d3Xt3r

d3Xt3r , 1 month ago

• Fedora 37 - 2022-11-15; Nobara 37 - 2023-01-07
• Fedora 38 - 2023-04-18; Nobara 38 - 2023-06-26
• Fedora 39 - 2023-11-07; Nobara 39 - 2023-12-26
• Fedora 40 - 2024-04-23; Nobara 40 - 2024-06-19 (assuming an average delay of 57 days)

d3Xt3r , 1 month ago

You won’t find any alternatives because Flatpak has won the war. Pretty much everyone (except Canonical) hates Snap and avoids it like the plague, and AppImages have significantly dropped in popularity amongst users due to the rise of Flatpak, and the various advantage it has over AppImages. So you’re left with only Flatpak/Flathub basically.

d3Xt3r , 1 month ago

skim has unfortunately been abandoned, there have been no updates in an year, and several old PRs and issues remain untouched. The current recommend fork is https://github.com/kimono-koans/two_percent/, which is also more faster and memory efficient.

If you’re facing the same issue with two_percent as well, you can reach out to the author in this thread, since they haven’t yet opened up their issues tab.

d3Xt3r , 1 month ago

It’s one of the only ways I know of to make a Windows ToGo installation (equivalent of a Linux Live USB),

You can also use WinToUSB for that btw. Yet another option is to install Windows to a VHD file (using a virtual machine, or using Disk2VHD to convert an existing install), then copy it to your USB, and make it bootable using Ventoy. The latter option is more useful, since with Ventoy you could have multiple other Linux ISOs (or other OS/rescue images) all on a single, portable drive.

d3Xt3r , 1 month ago (edited 1 month ago)

In that case, I agree with the others and say leave this up to the router - not only is it far more easier to set up, it gives you/your kid the freedom to switch between distros/OSes, and you can even swap computers without worrying about having up the controls all over again.

A friend of mine was in the same situation as you (he’s also a Linux nerd), and he ended up with the router thing, and after extensive research, he decided to get a Synology router as it had all the features he was after (mainly limiting access times, monitoring and reporting). See: www.synology.com/…/device_content_control

And for extra filtering, you could also set the upstream DNS on the router to a filtering service such as Cloudflare for Families, AdGuard DNS Family etc.

d3Xt3r , 1 month ago

Those of you reading this might also be interested in two_percent, which is a fork of skim, which in turn is a Rust implementation of fzf. two_percent is faster, more efficient and uses less memory than fzf, which is especially noticeable with large inputs.

d3Xt3r , 1 month ago

It’s faster and more memory efficient basically. skim also appears to have been abandoned (no updates in over an year), whereas two_percent is being actively developed.

d3Xt3r , 1 month ago

No, you’re looking at the commit log for skim. two_percent was last updated two months ago. I also had a chat with the author yesterday and they’re keen to continue maintaining the fork.

https://lemmy.nz/pictrs/image/9c40edac-c66c-45c5-8818-6b64ab049c01.jpeg

d3Xt3r , 1 month ago

Pretty much the same as you, but I do yoga instead of qigong. Plus I focus a lot on diet and nutrition and try to make sure I’m getting everything I need, whilst trying to minimise or avoid things that are bad for you, like processed foods, sugary stuff etc. Bought a Garmin smartwatch and smart scales last year to keep a track of my exercise goals, hydration, HRV, and sleep quality, and that’s been real helpful in keeping track of my health.

Also planning to take up some basic martial arts as well; I was looking at kyokushin, but might pick wing chun due to it’s practicality / self-defence aspects.

Bonus question: Where else can I post questions besides Ask Lemmy?

You can also post questions on Ask Lemmy’s evil twin - !asklemmy

d3Xt3r , 1 month ago

Agreed, this is a nice inclusion. I also hate sudoers with a passion - I already use doas but it’s not standard (in the Linux world anyway), but with systemd providing an alternative means that it’ll become a standard which most distros would adopt, and I hope this means we can finally ditch the convoluted sudoers file once and for all.

d3Xt3r , 1 month ago

doas is quite popular in the BSD world, and was ported to Linux a few years ago (via the OpenDoas project).

