Hello world,
I am Tobias from Germany. Still I am 56 years old.
More than a year ago I decided not to switch to Windows 10. You only need to read the Wikipedia entry about Windows 10. I'm not a sheep, am I? (Well, as a Microsoft Windows user I always have been a sheep. Mööh!)
I've been interested in Linux for a very long time, but I always thougth it was a secret science.
distrochooser.de helped me to decide and to find what kind of Linux fits for me. I like(d) the idea to use hardware ten years old and it all works. I don't need all of that newfangled stuff. Not at all.
Consequently, Puppy Linux is made for me.
Pen Drive Linux was my escape agent! An extremely useful software to "defect" from Microsoft Windows to Linux. It was so easy. And I also found my way around Puppy Linux immediately. Some things were familiar, some other ones I learned quickly and gladly. Under Microsoft Windows the command line is not for "housewives", under Linux soon it is your friend. As some German car advertising said many years ago: "Reduce to the max".
It took months to set up the software equipment under Linux (by the way, Slacko 5.7, 32 Bit) that I was used to from Microsoft Windows.
I'm still learning a lot everyday. It is very fascinating. Linux gives me the feeling that I can always choose myself, not just as a sheep running along on rails. Together with many millions of other sheep.
So I registered in this forum. I belong here. Over the past few months I have sought a lot of advice here, now I hope I can give more and more back.
It's all emotional. With Microsoft Windows there is no such thing. It is a correct operating system. Absolutely no more than that.
Now, what does the headline mean?
Maybe here in Germany we are very crazy about privacy. So I wondered how this forum (especially including the registration process) seems to run completely unprotected. My password was transmitted in plain text over the net. It's like having unprotected sex with an unknown person. May be fun, may destroy you as well.
I thought Linux people are particularly aware of this all.
So only my love for Puppy Linux and for this forum made me so reckless!
If you want me to donate you a certificate, let me know.
Self-introduction / security of this forum itself
-
night flight
- Posts: 10
- Joined: Tue 19 Feb 2019, 20:05
- Location: Northern Germany
Self-introduction / security of this forum itself
Last edited by night flight on Tue 26 Feb 2019, 20:40, edited 1 time in total.
Hi Tobias, wellcome to the forums.
Nice words, they reflect exactly what we all have felt since using Linux, specially Puppy.
Why so crazy about privacy?
Are you going to tell me that someone has been spying, let's say, Frau Angela?
Saludos.
Nice words, they reflect exactly what we all have felt since using Linux, specially Puppy.
Why so crazy about privacy?
Are you going to tell me that someone has been spying, let's say, Frau Angela?
Saludos.
Remember: [b][i]"pecunia pecuniam parere non potest"[/i][/b]
Hi Tobias.
Welcome aboard.
The reason this forum is so insecure, is that the whole gang here, we are
reckless risk-takers!
New to Linux and PuppyLinux, eh? It just looks insecure: Linux users do
not need as much "armor" as WhineDose users. You'll get used to it.
BFN.
Welcome aboard.
The reason this forum is so insecure, is that the whole gang here, we are
reckless risk-takers!
New to Linux and PuppyLinux, eh? It just looks insecure: Linux users do
not need as much "armor" as WhineDose users. You'll get used to it.
BFN.
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
We the users of this forum have no control over how it operates.
We have raised the issue of making this a https web site.
The person that provides this forum is the one to change it.
He is paying for it!
So far no action has been done by him.
Basically, it is what it is.
I gues someone could get your log in password and log in as you.
But they could also just as easily make there own login.
Ha, that is my real name bigpup!
We have raised the issue of making this a https web site.
The person that provides this forum is the one to change it.
He is paying for it!
So far no action has been done by him.
Basically, it is what it is.
I gues someone could get your log in password and log in as you.
But they could also just as easily make there own login.
Ha, that is my real name bigpup!
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
Puppy running the browser as spot is as good as pointless. Running as a restricted userid has many holes through which a attacker can elevate to root. A single compromised system on a LAN jeopardises the entire LAN. Hosts can be attacked and the entire user/password database extracted. Much of security is a illusion (and governments like the weaknesses also).
For what matters, online banking etc. being able to boot a known clean system, as though just newly installed and configured, to then go directly to your banks web site with a clean browser, nowhere else before or after ... is about the best you can do. For most systems, installing freshly etc. is a lengthy process, with Puppy resetting to a clean setup can be very quick (typically the time it takes to reboot).
For other things, just accept that browsing around from your home 'secure' system is no more secure than if you were using a public library PC to do the same. For casual online spending (buying using a card), use a pre-paid card topped up to relatively small amounts, so if compromised the financial loss is relatively small and just accept that the world we live in has your personal details in effect being exchanged for 'free services', advertisers pay for the 'net', governments hate not being able to monitor. For a banking site, yes you want encryption between you and them. For posting/reading a public forum ... encryption is pretty much irrelevant.
