Exactly.

I use it a lot on my systems for very simple scripts because I am significantly more experienced in python compared to bash.

I remember getting given a 10k line python script which “was the documentation” for an API i had to interact with using powershell. I hated life so much because of that stupid project.

It’s the best scripting language I know of, but man I hate dynamically types languages. I am so used to rust and C/C++ that reading any large script or program will drive me insane

Sorry, but you weren’t the type I thought you were all the time

Me with python

That’s a fun mistake to make. I had a similar thing happen with Kubuntu uninstalling my GPU drivers. I could never figure out what caused it.

The world is full of creatives who make things without any expectation of income, but people create anyways. Look at open source software, or the many youtubers who don’t get enough views to get paid yet they post anyways. There’s quite a few journalists who operate solely on optional donations.

Fuck IP. Copyright is theft. IP kills.

I’ve run into the same problem with an API server I wrote in rust. I noticed this bug 5 minutes before a demo and panicked, but fixed it with a 1 second sleep. Eventually, I implemented a more permanent fix by changing the simplistic io calls to ones better designed for streams

Absolutely.

I don’t have a CS degree, I have a Cybersecurity and Forensics one. But, I love programming, and between the overlap of the two degrees and and my advanced designation I ended up taking about 3/4ths of the classes needed to get a CS degree.

Diversifying helped so much with me becoming a well rounded developer. My assembly programming class, while optional for CS, was mandatory for me, made me a significantly better dev. That assembly knowledge got me to become a skilled debugger, which made my C++ classes 10x easier, and it helped me understand memory at a lower level, making the memory problems easier to diagnose and fix.

I convinced a CS friend to take one of my cyber classes, Reverse Engineering, and he found te components of the class where we analyzed a vulnerable program to find and exploit the vuln, or the bit where we tried and determined the bug based on malware that exploited it is insightful to learning to program securely.

Learning about the infrastructure used in enterprise during a Windows admin or Linux admin class will make it easier to write code for those systems.

From the cybersecurity perspective, many of my CS classes carry me hard. Knowing how programs are written, how APIs are developed, and how to design complex software lets me make more educated recommendations based on what little information I’m given by the limited logs I am given to investigate. Writing code that interfaces with linux primitives makes it easier to conceptualize what’s going on when I am debugging a broken linux system.

I have tons of experience with enterprise linux, so I tend to use Rocky linux. It’s similar to my Fedora daily driver, which is nice, and very close to the RHEL and Centos systems I used to own.

You are slightly mistaken with your assumption that debian is insecure because of the old packages. Old packages are fine, and not inherently insecure because of its age. I only become concerned about the security implications of a package if it is dual use/LOLBin, known to be vulnerable, or has been out of support for some time. The older packages Debian uses, at least things related to infrastructure and hosting, are the patched LTS release of a project.

My big concerns for picking a distro for hosting services would be reliability, level of support, and familiarity.

A more reliable distro is less likely to crash or break itself. Enterprise linux and Debian come to mind with this regard.

A distro that is well supported will mean quick access to security patches, updates, and more stable updates. It will have good, accurate documentation, and hopefully some good guides. Enterprise linux, Debian and Ubuntu have excellent support. Enterprise linux distros have incredible documentation, and often are similar enough that documentation for a different branch will work fine. Heck, I usually use rhel docs when troubleshooting my fedora install since it is close enough to get me to a point where the application docs will guide me through.

Familiarity is self explanatory. But it is important because you are more likely to accidentally compromise security in an unfamiliar environment, and it’s the driving force behind me sticking with enterprise linux over Nixos or a hardened OpenBSD.

As a fair word of warning, enterprise linux will be pretty different compared to any desktop distro, even fedora. It takes quite a bit of learning, to get comfortable (especially with SELinux), but once you do, things will go smoothly. you can also use a pirated rhel certification guide to learn enterprise linux

If anything, you can simply mess around in a local VM and try installing the tools and services needed before taking it to the cloud.

This is why I did a “walkthrough test” when I had to write documentation on this sort of thing. I’m a terrible technical writer, so this shit is necessary for me.

I grabbed my friend who knows enough about computers to attempt this, but not enough about infrastructure to automatically know what I meant when I was too vague.

Took two revisions, but the final document was way easier to follow at the end

I’ve heard wazuh can do authenticated vuln scanning, but since I’ve scaled down my homelab and hardened it to a point that vuln scanning is not currently needed I’ve had no need to do so. I have a friend deploying wazuh at his job so I’m gonna have to reach out to him some time to learn how he is doing it once I start growing my lab again.

I use nuclei for networked vuln scanning, which is all I really need right now. Works well with community rules, but it is a cli application. I really like how I don’t need to deploy it on a dedicated device, I just run it using all rules on the subnets that I want to scan from my laptop, which I have plugged into a vuln-scanning network with open fw rules, and check back in half an hour. Once I get a few more raspberry pis, I’ll have one on such a network that I can just run a scan from.

Maia Arson Crimew, one of my favorite hackers, is in a webring https://maia.crimew.gay

It’s not just the phone manufacturer, but the mobile carrier, and apps with access to your location (like weather apps, or map apps)

I run two APs, and a Unifi server running on a thin client linux server.

I have the U7, and the U6 extender that goes in a wall outlet

I have a few of their small poe powered ethernet switches, they’re great since I have a poe switch as a backbone I can put it near a group of devices in a room, like consoles, raspberry PIs, etc, and just not have to worry about much setup or powering yet another tiny device.

Highly recommend unifi devices

Collective will is just the myth that is used to legitimize the state

The state is also so much more than the will of the governed. To say that it is all there is to it would consider governments like those governed by the divine right of kings fo be stateless. Stalin’s Russia, or Kim Jong Un’s DPRK would then be stateless.

I feel that.

Three years ago I moved to fedora and RHEL based distros like Rocky for my devices and servers because I’ve gotten suck of Canonical’s shit. Don’t regret it.

That’s some serious capitalist realism you’ve got there, it would be a shame if you were incorrect.

Real big shame…

It would also be a shame if people are trying to put said other systems in action right now

Real

big

shame

Linux passwords can be set to expire. A non-expiring password is sometimes just set to expire so far in the future that it will not be reached by the user (such as 100 or 200 years). A really broken clock could surpass that and cause expiry.

I do that to my dead drives, but I’ve only had one fail that wasn’t an SSD. Moreso because the washers that separate the platters have a very satisfying ring to them that makes me keep them as a fidget toy.

I use the magnets to hold screws, it works great for that.

Unfortunately, SSDs have less interesting parts, so I just take them apart to destroy the chips after failure