For starters, it’s is a lot smaller than sudo - under 2k lines of code vs sudo’s 132k - this makes it lot more easier to audit and maintain, and technically less likely to have vulnerabilities.

Another security advantage is that doas doesn’t pass on the environment variables by default (you’d have to explicitly declare the ones you want to pass, which you can do so in the config).

The config is also a lot simpler, and doesn’t force you to use visudo - which never made sense to me, visudo should’ve just generated the actual config, instead of checking it after the fact. Kinda like how grubby or grub2-mkconfig works. But no need for that complexity with doas.

Eg, the most basic doas config could just have one line in the file: permit: wheel. Maybe have another line for programs you want to run without a password, like permit nopass dexter cmd pacman.

d3Xt3r , 1 month ago

Samsung midrangers like the A15 / M15 / A25 etc have both the jack as well as an sdcard slot. There’s also the Motorola G34 and the G84. And finally, there’s also a flagship - the ASUS ROG Phone 8 Pro. And a whole bunch of Chinese phones which I won’t bother mentioning.

d3Xt3r , 1 month ago

github.com/KFearsoff/nix-drama-explained

d3Xt3r , 1 month ago (edited 1 month ago)

I disagree with @Shareni (sorry!) - the biggest issue right now is that package maintainers are leaving in droves - at least 15 contributors left a few days ago, a number which has likely increased these past few days - and will continue to increase. I think the only people left will be the ones who support Eelco and the toxic culture brewed by him.

What this means is that you risk your packages getting out of date, including slow delivery of security updates (which was already an increasing concern, due to the way the Nixpkgs build system worked). Worst case scenario, some (many?) packages may never even get an update.

So now’s definitely NOT a good time to switch, and in fact I’d also urge existing users to look at other distros, at least temporarily until this whole thing settles down.

d3Xt3r , 1 month ago

Considering that predicting the next word from context is the one thing LLMs are really good at, I just don’t understand how none of these developments have found their way into predictive keyboards.

The problem is that LLMs require a considerable amount of computing power to run, unlike the simple markov chain predictions that keyboards use. You could use a cloud-based service like ChatGPT or something, but most people wouldn’t want their keyboards to send all their keystrokes to a remote server… and even if they didn’t know or care, the response time wouldn’t be good enough for real-time predictions.

Now smartphone SoC makers like Qualcomm have started adding NPUs (neural processing units) with their latest chips (such as the SD8 Gen 3, featured in the most recent flagship phones), but it’s going to take a while before devices with NPUs become commonplace, and it’ll take a while for developers to start making/updating apps that can make use of it.

But yeah the good news is that it is coming, it’s only a matter of “when” - I suspect it won’t be long before the likes of SwiftKey start to take advantage of this.

d3Xt3r , 1 month ago

You might be interested in these things called mouse jigglers, they range from a tiny USB dongle that simulates a mouse, to motorised movement pads that you can place under a real mouse, which would be undetectable by software.

PS: You’re welcome. ;)

d3Xt3r , 1 month ago

Does Guix have a Nix Home Manager + nixpkgs equivalent? I currently use them to install packages on other distros, but with nixpkgs maintainers leaving in droves, I’m looking for alternatives.

d3Xt3r , 1 month ago (edited 1 month ago)

Usually setting the cache mode to “none” gives the best performance, assuming you’re using the virtio interface, instead of SATA/SCSI. This is a common mistake most newbies make when installing Windows, because virt-manager defaults to the latter, which gives poor perfomance. The same goes for the network btw, you’d want to use the virtio network interface instead of the emulated NIC. So before you install a Windows guest, make sure you change both those interfaces.

After changing the hardware interfaces, what you’d need to do (with Windows guests) is you’d need to supply the [virtio drivers](github.com/virtio-win/…/README.md, which you’ll need to provided to the Windows setup (via the virtio driver ISO) when prompted.

But if you’ve already installed Windows, you’ll need to install all the virtio drivers first and then update the interfaces after you’ve powered off the VM.

