I've been seeing a lot of confusion around the TunnelVision vulnerability. While I'm no expert, I've done a fair share of research and I'll edit this post with corrections if needed. The goal of this post is to answer the question: does this affect me?...
I've been using network namespaces in Linux where each one also use a different user; this way you can have multiple profiles of apps separated not only by permissions but also by the VPN connection that is the only route out
So you can have a connection that will supply your favorite iso sharer, a VPN connection to work, all unaware of each ot
I still haven't figured how to make GUI media applications work on them though
Sure, someone helped me setting up a script to share the wl socket between namespaces so I can run GUI programs in isolated namespaces, and if you look at this post you can check the namespaced-openvpn; also check vole's answer if you want to run GUI programs
I have created a network namespace to separate connections through a VPN, and it runs as the same user account as I use for everything else; however, it is not able to play music/use microphone...
It seems that a namespace only has access to process that originates inside itself
systemctl --user list-units
Failed to connect to bus: No medium found
as we can see, the same user doesn't have access to other processes
so we would need to duplicate every process above the namespace until we could acess the media
would duplicate of everything - pulsewire, dbus, etc - even work ?
Timeshift, make sure to "include hidden files" to recover any configuration for desktop environments
After a few mess ups, you may find yourself not needing to backup everything, only the file(s) that messed up, and that's still a good thing to have Timeshift for
Defaults passwd_timeout=0(avoids long running process/updates to timeout waiting for sudo password)
Defaults timestamp_type=global
(This makes password typing and it's expiry valid for ALL terminals, so you don't need to type sudo's password for everything you open after)
Defaults timestamp_timeout=10(change to any amount of minutes you wish)
The last one may be the difference between having to type the password every 5 minutes versus 1-2 times a day. Make sure you take security implications into account.
You can freely manipulate NTFS in Linux. Just make sure your distribution has, after kernel >=5.15, enabled it, otherwise you may need to install the ntfs-eg driver. Other than that, Ach Wiki has info that may help you on any distro:
I have done something similar to what you want to do, just needed the ntfs-3g driver installed and "Disks" (gnome disks) application would mount/read/write the disks as usual
you install program A, it needs and installs libpotato
then later you install program B that depends on libfries, and libfries depends on libpotato, however since you already have libpotato installed, only program B and libfries are installed
The intelligence behind this is called a package manager
In windows when you install something, it usually installs itself as a standalone thing and complains/reaks when dependencies are not met - e.g having to install Visual C++ 2005-202x for games, JRE for java programs etc
instead of making you install everything that you need to run something complex, the package manager does this for you and keep tracks of where files are
and each package manager/distribution has an idea of where some files be stored
After the initial learning curve when starting in Linux to solving advanced problemas that may or may not occur (will depend on Nvidia/exotic hardware/DE updates), you find it's easier to solve these because there are questions and answers in the internet, than finding another way to remove Edge, Cortana and restore the look and feel of windows 7 after every major update in windows
These updates land on testing quickly, however due to the several packages updated at once, they all need to be tested by volunteers, and only when all of them are signed it's pushed out of testing
Today the KDE Community is announcing a new najor release of Plasma 6.0, and Gear 24.02. KDE Plasma is a modern, feature-rich desktop environment for Linux-based operating systems. Known for its sleek design, customizable interface, and extensive set of applications, it is also open source, devoid of ads, and makes protecting...
Yeah, it's advertised as 160hz and even amdgpu_top (which uses xrandr or something like it) says 159.96hz is the first preferred mode, the second being 100hz
I had this problem before with a Nvidia card which reset to 144hz after an update and I could never enable it again. However it's a mystery as to why it boots up at 160hz in systemd-boot console, and goes back to 144hz when entering KDE or turning the display off
AMD is the gold standard for general user PCs in the last 5+ years. Intel simply cannot compete at the same energy expenditure/performance. At the same/close price/performance, Intel either burn a small thermonuclear power plant to deliver comparable performance, or simply is worse compared to similar Ryzens
Ryzens are like aliens compared to what AMD used to be before them
So I'd go with them
As for the GPU, if you want to use Linux forget Nvidia
I'm getting a bug where left clicking a program open in the task manager triggers opening another instance of the same program instead of raising/focusing in the already opened window. This didn't happen using X11. It's not the behavior configured for the left click; a recently started session works fine. The only way for it to...
