Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

brokenlcd ,

I mean, if we want to get pedantic, nothing it's stopping a virus from bringing it's own drivers or a whole ass windows vm to pass the usb over ( i rememver the was something of the sort for windows using a windows xp machine for a botnet) It's as always just a matter of how willing are you.

nifty OP ,
@nifty@lemmy.world avatar

One liner for fixing driver issue, sounds great

brokenlcd ,

Still faster than snaps /s

rwhitisissle ,

I had a problem and then I tried to solve it by installing a snap package. Now I have two problems.

bl_r ,

I was doing a group project in college where we had a Linux server running some of our custom software. I asked a group mate who worked in IT to self-sign some certs so we could get https up and running for our next sprint demo.

He installed a fucking snap package to do it via certbot. On fucking RHEL. And that server was not hosting an internet-accessible service. And he didn’t know why I lost my mind.

brokenlcd ,

Basically a "lemme get the flame thrower real quick so i can hammer that nail in for ya"

ricecake ,

I'll be honest, I've had times where there's the "simple" solution, and "the solution I remember off the top of my head", and 10/10 the one that's happening is the one that I remember because I just did it last week.

I have no desire to google the arguments for self signing a cert with openssl, and I cannot remember which webserver wants the cabundle and the public cert in the same file. If I had done it even kinda recently I'd still remember what to poke in the certbot config.

SexualPolytope ,
@SexualPolytope@lemmy.sdf.org avatar

Just say no if you don't want to do something. I don't understand why people think fucking shit up in the guise of helping is more acceptable than admitting that you can't (or maybe just don't want to) do something.

ricecake ,

Do you think that, in this example, using certbot is fucking shit up, or breaking something?

The thing about overkill is that it does work. If you're accustomed to using a solution in a professional setting, it's probably both overkill and also vastly more familiar than the bare minimum required for a class project that would be entirely unacceptable in a professional setting.

In OPs anecdote, they did get their certificates, so I don't quite see your "intentionally fucking things up" claim as what's happening.

SexualPolytope ,
@SexualPolytope@lemmy.sdf.org avatar

To me, (and it seems for OP as well), installing snap on RHEL in itself is fucking things up.

bl_r ,

If you have no desire to do rudimentary googling for a group project in college, that sounds like you aren’t a very helpful teammate. Last time I generated certs I used the first stack overflow result and was done in minutes, there’s no excuse.

ricecake ,

This is confusing to me, because the point of the request seems to be "get a certificate", not "get a self signed certificate generated by running the openssl command". If you know how to get the result, it doesn't really matter if you remembered offhand the shitty way or the overkill way.

Is it really more helpful to say "I remember how to do this, but let me lookup a different way that doesn't use the tools I'm familiar with"?

SexualPolytope ,
@SexualPolytope@lemmy.sdf.org avatar

Okay, I may be the stupid one here. But after a quick search, I don't see an obvious way to generate self-signed certs using certbot. Even letsencrypt's own website suggests using openssl.

ricecake ,

I think they generated real certs, rather than self signed.

SexualPolytope ,
@SexualPolytope@lemmy.sdf.org avatar

Then that's actually against what was wanted. To get real certs, you have to open up the server to the internet.

ricecake ,

That's not the case, you just need to be able to make an outbound connection.

The minutiae of how certbot works or if that specific person actually did it right or wrong is kind of aside the point of my "intended to be funny but seemingly was not" comment about how sometimes the easiest solution to implement is the one you remember, even if it's overkill for the immediate problem.

rwhitisissle , (edited )

Not sure why you were enabling HTTPS for a project that was not hosting an internet-accessible service, really. By which I assume you mean the service doesn't have a publicly accessible web based UI or API component. What were you trying to access and how? The only scenario I could think of for this would be that your custom software relies on HTTPS for secure communication within its own internal network (such as on a VPN) to send sensitive data back and forth between services. In which case that feels like overkill for a college course, since you shouldn't have any genuinely sensitive data that you need to secure if it's just for testing and demonstration.

bl_r , (edited )

It was a project requirement, PHI was processed by it, so yes, it needed a secure connection. I now realize I should have used mutual auth, but hey, I only learned about that after that project

We never sent actual data to it (the actually sensitive data used for training never left a secure VM), but the point of the course was to act like we were. Plus, setting up an nginx reverse proxy is simple, setting it up and getting certs from some ssl commands is a 10 minute task that appeases the project manager/professor with minimal effort.

brokenlcd ,

You can say what you want i still prefer appimages to snaps, old school windows stile ftw

possiblylinux127 ,
@possiblylinux127@lemmy.zip avatar

That sort of reminds me of the FBI patching compromised systems after they take over a botnet.

