Not only does it need blocking on the wheels, but that thing’s also apt to be stolen with the hitch just sitting there like that. They might consider parking a car in front of it too.

Black eyed peas. I’m not gonna tellya twice.

This is pretty cool!

It works in Termux on Android too, you just need to uncomment the MacOS/Darwin cachefile line

Sometimes I add mashed potato to it and then I deep fry scoops of it to put on my ice cream. Its like a Thai version of latkes.

I also mix it with whiskey, variously bourbon or maple whiskey, maybe white dog, and use it for eye drops.

Or you can put it in a food dehydrator to dry it out and make a powder of it so you can snort it.

Ah, that makes sense. Fair enough, I guess Incan disable that plugin now.

Yeah, sorry… My head was in 1000 different places when I wrote that. Sloppy of me.

Overall I agree with the general statement that less code is better, except perhaps in this case it is not.

What I had been trying to say is in-browser privacy implementations are liable to be incomplete from the perspective of privacy minded users because the software publishers, say, Mozilla, are competing for market share of installed, default browsers. One way they maintain market share is by having the fastest and most accurate page renders for the widest base of use cases. To do this requires, in part, some cooperation from website developers whose vested interest in part is in driving ad serves.

Therefore, it’s in the browser publishers’ interest to implement enough privacy and blocking features to effectively stop malware and common nuisances, but not completely cripple ad blocking since ads are a key part of web site operators’ revenue. They’re trying not to alienate that part of the web economy such that their browser suddenly starts hitting those “please turn off you ad blocker or select another browser” paywalls.

Mozilla pretty much said this was the case a few years ago when they opted not to turn on the privacy features by default in new installs because the advertisers threatened to start hobbling websites for Mozilla browsers. I don’t know that the situation has really changed much since then.

Anyway, my point was that the in-browser privacy features are a good start and should be enabled, but also that they amount to little more than a fig leaf over the question of effectively blocking ads. Loading the adblockjng extensions accomplishes a few things for the user. First, the extensions grant a more complete, uncompromised blocking experience for the user. Second, it grants the user finer-grained control over the whole web experience, letting the user decide what ads and cross-site data sharing occurs. Finally, the code is independent of the browser and so it doesn’t alienate the site owners from the browser publisher.

For Mozilla, it shifts the responsibility of incomplete page loads and breakage onto the user, which in my opinion is where we want it.

That’s why I’m advocating for doing both in this case: because the browser publishers have a vested interest to remain relevant in an economy that wants you to see the ads, and will do everything it can to make you click them. The best defense against for the user that is a multilayered approach.

Finally, I do want to acknowledge that I’m using the terms “privacy” and “ad blocking” too loosely here since they are separate, distinctly nuanced topics. The extensions help more in the ad blocking space than the privacy space, but in what I wrote I think its fair to say that overall the extensions do improve outcomes where the two spaces intersect.

Anyway, nice chat. Thanks for keeping me honest

UBlock Origin
NoScript
HTTPSEverywhere

edit: “isn’t this implemented in-browser?” comments: maybe, but it’s to the browser’s implementation. These plugins are reviewable separate from their analogous browser implementation.

Belt & suspenders approach. Camp on it.

It’s possible I’m mistaken on Flatpack vs. Snap. I don’t use either of them, myself.

Functionally they’re no different. LMDE draws its packages from Debian (probably stable) repos while mainline Mint draws from Ubuntu’s. So yes, Mint will have overall newer packages than LMDE but it’s generally rare for that to affect your ability to get work done unless some new feature you were waiting for gets introduced.

Ubuntu is the Enterprise fork of Debian backed by Canonical, and as such have contributed some controversy into the ecosystem.

Ubuntu leverages Snap packages which are considered ‘bloaty’ and ‘slow’ by a plurality of people with opinions on these matters. They work. Mint incorporates the Snap store into their package management. You might just need to turn it on in the settings.

With mainline Mint you get new base OS packages with Ububtu’s release cycle, and the Snap store.

In the case of LMDE then, you can run a stable base OS on Debian’s rock-solid foundation, their release cycle, and still get your fresh software from the Snap store.

IMO, they’re the same for like 85% of use cases. I find I end up going to extra measures to disable certain Ubuntu-isms on my own systems that run it, effectively reverting it to Debian by another name.

As a student and occasional gamer, the trade off is having a stable base for your learning needs, and still be able to get the latest user desktop apps from Snap.

Linux Mint Debian Edition (LMDE) is a solid pick. All the perks and integration of Mint, without Ubuntu.

…Ubuntu which, yes, is a Debian downstream. People have their opinions on it. It works. It has its nuisances, but it works.

Oh, shoot. If you’re gonna roll your own then that’s probably the better play because at least then the firmware won’t be all locked down and you can pick known-compatible parts. Get it with no OS and sort it out later if you need to.

It’s easy enough to buy a Windows license key later on if you need it. The school night even make it available you at a student discount. Boot it from a USB drive, even.

Heck, I ran Linux on my college computers back in the 90s. It was just a thing you did. Ah, memories…

Anyhoo, it largely depends on the school but for most intents and purposes Windows, Mac and Linux are interoperable. By that I mean they can generally open, manipulate and share all of the common document formats natively, with some minor caveats.

