ctr1

ctr1 , 2 months ago (edited 2 months ago)

I suppose the most tangible benefit I get out of it is embedding a custom initramfs into the kernel and using it as an EFI stub. And I usually disable module loading and compile in everything I need, which feels cleaner. Also I make sure to tune the settings for my CPU and GPU, enable various virtualization settings, and force SELinux to always be enabled, among other things.

ctr1 , 4 months ago

Maybe try programming? It’s incredibly exciting once you get the hang of it. It can be frustrating at times but it’s really rewarding. Since becoming my hobby/job its given me an endless source of things to do at home. Plus it can open up new career paths :)

ctr1 , 5 months ago

mpd + ncmpcpp

ctr1 , 5 months ago

Yes! Awk is great, I use it all the time for text processing problems that are beyond the scope of normal filters but aren’t worth writing a whole program for. It’s pretty versatile, and you can split expressions up and chain them together when they get too complicated. Try piping the output into sh sometime. It can be messy though and my awk programs tend to be write-only

ctr1 , 7 months ago

Personally, I’ve relied on an OnlyKey for a few years (with backups and an extra fallback device) and haven’t needed to type passwords since. This doesn’t help with the number of prompts, but it does make them easier to dismiss.

I do use autologin, but I don’t use a system wallet (only KeePassXC, which I do need to unlock manually). Autologin with system wallets can be tricky, but I’ve had some luck setting it up in the past. You might want to check out this wiki for PAM configuration.

ctr1 , 7 months ago

Lol. I press a button on the device (which I unlocked with a pin before boot), but it would be nice to have the DB unlock automatically

ctr1 , 7 months ago

Yeah for me it’s been great and I do essentially leave it plugged in the whole time I’m using my PC (attached to my keys). It does require a pin entered each boot, so leaving it in would still offer security. But as someone else mentioned getting kwallet PAM working would make things easier in any case

ctr1 , 8 months ago (edited 8 months ago)

If you’re willing to spend the time to learn how to write custom policies, SELinux can be used for this, to some extent. It’s highly customizable and can sandbox your apps, but the process of doing so is quite complicated. I wrote a small guide on custom policy management on Gentoo in another comment if you’re interested.

There’s also apparently a “sandbox” feature, but I don’t know much about it. I just write my own policies and make them as strict as possible.

As an example, my web browser can’t access my home directory or anything except its own directories, and nobody (including my own user), except root and a few select processes (gpg, gpg-agent, git, pass) can access my gnupg directory.

This only covers security/permissions, and doesn’t include many of the other benefits of containerization or isolation. You could also try KVM with libvirt and Gentoo VMs; that works pretty well (despite update times) and I did that for a while with some success.

ctr1 , 9 months ago

For vegetables I throw everything into a big stew with a lot of different things (kale, broccoli, cauliflower, onion, potato, mushrooms, tofu, garlic, beans), lots of hot sauce, seasoning, olive oil, etc. and eat the same thing every day, for the most part. I don’t eat enough fruit but I do have a handful of dried fruit with oats every day

ctr1 , 9 months ago

I learned by watching a bunch of cppcon videos, reading cppreference, and writing a lot of programs. Learning how to understand the error messages is also really important

ctr1 , 9 months ago (edited 9 months ago)

As a Vim/NeoVim user my number one reason is speed. There’s a pretty steep learning curve, but it doesn’t take long to see noticeable improvements.

Aside from terminal applications generally running faster than GUI ones, there is a tremendous amount of flexibility that it offers when it comes to actual text editing. For example, you learn how to type things like _f(vi(cfoo _f(ci(foo^†^ which goes to the beginning of the line, finds the first open parens, selects everything inside of the parens expression, then replaces that text with “foo”. After a while these kinds of inputs become second nature, and you can start using them to construct macros on the fly that can be applied to different places in your code.

One major downside is that it can take some configuration to get working the way you want it, especially if you want an IDE-like environment. NeoVim comes with a built-in LSP interface, which I’ve been able to get working pretty well for all of the languages that I use the most, but it’s still kind of a pain to configure.

I’m sure Emacs is similar, but I’ve never used it. I don’t think many people use Nano unless they need to edit something in a terminal but don’t know how to use Vim. On that note, being comfortable with a terminal editor means that you’ll have no problem if you’re SSH-ing into a server or using the TTY console.

^†^ _f(ci(foo avoids an unnecessary mode change, see comment below

ctr1 , 9 months ago

Ah true! Thanks, yeah that’s a better way to do that. It seems I’ve developed a bad habit of going into visual more often than I need to- will keep an eye out for that

ctr1 , 9 months ago

I stopped using recommendations years ago and only use NewPipe and Invidious. I did notice a reduction in my watch time, but there is plenty to watch when using a subscription-only feed. I havent added very many channels to my list since then, but personalized recommendations aren’t worth the privacy cost. Hoping to leave the platform eventually

ctr1 , 9 months ago

Major bugs usually get fixed pretty quickly- I always check the GitHub to make sure I have the latest version when I have issues. And Invidious can work as an alternative most of the time, but some instances work better than others

ctr1 , 9 months ago (edited 9 months ago)

Haha yeah, nicely put. I do enjoy the content, mostly because I’ve been following these creators for some time, and it’s hard to find a replacement for it… there is a lot of great content there, but it makes me feel gross using it. And same, I had no problem finding an alternative for Reddit (this), probably because I was not very attached to individual creators there.

