I think they want you to add something like

guest ok = yes  

Isn’t there some example config installed along with samba, which you can modify or copy-paste? I think that’s more likely to be laid out correctly than a random internet tutorial which might be outdated or for another distro or another use-case…

Indeed, the story is funny and weird. Though he used to share lots of interesting and funny perspectives. And these days the Youtube comments underneath are way more funny and on point than all his content.

Idk, I can’t find that supposed Bluesky and Mastodon discussions, I think he made that up. And he fails to mention the email address is just a text field, people can put anything in there. And while highlighting it, he also completely fails to spot the timezone which is right next to it. And that’s set to UTC-4 so America east coast. And as a blogger/influencer he could at least have sent a mail and see if it bounces before reporting on it… And then he invents what the reviewer’s thought process was according to him, while the real next joke is their nationality, but he doesn’t spot that either. So I don’t know what to make of this. Sure he has a community and reach, and brings attention to niche things. But his own take on it tends to be wrong(?) and not in an inspiring way… In the old days he used to play devil’s advocate and I think that was extremely on point. But you can’t really fabricate “facts” and argue against that, because it turns it from a sarcastic, Socratic dialogue into just framing, spiked with misinformation and the next 15 minutes are just rambling and bullshit… And I think that’s a bit sad because we know he’s able to do more than that. And there’s no shortage of people rambling and talking bullshit, so there is no need for him to jump on it as well. It turns him from the troll he used to be into just your average anti-woke nut without any originality, just a Linux theme slapped on top…

Did Lunduke now entirely jump on that bandwagon? Seems he now does 3 videos a week “calling out” wokeness and “extreme” leftists and it’s become quite monothematic.

Yes. Waydroid is very nice. What do you use it for? I’ve come to the realization I don’t really need a lot of Android apps on my laptop, I have good Linux software for 99.9% of the stuff I do. So Waydroid mostly sits there, unused, while I use a regular Linux messenger client and Google Maps on the website.

Is there any tool to make this easy and back up the app data, wifi credentials, settings, calendar etc? Or do you just copy the files you’re able to access with the file manager?

Fair enough. I mean I’d pay about 200€ a year in electricity to run 3 efficient computers. And my VPS is only 73€ and I never have to pay for replacement parts (SSDs, harddisks) which I had to replace at home. And then they have gigabit network, low latency, a proper IP address, it didn’t fail yet so their reliability >99.6% seems to be correct. And that’s all way better than what I have at home. So it’s a no-brainer to go for that. But your calculation might be different.

I mean ultimately there is no harm in trying. If you have 3 old computers laying around, you might as well try setting up a kubernetes cluster. I think it’s going to prove difficult to handle the IP addresses but I’m not an expert on high availability and gaming clients.

But doesn’t that require some software-defined networking or a special network setup? I’m pretty sure with the average home internet connection, you’ll fail over to the replica at your friend’s home. But that has an entirely different IP address and the game client will not handle that gracefully. It’s going to disconnect. And you need to do some DNS as well to always point at the active server and forbid caching. In a datacenter or enterprise setting, sure. you’ll just reroute the traffic and nobody will notice.

I’d rent one (small) VPS for $10 a month and split the bill. As far as I know that’s how most people do it. It’s going to have >99.6% uptime, a fast datacenter internet connection at some central location and runs on enterprise hardware… The Kubernetes approach adds a lot of complexity, you’ll have your games disconnect anyway once it fails over as you can’t migrate the IP addresses. And there will be some additional traffic between the locations to keep everything in sync. And 4x chance of some of the hardware failing and someone needs to fix it. Unless I’m mistaken about how Kubernetes works.

Sure. We get security vulnerabilities in Chrome and Firefox all the time. Sometimes the libraries handling images are vulnerable and that’s a big issue. And zero-days are a small fraction of actual attacks, most likely you’re getting hacked because of old, vulnerable software. So updates are the first priority. And backups is something people also frequently forget to set up.

