it messed with login.d and prevented my system from shutting down.

after a few days of this I resorted to removing the modules but when I ran this after stopping networkmanager
sudo modprobe -r iwldvm iwlwifi
this happened
and when I did sudo lsmod | grep iwlwifi

this was the output

iwlwifi 585728 -1 
cfg80211 1495040 1 iwlwifi

I have since successfully blacklisted that module but any insight will be helpful as I am without wifi for the moment

Sep 09 14:41:03 fedora kernel: iwlwifi 0000:05:00.0: Microcode SW error detected - Pastebin.com

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
Pastebin

lemmy - Link to source

KDE Gear 25.08.1 è disponibile per il download
Disponibile KDE Gear 25.08.1! Nuove correzioni per KTorrent, Kate e Tokodon. L'ecosistema KDE diventa ancora più stabile e performante. #KDE #Linux #OpenSource

KDE Gear 25.08.1 Nuovi Miglioramenti e Correzioni per le Applicazioni KDE

KDE Gear 25.08.1 è disponibile con correzioni importanti per KTorrent, Tokodon e Kate. Scopri tutti i miglioramenti del nuovo aggiornamento delle applicazioni KDE.
Ferramosca Roberto (Linux Easy)

lemmy - Link to source

Aspect Gestione Fotografica Professionale su Linux
Aspect di Bildhuus porta la sincronizzazione P2P e le collezioni intelligenti nel mondo open source. Addio a stelle e etichette colorate: benvenuto al futuro dell'organizzazione fotografica! #Linux #Photography #OpenSource #DigitalAssetManagement

Aspect Gestione Fotografica Professionale Senza Cloud su Linux

Aspect il Digital Asset Manager rivoluzionario con sincronizzazione P2P, collezioni intelligenti e gestione foto professionale
Ferramosca Roberto (Linux Easy)

lemmy - Link to source

Death of a Troll

The last thing I ever thought I would do would be to write more than a few sentences about someone like Charlie Kirk. I have always found him to be a particularly loathsome coward. He had no values, he promoted nothing of real world worth, he helped no one, and he never provided comfort or support especially during times of crisis. He spent his career using rhetorical tricks to avoid good faith conversations, spreading hateful rhetoric, and incompetently defending Republican orthodoxy any time it was obvious even to young conservatives that Republicans were acting against their interests. His last major political move was to encourage his audience to trust the government regarding the Epstein files. There is nothing left of his legacy but his career of petty contempt and apologetics for heinous actions. No one will miss him. He is highly replaceable in all facets and his children have been saved from years of abuse, neglect, and exploitation which having such a miserable person as a father had doomed them to.

Kirk has never been as important as he has been during the last two days. He is now dominating the headlines of the world’s major newspapers. This is to contrast how unimportant he has been for over a decade. He was originally propped up by the Koch brothers as the dominant anti-intellectual voice of the youth, the face of the organization “Turning Point USA.” The purpose of this organization was(is?) to convince college students that intellectual pursuits were worthless because common sense conservatism already had all answers. This was unconvincing to college students but may have encouraged many impressionable young teenagers to avoid critical thinking and embrace conservative orthodoxy. This was the peak of his career. He aged out of his role almost immediately and has been haunting the background of conservative media ever since. He was no longer a collegiate peer offering an alternative to knowledge, but an aging idiot yelling at kids.

His recent Jubliee “debate” is emblematic of his recent status. For the duration of the video, young people make a fool of him one after another while his lack of any kind of wit, charm, or insight leaves him defenseless. His wordplay fails, his points easily dismantled, and his celebration of his own self-perceived victories are met with open disgust. Kirk was powerless and had lost any influence that he once had. He was on the way out.

On September 10, 2025, a sniper used a high-powered rifle to cleanly dispatch Charlie Kirk at an estimated distance of 200 yards before escaping without a trace. For those unfamiliar with firearms it is extraordinarily difficult to hit a person-sized target at all from this distance, and the shot was an extremely precise killing shot. In my opinion it is extremely unlikely that this shooting was anything but the act of a highly trained individual with extensive resources. I do not believe that this was a sudden act of passion, and I do believe it was a planned and coordinated strike.

Why kill Charlie Kirk? Kirk was a conservative D-lister with no power and waning influence. While alive, he was a political liability and go-to punching bag for political commentators. I can’t think of any reason a terrorist group or actor with the skill and resources they had at their disposal would pick Kirk as a target rather than almost anyone else whose death may have set back Trump’s movement. It is somewhat possible that a skilled veteran was personally offended by something Kirk said or did and used their skills to take revenge, but I’ve not seen this amount of professionalism and precision attached to a motive of this nature before.

Donald Trump and Nancy Mace have claimed that this was an assassination performed by agents of the Democrat Party. I can’t think of any way that this would benefit the Democrats. However, I can think of who may believe this obvious lie. I was raised a conservative so I understand that a conservative might believe the egghead democrats would want to kill a simple truth-teller to shut him up and stop him from spreading common sense. The belief that enemies of conservatives are motivated by this is conservative orthodoxy which all conservatives are required to believe as proof of their group membership. I don’t think it’s a coincidence that this statement makes sense only to orthodox conservatives and to no one else.