Lucidlethargy ,
@Lucidlethargy@sh.itjust.works avatar

If any of you pure Linux guys ever get a virus that installs windows, that's going to be the funniest shit ever.

brokenlcd ,

Pipes a script from the web in bash whitout checking:

Reboots to see the windows logo come up

ignotum ,

two sentence horror story

rbos ,
@rbos@lemmy.ca avatar

That would be a very interesting virus.

Classy ,

They'd be looking like that one chick from the 2016 election that screamed Noooooo!

ArcaneSlime ,

I mean, honestly I'd just be pissed I had to reinstall, there will be no loss (or minimal, just whatever I torrented in the last few days, important things get backed up immediately). Maybe 4hr tops including data transfer to the new install.

Presi300 ,
@Presi300@lemmy.world avatar

you can't spy on me through my webcam, I don't have one

steal_your_face ,
@steal_your_face@lemmy.ml avatar

⠀⠀⠘⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡜⠀⠀⠀
⠀⠀⠀⠑⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡔⠁⠀⠀⠀
⠀⠀⠀⠀⠈⠢⢄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⠴⠊⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⢸⠀⠀⠀⢀⣀⣀⣀⣀⣀⡀⠤⠄⠒⠈⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠘⣀⠄⠊⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

⣿⣿⣿⣿⣿⣿⣿⣿⡿⠿⠛⠛⠛⠋⠉⠈⠉⠉⠉⠉⠛⠻⢿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣿⡿⠋⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠉⠛⢿⣿⣿⣿⣿
⣿⣿⣿⣿⡏⣀⠀⠀⠀⠀⠀⠀⠀⣀⣤⣤⣤⣄⡀⠀⠀⠀⠀⠀⠀⠀⠙⢿⣿⣿
⣿⣿⣿⢏⣴⣿⣷⠀⠀⠀⠀⠀⢾⣿⣿⣿⣿⣿⣿⡆⠀⠀⠀⠀⠀⠀⠀⠈⣿⣿
⣿⣿⣟⣾⣿⡟⠁⠀⠀⠀⠀⠀⢀⣾⣿⣿⣿⣿⣿⣷⢢⠀⠀⠀⠀⠀⠀⠀⢸⣿
⣿⣿⣿⣿⣟⠀⡴⠄⠀⠀⠀⠀⠀⠀⠙⠻⣿⣿⣿⣿⣷⣄⠀⠀⠀⠀⠀⠀⠀⣿
⣿⣿⣿⠟⠻⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠶⢴⣿⣿⣿⣿⣿⣧⠀⠀⠀⠀⠀⠀⣿
⣿⣁⡀⠀⠀⢰⢠⣦⠀⠀⠀⠀⠀⠀⠀⠀⢀⣼⣿⣿⣿⣿⣿⡄⠀⣴⣶⣿⡄⣿
⣿⡋⠀⠀⠀⠎⢸⣿⡆⠀⠀⠀⠀⠀⠀⣴⣿⣿⣿⣿⣿⣿⣿⠗⢘⣿⣟⠛⠿⣼
⣿⣿⠋⢀⡌⢰⣿⡿⢿⡀⠀⠀⠀⠀⠀⠙⠿⣿⣿⣿⣿⣿⡇⠀⢸⣿⣿⣧⢀⣼
⣿⣿⣷⢻⠄⠘⠛⠋⠛⠃⠀⠀⠀⠀⠀⢿⣧⠈⠉⠙⠛⠋⠀⠀⠀⣿⣿⣿⣿⣿
⣿⣿⣧⠀⠈⢸⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠟⠀⠀⠀⠀⢀⢃⠀⠀⢸⣿⣿⣿⣿
⣿⣿⡿⠀⠴⢗⣠⣤⣴⡶⠶⠖⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⡸⠀⣿⣿⣿⣿
⣿⣿⣿⡀⢠⣾⣿⠏⠀⠠⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠛⠉⠀⣿⣿⣿⣿
⣿⣿⣿⣧⠈⢹⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣰⣿⣿⣿⣿
⣿⣿⣿⣿⡄⠈⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⣴⣾⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣧⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⣾⣿⣿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣷⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣿⣦⣄⣀⣀⣀⣀⠀⠀⠀⠀⠘⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣷⡄⠀⠀⠀⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣧⠀⠀⠀⠙⣿⣿⡟⢻⣿⣿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠇⠀⠁⠀⠀⠹⣿⠃⠀⣿⣿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣿⣿⣿⣿⡿⠛⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⢐⣿⣿⣿⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⠿⠛⠉⠉⠁⠀⢻⣿⡇⠀⠀⠀⠀⠀⠀⢀⠈⣿⣿⡿⠉⠛⠛⠛⠉⠉
⣿⡿⠋⠁⠀⠀⢀⣀⣠⡴⣸⣿⣇⡄⠀⠀⠀⠀⢀⡿⠄⠙⠛⠀⣀⣠⣤⣤⠄⠀