Many schools also have access to Microsoft O365, which makes the MS Office online suite available as well. All you really need to use that is a web browser.

I work in an office environment these days where Windows, Mac and Linux are all well supported and are in broad use. I use Linux (Debian) exclusively, my one coworker is all-windows and a third is all-mac. Our boss uses Windows on the desktop, but also uses a Macbook. We are able to collaborate and exchange data without many problems.

I would say the two main challenges you’re liable to face will be when Word files include forms or other uncommon formatting structures. LibreOffice is generally able to deal with them, but may mangle some fonts & formatting. Its not common but it does happen.

The other main challenge could be required courseware-- specialized software used in a curriculum for teaching-- and proctor software for when you’re taking exams online. Those might require Windows or Mac

If it ever comes up, Windows will run in a Virtual Machine (VM) just fine. VirtualBox by Oracle is generally free for individual use, and is relatively easy to start up. Your laptop will probably come with Windows pre-installed, so you could just nuke it, install Linux, install VirtualBox, and then install Windows as a VM using the license that came with your laptop. You’d need to ask an academic advisor at the school if that’s acceptable for whatever proctor software they use.

I recommend against dual-booting a Windows environment if you can avoid it. Linux & Windows are uneasy roommates, and will occasionally wipe out the other’s boot loader. It’s not terribly difficult to recover, but there is a risk that could (will) happen at the WORST possible moment. However, it might be unavoidable if they use proctor software that requires windows on bare metal. Again, you’d have to ask the school.

Good luck!

deleted by creator

You’ve asked a similar question here before this post. Have you been naughty? :-)

At your uni, you probably have what’s called a reasonable expectation to privacy-- the terms of use for accessing the computer and network facilities would be spelled out at your uni’s IT website.

The information observed and reported on by their tools most likely amounts to what websites and services you looked up by name, and the IP addresses & ports you accessed while using their network. It will be things like start & stop times, protocol used, number of bytes transferred, and maybe some “flags” on the connection. Flags in this case are special markings on the data flow to give the network hints about how to hand that traffic most efficiently.

MS Office Online, Notion, Gmail, they all use secured HTTPS connections, so the content is secured between you and the remote service.

As long as you’re not doing anything illegal or that severely violates the terms of use laid out by the University, nobody will even notice your traffic. Hack away.

Eduroam is just a network of RADIUS servers that cross-honor authentication among participating institutions. If your org participates in Eduroam, it means users from your org can connect to the eduroam WiFi SSID at other orgs, and vice-versa. It’s helpful for traveling academics and visitors from other .edus

It’s also frequently used to authenticate access to online resources like online libraries, journals, and research infrastructure. Useful for when schools collaborate on grant projects.

The eduroam service requires a CA certificate to validate the APs broadcasting eduroam’s SSIDs are providing the real service. The issuer of that certificate isn’t one of the well-known SSL certificate resellers, so it needs to be installed in your device’s CA store, or configured in your 802.1x WPA supplicant. The protocol used is EAP-TLS, if you’re curious.

So what can the hosting institution see? Not much, from an authentication standpoint. Transactionally, the hosting institution sees a username and org name in an outer transaction. An encrypted payload with your user credentials is then tunneled to your home org’s servers which either validate or invalidate those credentials. If the home org validates, then the hosting org lets you connect.

Beyond that, the network admins can “see” whatever they can normally see when you’re using someone else’s infrastructure: your DNS queries, the application ports you use, a lot of encrypted SSL/HTTPS traffic, plus the contents of anything that isn’t encrypted or sent over SSL.

Some orgs disallow tunneling traffic out when you’re on their eduroam, so sometimes IPSec, SSH, Tor, and maybe even WireGuard are disallowed.

Secure file transfers frequently trade off some performance for their crypto. You can’t have it both ways. (Well, you can but you’d need hardware crypto offload or end to end MACSEC, where both are more exotic use cases)

rsync is basically a copy command with a lot of knobs and stream optimization. It also happens to be able to invoke SSH to pipeline encrypted data over the network at the cost of using ssh for encrypting the stream.

Your other two options are faster because of write-behind caching in to protocol and transfer in the clear-- you don’t bog down the stream with crypto overhead, but you’re also exposing your payload

File managers are probably the slowest of your options because they’re a feature of the DE, and there are more layers of calls between your client and the data stream. Plus, it’s probably leveraging one of NFS, Samba or SSHFS anyway.

I believe “rsync -e ssh” is going to be your best over all case for secure, fast, and xattrs. SCP might be a close second. SSHFS is a userland application, and might suffer some penalties for it

I do this. A Debian Live image and an encrypted LVM for home. Came in handy a few times for the odd system rescue

It’ll be remembered a dark age when the lights go out and all the disks rot. And, if I know archaeologists, they’ll call our data centers ritual centers or temples.

Otherwise there will be disbelief at the inexplicably sophisticated engineering, and how we could have achieved it all with no written records. Probably it was all just ancient aliens.

Da fuq? That was hilarious. Also, maybe.

Click here to learn four secrets about chopping vegetables your grocer will hate