Today is September 11th and the headlines are dominated by Kirk’s shooting and Republican vows for vengeance. It appears that this killing has massively supported Trump’s current agenda by providing another justification to bring the military down on US citizens to protect state power. Whether it is a coincidence or not, Trump and only Trump has benefited from this killing. Considering how quickly momentous events have been forgotten in the last several months, I’m hoping this push to make Kirk an angelic martyr of the Trump movement is forgotten as quickly and Kirk resumes his rightful place in obscurity.

in reply to Kwakigra

lemmy - Link to source

JillyB

He wasn't moving. He was sitting there. 200 yards really isn't that big of a deal. Bullet drop is accounted for when you sight in the rifle at the range. Windage probably just isn't accounted for unless it's particularly windy. The lethality of the shot was probably luck. The shooter was probably aiming for the head or the chest, but definitely not the neck. Any deer hunter could hit this shot no problem. His "egress" was jumping off the roof and running away in the crowd.

I'm not saying he definitely wasn't some trained assassin. But you're making it sound like a routine shot for a hunter is proof that this was for sure a professional.

This entry was edited (1 week ago)

lemmy - Link to source

We need a scaredonald movement

after watching the video of him being scared shitless in a restaurant, we need to start a movement where protestors peacefully disrupt anywhere he shows up in public and protest, make noise, etc and coordinate to make this happen

reddit.com/r/chaoticgood/comme…

politicians who go out of their way to make people's lives hell should not feel entitled to peace and serenity when they go out in public

Originally Posted By u/NoDeparture7996 At 2025-09-10 09:23:29 AM | Source

Reddit - The heart of the internet

www.reddit.com
in reply to bluGill

lemmy - Link to source

JillyB

Those costs are very relevant in war. If it's cheaper to attack than to defend, then an attacker can just keep attacking until the defender is no longer able to defend.

If you value human life to the point that nothing but the best will do, you'd have tanks helping every child cross the street. Valuing human life means efficiently using resources to defend it.

This entry was edited (2 weeks ago)

lemmy - Link to source

x forwarding still works under wayland

i know this sounds silly and it should be obvious, but i've been using x forwarding at work for a few days now, but it just dawned on me that i'm running wayland on my plasma machine and the x forwarded window is display through xwayland. it works so well that i didn't even notice a difference and in fact it seems to perform better than on x

this is not even the first time xwayland works better than pure x at work. i also need to use horizon client every once in a while and it got so much more stable after i moved to wayland -- even though the application claims wayland is unsupported

This entry was edited (2 weeks ago)
in reply to beleza pura

lemmy - Link to source

Corngood

Unfortunately X forwarding doesn't work (as far as I can tell) with vulkan.

What I've been doing is using waypipe (which seems very stable), with xwayland-satellite (which is not so stable) on the remote end.

I'd also love persistent sessions, so I've been following wprs, but it doesn't seem to support GPU drawing at all.

Lots of interesting tech, but it's still pretty immature.

in reply to Samdell

lemmy - Link to source

CaptDust

If you're digging Duke 3D, I can't recommend Ion Fury enough. It's incredible how far their team has pushed the Build engine.

Ion Fury on Steam

3D Realms, creators of Duke Nukem 3D, Prey, and Max Payne, are excited to team up with Voidpoint to bring back the legendary Build Engine, famously known for classic first-person shooters like Duke Nukem 3D, Shadow Warrior, and Blood.
store.steampowered.com
in reply to CaptDust

lemmy - Link to source

mbirth 🇬🇧

Ion Fury just felt wrong to me. Looks and feels like Duke3D, but isn't. And it's somehow missing some of that character from back in the days. Hard to explain. I'd rather recommend Shadow Warrior Classic (or the Redux Version) which also uses the Build engine, came out shortly after Duke3D and has some great humour.

Shadow Warrior Classic Redux on Steam

The definitive version of the cult classic shooter, Shadow Warrior Classic Redux features remastered visuals and two massive expansion packs.
store.steampowered.com

lemmy - Link to source

Any foss audio transcription or voice to text apps? With the capability to import pre-existing audio?

I've tried Whisper and Sayboard. Both are very cool for speech to text.

One issue is that I can't share pre-existing audio files into them to get the text.
Are there any foss apps that have that feature?

I've noticed Notely's feature of recording audio and transcription, which is very nice. The notes are not saved in the accessible storage, but the app's private storage. So, I currently have to export the audio and text. It also doesn't support importing audio recorded using a regular recording app.

So, is there any FOSS app that has the feature of being able to create trasncripts for pre-existing audio files? Or is too specific and would it be better to look into Termux?