And in case you were wondering, this isn’t an issue with Linux guests, since virt-manager defaults to virtio hardware, and drivers aren’t an issue either.

d3Xt3r , 1 month ago

Why not just use sysget or app instead?

d3Xt3r , 1 month ago

This is a known issue with TF2, you’ll need to switch to OpenGL to fix it. However, you may also need additional launch options as listed here (but try just the OpenGL switch first).

d3Xt3r , 1 month ago (edited 1 month ago)

That 240W is only for SuperVOOC. PD however goes only upto 65W. Plus, being that big and single-port only makes this thing completely pointless for everyone except VOOC users.

d3Xt3r , 1 month ago (edited 1 month ago)

Probably the Minisforum V3 I reckon. From what I hear, everything works out-of-the-box, plus it’s a Zen 4 Ryzen, so you get excellent graphics performance and overall compatibility with Linux.

I’m a Zen 4 user myself (Minisforum UM780 XTX with a Ryzen 7840HS - pretty much the same APU as the V3, minus the AI stuff) and I’m really happy with my Linux experience on it so far.

Also, AMD have just submitted some new Core Performance Boost (CBP) patches, so you can expect even better performance/battery with the upcoming kernel releases. This is a very exciting space to be in!

d3Xt3r , 1 month ago

Because:

The DistroWatch Page Hit Ranking statistics are a light-hearted way of measuring the popularity of Linux distributions and other free operating systems among the visitors of this website. They correlate neither to usage nor to quality and should not be used to measure the market share of distributions. They simply show the number of times a distribution page on DistroWatch was accessed each day, nothing more.

So people see it on the list and click on it wondering “what the heck is this MX Linux thing”. And that boosts the ranking. And now that it’s at the top, it attracts more curious clicks, thus it continues to remain on top.

d3Xt3r , 1 month ago

Yes, it’s been long abandoned - no updates in over 3 years. Anyways, this is why alternatives like hyfetch, fastfetch (and others) exist.

d3Xt3r , 1 month ago

Nice! Any chance you could try the FEX emulator as well? Apparently the 2404 release has some massive performance improvements, so I’m curious how it fares compared to Box86.

d3Xt3r , 1 month ago

Paper boxes may be equally bad or even worse, since many of them are coated with PFAS (aka “forever chemicals”) - which can leach into your food and the environment.

Now whilst the FDA has banned sale of PFAS-coated containers earlier this year, it is expected that such products may remain on the market till sometime next year. Of course, it also doesn’t stop someone from ordering cheap PFAS-loaded boxes from AliExpress or elsewhere. And if you’re not in the US, you’d have to find out if there’s a similar ban in your country, and/or verify whether the manufacturer of whatever container/utensil you’re using is PFAS-free.

It would also be prudent to check even non-paper food-related products (spoons, spatulas, chopping boards etc). Even so called 100% recyclable “food safe” plastic, bio-plastics made from plant pulp, and traditionally eco-friendly wooden containers and utensils may be coated with PFAS.

d3Xt3r , 1 month ago (edited 1 month ago)

The answers here are only partially correct. If you want to use your device internationally, there are four things or categories you need to consider:

1. Carrier locked devices
2. Region-specific devices
3. Carrier whitelisting
4. Regulatory requirements

Carrier locked devices are exactly that, these are the ones sold by your carrier and subsidised, they usually mention that you can’t use them with other carriers. Eg the SM-S928U of the S24 works only on AT&T. If you have one of these, you may be able to buy an unlock code online to unlock your phone. Depending on your model, you might also need to flash compatible firmware or unlock additional bands from the service menu, if you want to be able to actually use it with your destination carrier.

Region-specific devices generally have limited cellular bands, meant for usage in that country. Eg although the SM-S928U1 variant of the S24 is factory unlocked (unlike the SM-S928U), it may not carry all the bands required for operation outside the US. If you’re unsure about compatibility, use this website to check the bands for your target country/carrier. Generally though, if you travel a lot, it’s recommend to buy the international / global variant of a phone. As an alternative, if you have a US variant Samsung, you could use the service menu to enable all bands. Though regardless of the variant, it’s always a good idea to check the band compatibility before you purchase the device/travel.