If are concerned about security, then you should be doing many things, that most don't bother with. As just one example - something like the following (which assumes cwm window manager is installed (nice as it has no titles/tray etc) and you're running portable firefox (that is started with a ff script))...
Capabilities names tend to vary, so you'd have to run capsh --print to see what names are allocated under your system. If you're not applying something like the above additional security measures then worrying about the forum having no encryption is just focusing upon one hole of many holes.
For what matters, online banking etc. being able to boot a known clean system, as though just newly installed and configured, to then go directly to your banks web site with a clean browser, nowhere else before or after ... is about the best you can do. For most systems, installing freshly etc. is a lengthy process, with Puppy resetting to a clean setup can be very quick (typically the time it takes to reboot).
For other things, just accept that browsing around from your home 'secure' system is no more secure than if you were using a public library PC to do the same. For casual online spending (buying using a card), use a pre-paid card topped up to relatively small amounts, so if compromised the financial loss is relatively small and just accept that the world we live in has your personal details in effect being exchanged for 'free services', advertisers pay for the 'net', governments hate not being able to monitor. For a banking site, yes you want encryption between you and them. For posting/reading a public forum ... encryption is pretty much irrelevant.
If are concerned about security, then you should be doing many things, that most don't bother with. As just one example - something like the following (which assumes cwm window manager is installed (nice as it has no titles/tray etc) and you're running portable firefox (that is started with a ff script))...
Code: Select all
Xephyr :1 -fullscreen -title FireFox -br -nolisten tcp -nolisten local &
sleep 3
DISPLAY=:1 cwm &
DISPLAY=:1 unshare -m capsh --drop=cap_sys_admin,cap_sys_boot,
cap_sys_chroot,cap_sys_ptrace,cap_sys_time,cap_sys_tty_config,
cap_chown,cap_kill,cap_dac_override,cap_dac_read_search,cap_fowner,
cap_setfcap,cap_setpcap,cap_net_admin,cap_mknod,cap_sys_module,
cap_sys_nice,cap_sys_resource -- ff[size=75]( ͡° ͜ʖ ͡°) :wq[/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
Plus being lucky enough once by wordpress to lock me out of a forum I admin at because some of my passwords were old and hacked on a few sites.
All I had to dig me out of a hole was find the sites hacked
https://haveibeenpwned.com/
Change some passwords. Move on with life. I have not logged in here in while and posted.
I be not afeared of lack of padlock.
Plus:
Down on the Mexcan border here.
We don't need no stinking badges.
All I had to dig me out of a hole was find the sites hacked
https://haveibeenpwned.com/
Change some passwords. Move on with life. I have not logged in here in while and posted.
I be not afeared of lack of padlock.
Plus:
Down on the Mexcan border here.
We don't need no stinking badges.
- Attachments
-
- s.png
- (49.78 KiB) Downloaded 390 times
[size=75]( ͡° ͜ʖ ͡°) :wq[/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
[url=http://murga-linux.com/puppy/viewtopic.php?p=1028256#1028256][size=75]Fatdog multi-session usb[/url][/size]
[size=75][url=https://hashbang.sh]echo url|sed -e 's/^/(c/' -e 's/$/ hashbang.sh)/'|sh[/url][/size]
-
night flight
- Posts: 10
- Joined: Tue 19 Feb 2019, 20:05
- Location: Northern Germany
A thousand thanks for the warm welcome from all over the world. This is really a great community. The dangers I've written about can't spread from this forum to other areas of mine (but I shouldn't use passwords more than once…). So I will join your carelessness, because I want to be part of the gang. But with the German point of view I will come back again sometimes 
I use a Lenovo IdeaPad S10-2, built in 2009. I love it. My Slacko 5.7 (32 Bit) is on a 10 GB SD Card. So I can boot it everywhere (Smartphones excluded :P ).
The best thing is still to keep your secrets to yourself, and not using the forum as a diary!
That person is John Murga, and his extremely impressive CV can tell us, that he has probably forgotten more about programming and computers than our combined brains can remember! So relax, this forum is in good hands!bigpup wrote:The person that provides this forum is the one to change it.
He is paying for it!
True freedom is a live Puppy on a multisession CD/DVD.
Self-introduction / security of this forum itself
bigpup wrote:The person ... John Murga, and ... this forum is in good hands!
I tried to change my email address on my logon profile, the system froze, I got locked out of the account, and emailed the sysop - no answer to that email and another email to what I could gather was one of the administrators.I had to create an entirely fresh account. How's THAT for security?
B'H.
Which administrator did you PM? Your best bet would be Flash, as he's more likely to see it at some point throughout the day.
[ Puppy 4.3.1 JP, Frugal install ] * [ XenialPup 7.5, Frugal install ] * [XenialPup 64 7.5, Frugal install] * [ 4GB RAM | 512MB swap ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
Self-introduction / security of this forum itself
John Murga, ttuuxxx, and MarkUlrich. No answers from any of these after over three weeks, so I'm a bit demoralized.Makoto wrote:Which administrator did you PM? ...