Sayboard | F-Droid - Free and Open Source Android App Repository

An open-source on-device voice IME (keyboard) for Android using the Vosk library
f-droid.org
This entry was edited (2 weeks ago)

lemmy - Link to source

Alternativa FOSS a google lens: offline translator

Questa app è una piccola bomba:
- traduzione completamente offline con il motore recentemente implementato in Firefox
- riconoscimento da immagini con tesseract
- overlay del testo tradotto sull'immagine originale

E' ancora un'app giovane ma funziona piuttosto bene. Inoltre mi sembra un passo fondamentale verso la de-googlizzazione

Codice sorgente: github.com/DavidVentura/firefo…


Offline Translator | F-Droid - Free and Open Source Android App Repository

On-device translation of text and images
f-droid.org

lemmy - Link to source

FOSS alternative to google lens: offline translator

This app is a small jewel:
- offline translation thanks to firefox translation engine
- OCR on images with tessercat
- overlay of translated text on the original image -> awesome!

It's still a young app, but it's really important to go towards de-googling!

Source code: github.com/DavidVentura/firefo…

crossposted from: feddit.it/post/21533667


Offline Translator | F-Droid - Free and Open Source Android App Repository

On-device translation of text and images
f-droid.org

lemmy - Link to source

UFW compatibility issues with my VPN
Hi all—as title suggests I'm experiencing a compatibility issue between UFW and my vpn (Windscribe if it matters). My UFW defaults are set to deny incoming, allow outgoing, and routed disabled, with no exception rules configured. When I enable Windscribe (I use OpenVPN udp on port 80 if that matters) while UFW is active, Windscribe reports a network configuration error and requests sending debug logs; ignoring the error still allows the VPN to function, but I observe IPv6 and DNS leaks. Disabling UFW removes the error and the leaks. What UFW configuration is causing this behavior, and which specific rules should I add to prevent IPv6 and DNS leaks while keeping UFW enabled?
in reply to drspod

