I haven’t used that e reader in 3-4 years, but I remember using ublock to kill some of the scripts they had to allow me to copy/paste into my notesheet and stuff like that. It also made it slightly less shit to read

I’m not really able to help out right now beyond what I said, but fuck cengage, their books were such a pain to read. Fuck paying 120$ to rent that sack of shit for 90 days.

Good luck with this.

I believe amazon has something similar for their workspaces. This isn’t a new concept.

That’s a fun mistake to make. I had a similar thing happen with Kubuntu uninstalling my GPU drivers. I could never figure out what caused it.

I work in security, and I’ve seen a lot more EDR killers lately. Every incident I’ve seen regarding ransomware or potential ransomware has used EDR killers while compromising DCs, backup servers, file servers, and the odd workstation used for persistence.

Absolutely.

I don’t have a CS degree, I have a Cybersecurity and Forensics one. But, I love programming, and between the overlap of the two degrees and and my advanced designation I ended up taking about 3/4ths of the classes needed to get a CS degree.

Diversifying helped so much with me becoming a well rounded developer. My assembly programming class, while optional for CS, was mandatory for me, made me a significantly better dev. That assembly knowledge got me to become a skilled debugger, which made my C++ classes 10x easier, and it helped me understand memory at a lower level, making the memory problems easier to diagnose and fix.

I convinced a CS friend to take one of my cyber classes, Reverse Engineering, and he found te components of the class where we analyzed a vulnerable program to find and exploit the vuln, or the bit where we tried and determined the bug based on malware that exploited it is insightful to learning to program securely.

Learning about the infrastructure used in enterprise during a Windows admin or Linux admin class will make it easier to write code for those systems.

From the cybersecurity perspective, many of my CS classes carry me hard. Knowing how programs are written, how APIs are developed, and how to design complex software lets me make more educated recommendations based on what little information I’m given by the limited logs I am given to investigate. Writing code that interfaces with linux primitives makes it easier to conceptualize what’s going on when I am debugging a broken linux system.

I have tons of experience with enterprise linux, so I tend to use Rocky linux. It’s similar to my Fedora daily driver, which is nice, and very close to the RHEL and Centos systems I used to own.

You are slightly mistaken with your assumption that debian is insecure because of the old packages. Old packages are fine, and not inherently insecure because of its age. I only become concerned about the security implications of a package if it is dual use/LOLBin, known to be vulnerable, or has been out of support for some time. The older packages Debian uses, at least things related to infrastructure and hosting, are the patched LTS release of a project.

My big concerns for picking a distro for hosting services would be reliability, level of support, and familiarity.

A more reliable distro is less likely to crash or break itself. Enterprise linux and Debian come to mind with this regard.

A distro that is well supported will mean quick access to security patches, updates, and more stable updates. It will have good, accurate documentation, and hopefully some good guides. Enterprise linux, Debian and Ubuntu have excellent support. Enterprise linux distros have incredible documentation, and often are similar enough that documentation for a different branch will work fine. Heck, I usually use rhel docs when troubleshooting my fedora install since it is close enough to get me to a point where the application docs will guide me through.

Familiarity is self explanatory. But it is important because you are more likely to accidentally compromise security in an unfamiliar environment, and it’s the driving force behind me sticking with enterprise linux over Nixos or a hardened OpenBSD.

As a fair word of warning, enterprise linux will be pretty different compared to any desktop distro, even fedora. It takes quite a bit of learning, to get comfortable (especially with SELinux), but once you do, things will go smoothly. you can also use a pirated rhel certification guide to learn enterprise linux

If anything, you can simply mess around in a local VM and try installing the tools and services needed before taking it to the cloud.

This is why I did a “walkthrough test” when I had to write documentation on this sort of thing. I’m a terrible technical writer, so this shit is necessary for me.

I grabbed my friend who knows enough about computers to attempt this, but not enough about infrastructure to automatically know what I meant when I was too vague.

Took two revisions, but the final document was way easier to follow at the end

I’ve heard wazuh can do authenticated vuln scanning, but since I’ve scaled down my homelab and hardened it to a point that vuln scanning is not currently needed I’ve had no need to do so. I have a friend deploying wazuh at his job so I’m gonna have to reach out to him some time to learn how he is doing it once I start growing my lab again.

I use nuclei for networked vuln scanning, which is all I really need right now. Works well with community rules, but it is a cli application. I really like how I don’t need to deploy it on a dedicated device, I just run it using all rules on the subnets that I want to scan from my laptop, which I have plugged into a vuln-scanning network with open fw rules, and check back in half an hour. Once I get a few more raspberry pis, I’ll have one on such a network that I can just run a scan from.

Maia Arson Crimew, one of my favorite hackers, is in a webring https://maia.crimew.gay

I love paul klee, and I’m surprised to see his work here.

Thanks!

If you have no desire to do rudimentary googling for a group project in college, that sounds like you aren’t a very helpful teammate. Last time I generated certs I used the first stack overflow result and was done in minutes, there’s no excuse.

It was a project requirement, PHI was processed by it, so yes, it needed a secure connection. I now realize I should have used mutual auth, but hey, I only learned about that after that project

We never sent actual data to it (the actually sensitive data used for training never left a secure VM), but the point of the course was to act like we were. Plus, setting up an nginx reverse proxy is simple, setting it up and getting certs from some ssl commands is a 10 minute task that appeases the project manager/professor with minimal effort.

I was doing a group project in college where we had a Linux server running some of our custom software. I asked a group mate who worked in IT to self-sign some certs so we could get https up and running for our next sprint demo.

He installed a fucking snap package to do it via certbot. On fucking RHEL. And that server was not hosting an internet-accessible service. And he didn’t know why I lost my mind.

I run two APs, and a Unifi server running on a thin client linux server.

I have the U7, and the U6 extender that goes in a wall outlet

I have a few of their small poe powered ethernet switches, they’re great since I have a poe switch as a backbone I can put it near a group of devices in a room, like consoles, raspberry PIs, etc, and just not have to worry about much setup or powering yet another tiny device.

Highly recommend unifi devices

Would it help you to know it was the soldering iron my dad got when he finished his electrician apprenticeship in the early 80s, which was probably a decade old at that point

When I say explode, I mean the tip shot bits in a 1-2 inch radius after I put pressure on a thick copper wire. It nearly hit my non-dominant hand which was holding the circuit board on the floor tile I used to isolate my soldering shit from the now singed table

Oh, is this why my old soldering iron had the tip explode?

Good to know.

I feel that.

Three years ago I moved to fedora and RHEL based distros like Rocky for my devices and servers because I’ve gotten suck of Canonical’s shit. Don’t regret it.

Linux passwords can be set to expire. A non-expiring password is sometimes just set to expire so far in the future that it will not be reached by the user (such as 100 or 200 years). A really broken clock could surpass that and cause expiry.