Thanks for the reply. I don't have the email address. I don't think the forum actually has contact info for any of the sysops set out in one page. I could be wrong though.... best bet would be Flash, as he's more likely to see it ...
Kelikaku B'H.
Anyone that is a registered member of this forum can be sent a private message(PM).
That is the best way to contact anyone.
Flash is the best person to contact if there is any problems with the forum.
At top of forum page is memberlist.
Click on that to go to a list of members.
Flash is #9 on the list.
Click on PM by his name.
That will open a PM input to be able to post a PM to him.
That is the best way to contact anyone.
Flash is the best person to contact if there is any problems with the forum.
At top of forum page is memberlist.
Click on that to go to a list of members.
Flash is #9 on the list.
Click on PM by his name.
That will open a PM input to be able to post a PM to him.
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
Well, if he couldn't log into the forum he couldn't send me a PM. And I don't make my email address public, so he couldn't send me an email.
It seems that if you change your email address, either the forum doesn't send a confirmation email or sends it to your old email address. Possibly the email gets put in a spam folder. I have no way of finding out what happens. At any rate, I've received lots of requests for help from forum members who send me PMs about others who have changed their email address but never got a confirmation email from the forum and so couldn't log into the forum.
What happens is, if you change your email address, the forum deactivates your account until it receives the confirmation reply from you. If you never get the email the forum is supposed to send, that can't happen.
All I can suggest is, if you plan to change your email address, try to send me a PM before you do it, so I can reactivate your account after the forum deactivates it.
It seems that if you change your email address, either the forum doesn't send a confirmation email or sends it to your old email address. Possibly the email gets put in a spam folder. I have no way of finding out what happens. At any rate, I've received lots of requests for help from forum members who send me PMs about others who have changed their email address but never got a confirmation email from the forum and so couldn't log into the forum.
What happens is, if you change your email address, the forum deactivates your account until it receives the confirmation reply from you. If you never get the email the forum is supposed to send, that can't happen.
All I can suggest is, if you plan to change your email address, try to send me a PM before you do it, so I can reactivate your account after the forum deactivates it.
You hit the nail on the head that time!Flash wrote:... he couldn't log into the forum he couldn't send me a PM. And ... he couldn't send me an email ...
Yes, that is what's been happening. When I try to restore my password - the system tells me my account is now inactive, so it won't reset my password. Logging in normally doesn't work either, supposedly since the account's been deactivated.... if you change your email address, either the forum doesn't send a confirmation email or sends it to your old email ... I've received lots of requests for help from forum members who send me PMs about others who have changed their email address but never got a confirmation email from the forum and so couldn't log into the forum ... I can reactivate your account after the forum deactivates it ...
So is it too late to revive the account? B'H.
Flash are you saying you are an administrator who can only be reached when your not avialable???
Might I point you to a good book called "Catch-22".... and perhaps "Flash" shoud be "Major Major Major".
by the way looking forward to the new version of Catch-22 with George Clooney coming to Netflix in May
Might I point you to a good book called "Catch-22".... and perhaps "Flash" shoud be "Major Major Major".
by the way looking forward to the new version of Catch-22 with George Clooney coming to Netflix in May
Hello night flight
Welcome!
I just turned 57 today....I am from Hamburg but now I am in the USA...I gave up on Windows around version 3.1.....but I still have 1 machine with a working Windows 10 so I can load my iPod with music and do my taxes once a year.
Puppy Linux can do some pretty amazing things
Welcome!
I just turned 57 today....I am from Hamburg but now I am in the USA...I gave up on Windows around version 3.1.....but I still have 1 machine with a working Windows 10 so I can load my iPod with music and do my taxes once a year.
Puppy Linux can do some pretty amazing things
-
night flight
- Posts: 10
- Joined: Tue 19 Feb 2019, 20:05
- Location: Northern Germany
Dear MrDuckGuy, this has become off-topic here.
Dear rockedge, thank you. I live in Bremen - the special love between your city and our village will be no problem here Nachträglich alles Gute zum Geburtstag! So you are three days younger than me
Till autumn 2020 I will have to switch to Windows 10, too (on a separate Laptop), because of the German tax software. The extended support for Windows 7 Professional will end in January, 2020.
Dear rockedge, thank you. I live in Bremen - the special love between your city and our village will be no problem here
Nachträglich alles Gute zum Geburtstag! So you are three days younger than me Till autumn 2020 I will have to switch to Windows 10, too (on a separate Laptop), because of the German tax software. The extended support for Windows 7 Professional will end in January, 2020.
I use a Lenovo IdeaPad S10-2, built in 2009. I love it. My Slacko 5.7 (32 Bit) is on a 10 GB SD Card. So I can boot it everywhere (Smartphones excluded :P ).