Carrier whitelisting is a recent annoying thing which carriers have started doing for some technologies such as 5G, VoLTE, VoWiFi etc. Some of these features may or may not be critical for you, for eg, if the destination carrier no longer offer 2G/3G services, that means you must be able to get VoLTE in order to make calls. And VoWiFi is needed if you’re in an area with poor reception, but have WiFi access. Finally, 5G would be a bonus thing but most carriers allow only whitelisted models to connect to their 5G services. Samsung normally should work in general, but given how many variants Samsung makes, there’s no guarantee that your specific variant would be able to use some/all of these services. So you’ll need to check with your target carrier in advance to see which of their services your phone would be able to support.

Finally, some countries may have regulatory requirements which may legally prevent shops/carriers from selling you a SIM card, if your phone isn’t in their database. For instance, in Japan, it’s technically illegal to operate a device without a “giteki” mark - and if your phone doesn’t have this, operators may refuse to sell you a card. In this case however, you should be fine if you order a compatible SIM/eSIM online before arrival (eg from Sakura Mobile).

d3Xt3r , 1 month ago

E37: No write since last change

d3Xt3r , 1 month ago

Wait till you find out that you can even uninstall Linux!

d3Xt3r , 1 month ago (edited 1 month ago)

First of all, forget all the Spice-based viewers - by far the best solution for interacting with a Windows guest is using freeRDP. It’s extremely smooth and lightweight, and feels like you’re interacting with Windows natively - unlike Spice viewers which feel very clunky. With freeRDP, you don’t need to configure Samba etc, clipboard sharing works, dynamic resolution works, and you can even use seamless windows (RemoteApps) to make it look like you’re natively running a Windows app in Linux!

Just enable Remote Desktop in Windows, and then from your host machine, you can run the following command to connect to your VM:

xfreerdp /v:192.168.122.xxx /u:dexter /p:password /drive:/home/dexter/Downloads,Downloads /cert:ignore /dynamic-resolution +clipboard /scale:180 /f

• Obviously, change the above parameters according to your system.
• Setting a static IP inside Windows would also make it easier, so you can just create a shortcut/script with the above command.
• In my above command, I’ve shared my Downloads folder. This will appear in Windows as the share \tsclientDownloads. You can then map this share to a drive inside Windows to make it easier to access.
• I’m on a HiDPI monitor so I’ve enabled scaling with the /scale:180 parameter.

Alternatively, you could use a GUI tool like Remmina, which uses freeRDP in the backend.

I also highly recommend using freeRDP v3.x if possible - this is available in Arch (AUR) and Flatpak. The reason being, freeRDP has made numerous improvements since v3.0 (released December last year), which make it 100% worth the upgrade - but most distros seem to be stuck on 2.xx for some reason.

Let me know if you have any questions. I use Win11 guests on KVM almost daily for testing various things as part of my job, and I access it via freeRDP without any issues.

d3Xt3r , 1 month ago

It’s easiest to just register a domain name and use Couldflare Tunnels. No need to worry about dynamic DNS, port forwarding etc. Plus, you have the security advantages of DDoS protection and firewall (WAF). Finally, you get portability - you can change your ISP, router or even move your entire lab into the cloud if you wanted to, and you won’t need to change a single thing.

I have a lab set up on my mini PC that I often take to work with me, and it works the same regardless of whether it’s going thru my work’s restricted proxy or the NAT at home. Zero config required on the network side.

d3Xt3r , 1 month ago

The bypassnro command still works though. Installed 23H2 in a VM yesterday and it worked fine.

d3Xt3r , 1 month ago (edited 1 month ago)

No need to hop around for the same thing.

It’s not really the same thing. EndeavourOS is basically vanilla Arch + a few branding packages. CachyOS is an opionated Arch with optimised packages.

You still have the option to select the DE and the packages you want to install - just like EndeavourOS - but what sets Cachy apart is the optimisations. For starters, they have multiple custom kernel options, with the BORE scheduler (and a few others), LTO options etc. Then they also have packages compiled for the x86-64-v3 and v4 architectures for better performance.

Of course, you could also just use Arch (or EndeavourOS) and install the x86-64-v3/v4 packages yourself from ALHP (or even the Cachy repos), and you can even manually install the Cachy kernel or a similar optimised one like Xanmod. But you don’t get the custom configs / opinionated stuff. Which you many actually not want as a veteran user. But if you’re a newbie, then having those opinionated configs isn’t such a bad idea, especially if you decide to just get a WM instead of a DE.