lemmy - Link to source

aprehendedmerlin

Right thanks ufw uses iptables and here is the output:
Chain INPUT (policy DROP) target prot opt source destination
windscribe_input all -- anywhere anywhere /* Windscribe client rule / ufw-before-logging-input all -- anywhere anywhere
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-logging-input all -- anywhere anywhere
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere
windscribe_block all -- anywhere anywhere / Windscribe client rule /
Chain FORWARD (policy DROP) target prot opt source destination
ufw-before-logging-forward all -- anywhere anywhere
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-logging-forward all -- anywhere anywhere
ufw-reject-forward all -- anywhere anywhere
ufw-track-forward all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
windscribe_output all -- anywhere anywhere / Windscribe client rule / windscribe_dnsleaks all -- anywhere anywhere / Windscribe client dns leak protection / ufw-before-logging-output all -- anywhere anywhere
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-logging-output all -- anywhere anywhere
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere
windscribe_block all -- anywhere anywhere / Windscribe client rule /
Chain ufw-after-forward (1 references) target prot opt source destination
Chain ufw-after-input (1 references) target prot opt source destination
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
Chain ufw-after-logging-forward (1 references) target prot opt source destination
Chain ufw-after-logging-input (1 references) target prot opt source destination
Chain ufw-after-logging-output (1 references) target prot opt source destination
Chain ufw-after-output (1 references) target prot opt source destination
Chain ufw-before-forward (1 references) target prot opt source destination
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ufw-user-forward all -- anywhere anywhere
Chain ufw-before-input (1 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-logging-deny all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere ctstate INVALID ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc ufw-not-local all -- anywhere anywhere
ACCEPT udp -- anywhere mdns.mcast.net udp dpt:mdns ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 ufw-user-input all -- anywhere anywhere
Chain ufw-before-logging-forward (1 references) target prot opt source destination
Chain ufw-before-logging-input (1 references) target prot opt source destination
Chain ufw-before-logging-output (1 references) target prot opt source destination
Chain ufw-before-output (1 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-user-output all -- anywhere anywhere
Chain ufw-logging-allow (0 references) target prot opt source destination
Chain ufw-logging-deny (2 references) target prot opt source destination
Chain ufw-not-local (1 references) target prot opt source destination
RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 DROP all -- anywhere anywhere
Chain ufw-reject-forward (1 references) target prot opt source destination
Chain ufw-reject-input (1 references) target prot opt source destination
Chain ufw-reject-output (1 references) target prot opt source destination
Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-to-policy-input (7 references) target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-to-policy-output (0 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw-track-forward (1 references) target prot opt source destination
Chain ufw-track-input (1 references) target prot opt source destination
Chain ufw-track-output (1 references) target prot opt source destination
ACCEPT tcp -- anywhere anywhere ctstate NEW ACCEPT udp -- anywhere anywhere ctstate NEW
Chain ufw-user-forward (1 references) target prot opt source destination
Chain ufw-user-input (1 references) target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:22000 / 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:22000 / 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:21027 / 'dapp_syncthing' / ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:10387 ACCEPT udp -- anywhere anywhere udp dpt:10387
Chain ufw-user-limit (0 references) target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain ufw-user-limit-accept (0 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw-user-logging-forward (0 references) target prot opt source destination
RETURN all -- anywhere anywhere
Chain ufw-user-logging-input (0 references) target prot opt source destination
RETURN all -- anywhere anywhere
Chain ufw-user-logging-output (0 references) target prot opt source destination
RETURN all -- anywhere anywhere
Chain ufw-user-output (1 references) target prot opt source destination
Chain windscribe_block (2 references) target prot opt source destination
DROP all -- anywhere anywhere / Windscribe client rule /
Chain windscribe_dnsleaks (1 references) target prot opt source destination
DROP udp -- anywhere dns9.quad9.net udp dpt:domain / Windscribe client dns leak protection / DROP tcp -- anywhere dns9.quad9.net tcp dpt:domain / Windscribe client dns leak protection /
Chain windscribe_input (1 references) target prot opt source destination
ACCEPT all -- anywhere anywhere / Windscribe client rule / ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc / Windscribe client rule / ACCEPT all -- GTS anywhere / Windscribe client rule / DROP all -- 192.168.0.0/16 anywhere / Windscribe client rule / DROP all -- 172.16.0.0/12 anywhere / Windscribe client rule / DROP all -- 169.254.0.0/16 anywhere / Windscribe client rule / ACCEPT all -- 10.255.255.0/24 anywhere / Windscribe client rule / DROP all -- 10.0.0.0/8 anywhere / Windscribe client rule / DROP all -- base-address.mcast.net/4 anywhere / Windscribe client rule / ACCEPT all -- anywhere anywhere / Windscribe client rule / ACCEPT all -- 146.70.203.19 anywhere / Windscribe client rule / ACCEPT all -- localhost anywhere / Windscribe client rule / ACCEPT all -- localhost/8 anywhere / Windscribe client rule / ACCEPT all -- 192.168.0.0/16 anywhere / Windscribe client rule / ACCEPT all -- 172.16.0.0/12 anywhere / Windscribe client rule / ACCEPT all -- 169.254.0.0/16 anywhere / Windscribe client rule / DROP all -- 10.255.255.0/24 anywhere / Windscribe client rule / ACCEPT all -- 10.0.0.0/8 anywhere / Windscribe client rule / ACCEPT all -- base-address.mcast.net/4 anywhere / Windscribe client rule /
Chain windscribe_output (1 references) target prot opt source destination
ACCEPT all -- anywhere anywhere / Windscribe client rule / ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc / Windscribe client rule / ACCEPT all -- anywhere GTS / Windscribe client rule / DROP all -- anywhere 192.168.0.0/16 / Windscribe client rule / DROP all -- anywhere 172.16.0.0/12 / Windscribe client rule / DROP all -- anywhere 169.254.0.0/16 / Windscribe client rule / ACCEPT all -- anywhere 10.255.255.0/24 / Windscribe client rule / DROP all -- anywhere 10.0.0.0/8 / Windscribe client rule / DROP all -- anywhere base-address.mcast.net/4 / Windscribe client rule / ACCEPT all -- anywhere anywhere / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 owner GID match root / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 owner GID match windscribe / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 ! owner UID match 0-4294967294 / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 mark match 0xca6c / Windscribe client rule / ACCEPT all -- anywhere localhost / Windscribe client rule / ACCEPT all -- anywhere localhost/8 / Windscribe client rule / ACCEPT all -- anywhere 192.168.0.0/16 / Windscribe client rule / ACCEPT all -- anywhere 172.16.0.0/12 / Windscribe client rule / ACCEPT all -- anywhere 169.254.0.0/16 / Windscribe client rule / DROP all -- anywhere 10.255.255.0/24 / Windscribe client rule / ACCEPT all -- anywhere 10.0.0.0/8 / Windscribe client rule / ACCEPT all -- anywhere base-address.mcast.net/4 / Windscribe client rule */
in reply to drspod

