My bank uses 6 digit ‘customer number’ (which is set by the bank) and that’s verified with an app and a personal PIN (app shows ‘login attempt ABCD at mm.dd. hh:mm’ where ABCD is shown on login page too) or via SMS OTP (again with ‘ABCD’ verification). And again with personal pin + app or OTP to confirm transactions. The app itself can be protected with a fingerprint or phone pin and every new installation needs to be registered to the system, so I can’t just use my phone app to access my wifes account (or anyone elses) but I still can map multiple accounts (like corporate ones) to the same installation.

I think that’s pretty reasonable approach.

Back in the day with dial-up internet man pages, readmes and other included documentation was pretty much the only way to learn anything as www was in it’s very early stages. And still ‘man <whatever>’ is way faster than trying to search the same information over the web. Today at the work I needed man page for setfacl (since I still don’t remember every command parameters) and I found out that WSL2 Debian on my office workstation does not have command ‘man’ out of the box and I was more than midly annoyed that I had to search for that.

Of course today it was just a alt+tab to browser, a new tab and a few seconds for results, which most likely consumed enough bandwidth that on dialup it would’ve taken several hours to download, but it was annoying enough that I’ll spend some time at monday to fix this on my laptop.

You do realize that man pages don’t live on the internet? The kernel.org one is the offical project website, as far as I know, but the project itself is very much not for the web presense, but for the vastly useful documentation included on your distribution.

https://xkcd.com/2347/

The threat model seems a bit like fearmongering. Sure, if your container gets breached and attacker can (on some occasions) break out of it, it’s a big deal. But how likely that really is? And even if that would happen isn’t the data in the containers far more valuable than the base infrastructure under it on almost all cases?

I’m not arguing against SELinux/AppArmor comparison, SElinux can be more secure, assuming it’s configured properly, but there’s quite a few steps on hardening the system before that. And as others have mentioned, neither of those are really widely adopted and I’d argue that when you design your setup properly from the ground up you really don’t need neither, at least unless the breach happens from some obscure 0-day or other bug.

For the majority of data leaks and other breaches that’s almost never the reason. If your CRM or ecommerce software has a bug (or misconfiguration or a ton of other options) which allows dumping everyones data out of the database, SElinux wouldn’t save you.

Security is hard indeed, but that’s a bit odd corner to look at it from, and it doesn’t have anything to do with Debian or RHEL.

If I had to guess, I’d say that e1000 cards are pretty well supported on every public distribution/kernel they offer without any extra modules, but I don’t have any around to verify it. At least on this ubuntu I don’t find any e1000 related firmware package or anything else, so I’d guess it’s supported out of the box.

For the ifconfig, if you omit ‘-a’ it doesn’t show interfaces that are down, so maybe that’s the obvious you’re missing? It should show up on NetworkManager (or any other graphical tool, as well as nmcli and other cli alternatives), but as you’re going trough the manual route I assume you’re not running any. Mii-tool should pick it up too on command line.

And if it’s not that simple, there seems to be at least something around the internet if you search for ‘NVM cheksum is not valid’ and ‘e1000e’, spesifically related to dell, but I didn’t check that path too deep.

And pico is short from ‘Pine Composer’. Nano was originally called ‘tip’ (This Is not Pico), but that name was already used by another program. And ‘elm’ besides being a tree is a short from ‘Electronic Mail’.

GNU

Which stands for ‘GNU is not Unix’. Also ‘less’ (which is more). Pine is(was) Program for Internet News and Email and the FOSS fork is ‘Alpine’ or ‘Alternatively Licensed Program for Internet News and Email’. And there’s a ton more of wordplays and other more or less fun stuff on how/why things are named like they are.

I’ve read Linus’s book several years ago, and based on that flimsy knowledge on back of my head, I don’t think Linus was really competing with anyone at the time. Hurd was around, but it’s still coming soon™ to widespread use and things with AT&T and BSD were “a bit” complex at the time.

BSD obviously has brought a ton of stuff on the table which Linux greatly benefited from and their stance on FOSS shouldn’t go without appreciation, but assuming my history knowledge isn’t too badly flawed, BSD and Linux weren’t straight competitors, but they started to gain traction (regardless of a lot longer history with BSD) around the same time and they grew stronger together instead of competing with eachother.

A ton of us owes our current corporate lifes to the people who built the stepping stones before us, and Linus is no different. Obviously I personally owe Linus a ton for enabling my current status at the office, but the whole thing wouldn’t been possible without people coming before him. RMS and GNU movement plays a big part of that, but equally big part is played by a ton of other people.

I’m not an expert by any stretch on history of Linux/Unix, but I’m glad that the people preceding my career did what they did. Covering all the bases on the topic would require a ton more than I can spit out on a platform like this, I’m just happy that we have the FOSS movement at all instead of everything being a walled garden today.

That kind of depends on how you define FOSS. The way we think of that today was in very early stages back in the 1991 and the orignal source was distributed as free, both as in speech and as in beer, but commercial use was prohibited, so it doesn’t strictly speaking qualify as FOSS (like we understand it today). About a year later Linux was released under GPL and the rest is history.