I’ve been thru all of the above scenarios, depending on the situation. My homelab is vanilla Arch but with packages from the Cachy repo. I’ve also got a pure Cachy install on my gaming desktop just because I was feeling lazy and just wanted an optimised install quickly. They also have a gaming meta package that installs Steam and all the necessary 32-bit libs and stuff, which is nice.

Then there’s Cachy Browser, which is a fork of LibreWolf with performance optimisations (kinda similar to Mercury browser, except Mercury isn’t MARCH optimised).

As for support, their Discord is pretty active, you can actually chat with the developers directly, and they’re pretty friendly (and this includes Piotr Gorski, the main dev, and firelzrd - the person behind the BORE scheduler). Chatting with them, I find the quality of technical discussions a LOT higher than the Arch Discord, which is very off-topic and spammy most of the time.

Also, I liked their response to Arch changes and incidents. When Arch made the recent mkinitcpio changes, their made a very thorough announcement with the exact steps you needed to take (which was far more detailed than the official Arch announcement). Also, when the xz backdoor happened, they updated their repos to fix it even before Arch did.

I’ve also interacted with the devs pesonally with various technical topics - such as CFLAG and MARCH optimisations, performance benchmarking etc, and it seems like they definitely know their stuff.

So I’ve full confidence in their technical ability, and I’m happy to recommend the distro for folks interested in performance tuning.

cc: @governorkeagan

d3Xt3r , 1 month ago (edited 1 month ago)

That depends on your CPU, hardware and workloads.

You’re probably thinking of Intel and AVX512 (x86-64-v4) in which case, yes it’s pointless because Intel screwed up the implementation, but on the other hand, that’s not the case for AMD. Of course, that assumes your program actually makes use of AVX512. v3 is worth it though.

In any case, the usual places where you’d see improvements is when you’re compiling stuff, compression, encryption and audio/video encoding (ofc, if your codec is accelerated by your hardware, that’s a moot point). Sometimes the improvements are not apparent by normal benchmarks, but would have an overall impact - for instance, if you use filesystem compression, with the optimisations it means you now have lower I/O latency, and so on.

More importantly, if you’re a laptop user, this could mean better battery life since using more efficient instructions, so certain stuff that might’ve taken 4 CPU cycles could be done in 2 etc.

In my own experience on both my Zen 2 and Zen 4 machines, v3/v4 packages made a visible difference. And that’s not really surprising, because if you take a look the instructions you’re missing out on, you’d be like ‘wtf’:

CMPXCHG16B, LAHF-SAHF, POPCNT, SSE3, SSE4_1, SSE4_2, SSSE3, AVX, AVX2, BMI1, BMI2, F16C, FMA, LZCNT, MOVBE, OSXSAVE.

And this is not counting any of the AVX512 instructions in v4, or all the CPU-specific instructions eg in znver4.

It really doesn’t make sense that you’re spending so much money buying a fancy CPU, but not making use of half of its features…

d3Xt3r , 1 month ago (edited 1 month ago)

Yep, fair point. I’m a fan of old-school forums myself, like phpBB.

d3Xt3r , 1 month ago (edited 1 month ago)

If you’re already on Arch/EOS, you don’t need to “move distros”, all you need to do (ish) is to update your pacman.conf with Cachy’s repos and run a pacman -Syuu to reinstall your packages. Oh, and you might also want to install the cachy kernel and maybe the browser for the full experience. Your files and config will remain the same, unless you plan to update/merge them - in which case, I’d recommend replacing your makepkg.conf with the one Cachy provides, for the optimised compiler flags. Other than that, there’s no significant difference between the default configs and Cachy’s. In fact, EndeavourOS actually deviates more since it uses dracut for generating the initrd, whereas Cachy, like Arch, defaults to mkinitcpio.