lemmy - Link to source

aprehendedmerlin

Ok thanks again for your time. Here is the output of ip6tables - L
```
Chain INPUT (policy DROP) target prot opt source destination
ufw6-before-logging-input all -- anywhere anywhere
ufw6-before-input all -- anywhere anywhere
ufw6-after-input all -- anywhere anywhere
ufw6-after-logging-input all -- anywhere anywhere
ufw6-reject-input all -- anywhere anywhere
ufw6-track-input all -- anywhere anywhere
windscribe_input all -- anywhere anywhere /* Windscribe client rule /
Chain FORWARD (policy DROP) target prot opt source destination
ufw6-before-logging-forward all -- anywhere anywhere
ufw6-before-forward all -- anywhere anywhere
ufw6-after-forward all -- anywhere anywhere
ufw6-after-logging-forward all -- anywhere anywhere
ufw6-reject-forward all -- anywhere anywhere
ufw6-track-forward all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination
ufw6-before-logging-output all -- anywhere anywhere
ufw6-before-output all -- anywhere anywhere
ufw6-after-output all -- anywhere anywhere
ufw6-after-logging-output all -- anywhere anywhere
ufw6-reject-output all -- anywhere anywhere
ufw6-track-output all -- anywhere anywhere
windscribe_output all -- anywhere anywhere / Windscribe client rule /
Chain ufw6-after-forward (1 references) target prot opt source destination
Chain ufw6-after-input (1 references) target prot opt source destination
ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm ufw6-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn ufw6-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:dhcpv6-client ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:dhcpv6-server
Chain ufw6-after-logging-forward (1 references) target prot opt source destination
Chain ufw6-after-logging-input (1 references) target prot opt source destination
Chain ufw6-after-logging-output (1 references) target prot opt source destination
Chain ufw6-after-output (1 references) target prot opt source destination
Chain ufw6-before-forward (1 references) target prot opt source destination
DROP all -- anywhere anywhere rt type:0 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp destination-unreachable ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp packet-too-big ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp time-exceeded ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp parameter-problem ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-request ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-reply ufw6-user-forward all -- anywhere anywhere
Chain ufw6-before-input (1 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere rt type:0 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-reply ufw6-logging-deny all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere ctstate INVALID ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp destination-unreachable ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp packet-too-big ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp time-exceeded ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp parameter-problem ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-request ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 141 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 142 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-query ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-report ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-done ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 143 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 148 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 149 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 151 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 152 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 153 HL match HL == 1 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 144 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 145 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 146 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 147 ACCEPT udp -- fe80::/10 fe80::/10 udp spt:dhcpv6-server dpt:dhcpv6-client ACCEPT udp -- anywhere ff02::fb udp dpt:mdns ACCEPT udp -- anywhere ff02::f udp dpt:1900 ufw6-user-input all -- anywhere anywhere
Chain ufw6-before-logging-forward (1 references) target prot opt source destination
Chain ufw6-before-logging-input (1 references) target prot opt source destination
Chain ufw6-before-logging-output (1 references) target prot opt source destination
Chain ufw6-before-output (1 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere rt type:0 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp destination-unreachable ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp packet-too-big ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp time-exceeded ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp parameter-problem ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-request ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-reply ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 141 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 142 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-query ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-report ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-done ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 143 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 148 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 149 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 151 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 152 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 153 HL match HL == 1 ufw6-user-output all -- anywhere anywhere
Chain ufw6-logging-allow (0 references) target prot opt source destination
Chain ufw6-logging-deny (1 references) target prot opt source destination
Chain ufw6-reject-forward (1 references) target prot opt source destination
Chain ufw6-reject-input (1 references) target prot opt source destination
Chain ufw6-reject-output (1 references) target prot opt source destination
Chain ufw6-skip-to-policy-forward (0 references) target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw6-skip-to-policy-input (6 references) target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw6-skip-to-policy-output (0 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw6-track-forward (1 references) target prot opt source destination
Chain ufw6-track-input (1 references) target prot opt source destination
Chain ufw6-track-output (1 references) target prot opt source destination
ACCEPT tcp -- anywhere anywhere ctstate NEW ACCEPT udp -- anywhere anywhere ctstate NEW
Chain ufw6-user-forward (1 references) target prot opt source destination
Chain ufw6-user-input (1 references) target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:22000 / 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:22000 / 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:21027 / 'dapp_syncthing' / ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:10387 ACCEPT udp -- anywhere anywhere udp dpt:10387
Chain ufw6-user-limit (0 references) target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp6-port-unreachable
Chain ufw6-user-limit-accept (0 references) target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw6-user-logging-forward (0 references) target prot opt source destination
RETURN all -- anywhere anywhere
Chain ufw6-user-logging-input (0 references) target prot opt source destination
RETURN all -- anywhere anywhere
Chain ufw6-user-logging-output (0 references) target prot opt source destination
RETURN all -- anywhere anywhere
Chain ufw6-user-output (1 references) target prot opt source destination
Chain windscribe_input (1 references) target prot opt source destination
ACCEPT all -- ip6-localhost anywhere / Windscribe client rule / DROP all -- anywhere anywhere / Windscribe client rule /
Chain windscribe_output (1 references) target prot opt source destination
ACCEPT all -- anywhere ip6-localhost / Windscribe client rule / DROP all -- anywhere anywhere / Windscribe client rule */
```
in reply to drspod

lemmy - Link to source

aprehendedmerlin

ok thank you for your time here is the output of ip6tables -L:

