Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    networkException
    @networkexception:chat.upi.li
    [m]
    On what bases to they provide credits? Do you get a VM to configure or is it some locked down system?
    wchen342
    @wchen342:matrix.org
    [m]
    It's a VPS machine. They count costs on a hourly basis unlike others so you need to shutdown the machine when not using them.
    But for me they give me like $150 once and I can use it for about 5 months.
    networkException
    @networkexception:chat.upi.li
    [m]
    Ah I see
    covid-1984
    @covid-1984:matrix.org
    [m]
    What do you think is the best sandbox you can run UG in for the best protection? Perhaps have the profile folders mounted into a docker or podman environment that doesn't run as root?
    networkException
    @networkexception:chat.upi.li
    [m]
    that sounds quite complicated
    I'd just use flatpak?
    3 replies
    not too sure how strong the sandboxing is tho
    covid-1984
    @covid-1984:matrix.org
    [m]
    Idk about flatpak security
    networkException
    @networkexception:chat.upi.li
    [m]
    yea ik but that only complains about default permissions
    1 reply
    you can adjust those
    covid-1984
    @covid-1984:matrix.org
    [m]
    Nicer, I think, to run the thinnest possible container with no root privs and files selectively mounted
    But I wonder about dataloss if the docker service crashed (or something). Maybe the host is just backing up the profiles dirs for a bit to test.
    networkException
    @networkexception:chat.upi.li
    [m]
    I think the most common method is using com.github.tchx84.Flatseal to limit directory access
    jason1923
    @jason1923:matrix.org
    [m]
    hi, is there a way to disable Progressive Web App install prompts?
    covid-1984
    @covid-1984:matrix.org
    [m]
    Are there any security improvements to vanadium that could be applied to UG too?
    networkException
    @networkexception:chat.upi.li
    [m]
    I've looked through the patches quickly, seems to be mostly default settings and basic fixes
    2 replies
    covid-1984
    @covid-1984:matrix.org
    [m]
    Would be curious to know if Eloston & wchen342 think running UG in (a well-configured) firejail would provide another layer of protection (between attacker & your filesystem) in the case of chromium 0-days.
    2 replies
    covid-1984
    @covid-1984:matrix.org
    [m]
    :point_up: Edit: Would be curious to know if Eloston & wchen342 think running UG in (a well-configured) firejail or bubblewrap would provide another layer of protection (between attacker & your filesystem) in the case of chromium 0-days.
    covid-1984
    @covid-1984:matrix.org
    [m]
    https://theevilskeleton.gitlab.io/2021/02/11/response-to-flatkill-org.html -> gonna study this and look into the best config options for flatpak for running chromium, for now.
    wchen342
    @wchen342:matrix.org
    [m]
    The topic can be expanded all the way to pages, and it is not a "right vs. wrong" thing. Some very quick points being: 1. bubblewrap is better in terms of security, failjail has better usability; 2. Like flatpak, failjail needs to be set-up correctly otherwise it's a placebo; 3. Linux desktop is inherently insecure, thus Qubes. However security is usually not the first priority in the choice of using Linux; 4. It is kind of unfair to blame flatpak because packages set their own permissions; it can be improved probably with a permission whitelist like Android but that's a design choice.
    wchen342
    @wchen342:matrix.org
    [m]
    It depends on what the package maintainer did for the package. Is it rany ?
    rany
    @rany:fairydust.space
    [m]
    wchen342: I haven't hardened the permissions too much in an effort to reduce bug reports related to broken functionality. By default I allow access to the read-write access to the home directory and all devices (webcam, GPU, etc)
    You could use flatpak-override or a front-end to it like Flatseal to change that and harden it
    digital mystik
    @digital-mystik:matrix.org
    [m]
    hello this is probably a silly question but I am not a seasoned chromium user.. how can I disable the home screen shortcuts from visited websites? I could not find any pertinent settings and am not sure how its persisting
    I have site data to clear on exit.. hmm
    digital mystik
    @digital-mystik:matrix.org
    [m]
    nm, read a few of the github issues regarding it
    networkException
    @networkexception:chat.upi.li
    [m]
    You can also set a custom new tab page with the custom-ntp flag (in case there's no other way to disable them)
    Kurt Fitzner
    @VA1DER
    Hi all. I'm having issues using UG to log onto Microsoft Teams. I'm curious if this is a known issue and/or if anyone knows a config setting that might make it work.
    networkException
    @networkexception:chat.upi.li
    [m]
    Are you getting a specific error?
    Kurt Fitzner
    @VA1DER
    I'm able to log in to my account, but when it loads teams it hangs on the load until it times out and gives a generic "We've encountered a problem". When I log in from browsers that work, it flips through about a half dozen URLs that it fetches. On UGC it stops after about the second. I wondered if it had to do with the auto-https when no transport method is specified, but that's just speculation.
    networkException
    @networkexception:chat.upi.li
    [m]
    hm
    works for me on flatpak
    and auto https didn't make a difference
    Kurt Fitzner
    @VA1DER
    Thanks. I'll try it on Linux.
    Kurt Fitzner
    @VA1DER
    Doesn't work on Linux either. Same issue. Hangs with "Loading Microsoft Teams" on the bottom left and the logo in the middle until it times out.
    I can't find any good privacy-focused browser that works with my Teams. I hate having to use Chrome.
    networkException
    @networkexception:chat.upi.li
    [m]
    Well if it works for me it should also work for you really
    Do you have cookies enabled? For me it complained about that
    Kurt Fitzner
    @VA1DER
    Oh... I had to stop blocking third party cookies. Makes sense, it's a government teams portal.
    Thanks
    networkException
    @networkexception:chat.upi.li
    [m]
    I didn't think about saying that earlier because for me the error was really verbose, it even told me a list of domains to add as exceptions but I guess thats not a thing with the portal maybe
    Kurt Fitzner
    @VA1DER
    Just said nothing on mine. Anyway, working now. Can't wait to uninstall Chrome
    josh roberts
    @pheonix3083:matrix.org
    [m]
    any help for a n00b? ive recently dropped chrome for ungoogled chrome browser. im having trouble setting up widevine plugin. needed netflix
    done all the relevant searching for answers etc already.
    while looking at the relevant documentation for the browser. the directions were to copy/paste widevine files into the widevinecdm folder. but still there is an issue
    networkException
    @networkexception:chat.upi.li
    [m]
    What instructions did you follow and what issue are you experiencing?
    josh roberts
    @pheonix3083:matrix.org
    [m]
    so from ungoogled documentation
    it states i have to download widevinecdm files and place them in the programs widevine folder. then i went to chrome compartments to update widevine plugin. the update doesnt finish and the version stays at 0.0.0.0