I'm in a bit of a productivity rut and whilst I suspect the issue is mainly between the keyboard and chair I'm also interested in what (FOSS) tools there are that people find effective....
...no ?
years ago I couln't even dream of using bluetooth in linux; few weeks ago I found an old bluetooth dongle and now my usb speakers work just fine - even better than connecting via smartphone because plasma has sbc-xq codec easily selectable. It auto connects everytime I boot the pc, I just had to add btusb.enable_autosuspend=0 to kernel cmdline parameters
if it crashes, try sudo systemctl stop bluetooth.service and sudo systemctl start bluetooth.service
remember, bluetooth is a very cursed embrace-it-all protocol and may randomly crash/refuse to pair/connect unless you reset the devices manually, and this may happen with any hardware/software
Tinkering is all fun and games, until it's 4 am, your vision is blurry, and thinking straight becomes a non-option, or perhaps you just get overly confident, type something and press enter before considering the consequences of the command you're about to execute... And then all you have is a kernel panic and one thought...
I thoroughly backup up my slow nvme before installing a new faster one. I actually didn't even want to reuse the installation, just the files at /home.
So I mounted it at /mnt/backupnvme0n1, 2, etc and rsynced
The first few dry runs showed a lot of data was redundant, so I geniously thought "wow I should delete some of these". And that's when I did a classic sudo rm -rf in the /mnt root folder instead of /mnt/dirthathadthoseredundantfiles
Another thing to solve: XWayland apps as a different user
Giving access to the wayland socket makes other users able to use wayland; however programs that rely on XWayland to work don't seem to get it:
Start Failed
Failed to initialize graphics environment
java.awt.AWTError: Can't connect to X11 window server using ':0' as the value of the DISPLAY variable.
at java.desktop/sun.awt.X11GraphicsEnvironment.initDisplay(Native Method)
Wine
0120:fixme:kernelbase:AppPolicyGetThreadInitializationType FFFFFFFA, 0ECAFF08
0128:err:winediag:nodrv_CreateWindow Application tried to create a window, but no driver could be loaded.
0128:err:winediag:nodrv_CreateWindow L"The explorer process failed to start."
0128:err:systray:initialize_systray Could not create tray window
0114:err:winediag:nodrv_CreateWindow Application tried to create a window, but no driver could be loaded.
0114:err:winediag:nodrv_CreateWindow L"Make sure that your X server is running and that $DISPLAY is set correctly."
0114:fixme:kernelbase:AppPolicyGetProcessTerminationMethod FFFFFFFA, 0DE4FB40
Sir, you're awesome! Thank you a lot for taking your time and explaining what you have found
I will try these steps when I have some free time to tinker, and the info and script you have provided has cleared a lot of questions that I had
I know this is possible, but it makes switching different windows a chore. Since I have GUI programs running under different users, I would want the screensharing program to not even be aware that other user's GUI programs are in the screen
So wayland fixes most of these. Is it possible to run GUI programs as another user just like in X with xhost though ?
I'm asking not only from a security point, but as a practical one since I need to run the same program under different namespaces/users
I want to configure a local webcam to stream (and possibly record) a live feed open to the internet, and acess it half-world away while traveling, using FOSS only acessing it via Android VLC...
Thank you, I managed to get it working with MediaMTX and DockoVPN
I still don't know how I would manage dynamic IP changes during the days I'm away, that would break the VPN
addressing misconceptions about the recent TunnelVision vulnerability
I've been seeing a lot of confusion around the TunnelVision vulnerability. While I'm no expert, I've done a fair share of research and I'll edit this post with corrections if needed. The goal of this post is to answer the question: does this affect me?...
how to mirror Windows alt+tab behavior in KDE?