Chain INPUT (policy DROP) target prot opt source destination ufw6-before-logging-input all -- anywhere anywhere ufw6-before-input all -- anywhere anywhere ufw6-after-input all -- anywhere anywhere ufw6-after-logging-input all -- anywhere anywhere ufw6-reject-input all -- anywhere anywhere ufw6-track-input all -- anywhere anywhere windscribe_input all -- anywhere anywhere /* Windscribe client rule */ Chain FORWARD (policy DROP) target prot opt source destination ufw6-before-logging-forward all -- anywhere anywhere ufw6-before-forward all -- anywhere anywhere ufw6-after-forward all -- anywhere anywhere ufw6-after-logging-forward all -- anywhere anywhere ufw6-reject-forward all -- anywhere anywhere ufw6-track-forward all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw6-before-logging-output all -- anywhere anywhere ufw6-before-output all -- anywhere anywhere ufw6-after-output all -- anywhere anywhere ufw6-after-logging-output all -- anywhere anywhere ufw6-reject-output all -- anywhere anywhere ufw6-track-output all -- anywhere anywhere windscribe_output all -- anywhere anywhere /* Windscribe client rule */ Chain ufw6-after-forward (1 references) target prot opt source destination Chain ufw6-after-input (1 references) target prot opt source destination ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm ufw6-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn ufw6-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:dhcpv6-client ufw6-skip-to-policy-input udp -- anywhere anywhere udp dpt:dhcpv6-server Chain ufw6-after-logging-forward (1 references) target prot opt source destination Chain ufw6-after-logging-input (1 references) target prot opt source destination Chain ufw6-after-logging-output (1 references) target prot opt source destination Chain ufw6-after-output (1 references) target prot opt source destination Chain ufw6-before-forward (1 references) target prot opt source destination DROP all -- anywhere anywhere rt type:0 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp destination-unreachable ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp packet-too-big ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp time-exceeded ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp parameter-problem ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-request ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-reply ufw6-user-forward all -- anywhere anywhere Chain ufw6-before-input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere DROP all -- anywhere anywhere rt type:0 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-reply ufw6-logging-deny all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere ctstate INVALID ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp destination-unreachable ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp packet-too-big ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp time-exceeded ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp parameter-problem ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-request ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 141 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 142 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-query ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-report ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-done ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 143 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 148 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 149 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 151 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 152 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 153 HL match HL == 1 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 144 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 145 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 146 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 147 ACCEPT udp -- fe80::/10 fe80::/10 udp spt:dhcpv6-server dpt:dhcpv6-client ACCEPT udp -- anywhere ff02::fb udp dpt:mdns ACCEPT udp -- anywhere ff02::f udp dpt:1900 ufw6-user-input all -- anywhere anywhere Chain ufw6-before-logging-forward (1 references) target prot opt source destination Chain ufw6-before-logging-input (1 references) target prot opt source destination Chain ufw6-before-logging-output (1 references) target prot opt source destination Chain ufw6-before-output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere DROP all -- anywhere anywhere rt type:0 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp destination-unreachable ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp packet-too-big ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp time-exceeded ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp parameter-problem ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-request ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp echo-reply ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmp router-advertisement HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 141 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 142 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-query ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-report ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmp mld-listener-done ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 143 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 148 HL match HL == 255 ACCEPT ipv6-icmp -- anywhere anywhere ipv6-icmptype 149 HL match HL == 255 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 151 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 152 HL match HL == 1 ACCEPT ipv6-icmp -- fe80::/10 anywhere ipv6-icmptype 153 HL match HL == 1 ufw6-user-output all -- anywhere anywhere Chain ufw6-logging-allow (0 references) target prot opt source destination Chain ufw6-logging-deny (1 references) target prot opt source destination Chain ufw6-reject-forward (1 references) target prot opt source destination Chain ufw6-reject-input (1 references) target prot opt source destination Chain ufw6-reject-output (1 references) target prot opt source destination Chain ufw6-skip-to-policy-forward (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw6-skip-to-policy-input (6 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw6-skip-to-policy-output (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw6-track-forward (1 references) target prot opt source destination Chain ufw6-track-input (1 references) target prot opt source destination Chain ufw6-track-output (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere ctstate NEW ACCEPT udp -- anywhere anywhere ctstate NEW Chain ufw6-user-forward (1 references) target prot opt source destination Chain ufw6-user-input (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:22000 /* 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:22000 / 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:21027 / 'dapp_syncthing' */ ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:10387 ACCEPT udp -- anywhere anywhere udp dpt:10387 Chain ufw6-user-limit (0 references) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp6-port-unreachable Chain ufw6-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw6-user-logging-forward (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain ufw6-user-logging-input (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain ufw6-user-logging-output (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain ufw6-user-output (1 references) target prot opt source destination Chain windscribe_input (1 references) target prot opt source destination ACCEPT all -- ip6-localhost anywhere /* Windscribe client rule / DROP all -- anywhere anywhere / Windscribe client rule */ Chain windscribe_output (1 references) target prot opt source destination ACCEPT all -- anywhere ip6-localhost /* Windscribe client rule / DROP all -- anywhere anywhere / Windscribe client rule */

in reply to aprehendedmerlin

lemmy - Link to source

drspod

Sorry to be a doofus, but could you paste the output of iptables-save and ip6tables-save instead? The default iptables output actually just leaves out important information like which interface the rule applies to.

I think the best thing to do would be to see if you can get support from Windscribe and find out whether it's a known issue or a bug that needs fixing.

in reply to drspod

lemmy - Link to source

aprehendedmerlin

also here is the output of iptables -L again with markdown:

