Skip Navigation
Jump
Vous êtes en charge de la rédaction de la constitution de la 6ème République, quels changements proposez-vous ?
  • Je ne vois pas la différence pour le point 2. Tant que le gouvernement n'est pas formé la personne n'est pas officiellement premier ministre, c'est ça ?

    2
  • Jump
    [Fil quotidien] Jeux de mots du jour 20-08-2024
  • #LaBEE 62

    Formidable ! - 51 mots - 267 points
    🟧🟧🟧🟧🟧🟧🟧🟧
    #LeMotLeJeu

    https://www.solitaire-play.com/labee/

    1
  • Jump
    Que faites-vous avant de dormir ?
  • Bien sûr que si tu parles français ! Peut-être pas encore aussi facilement que tu le voudrais, mais je n'ai eu aucun mal à comprendre ce que tu voulais dire.

    Continue de pratiquer, le français est loin d'être une langue facile, même pour les Français !

    3
  • Jump
    Que faites-vous avant de dormir ?
  • Je lis, un article de magazine ou un chapitre d'un roman. C'est pratique, quand tu te rends compte que ça fait 3 fois que tu lis la même phrase, c'est que c'est le moment d'éteindre 😴

    5
  • Jump
    Quel animal est-ce?
  • Un blaireau d'Amérique ?

    Photo d'un blaireau d'Amérique

    5
  • Jump
    I can whistle at the speed of sound
  • If you really want to be pedantic, c is the notation for the "speed of light in a vacuum", not just the "speed of light", which depends on the medium.

    14
  • Jump
    Get a rope.
  • I'm getting a lot of Westworld players vibes from the photos in this thread.

    Not the "good" players vibes, more the "I'm here to pose a badass, get drunk at the saloon, fuck a prostitute and then shoot her" vibes...

    14
  • Jump
    Street-Complete, like Pokemon Go but for good.
  • I use Magic Earth when I take my car, Organic Maps when I walk or use public transportation. I don't think there is a single "best app", it depends on your use case.

    6
  • Jump
    Privacy.com in Europe?
  • It mostly depends where. French use it for almost anything, even more since COVID. On the other hand, Germans have a tradition to prefer cash.

    10
  • Jump
    NewPipe outage over: version 0.27.1 restores YouTube playback
  • The quickest way is to add the Newpipe repo: https://newpipe.net/FAQ/tutorials/install-add-fdroid-repo/

    If you already installed Newpipe from the f-droid main repo, you may need to backup your data, uninstall and reinstall it. https://github.com/TeamNewPipe/NewPipe?tab=readme-ov-file#installation-and-updates

    17
  • Jump
    What's (are) the funniest/stupidest way(s) you've broken your linux setup?
  • You could boot on an USB, mount the filesystem and change the permissions. But if the dude changed a whole lot of permissions, reinstalling might be the smart thing to do...

    30
  • Jump
    TIL GNU/linux has 2 clipboards
  • Klipper on KDE offers a clipboard history. Don't know about other DEs.

    14
  • Jump
    FOSS Android Keyboard that supports password manager auto-fill like Gboard does?
  • Keepass2Android provides both an autofill function and an alternative keyboard. As the name implies, it works with a Keepass file.

    5
  • Jump
    I Think Ubuntu 23.10 is Making a Mistake…
  • Not a great timing to move to something RHEL-based!

    If I may ask, why not Debian? You're already familiar with 99% of the distribution, as it's the base for Ubuntu.

    25
  • Jump
    How do you use Tailscale?
  • DISCLAIMER: I never used Tailscale. All I know about Tailscale I learned reading their "How it works" blogpost and documentation, because I wanted to understand the hype.

    Since nobody answered your questions, I'll try my best. Just trust that I spent most of the last 25 years configuring security systems, including but not limited to VPNs.

    Hmm, I guess my question would be how does this all work?

    See my 2 links above.

    I mean, is it not possible to configure STUN/DERP services yourself?

    Of course it is, but it will be additional work, that most users are not willing/confident to do and Tailscale provides this service.

    Or add control lists yourself? [...] For ACLs, I guess Apparmor and/or SELinux profiles would be configured?

    Deploying network ACLs on your hosts indeed does not require you to use Tailscale. However they provide an centralised way to manage and deploy them, without worrying about the underlying OS and ACL system. Or even requiring you to have access to the host, it could be an authorised user trying to access your Tailscale network.

    Note: AppArmor/SELinux are more "system/process ACLs", not directly related to network ACLs. I'm oversimplifying a lot, they're difficult to describe without knowing your sysadmin skills.