I don’t think OP’s dad will host a misconfigured cloud service on their computer or set an insecure password, enable ssh and then also open a port in the router. Most attacks on that list are specific to how internet servers are set up. And well, insecure old embedded devices. And we in fact have those systems targeted regularly. My servers gets bombarded with malicious traffic trying to get in.

Did you read the article? This Ringreaper thing is a method to hide something. It doesn’t have any means to infect a system. And it doesn’t really do anything except hide itself. It doesn’t delete your files, it doesn’t steal your passwords… It doesn’t spread… It’s not really what you think it is.

I’m sorry. Most I can find about “RingReaper” is that single blog post or people who rephrased it into their own articles. There seems to be zero information on how it spreads through the internet? And if anyone contracted RingReaper. And I can’t even discern how that’d get on someone’s computer unless they install it themselves (which is a form of malware, though not very pronounced on linux due to the distributions and central package repositories). There are no other methods highlighted in the post. And it can’t do privilege escalation either, just scan for other vulnerabilities. So is this a thing in reality and how can I find out? It seems like valid research to me, but I can’t see how it’s more than that… What I mean is, I can see how someone put the word “malware” in the title. But that in itself doesn’t really threaten my (or OP’s dad’s computer).

Thanks for the link. But that’s not a vulnerability or malware. It’s academic research how to hide malicious syscalls. But it can’t infect anyone’s computer. And there isn’t any vulnerability to let it in.

You’re wrong. How would an Apache exploit “hack” your Steam or online banking app? That’s just not possible.

Malware uses specific attack vectors and specific vulnerabilities.

For example it’s something that has an Apache webserver installed and that Apache is accessible from outside… So the Apache exploit can do something. Do you have both conditions met on your laptop/desktop computer? I’m pretty sure that won’t be the case, and that’s the difference here. And yes, that’s specific.

Can I get some list or a reference to educate myself? As far as I know it still holds true. There’s rootkits, a lot of old stuff and exploits of webservers or embedded devices, supply chain attacks towards developers and the one day the Mint ISO file got compromised. But I’m completely unaware of desktop computer malware with high risk or actually spreading?! And the list on Wikipedia seems to confirm what i said…

I think most Linux distros will be fine. As of today desktop marketshare is still small, the governments mostly work within custom business applications. And to this date Linux malware and viruses for the desktop are practically unheard of. The common attacks are against the browsers, not the underlying operating system (so do timely updates and install an adblocker) or we’d expect phishing or phone scams and that’s against the human in front of the computer, again not the operating system. That makes me say they’re about all alright. Of course they’re not all equal. Immutable distros and sandboxing will help here. But the real deal is other countermeasures, like be aware how phishing works and try not to mix online banking and pirating games from shady websites. That belongs on separate user accounts or even installed operating systems. And use password managers, 2 factor authentication and these things. (And don’t use Edge, or some browser from some random third-party repository.)

Probably the safe bet. Though I think my 8th gen Intel does AV1 decode as well. But it’s not hardware accelerated, so quite some cpu load and full hd is the limit, it can’t do 4k or anything fancy. And definitely no realtime av1 encoding.

Seems some people here advocate for a VPS, and I do it as well. I pay roughly 7€ a month for a small(ish) server with 4 cpu cores, 8GB of RAM and 256 GB of storage. That allows me to host a few services there, for example some websites and matrix chat, which I don’t want to go down if there’s an issue at home. And it allows me to do reverse proxying there, so I have the entire chain under my control. But there’s many ways to do it, and several other tunneling solutions (boringproxy.io, nohost.me, pagekite, ngrok, …) that I heard of.

And a lot of home internet connections allow port-forwarding. Not sure what your provider does, but I can simply open ports in my router and make them accessible from the outside, no VPS or Cloudflare needed. That’d be the direct solution. (And what I use for my personal services on my NAS.) Just mind that discloses your internet connection’s IP address to visitors, so they’ll learn the name of your provider and your rough location.

I’m fairly sure what you mean is, traffic is decrypted in the middle and the re-encrypted before it gets sent your way. Otherwise they couldn’t do proxying or threat detection/mitigation.