🐛 month

It says “sysadmins should prioritise patching”, but… has it been patched yet?

Pause and resume are nice but dd also gives you the permissions. It copies everything, byte for byte, hence why it’s a “low-level copy”

Well at least it didn’t save us -10^100% and just post the text equivalent of a ZIP bomb

Well, not really. Someone on Reddit told me the solution.

I wasn’t aware that rsync also copied system files. I’m curious to know why my method is unsafe. The only potential problem I see with what I did is mixing up if and of in dd.

Resizing the filesystem with resize2fs solved the issue.

I figured it out. I need to run resize2fs afterwards. I ran sudo resize2fs /dev/mapper/luks-5e5f911c... and that solved the issue.

Yes, it is enough. Generally, the default handling of connections on Linux is enough but having ufw can’t hurt. Certain developer or server software may not work unless you add UFW exceptions for them. They don’t know how to do this on their own.

By default, without a firewall, any program can communicate through any port it wants as long as it can bind that port. Ports that are special or low-numbered (e.g. TCP port 21 is reserved for FTP) require root to be bound. Otherwise, a program can bind any port that isn’t already in use by something else. All incoming connections to a port that isn’t bound will be refused and the information discarded.

Edit: Your router also usually has a firewall that is strong enough for most everyday purposes.

If you installed it via your distribution’s package manager, the maintainers should either push the package or backport the security fixes within the coming weeks.

For me, nothing. Everything I want to do works without root. I don’t tinker with my phone. It doesn’t do anything cool anyway and that’s what I have a PC for.

Bitcoin Core went from 0.20.1 to 0.21 to 0.21.1 to 22.0 in 2021. Even though it was completely functional for over a decade at that point and was handling billions of dollars in transactions

A “couple hundred peers” is a lot easier said than done. That being said, it does happen and you are correct that having a lot of seeders doesn’t guarantee a safe download.

All of the three conditions I mentioned are neither sufficient nor necessary for a safe download, but there is a strong correlation. Unless the torrent is official (e.g. official Linux distro torrents), there is always some chance of a bad download. The chance can be low but is never zero.

Software is software. You’re downloading shady software off the Internet anyway, but there’s one key difference:

• Torrent sites (such as The Pirate Bay) usually have systems of trusted uploaders. These are marked with a green/purple skull next to the file in search results.
• A torrent with a large number of seeders (think: hundreds or thousands) is less likely to contain a virus because nobody honest would seed a malware torrent and it’d cost a lot to fake that many seeders across the world.
• Torrenting software verifies the integrity of downloaded data. It uses a cryptographic hash function for this so it’s impossible for a seeder to send you a tampered file (that is different from the file you intended to download). When you use a torrent file or magnet link, it contains the hash of the file so if what you receive does not match the hash then the torrenting software will discard it.

I think that’s because of Chinese people’s travelling habits. Popular domestic travel destinations include Hainan for a tropical experience, Sichuan for pandas, Beijing for landmarks, Hong Kong for fake Britain, Macau for gambling, and Taiwan because it seems foreign enough without being actually too foreign (to Chinese people).

Hong Kong, Macau, and Taiwan require travel permits to enter, despite the Chinese government considering them “domestic”. They kinda straddle the line between actual domestic and international. Regardless, it’s not common for Chinese people to have phone plans that work in Hong Kong, Macau, or Taiwan, so they’ll buy the disposable SIM cards I talked about earlier. That’s why phones typically have two SIM slots.

Getting visas to travel internationally is a pain for Chinese people because they have to visit a consulate or embassy, apply, and then be subject to high scrutiny. After all, it seems everyone’s scared of Chinese spies nowadays. It’s also very expensive by Chinese standards compared to applying for a cheap HK/MO/TW travel permit. The People’s Republic of China passport is pretty weak compared to European or American passports. Chinese people can get visa-on-arrival or visa-free access in South Asian countries, Central Asia, or Africa, but these destinations are not popular with Chinese tourists.

Yes, it’s called torrenting software. If you are just downloading regular things using a “download” button, that’s amateur piracy.

This isn’t exclusively an American thing. I went to China and it’s extremely common to see SIM cards being hawked on the street and sold to tourists. They’re disposable and quite convenient. You buy them on the street, pop the SIM card in, get an activation text, and then you get data for a week before it stops working and you throw it away. They come with different data amounts and durations. But eSIMs do exist as well there, although it’s not nearly as convenient. You need to register your identity (surveillance purposes) and sign up for a regular phone contract. I haven’t seen any disposable eSIM plans there yet.

I’m confused by what you’re trying to do with this comment. What does “the[y] absolutely are” refer to?

I don’t think investors are idiots. They will look at whether the development community will accept whatever those changes end up being, or see whether Unity will just quietly let this thing die and pretend it never happened.

It’s harder to be stupid when it’s your money on the line.

You can try some free Linux antivirus software programs like ClamAV but realistically, as long as you mainly install software through your distro’s package management software or graphical app store, you’re probably fine.

Although not all open-source software is safe, it’s a hundred times less likely to be malicious for the sole reason that it’s out in the open for someone to verify, and they’d get busted immediately if they tried something untoward.