    The removing a key I can understand why it's be a nightmare yourself, but how does Tailscale do it where it's just so simple?

    Simple: they ask you to run an agent on all of your Tailscale hosts and connect to their centralised platform. To paraphrase their blogpost: config management is centralized, but that doesn’t matter because it carries virtually no traffic. It just exchanges a few tiny encryption keys and sets policies. The VPNs and their traffic are a distributed mesh.

    EDIT: Another question I have is how does Tailscale work when I have a VPN for securing network traffic when browsing the internet etc.? Or is that just seamless?

    I'm not sure to understand this question, so I'll make an asumption: you're asking what happens if you run Tailscale on a host that already has a VPN configured to access the Internet.

    Tailscale (and Wireguard under it) is already a VPN solution, and tunneling a VPN inside another VPN is generally discouraged. But as Tailscale is providing STUN/DERP, if they manage correctly the MTU issues and things like that, I don't see an immediate reason why it should not work at all.

    You can configure Tailscale or Wireguard to create a VPN to access the Internet though.

    Once again, if you try to understand how Tailscale works, please read the links at the start of this post. RTFM, kids!

    On a more personal opinion, I find their solution clever and elegant. If I have the need for a distributed VPN solution in the near future, I will definitively consider it (or Headscale's). For the moment, I'm fine with all my hosts connecting to my homelab, configuring a Wireguard tunnel for each roaming host, and opening ports and creating rules on my firewall. Compared to IPSec or OpenVPN tunnels, it seems almost too easy each time.

    2
  • Jump
    Should I watch mirrored videos through Invidious or Peertube?
  • Use Peertube if one of your concern is to promote a world where YouTube is not the only way for a creator to host videos. It shows them (and sponsors) that the efforts to maintain another platform is viable. Resources are not the main issue for Peertube, as it uses WebTorrent to distribute a video using peer-to-peer.

    If you fear to miss something in the YouTube comments (really?), use Invidious.

    8
  • Jump
    How do you use Tailscale?
  • The main benefit of Tailscale are:

    • It solves the key distribution problem. If you have multiple Wireguard hosts in a mesh infrastructure, it can be tricky to change or remove a key quickly and consistently. No benefit if it's only a single tunnel between 2 hosts.
    • It provides STUN/DERP services to connect hosts behind firewalls or NAT, without opening ports or redirections.

    Tailscale also provides more advanced services or configuration helpers, such a file sharing (in alpha), ACLs...

    2
  • Jump
    Eternity (formerly Infinity for Lemmy) is now on Google Play!
  • I started typing a very long response explaining my risk model, how a malware on my mobile device will be a nightmare to my whole digital life, etc. Long story short, my case might differ from yours and I consider Izzy's security not enough for me.

    I consider myself fairly educated in infosec. Security is layered, no single measure can give you assurance it will not fail.

    I suspect Google to perform automated reverse engineering on the Play store apps. F-Droid get the source, not the binaries. Much easier to look for sketchy behaviour if you've got the sources. Yes, Google sometimes get malware on the Play store, but it usually does not stay very long or affects a lot of their users.

    Izzy simply does not have the resources to do so, so they use VT as a "replacement", which is not good enough for me; AV solutions have traditionally shitty engines for mobile apps.

    Also, Izzy is a much more confidential source for apps. Only a few (if any) security researchers will look at it. Even if someone finds a malware, I strongly doubt it will make news, even in IT security websites. Whereas the Play store or even F-droid...

    I don't blame them nor anyone using them, I'm just saying the risk of potential malware on my phone is not worth the benefit of installing bleeding edge apps for me.

    5
  • Jump
    Eternity (formerly Infinity for Lemmy) is now on Google Play!
  • Because of the disclaimer on this page:

    DISCLAIMER: I have not thoroughly checked the .apk files available here. As stated above, they are directly taken from the repositories of their resp. developers. Some basic measures are taken, though (see the Security section below). Still, use this repo at your own risk: I will take no responsibility whatsoever for any damages which might occur as result (not saying there will be any, though). Further note the inclusion policy of this repo (see the link above) is slightly less strict than F-Droid’s.

    4
  • Jump
    Eternity (formerly Infinity for Lemmy) is now on Google Play!
  • Thanks!

    I used Liftoff but I missed Infinity since I moved to Lemmy, didn't want to use IzzyOnDroid.

    Any plan on a build in the official F-Droid repo?

    19