I'm using task switcher with Recently used sort order, but I still feel unsure if it's the same behavior
Alsa multimedia inside namespace
I have created a network namespace to separate connections through a VPN, and it runs as the same user account as I use for everything else; however, it is not able to play music/use microphone...
Vim Lands XDG Base Directory Specification Support ( www.phoronix.com )
Noob Question Thread: Ask Any Questions About Linux!
I thought I'll make this thread for all of you out there who have questions but are afraid to ask them. This is your chance!...
First day using Linux Mint instead of Windows 11 ( kbin.social )
It feels faster and it seems to use up less storage....
Introducing GNOME 46, “Kathmandu” ( release.gnome.org )
What PCI cards do you use ?
I have 2x PCIe X16 and 1x PCIe 1x slots that are not being used....
KDE Plasma 6.0, and KDE Gear 24.02 released ( kde.org )
Today the KDE Community is announcing a new najor release of Plasma 6.0, and Gear 24.02. KDE Plasma is a modern, feature-rich desktop environment for Linux-based operating systems. Known for its sleek design, customizable interface, and extensive set of applications, it is also open source, devoid of ads, and makes protecting...
SVP + MPV + Wayland
I was wondering if anyone else has had luck configuring SVP with MPV on wayland (AMD). I followed the archwiki https://wiki.archlinux.org/title/Mpv...
cant wait for plasma6 ( discuss.tchncs.de )
Display refresh rate reverts back to 144hz after turning off the display
Through amdgpu_top several modes are available, with 1440x3440@159.96 being the preferred...
Looking to build my first PC in almost 30 years; What should I be on the look out for?
It looks like !buildapc community isn't super active so I apologize for posting here. Mods, let me know if I should post there instead....
Left clicking an open program in task manager is opening another instance of it
I'm getting a bug where left clicking a program open in the task manager triggers opening another instance of the same program instead of raising/focusing in the already opened window. This didn't happen using X11. It's not the behavior configured for the left click; a recently started session works fine. The only way for it to...
What Linux "Productivity" (ideally FOSS) tools do you use?
I'm in a bit of a productivity rut and whilst I suspect the issue is mainly between the keyboard and chair I'm also interested in what (FOSS) tools there are that people find effective....
[Thread, post or comment was deleted by the moderator]
What would you change about your favorite Linux distribution?
Examples could be things like specific configuration defaults or general decision-making in leadership....
Is Bluetooth getting worse on Linux?
I'm noticing a lot of issues with bluetooth popping up, and they only seem to be getting worse....
Root access vulnerability in glibc library impacts many Linux distros ( securityaffairs.com )
What's (are) the funniest/stupidest way(s) you've broken your linux setup?
Tinkering is all fun and games, until it's 4 am, your vision is blurry, and thinking straight becomes a non-option, or perhaps you just get overly confident, type something and press enter before considering the consequences of the command you're about to execute... And then all you have is a kernel panic and one thought...
Wayland running GUI program as another user
I use https://github.com/slingamn/namespaced-openvpn to have a isolated namespace and VPN connection...
Is it possible to change mouse to left/right handed mode via CLI on wayland?
On X I use...
Film studios demand IP addresses of people who discussed piracy on Reddit ( arstechnica.com )
Is it possible to isolate which GUI programs are seem by a screensharing program in xorg or wayland ?
Think Zoom, Teams, google meet etc...
Streaming local Webcam in a Linux machine, and acessing it when on vacations - which protocol to choose?
I want to configure a local webcam to stream (and possibly record) a live feed open to the internet, and acess it half-world away while traveling, using FOSS only acessing it via Android VLC...
Open Source Data Recovery for Android?
Is there an open source app or tool like TestDisk/PhotoRec, but for Android?
AMD P-State and AMD P-State EPP Scaling Driver Configuration Guide
Requirements...