Anyways, there’s not much point trying CachyOS in a VM since it’s really not that much different from EndeavourOS (from a UX point of view); the whole point of Cachy is to eke out the best performance from your system, so running it in a VM defeats the purpose.

d3Xt3r , 1 month ago (edited 1 month ago)

16c/64gb Zen4 system here with optimised packages and kernel. I still care about bloat. Not from a performance reason obviously, but from a systems management / updates / attack surface point of view. Fewer packages == fewer breakages == fewer headaches.

d3Xt3r , 1 month ago

Hmm, are you really using PulseAudio, or is it actually PipeWire?

If it’s the former, I’d recommend getting rid of all PulseAudio packages first, and then switch to PipeWire by installing the following packages: pipewire pipewire-audio pipewire-pulse wireplumber. Then enable and start the necessary services and test (maybe reboot for good measure).

The Arch Wiki covers all the details. On a normal system, you shouldn’t need to do any special config besides enabling the services.

d3Xt3r , 1 month ago (edited 1 month ago)

Others here have already given you some good overviews, so instead I’ll expand a bit more on the compilation part of your question.

As you know, computers are digital devices - that means they work on a binary system, using 1s and 0s. But what does this actually mean?

Logically, a 0 represents “off” and 1 means “on”. At the electronics level, 0s may be represented by a low voltage signal (typically between 0-0.5V) and 1s are represented by a high voltage signal (typically between 2.7-5V). Note that the actual voltage levels, or what is used to representation a bit, may vary depending on the system. For instance, traditional hard drives use magnetic regions on the surface of a platter to represent these 1s and 0s - if the region is magnetized with the north pole facing up, it represents a 1. If the south pole is facing up, it represents a 0. SSDs, which employ flash memory, uses cells which can trap electrons, where a charged state represents a 0 and discharged state represents a 1.

Why is all this relevant you ask?

Because at the heart of a computer, or any “digital” device - and what sets apart a digital device from any random electrical equipment - is transistors. They are tiny semiconductor components, that can amplify a signal, or act as a switch.

https://upload.wikimedia.org/wikipedia/commons/5/5a/Transistors.agr.jpg

A voltage or current applied to one pair of the transistor’s terminals controls the current through another pair of terminals. This resultant output represents a binary bit: it’s a “1” if current passes through, or a “0” if current doesn’t pass through. By connecting a few transistors together, you can form logic gates that can perform simple math like addition and multiplication. Connect a bunch of those and you can perform more/complex math. Connect thousands or more of those and you get a CPU. The first Intel CPU, the Intel 4004, consisted of 2,300 transistors. A modern CPU that you may find in your PC consists of hundreds of billions of transistors. Special CPUs used for machine learning etc may even contain trillions of transistors!

Now to pass on information and commands to these digital systems, we need to convert our human numbers and language to binary (1s and 0s), because deep down that’s the language they understand. For instance, in the word “Hi”, “H”, in binary, using the ASCII system, is converted to 01001000 and the letter “i” would be 01101001. For programmers, working on binary would be quite tedious to work with, so we came up with a shortform - the hexadecimal system - to represent these binary bytes. So in hex, “Hi” would be represented as 48 69, and “Hi World” would be 48 69 20 57 6F 72 6C 64. This makes it a lot easier to work with, when we are debugging programs using a hex editor.

Now suppose we have a program that prints “Hi World” to the screen, in the compiled machine language format, it may look like this (in a hex editor):

https://lemmy.nz/pictrs/image/3a91a551-8496-4ba1-9125-37880a9f0860.png

As you can see, the middle column contains a bunch of hex numbers, which is basically a mix of instructions (“hey CPU, print this message”) and data (“Hi World”).

Now although the hex code is easier for us humans to work with compared to binary, it’s still quite tedious - which is why we have programming languages, which allows us to write programs which we humans can easily understand.

