SoylentNews

Hi, having been around a while in different news sits, especially ones with a comments section I see a lot of "If Linux was as popular as Windows we as desktop Linux users would have a lot of viruses too. I would like to try and debunk this myth. Here is why it's almost impossible to have a Linux virus on Linux.

That's not to say there are no viruses for linux, just there are none in the wild, all have been concepts in a lab.

1. any executable that is downloaded from the web will not run without user intervention. first you would have to download it.

2. you would have to flip the executable flag to actually run it.

3 If what you have downloaded is actually harmful the most damage it would do is damage /home not the actual OS as the file would have no permission to write anywhere else.

4 Yes there are Antivirus for linux, ClamAV for one, most if not all Linux fellows use this to scan for Windows virus's whilst sending attachments to other people.

5. Most Linux users keep to what is in the repositories of their Distro.

6. No-one will run a Linux as root, unless brain damaged. There is no reason what so ever to run as root, except for installing, or troubleshooting, and usually that's done for minutes at a time.

Which brings me to a bugbear of mine in Linux, especially Ubuntu and spin offs and that's sudo. sudo to me is a bad idea, here is why (I am hoping someone can correct me on this) in a *buntu install you enter just one password, for argument sake I use password1. So I need to do something that needs root privledge say apt-get. So I open a terminal and type "sudo apt-get install me-tv" it asks for my password which is my user password.

Now this is the crux, if happy hacker manages to hack my user account, they found my username "present"(for argument sake) and the found my user password "password1" what is to stop them using sudo to mess my machine up?

This is why I use su, with su you need 2 separate passwords, (I personally have a simplish one for user and a longer and very different one for root (remote root login is disabled). so if they do get in under my user name/password they still can't gain access to the system itself, only my $home. Which is why my $home is backed up, ya never know.

Anyway, this has been playing on my mind and I thought I'd share.

I got news.. That nefarious organization known as NSA is gone! or perhaps there is room for improvement in the search function. Because I have a very distinct memory that there has been a lot of writing on that subject .. ;-)

It's a bit surprising that submitters and editors don't change all links in the submissions from http to https for those sites that support security. Considering that it's fully known that all internet communications is logged by various governments and shady organizations. This perhaps is especially true for readers in less than democratic nations. But the most obvious is the chain of eyes that any person that keeps them selfs informed know about. This information can be used against yourself or your friends at any time in the future. The people that spends big money into that storage operation wants something for their effort.

So make all links https that you can!

Imagine you have written an post. Taken time to check links, wording, context, language etc and perhaps even the facts! To have a look at the results you click "preview". However it perhaps took a while to complete so the server decided you have timed out or your connection fails, but you quickly get back with a new IP. However this makes soylentnews.org to go apeshit and claim "This resource is no longer valid. Please return to the beginning and try again." but if you go back your text is *gone*. Now you can rescue things with /dev/mem or fake webserver (hard with SSL). But any way you deal with it. You are in a world of PAIN. This is detrimental to the motivation to send posts to any site. Yes external editors is possibility and also an integration pain.

So my suggestion is to make sure that even if it takes hours to complete a post or if the IP changes. You still get your submitted post displayed which makes saving it way easier. Or even better cache any submissions for 2 days because the cookie usually reveals which user it is regardless of timeout and IP. So that they are under no circumstances is any submitted text LOST.

In the meantime a good advice to fellow submitters is to click in the text box "select all" and "copy". Then paste it all into a text file before hitting any button on the web page whatsoever. And keep the file as a backup because you can't really be sure where submissions go.

It seems that when you load soylentnews using https-encryption and then fill out the login form and click Login. You get directed after login to using the standard protocol http which features no encryption or authentication whatsoever. If you don't lock at your address bar, this is easy to miss!

This means the association between user-id and IP is spilled to any party that captures your network packets. Perhaps the password too? It also opens up for any man-in-the-middle spoofings.

It would be really nice if starting with https, left you in https mode.

It seems that a number of us are located in and around WNY.

I'd like to plan a Meet-up where we can sit around, drink and plot and plan.

does anyone have a location suggestion, and who would show up?

Once in a long while, I post something that is beyond the ken of mere mortals. Unfortunately, mere mortals take this as a disagreement of opinion. But in fact, it is not. I am right, and they are wrong. You may think I am being conceited in this, but I assure you, I have grounds for my position.

So I am wondering why, in the grande scale of things, I am disturbed when some ill-advised comment of mine is appropriately modded down. Yes, I probably had it coming. Yes, it is probably justified. And if I had just waited half a day, this would not have happened. But can't you see that I have gone from a karma rating of 50 to just a paltry 49!! Oh, really, not a big deal. We are all after the same thing here (except for those libertarian free market fucks that are trying to pump the site for all it's worth and then sell us out down the river to some corporation niced.).

Yes, I mod down posts, especially if they are ethanol fueled and full of racism, misogyny, and ignorance of too many categories to be categorized. Or Republican. We need to stand up for reason, science, evidencem and logical thinking. Any religious stuff is right out, and any libertarian/Republican economic ideology is on the same level. No bias, no prejudice, just that bullshit needs to be called bullshit, and not allowed to pass as polite conversation.

We are the last best place on the internet. We are People, we are soylent. We have to act like people, people who can think, reason, argue according to the rules of logic. That is all I ask. I hope it is not too much.

What is the point of News if you have no forum to discuss it?

What good is information if you have no means to share it?

What good is data and theory ; if there is no means of verification?

Long live LibreNews!

[[Ask Soylent]]

In response to rampant internet surveillance, the imminent demise of network neutrality, and problems with the certificate authority system, MaidSafe is designing new protocols to access the internet in a decentralized, cryptographically secure manner.

Briefly, the project is an open source app development platform based on client-side encryption and redundant online storage. Websites using the system would be immune from mass surveillance and censorship, and provide anonymous login and site verification without a certificate authority.

Should SoylentNews run under MaidSafe?

SoylentNews was formed to show people how good things might be without the abuse, as push-back against ruining "our garden", but the scope has narrowed considerably due to the change in management. Without a "product distinction", something that marks this site as "better" (or at least, "different") it runs the risk of being "just another news aggregator".

Throwing weight behind MaidSafe would give momentum to their project, while giving us product distinction and help solve some of the abuse. As early adopters we would help set the direction of their project, and we bring an enormous amount of technical insight and debugging ability. It would empower both projects.

MaidSafe is just getting started, so there will be kinks and issues. Also, SN should be dual interface until the new system gains momentum - perhaps "read-access" to the general internet using the existing protocols, but with user registration and login using MaidSafe.

SoylentNews is also just getting started, and there's been talk of house-cleaning some of the code. This is an opportunity to be an agent of change - to take back a measure of control - while at the same time becoming demonstrably different and better.

The torrent has ended. We lost Crewman Willikers in the wash. He had tied himself to the helm, and tried to keep course. We lost the wheel too; but the carpenter had a spare; and was able to patch it up. On the other hand he's not so sure of the patch to the hull, and wants us to find port. The sails will need patching, but for the most part the ship is sound.

The navigator says we're more than 200 off course; but the damn man wont provide any units. Could be parsecs for all I know. or Milliliters. or Pascals. bastard.

where's the damn grog?