I’m hoping a decentralized solution gains traction, but in the meantime I’ve been trying to limit the amount of information I share with the platform. I’m not actively trying to restrict my usage (most of that was achieved when I stopped using an account), but maybe it’s a good idea to do so. I mostly use it when eating or going to sleep, and there are better ways to occupy that time.

ctr1 , 9 months ago

I use Terminus (ter-112n) for TTY, Source Code Pro for terminal emulators, and DejaVu, Liberation, and Noto for others

ctr1 , 9 months ago (edited 9 months ago)

Had the same issue with Plasma Wayland in QEMU but I never found a solution. Toggling anti-aliasing sometimes helped, temporarily

ctr1 , 10 months ago

Yes! Depending on how much time you want to spend figuring things out… there is a learning curve, but the documentation is quite extensive. And you do learn a lot about Linux by diving in. The compile times aren’t really an issue today if you have decent hardware- I run it at home and on all of my servers (some of them not very powerful). You can do other things while it’s compiling.

It’s great if you want to customize everything and learn how your system works, or are interested in optimizing everything for your specific CPU architecture. There are a few pitfalls (especially when learning), but I’ve generally been able to learn how to fix any issues as they arise.

Also, the package availability is great. If you can’t find something in the gentoo repository or in an overlay, you can usually find its dependencies and build it yourself.

ctr1 , 10 months ago

It’s great for anything low bandwidth that isn’t tied to your identity, and helps for peace of mind, despite its issues. You do run into captcha or DDOS protection issues occasionally, but the new tor circuit for this site button sometimes works. Also it uses letterboxing to prevent resolution-based fingerprinting, which isn’t very pretty, but leaving it at its default size (or locking the size using the WM) works well and is good for privacy.

ctr1 , 10 months ago (edited 10 months ago)

The difference is that your ISP doesn’t know where your packets are headed, and the destination doesn’t know where your packets came from. The ISP sees you connect to the entrance node and the destination sees you connect from the exit node, and it’s very difficult for anyone to trace the connection back to you (unless they own both the entrance and exit and use traffic coorelation or some other exploit/fingerprint). Regardless, both parties are generally able to tell that you are using TOR if they reference lists of known entrance/exit nodes. Also the anti-fingerprinting measures taken by TB are a bit more strict than other privacy-focused browsers

ctr1 , 10 months ago

No problem! And yeah, it’s good to see people talking about it over here. I think it’s the best tool for online privacy OOTB (depending on your threat model), and it gets better the more people use it.

ctr1 , 11 months ago (edited 11 months ago)

An extension would be cool! I’m currently trying to do something similar, in some sense; I’ve patched my instance to filter out DB results from public queries so that only my posts and comments are visible (unless I am logged in).

The only thing I’m not sure about yet is if it’s possible - if I create a Post on an instance that’s not my home, who is hosting the data? Do I only send ActivityPub Create Post with the data and the instance then saves it, or do I create the post on my own instance, send an ID, and if someone requests the Post data on the instance I posted to, it will be requested from mine?

I believe it might be possible, but I’m not sure. It seems that the protocol itself is mostly geared for synchronizing data and distributing updates. From my limited understanding, servers follow users or communities on other servers, which inform those servers that updates should be sent to the requesting inbox. These updates are then used to build up a local copy of the remote page. In the case of a remote community, users interact with their local copy and notify the remote community of those changes.

For example, I am viewing a local copy of this post that I received from lemmy.ml, and my reply to your comment will be stored locally. My server will notify lemmy.ml of this comment (including its contents), and lemmy.ml will notify my inbox if anyone interacts with it (because I am a follower).

It seems that at least some of this syncing might not be necessary… a lightweight frontend could rely on the API of each site it connects with to build up the activities it sends. However, this would probably cause some unnecessary traffic, as such a follower would both receive updates and query the API. Also it would probably break some things, such as ap_id (see the multicolored fedilink icon, which points the original copy of the content on my instance).

ctr1 , 11 months ago

Also a fan of sway! Plenty configurable, and swaymsg+jq bash scripts can go a long way. Hoping we’ll see more development in lightweight DEs as well- Wayland is pretty great, and sway could use with some more features. also nice username :D

ctr1 , 11 months ago

Excellent package and dependency management with a wide variety of up-to-date software

ctr1 , 11 months ago (edited 11 months ago)

Out-of-box security configurations supported by the organization (SELinux, hardening)

ctr1 , 11 months ago

Encourages hardware-based optimization and kernel specialization

ctr1 , 11 months ago

Absolutely! I haven’t had any problems setting up dependencies for various projects and have only needed overlays a few times. Sometimes USE flags can be tricky but most things are pretty well documented

ctr1 , 11 months ago

fl0w.cc- single user; the domain is meant to be part of my username :)

ctr1 , 11 months ago

I usually use new comments which works pretty well for me but it’s not perfect and doesn’t take scores into account. I’m sure the hot and active algorithms will evolve over time, will be testing them out as well