If we were to use Assembly language as an example - a language which is close to machine language - it would look like this:

<span style="color:#323232;">     SECTION .data
</span><span style="color:#323232;">msg: db "Hi World",10
</span><span style="color:#323232;">len: equ $-msg
</span><span style="color:#323232;">
</span><span style="color:#323232;">     SECTION .text
</span><span style="color:#323232;">     
</span><span style="color:#323232;">     global main   
</span><span style="color:#323232;">main:
</span><span style="color:#323232;">     mov  edx,len
</span><span style="color:#323232;">     mov  ecx,msg
</span><span style="color:#323232;">     mov  ebx,1
</span><span style="color:#323232;">     mov  eax,4
</span><span style="color:#323232;">
</span><span style="color:#323232;">     int  0x80
</span><span style="color:#323232;">     mov  ebx,0
</span><span style="color:#323232;">     mov  eax,1
</span><span style="color:#323232;">     int  0x80
</span>

As you can see, the above code is still pretty hard to understand and tedious to work with. Which is why we’ve invented high-level programming languages, such as C, C++ etc.

So if we rewrite this code in the C language, it would look like this:

<span style="color:#323232;">#include <stdio.h>
</span><span style="color:#323232;">int main() {
</span><span style="color:#323232;">  printf ("Hi Worldn");
</span><span style="color:#323232;">  return 0;
</span><span style="color:#323232;">} 
</span>

As you can see, that’s much more easier to understand than assembly, and takes less work to type! But now we have a problem - that is, our CPU cannot understand this code. So we’ll need to convert it into machine language - and this is what we call compiling.

Using the previous assembly language example, we can compile our assembly code (in the file hello.asm), using the following (simplified) commands:

<span style="color:#323232;">$ nasm -f elf hello.asm
</span><span style="color:#323232;">$ gcc -o hello hello.o
</span>

Compilation is actually is a multi-step process, and may involve multiple tools, depending on the language/compilers we use. In our example, we’re using the nasm assembler, which first parses and converts assembly instructions (in hello.asm) into machine code, handling symbolic names and generating an object file (hello.o) with binary code, memory addresses and other instructions. The linker (gcc) then merges the object files (if there are multiple files), resolves symbol references, and arranges the data and instructions, according to the Linux ELF format. This results in a single binary executable (hello) that contains all necessary binary code and metadata for execution on Linux.

If you understand assembly language, you can see how our instructions get converted, using a hex viewer:

http://timelessname.com/elfbin/asmtobin.png

So when you run this executable using ./hello, the instructions and data, in the form of machine code, will be passed on to the CPU by the operating system, which will then execute it and eventually print Hi World to the screen.

Now naturally, users don’t want to do this tedious compilation process themselves, also, some programmers/companies may not want to reveal their code - so most users never look at the code, and just use the binary programs directly.

In the Linux/opensource world, we have the concept of FOSS (free software), which encourages sharing of source code, so that programmers all around the world can benefit from each other, build upon, and improve the code - which is how Linux grew to where it is today, thanks to the sharing and collaboration of code by thousands of developers across the world. Which is why most programs for Linux are available to download in both binary as well as source code formats (with the source code typically available on a git repository like github, or as a single compressed archive (.tar.gz)).

But when a particular program isn’t available in a binary format, you’ll need to compile it from the source code. Doing this is a pretty common practice for projects that are still in-development - say you want to run the latest Mesa graphics driver, which may contain bug fixes or some performance improvements that you’re interested in - you would then download the source code and compile it yourself.

Another scenario is maybe you might want a program to be optimised specifically for your CPU for the best performance - in which case, you would compile the code yourself, instead of using a generic binary provided by the programmer. And some Linux distributions, such as CachyOS, provide multiple versions of such pre-optimized binaries, so that you don’t need to compile it yourself. So if you’re interested in performance, look into the topic of CPU microarchitectures and CFLAGS.

Sources for examples above: timelessname.com/elfbin/

d3Xt3r , 1 month ago

Yes, Zellij runs on top of bash/fish etc, no need to change your existing shell. And yes, you can control with your mouse as well, but you can’t resize the panes with your mouse - but other than that, most mouse operations work as you’d expect.

d3Xt3r , 1 month ago

I always thought those whoe said susa instead of soos are wrong.