Chain INPUT (policy DROP) target prot opt source destination windscribe_input all -- anywhere anywhere /* Windscribe client rule / ufw-before-logging-input all -- anywhere anywhere ufw-before-input all -- anywhere anywhere ufw-after-input all -- anywhere anywhere ufw-after-logging-input all -- anywhere anywhere ufw-reject-input all -- anywhere anywhere ufw-track-input all -- anywhere anywhere windscribe_block all -- anywhere anywhere / Windscribe client rule */ Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- anywhere anywhere ufw-before-forward all -- anywhere anywhere ufw-after-forward all -- anywhere anywhere ufw-after-logging-forward all -- anywhere anywhere ufw-reject-forward all -- anywhere anywhere ufw-track-forward all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination windscribe_output all -- anywhere anywhere /* Windscribe client rule / windscribe_dnsleaks all -- anywhere anywhere / Windscribe client dns leak protection / ufw-before-logging-output all -- anywhere anywhere ufw-before-output all -- anywhere anywhere ufw-after-output all -- anywhere anywhere ufw-after-logging-output all -- anywhere anywhere ufw-reject-output all -- anywhere anywhere ufw-track-output all -- anywhere anywhere windscribe_block all -- anywhere anywhere / Windscribe client rule */ Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination Chain ufw-after-logging-input (1 references) target prot opt source destination Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ufw-user-forward all -- anywhere anywhere Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-logging-deny all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere ctstate INVALID ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc ufw-not-local all -- anywhere anywhere ACCEPT udp -- anywhere mdns.mcast.net udp dpt:mdns ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 ufw-user-input all -- anywhere anywhere Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-user-output all -- anywhere anywhere Chain ufw-logging-allow (0 references) target prot opt source destination Chain ufw-logging-deny (2 references) target prot opt source destination Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 DROP all -- anywhere anywhere Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-output (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere ctstate NEW ACCEPT udp -- anywhere anywhere ctstate NEW Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:22000 /* 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:22000 / 'dapp_syncthing' / ACCEPT udp -- anywhere anywhere udp dpt:21027 / 'dapp_syncthing' */ ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:10387 ACCEPT udp -- anywhere anywhere udp dpt:10387 Chain ufw-user-limit (0 references) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw-user-logging-forward (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain ufw-user-logging-input (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain ufw-user-logging-output (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain ufw-user-output (1 references) target prot opt source destination Chain windscribe_block (2 references) target prot opt source destination DROP all -- anywhere anywhere /* Windscribe client rule */ Chain windscribe_dnsleaks (1 references) target prot opt source destination DROP udp -- anywhere dns9.quad9.net udp dpt:domain /* Windscribe client dns leak protection / DROP tcp -- anywhere dns9.quad9.net tcp dpt:domain / Windscribe client dns leak protection */ Chain windscribe_input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere /* Windscribe client rule / ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc / Windscribe client rule / ACCEPT all -- GTS anywhere / Windscribe client rule / DROP all -- 192.168.0.0/16 anywhere / Windscribe client rule / DROP all -- 172.16.0.0/12 anywhere / Windscribe client rule / DROP all -- 169.254.0.0/16 anywhere / Windscribe client rule / ACCEPT all -- 10.255.255.0/24 anywhere / Windscribe client rule / DROP all -- 10.0.0.0/8 anywhere / Windscribe client rule / DROP all -- base-address.mcast.net/4 anywhere / Windscribe client rule / ACCEPT all -- anywhere anywhere / Windscribe client rule / ACCEPT all -- 146.70.203.19 anywhere / Windscribe client rule / ACCEPT all -- localhost anywhere / Windscribe client rule / ACCEPT all -- localhost/8 anywhere / Windscribe client rule / ACCEPT all -- 192.168.0.0/16 anywhere / Windscribe client rule / ACCEPT all -- 172.16.0.0/12 anywhere / Windscribe client rule / ACCEPT all -- 169.254.0.0/16 anywhere / Windscribe client rule / DROP all -- 10.255.255.0/24 anywhere / Windscribe client rule / ACCEPT all -- 10.0.0.0/8 anywhere / Windscribe client rule / ACCEPT all -- base-address.mcast.net/4 anywhere / Windscribe client rule */ Chain windscribe_output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere /* Windscribe client rule / ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc / Windscribe client rule / ACCEPT all -- anywhere GTS / Windscribe client rule / DROP all -- anywhere 192.168.0.0/16 / Windscribe client rule / DROP all -- anywhere 172.16.0.0/12 / Windscribe client rule / DROP all -- anywhere 169.254.0.0/16 / Windscribe client rule / ACCEPT all -- anywhere 10.255.255.0/24 / Windscribe client rule / DROP all -- anywhere 10.0.0.0/8 / Windscribe client rule / DROP all -- anywhere base-address.mcast.net/4 / Windscribe client rule / ACCEPT all -- anywhere anywhere / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 owner GID match root / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 owner GID match windscribe / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 ! owner UID match 0-4294967294 / Windscribe client rule / ACCEPT all -- anywhere 146.70.203.19 mark match 0xca6c / Windscribe client rule / ACCEPT all -- anywhere localhost / Windscribe client rule / ACCEPT all -- anywhere localhost/8 / Windscribe client rule / ACCEPT all -- anywhere 192.168.0.0/16 / Windscribe client rule / ACCEPT all -- anywhere 172.16.0.0/12 / Windscribe client rule / ACCEPT all -- anywhere 169.254.0.0/16 / Windscribe client rule / DROP all -- anywhere 10.255.255.0/24 / Windscribe client rule / ACCEPT all -- anywhere 10.0.0.0/8 / Windscribe client rule / ACCEPT all -- anywhere base-address.mcast.net/4 / Windscribe client rule */

lemmy - Link to source

Homeserver randomly crashing during the night
Hey y'all! Recently my homeserver (an old laptop) has started crashing every night (after weeks of uptime just working), without anything useful in the logs. Any suggestion about what it might be? (Just started logging battery info to test tonight)

set 09 00:18:03 nas systemd[1]: ducky.service: Consumed 100ms CPU time, 4.6M mem - Pastebin.com

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
Pastebin

lemmy - Link to source

iwlwifi microcode error borks my entire system?