Public domain code, academic world with any source code and things like that predate both Linux and GNU by a few decades and even the Free Software Foundation came 5-6 years before Linux, but the Linux itself has been pretty much as free as it is today from the start. GPL, GNU, FSF and all the things Stallman created or was a part of (regardless of his conflicting personality) just created a set of rules on how to play this game, pretty much before any game or rules for it existed.

Minix was a commercial thing from the start, Linux wasn’t, and things just refined on the way. You are of course correct that the first release of Linux wasn’t strictly speaking FOSS, but the whole ‘FOSS’ mentality and rules for it wasn’t really a thing either back then.

There’s of course adacemic debate to have for days on which came first and what rules whoever did obey and what release counts as FOSS or not, but for all intents and purposes, Linux was free software from the start and the competition was not.

Generic answer for this is to get a refurbished corporate laptop. At least in here we have several companies which buy previously leased computers and give them a refurb (new hard drive, good cleaning, things like that) and sell them for pretty good price.

W, T or X series Thinkpads are pretty safe options, my T495 was 300€(ish) on sale. L and carbon are something I’d avoid, L (at least few years back) weren’t built as well as T-series and X1 carbon doesn’t have options to expand/swap out ram.

You can run rsyncd as a service on host you wish to back up and connect to that from your central point directly without ssh. Traffic is unencrypted and I wouldn’t trust on that over public network, but you can bind rsyncd to localhost and open a single ssh tunnel for each host (or even write a small script to keep tunnels open automatically) and then just run rsync over that. That’s how I backup my things, just with backuppc in the mix (I’ve got scripts to open/close ssh tunnels at backuppc configuration). VPN tunnels are also an option to encrypt traffic, but depending on your use case that might be a bit overkill.

Or if you’re not tied to rsync you could use something like BorgBackup or other tools which manage the whole jazz for you out of the box.

Firewall kinda-sorta plays with this idea, but all the tech is pretty stupid (and main focus, if memory serves, isn’t even in the technology). It’s not a bad movie as a hollywood 13-in-a-dozen action category, but it’s a far cry from “Server Down” we have here.

Bing Chat (so ChatGPT) wrote an opening scene (or maybe more like a trailer, prompt was opening scene) too:

The opening scene of “Server Down” begins with a shot of a high-tech skyscraper. The camera then zooms into the basement of the building, where we see Jack Bauer, a nerdy and obsessive system administrator, working on his servers. He is surrounded by racks of blinking machines, tangled cables, and humming fans. Jack is wearing a t-shirt with a witty tech joke printed on it, and he is sipping a cup of coffee from a “World’s Best Sysadmin” mug.

Suddenly, the lights flicker, and the servers go offline. Jack’s face turns pale, and he drops his coffee mug. He frantically tries to reboot the servers, but nothing works. He checks the network connections, the power supply, and the cooling system, but everything seems fine. He then realizes that the problem is not with his servers, but with the building’s infrastructure. He rushes to the security room, where he finds out that the building has been taken over by terrorists.

The camera then cuts to the terrorists, who are holding the employees hostage and demanding a ransom from the government. They have cut off all communication lines, disabled the security cameras, and planted a bomb in the building. They are confident that they can get away with their plan, but they didn’t count on one thing: Jack Bauer.

The scene ends with Jack staring at the security monitors, his eyes burning with determination. He knows that he has to act fast to save his servers, his colleagues, and himself. He takes a deep breath, puts on his backpack, and heads towards the ventilation ducts. The adventure begins!

And I don’t look even slightest like Humphrey Bogart no matter what kind of fedora I’d wear.

Not spesifically a tool to put on a USB stick, but Ventoy is worth checking. I’ve had a bit mixed results with it on older hardware but when it works it’s pretty easy to manage your carry-on-tools.

That can be done, but as others mentioned, if you don’t have permissions/other attributes for the files it’s going to be a real PITA to get everything working. If I had to do that I’d just copy over the files, chown everything to root and then use package manager to reinstall everything, but even that will most likely need manual fixes and figuring out what to change and to what value will take quite a bit of time and complexity of it depends heavily on what you had running on the host, specially things under /var.

With some models it can be done, but they are delicate things and going over the whole keyboard will most likely result in a couple of broken mechanisms and/or missing hooks on keycaps.

My sons are in that age bracket and when they requested a laptops for themselves (older sister got one for school stuff) I “borrowed” decommissioned thinkpads from work, threw empty ssd’s on them and gave computers to boys with linux mint installer on usb-stick. Younger one got it running in couple of hours without any help and is actively learning on how to use the thing, yesterday he told me how he had learned to open software using keyboard shortcuts and in general is interested about the tinkering aspect of things. Older one has a bit more pragmatic approach, he got the installation done as well but he’s not interested about the computer itself as it’s just a tool to listen to a music, look up for tutorials for his other interests and things like that.

Both cases are of course equally valid and I’m just happy that they are willing to learn things beyond just pushing the buttons. But I’m also (secretly) happy that my youngest shares my interests and he’s been doing simple games with scratch and in general shows interest on how the computers, networking and other stuff actually works.

I used to have X230 as a daily driver for laptop (I got separate desktop) and it’s a really nice machine for it’s size. Only the display is a bit lacking by todays standards as it’s only 1368x768, but for 150€ (give or take) it’s not too bad.