henfredemars ,

My WebCam has such low resolution I could argue that that’s anybody in the picture. Go ahead.

Taleya ,

Low res webcam, massive north facing window behind me (australia), i make people pay dearly for wasting my time with meetings

OpenStars ,
@OpenStars@discuss.online avatar

img

OozingPositron ,
@OozingPositron@feddit.cl avatar

Is that Fox Mulder? lol

Taleya ,

damned skippy.

I would also have accepted close encounters or there are four lights.

OpenStars ,
@OpenStars@discuss.online avatar

Ooh, another one:

img

I would say "enjoy flashing everyone"... but that could be awkward, so make sure to flash responsibly:-D

Taleya ,

https://aussie.zone/pictrs/image/bfd914f4-4a31-4d13-aa31-93c440bfe029.jpeg

wingsfortheirsmiles ,

I try to think this wherever I bemoan the lack of IPU4 support

unreachable ,
@unreachable@lemmy.world avatar

2K webcam resolutions

we only do 360p here, sir!

https://lemmy.world/pictrs/image/2abfd0f1-dee3-4a7a-8682-eb871f1b28d6.gif

cmnybo ,

I don't even have a webcam on my desktop. My Thinkpad has a sliding cover on its webcam that stays closed when I'm not using it.

mister_monster ,

The internal microphone is on the same board as the webcam in laptops.

wreckedcarzz ,
@wreckedcarzz@lemmy.world avatar

Don't you mean the oux?

Grass ,

wait are there still webcams that don't work? I've never used them apart from whatever was recommended for 3d printer monitoring and they worked fine.

rbos ,
@rbos@lemmy.ca avatar

yeah, I haven't had issues getting a webcam to work in years, just plug and go

mister_monster ,

Pop the bezel and disconnect the cable when not in use.

Classy ,

My infosec skills are far too sophisticated for infiltration (small piece of black tape)

Lucidlethargy ,
@Lucidlethargy@sh.itjust.works avatar

You can get a whole sheet of tiny circle stickers for like, a dollar. I've used them for a decade or more now!

sigmaklimgrindset ,
@sigmaklimgrindset@sopuli.xyz avatar

Yeah but the tape also covers the shitty microphone next to the camera.

Beat that, circlecuck!!

r00ty ,
@r00ty@kbin.life avatar

Work laptop, it stays closed, and I use my two screens connected to it. After Covid, everyone wanted video calls. Nope, I'm not getting the laptop out from the back of the desk for you.

Anyone hacking the webcam can get a view of the base of the laptop.

Zorsith ,
@Zorsith@lemmy.blahaj.zone avatar

Same (dremel)

Jumuta ,
@Jumuta@sh.itjust.works avatar

lots of the tapes ppl use for it are translucent tho lmao

csm10495 ,
@csm10495@sh.itjust.works avatar

modprobe this

possiblylinux127 ,
@possiblylinux127@lemmy.zip avatar

You can just write some custom selinux rules to block access. It is pretty simple.

nexussapphire ,

I have a physical switch on my laptop. Physically disconnected USB device as far as Linux is concerned.

herrvogel ,

That's still software. Unless selinux has a hidden feature where it can physically sever a data connection.

possiblylinux127 ,
@possiblylinux127@lemmy.zip avatar

Well unless the full system is compromised it should be pretty secure. It is from the NSA after all.