I was having some iwl wifi microcode errors for
05:00.0 Network controller: Intel Corporation Centrino Advanced-N 6235 (rev 24)

which was making my system unresponsive to the point that it messed with login.d and prevented my system from shutting down.

after a few days of this I resorted to removing the modules but when I ran this after stopping networkmanager
sudo modprobe -r iwldvm iwlwifi
this happened
and when I did sudo lsmod | grep iwlwifi

this was the output

iwlwifi 585728 -1 
cfg80211 1495040 1 iwlwifi

I have since successfully blacklisted that module but any insight will be helpful as I am without wifi for the moment

Sep 09 14:41:03 fedora kernel: iwlwifi 0000:05:00.0: Microcode SW error detected - Pastebin.com

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
Pastebin
This entry was edited (2 weeks ago)
in reply to xavier666

lemmy - Link to source

harc

And a few seconds latter you get this. Looks like the person using it have at least some idea of what they are doing, so I hope for the best. And might actually end up using this work at some point.

Brad Spengler (@spendergrsec)

You too can crash today's 6.12.43 LTS kernel thanks to a stable maintainer's AI slop. All you need is CAP_SYS_RESOURCE, modern systemd, and this: 40 b7 40 c1 e7 18 83 ef 08 57 57 31 ff 40 b7 07 31 c0 b0 a0 48 89 e6 0f 05 5e ff ce 31 ff b0 21 0f 05 …
Nitter
This entry was edited (2 weeks ago)
in reply to harc

lemmy - Link to source

xavier666

Looks like the person using it have at least some idea of what they are doing


This is something which I have been saying from a year back, albeit a different form -- "I only ask questions to LLMs if I already know the answer".

They are not supposed to replace coders, but kind of boost their productivity.

This usecase is also quite good.
- It's not critical; not many people are using QICs
- It's not hard, but just boring
- No existing human solution

lemmy - Link to source

The letter bearing Trump’s signature, which has been turned over to Congress by the Epstein estate

Oversight Committee Releases Records Provided by the Epstein Estate, Chairman Comer Provides Statement - United States House Committee on Oversight and Government Reform

United States House Committee on Oversight and Government Reform
Oversight Committee Republicans Verified account
This entry was edited (2 weeks ago)

lemmy - Link to source

The letter bearing Trump’s signature, which has been turned over to Congress by the Epstein estate

cross-posted from: reddthat.com/post/49652260

Ref:
- Oversight Committee.
- WSJ.

Oversight Committee Releases Records Provided by the Epstein Estate, Chairman Comer Provides Statement - United States House Committee on Oversight and Government Reform

United States House Committee on Oversight and Government Reform
Oversight Committee Republicans Verified account

lemmy - Link to source

Activists of "Palestine Action Germany" broke into an Elbit Systems arms factory in Ulm, Germany

Video of the action: instagram.com/reel/DOVXFTLCPFo…

Local news report translated with deepl:

There has been further unrest at and around the Elbit branch in Ulm: According to the police, several individuals broke into the building in the Böfingen district early on Monday morning. At around 3:30 a.m., security personnel reported several individuals on Eberhard-Finckh-Straße in Ulm.
They threw paint bombs at the entrance area and set off smoke bombs. In addition, the suspects sprayed graffiti with “presumed political content” on the parking lot, according to a press release from the Ulm police and the Baden-Württemberg State Criminal Police Office. Some of the activists are even said to have broken into the building. To do so, they smashed several windows on the building.
The police did not officially confirm either the name of the company or the fact that the troublemakers were activists. However, several sources at our editorial office confirm this. The police first surrounded the company building and were able to arrest several people on an upper floor without resistance shortly thereafter. The State Security and Anti-Terrorism Center of the Baden-Württemberg State Criminal Police Office has taken over further investigations.
Protests against the company repeatedly take place in front of its building and in Ulm city center. Pro-Palestinian demonstrators accuse the company of deliberately producing “lethal drones” for use in the Gaza Strip. Criticism of the state of Israel also regularly features in these demonstrations. In the past, demonstrators have often called on the Ulm city administration to close the Elbit branch in Ulm. However, according to its own statements, Elbit in Ulm primarily manufactures modern radio communication systems, night vision devices, drones, and cyber and command systems—including for the German Armed Forces.

Aktivisten dringen bei israelischer Firma ein

Die Polizei hat bei dem Vorfall mehrere Menschen festgenommen, die zuvor unter anderem Rauchbomben zündeten.
Thomas Heckmann (www.schwaebische.de)