So, how do you pronounce Porsche?

d3Xt3r , 1 month ago

It’s still being maintained. It’s a third-party project btw, but it’s just a patchset so you’ll need to build it yourself: github.com/cyberus-technology/virtualbox-kvm

Arch users can also install the virtualbox-kvm package from AUR to get it all in one go, nice and easy.

d3Xt3r , 1 month ago

This shouldn’t even be a question lol. Even if you aren’t worried about theft, encryption has a nice bonus: you don’t have to worry about secure erasing your drives when you want to get rid of them. I mean, sure it’s not that big of a deal to wipe a drive, but sometimes you’re unable to do so - for instance, the drive could fail and you may not be able to do the wipe. So you end up getting rid of the drive as-is, but an opportunist could get a hold of that drive and attempt to repair it and recover your data. Or maybe the drive fails, but it’s still under warranty and you want to RMA it - with encryption on, you don’t have to worry about some random accessing your data.

d3Xt3r , 1 month ago (edited 1 month ago)

Kali is a pentesting distro, it’s not designed for malware analysis. The distro you’d want to use for malware analysis is REMnux, but it’s mostly meant for static analysis. Static analysis is fine, but you may not be able to dig deep unless you’re familiar with decrypting code and using tools like Cutter, Ghidra, EDB etc for debugging. Naturally you’d also need intimate low-level coding experience, familiarity with assembly language and/or Win32 APIs (or whatever APIs the malware is using). So this isn’t an area a casual security researcher can just get into, without some low-level coding experience. But you can at least do some beginner-level analysis like analysing the PE headers and using some automated tools which employ signature-based detection, or you could analyse strings and URLs embedded in the malware; stuff like that.

Dynamic analysis is far more easier to get into and more “fun”, but the problem is of course, with most malware being made for Windows, Linux is kinda irrelevant in this scenario. But you could still run Linux as a VM host and run the malware inside a Windows VM. The problem with running malware in VMs though is that these days any half-decent malware would be VM/context aware and may evade detection, so for accurate results you’d really want to run the malware on a real machine, and use tools like procmon, IDA, wireshark etc for analysis. But again, decent malware may be able to evade tools like procmon, so it can get quite tricky depending on how clever your malware is. You’d normally employ a combination of both static and dynamic analysis.

Industry pros these days often use cloud-based analysis systems which can account for many such scenarios, such as Joe Sandbox, Any.Run, Cuckoo etc. These offer a mix of both VM and physical machine based analysis. You can use these services for free, but there are some limitations of course. If you’re doing this for furthering your career, then it’s worth getting a paid subscription to these services.

Coming back to Kali Linux - it’s not something you’d want to install permanently on physical machine, as its meant to be an ephemeral thing - you spin it up, do your pentesting, and then wipe it. So most folks would use it inside a VM, or run Kali from a Live USB without installing it.

There are also alternatives to Kali, such as ParrotSec and BlackArch, but really from a pentesting toolbox point of view, there’s not much of a difference between them, and it doesn’t really matter (unless you’re a Linux nerd and like the flexibility Arch offers). Most industry folks use Kali mainly, so might as well just stick to it if you want to build up familiarity in terms of your career.

As for your Surface Go - you could install a normal daily-driver Linux distro on your Surface if you really want to, and then run Kali under KVM - which is personally how I’d do it. Running Linux on Linux (KVM) is pretty convenient has a very low performance overhead. You can also employ technologies like ballooning and KSM to save RAM, if your system has low RAM.

d3Xt3r , 1 month ago

Nope.

d3Xt3r , 1 month ago

Most third-party Lemmy clients should support this. For instance, if you’re on Sync, you can just swipe it hide the post (assuming you’ve configured it that way).

d3Xt3r , 1 month ago

Yes, I mostly agree with your conclusions. MMOs do generally employ anti-cheat, so I wouldn’t attempt running them in a VM unless you want to take a risk. So dual-booting is an acceptable compromise.

The good news is though that gaming on Wine keeps improving every day. From the games you’ve mentioned, only Rust isn’t compatible with Linux (due to EasyAntiCheat), but the others are gold rated - and GW2 is even platinum rated!

You can use ProtonDB to check the game compatibility, and the user reports are usually helpful to see if they’ve encountered any issues or had to employ any tweaks to get it going. But do keep an eye out on this space, as Wine/Proton keeps improving constantly, so you never know, maybe some day even Rust might work!

Edit: Actually, reading the reviews for Rust, looks like you can actually get it to work if you connect to a server that doesn’t use anti-cheat!