Yup. You can only add the nopax flag as root, so if your system is already hosed, not much else you can protect. Root has access to ring 0 so anything goes with access like that. Stuff like pax would slow them down for sure and stop script kiddies, but root access is root access.

No privileged accounts can’t do anything with the nopax flag. That’s why you should configure your system to not run things as root as much as possible. Personally; on desktops, I don’t even use a sudoer natively. I have to su into my sudoer account in order to run root commands.

GrSecurity adds so many layers of protections to the kernel. They are literally decades ahead of the vanilla Linux kernel in terms of security. With all of the hardened GrSec settings checked/configured correctly, it stops the majority of 0 ring exploits (at least when I was running it before they went full GPLv2).

PaX is an awesome part of GrSec. Mprotect stops any read and write and execute access to memory in both user and kernel lands (only rx or wx). Stuff like web browsers won’t work unless you have a program to mark it in elf to not use pax. However, this kills a lot of exploits with that turned on by itself (though there are probably work arounds if you are developing exploits which the other features would hopefully catch). That’s why people installed 3rd party unmainlined security patches, but that’s just me maybe idk.

I hope this venture will be more fruitful than the copy paste code that people kept trying to push to the hardened Linux kernel project (despite the maintainers best intentions and countless efforts to stop that)

Uhh sir Linus, this is a Wendy’s Linux kernel.

.

Why force your political beliefs on something that has nothing to do with?

I think the main reason Firefox isn’t on there is because redox os doesn’t use Wayland and x11. Porting firefox would be a massive effort unfortunately.

😂

If you want something like Mac, use elementary os.

Put not your trust in princes or sons of men, in whom there is no salvation. His breath departs, he returns to the earth. On that very day his plans perish.

Put not your trust in princes or sons of men, in whom there is no salvation. His breath departs, he returns to the earth. On that very day his plans perish.

Jesus Christ is better than that girl (or guy) that said they would die for you Jesus Christ did actually died for you. Jesus Christ’s love is real.

Ftfy

If libre/open office isn't your thing, there's always cloud based ones like office365 and google docs.

I also found this. Never heard of some of these things, so I can't really recommend them.

https://itsfoss.com/libreoffice-alternatives-linux/

You can also use ms word in wine if you're writing. However; if you're opening docs from the internet, I wouldn't recommend opening them up in anything running in wine. Remember, wine is a windows emulator based on windows 2000.

Good find! I want to test this out this weekend :)

Look for something that can do rtsp streaming. Reolink, amcrest, ect. Its all cheap Chinese cameras that almost definitely dial out to some Chinese server.

What I do is have all cameras connected on a wireless router with no internet, use zoneminder on a Linux that is connected to my home network via Ethernet and the camera network via WiFi, and allow https into my home network from my VPN

I did this in college with windows 7. I don't think it works on 10, but could be mistaken.

Tell me, how is Zelinsky not a fascist? He and his government has been persecuting the Ukrainian Orthodox Church for well over a year now, countless Nazi groups in his military wearing pagan Nazi symbols. Heck, Canada recently "honored" a general that was literally in the Nazi army back in WW2 and Zelinski said he's a "Ukrainian hero"

Memory eternal

In the realm of firewall applications, i use the following: ° Ipfire is easy to use, but lacks ipv6 support and it doesn't have otp. It has lots of packages though.

° Alpine is good, if you don't want a GUI or want to spend time figuring out how to build a web ui (really good for beginners as its mostly xml)

° openwrt is good fit for low end hardware (SPARC or arm processors mostly) but also works on x86.

° opnsense - like pfsense, but more up to date. Has some quirks in it (like if you block both incoming and outgoing, but just want to allow 80/443, the rules look weird…like the direction you have to allow is in, but destination is 80/443. Very strange bug that isn't in pfsense).

° hardenedbsd firewall - literally just opnsense but with hbsd's fully patched kernel. No repo though.

That being said, you can make any distro a firewall, just use iptables/pf/ipfw/ipfilter rules through command line, and you can add anything in that distros repo you can think of.

Personally, I'd advise to use opnsense over pfsense. Opnsense kernels are more up to date, and the devs are less toxic.

Ipfire is a Linux alternative that is easy to use, just no otp.

Lord have mercy. Canada has lost their minds.

Hahhaa yes

More like google searches and a lot of CTL+c and CTL+v