I was kind of joking though

Titou ,
@Titou@sh.itjust.works avatar

I use tape

itslilith ,
@itslilith@lemmy.blahaj.zone avatar

btw

toaster ,
@toaster@slrpnk.net avatar

and it has flames on it

ichbinjasokreativ ,

Get a laptip with a real hardware switch for the cam and the mic. Best peace of mind knowing that they're really off. Neither tape, nor the non-electrical built-in plastic sliders do that.

lauha ,

You still have to trust the manufacturer that it really turns the webcam off, not just the webcam light.

mexicancartel ,

It probably can be inspected

lauha ,

Yes, but most won't.

mexicancartel ,

I mean, someone will do for every model. That would be enough to ensure security. If manufacturer faked it, and one in a thousand customers found it, then it will be a news or a lawsuit

ichbinjasokreativ ,

Hardware switches physically cut power to the device in question and you can take it apart and verify. There is no trust involved.

lauha ,

99.999% will not take it apart and verify. They will just "nice, a physical switch". There is a lot of trust involved.

toaster ,
@toaster@slrpnk.net avatar

Sure beats literally no protection which is what most laptops have. I have a switch and sometimes forget it's off and my webcam/mic definitely don't work, on any OS.

ichbinjasokreativ ,

They don't neccessarily need to, you can pretty much always just look at reviews. Now you can make a point about trusting reviewers, but all that is still better than trusting the manufacturer or microsoft.

You're right though, there is trust involved, but only if you don't verify things yourself.

lauha ,

I have never seen a review opening a laptop to check if the hardware switch is really that. Please, link to a reviewsite that does that

ArcaneSlime ,

Unless you have a framework, and can remove the bezel and confirm that they work!

I'm really happy with my new framework's switches, I actually trust them for once! I went to find a thing on how they work to post here:

"(They) saw the mention of the switches and that they are optical somewhere, but can’t remember to quote the source.

As far as I can tell each switch is a U channel with a light emitter on one side, and a detector on the other. The part you move on the bezel just breaks the light beam. This creates a electronic on/off hardware switch.

Using an actual physical switch would tend to be a source of an intermittent connection over time. Hence the use of optical technology. Same thought process for the screen open switch being a Hall Effect sensor, which can work through a cover."

toaster ,
@toaster@slrpnk.net avatar

Open-source hardware to the rescue! So you CAN verify it.

r00ty ,
@r00ty@kbin.life avatar

I'd like a proper hardware light. Something physical such that the camera cannot send the image back to the board without the light being on. And yes, a physical cutout switch would definitely be nice.

brokenlcd ,

Either buy a sticker cover with a slider or get lenovo laptops that have that builtin; even though the slider is confusionary since when it's closed it's a red dot. Im sure that there must be other brands that integrate it as well

Zink ,

That’s how my Dell work machine is. The switch slides some red plastic over the lens.

ichbinjasokreativ ,

The problem with those is that it's often just a piece of plastic, so the microphone isn't cut off from power. The webcam sees noching, but sound is unaffected.

synapse1278 ,
@synapse1278@lemmy.world avatar

Hackers won't have much to blackmail me, I fap completely silently.

ichbinjasokreativ ,

It's more about privacy. Windows might access your mic to get more data on you for advertising, wouldn't be anything new.

synapse1278 ,
@synapse1278@lemmy.world avatar

I am joking of course. I am a privacy freak myself:

  1. All my computers run Linux
  2. I self-host all what I can and encrypt as much as I can by myself too
  3. On desktop, Mic and Cam are connected to a USB hub with individual switches such that they are powered ON only when I need them
  4. Laptop is a Framework 13 with HW switches for both Cam and Mic

There is something about the webcam switch on the Lenovo from work, that I like better than the Framework: The switch also physically blocks the camera. It makes me feel more safe and it's actually much more intuitive to understand when it is disable. On Framework, the switch shows either red or black, but I never know what is enable and disable. Is it red for "Careful, it's active !" or red for "Disable" ? (It's Red=Disable, Black=Active).

DarkenLM ,

The safest laptops to use: The old ThinkPads still holding on through hopes and dreams.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • linuxmemes@lemmy.world
  • incremental_games
  • meta
  • All magazines
    •