Would be pretty useful, as far as I know there is no way to change /etc/{subuid,subgid} in the system configuration without manually editing.

Another annoyance with podman on guix is making / a shared mount doesn't work so changes in mounts aren't propagated.

My freshman year I had a windows VM, only for WeChat and MS Teams, but by 2nd year WeChat got Linux support and MS Teams can now run in the browser, so I deleted the VM halfway through 2nd year. Zoom can also run in the browser.

Also a good idea to make sure your microphone and camera works.

And don't update if there's a deadline coming up soon since it might break.

None of my professors required anything to be submitted as .docx. Every single general education class required PDFs for submissions, and programming classes were usually submitted by pushing to code to a Git repository. Group projects were all done in Google Drive which runs in the browser, otherwise latex usually worked (one prof even required latex). I never used LibreOffice, but I'm pretty sure it should be fine for PDFs.

Psychology might require a bunch of proprietary statistical analysis software that probably won't support Linux. I would say a windows VM is best for that. Although R is fine on Linux. I was in computer science so none of my classes required proprietary software. In total over every single class I think only C, C++, Haskell, and Python interpreters/compilers were needed which are all free software. In some of my classes professors said they would refuse to help anyone on Windows if they weren't using an Ubuntu VM. One even said he would subtract points if anyone asked a question about windows. One crazy prof said he would fail you from the class if he saw you developing in Windows instead of the VM. Also any classes that require Docker are going to be way easier on Linux. Some of my friends were electrical engineers and they had to use some big proprietary IDE's for flashing binaries to micro controllers which didn't support Linux, but they were using Windows anyways. Also any CAD software almost certainly won't work, a VM is needed for that.

If you do use a windows VM or dual boot or whatever, make sure to pirate Windows 10 LTSC since it has the least default applications installed and will run faster.

Doesn't bitcoins blockchain use some sort of consensus algorithm, so if one party has more than 50% of the compute power they control everything?

I don't think Russia is begging the US

og

So according to the posts he spent $80,000 of his own money to buy cloud services, DoS 2 routers for a day, then is suprised the CIA didn't hire him.

It's probably fake news

Doesn't that construction only work in categories that also contain their own morphisms as objects since a profunctor maps (Cᵒᵖ × C) → Set and not the same like (Cᵒᵖ × C) → C? Since the category of Haskell types special, containing its own morphisms, so the profunctor could be like (haskᵒᵖ × hask) -> hask? or I just don't understand it.

I found it! its the Glagolitic script used in the 9th century before Cyrillic took over:

ⰀⰁⰂⰃⰄⰅⰆⰇⰈⰉⰊⰋⰌⰍⰎⰏⰐⰑⰒⰓⰔⰕⰖⰗⰘⰙⰚⰛⰜⰝⰞⰟⰠⰡⰢⰣⰤⰥⰦⰧⰨⰩⰪⰫⰬⰭⰮⰰⰱⰲⰳⰴⰵⰶⰷⰸⰹⰺⰻⰼⰽⰾⰿⱀⱁⱂⱃⱄⱅⱆⱇⱈⱉⱊⱋⱌⱍⱎⱏⱐⱑⱒⱓⱔⱕⱖⱗⱘⱙⱚⱛⱜⱝⱞ

I don't think so:

(ქართული)	გამარჯობა

Doesn't look like it to me:

ልዩ ጊዜ ነበር። አሁን የሚሆነውን ለማስተዋል የኢንተርኔት አውራጃ ማረጋገጥ ነበር።

No that looks like

⌶⌷⌸⌹⌺⌻⌼⌽⌾⌿⍀⍁⍂⍃⍄⍅⍆⍇⍈⍉⍊⍋⍌⍍⍎⍏⍐⍑⍒⍓⍔⍕⍖⍗⍘⍙⍚⍛⍜⍝⍞⍟⍠⍡⍢⍣⍤⍥⍦⍧⍨⍩⍪⍫⍬⍭⍮⍯⍰⍱⍲⍳⍴⍵⍶⍷⍸⍹⍺

Yeah it sucks that Node is on a 2 year old version. I ended up just using a Docker container for that stuff. Weird that Guix has some packages years out of date while others are always bleeding edge.

Yooo rare fellow Guix user. After a while Guix motivated me to learn Scheme. IMO easiest way is to just read the first chapter of SICP, its only about 60 pages.

Yandex:

First result with a more up to date version. No AI, only quotes from the source. Still shows a bunch of SEO.

sudo bash -c "echo '0.0.0.0 www.youtube.com' >> /etc/hosts"

ez win

Back when I had to use a windows vm just did

qemu ... -net user,smb=$HOME/

then in the windows vm just type \\10.0.2.4 into file explorer. Does that not work?

man qemu says:

              smb=dir[,smbserver=addr]
                     When using  the  user  mode  network  stack,  activate  a
                     built-in  SMB  server  so that Windows OSes can access to
                     the host files in dir transparently. The  IP  address  of
                     the  SMB server can be set to addr. By default the 4th IP
                     in the guest network is used, i.e. x.x.x.4.

                     In the guest Windows OS, the line:

                        10.0.2.4 smbserver

                     must be added in the file C:\WINDOWS\LMHOSTS (for windows
                     9x/Me)  or C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS (Windows
                     NT/2000).

                     Then dir can be accessed in \\smbserver\qemu.

                     Note that a SAMBA server must be installed  on  the  host
                     OS.

Another way is to setup Spice and use a webdav daemon in Windows to transfer files over Spice folder sharing.

You could also just RDP to the machine which is probably the easiest.

The simplest would just be to scp files to and from Windows. Like in powershell do scp -R yourusername@10.0.2.2:~/path/stuff output_dir to get files from Linux.

Lemmygrad works, hexbear doesn't.

Lemmy.ml got blocked while I was there, it stopped working one day back in July/August, I forgot.

Lemmy.world was working last time I checked.

It doesn't really matter though since you can see posts on hexbear from lemmygrad.

The arch wiki has some stuff on kernel hardening. The Gentoo wiki has a lot of hardening stuff and is deeper since you can set your own compile flags.

Do you mean hardening the kernel or hardening user space?

For hardening the kernel there's patch-sets out there that add in extra measures like address space randomization for processes and restricting some system calls. Arch uses this kernel. Also look at Gentoo's kernel ebuild which has a hardened use flag . I don't really understand the reasoning behind everything, and it will have a performance penalty. You could probably easily make a new package definition to build any hardened kernel patches you want.

Linux also has an optional SELinux system that can be enabled during compilation. It implements an ACL on top of the regular Unix style owner/group permissions in the filesystem. Guix has some support for it, but barely anyone uses SELinux (Arch doesn't even support it), although Gentoo does due to the flexibility of portage. So enabling SELinux on Guix is going into a niche of a niche with little support, but it's pretty interesting to learn about.

For user space the usual advice is try to run as few programs as possible as root. For example the default set of %desktop-services has a lot of extra services you probably don't need like Avahi.

Going deeper into impracticality, if you really really want you can change the compilation options for programs to add security measures like position independent code, stack canaries, extra control flow protection, address sanitizers, but these will all have performance penalties. You can take inspiration from how Gentoos hadened toolchain does it. These modifications are practically only possible on source based distros like Gentoo, Nix, and Guix since you need to recompile the program to add these measures in. You can probably add to packages fairly easily with a package transform like options->transformation by adding -fstack-protector-strong -fstack-clash-protection -fcf-protection=fullto the CFLAGS or something.