So Wireshark but with connection permission toggles... Why does anyone need this on Linux? You can already block domains you know are malicious in the hosts file or use a personalized DNS resolver for that. Or am I missing something?
- You can apply more flexible rules than just blocking specific hostnames -- for example, based on IP subnets, port numbers, or specific binary executables
- You can block connections even from programs that bypass the default system-wide DNS configuration
> You can apply more flexible rules than just blocking specific hostnames -- for example, based on IP subnets, port numbers, or specific binary executables
This doesn't sound like a common use case. You can already block connection on a specific port with all available firewall programs. And you can bubblewrap binaries from making internet connections.
> You can block connections even from programs that bypass the default system-wide DNS configuration
Other than browser's making use of DOH for DNS, I can't think of a common use case for this. Besides, why would I want to Wireshark my browser? Why not use uBlock to filter domains.
Doesn't seem obvious to me why one would go through all this trouble.
The whole point of something like Little Snitch is to detect, and give you the option of preventing, connections that you wouldn't otherwise know about. For instance, programs that secretly phone home with telemetry about the user's behavior.
I can easily imagine such a program doing its own DNS lookups (or just using hardcoded IP addresses) to avoid detection, and this approach allows you to block it anyway.
Sure, you could do the same thing manually. But you might as well say "why does anyone need Visual Studio Code when we have sed and awk?"
My point is. With Linux and FOSS software, you do not necessarily need to treat programs as hostile. By default, most software is open and can be audited. If you decide to extensively use proprietary software then you have bigger problems that even Little Snitch cannot solve.
There are better alternative routes you can take that do not involve a "MITM" for all your connections.
Your head is firmly in the clouds if you believe that “audit all your software” is an appropriate solution for even the majority of desktop Linux users. The sun still rises every day with people using software that they aren’t personally auditing. Continued interest in this project proves its use. I don’t buy that you genuinely believe your viewpoint. You’re just being a FOSS purist.
Little Snitch can be setup whichever way you like, but the default/recommended way is for it to ask the user about every connection attempt, which you can then approve or deny (for a limited time, or forever).
Little Snitch is a gate. It either lets a specific connection through, or not; it does not modify it. It all happens on your own machine. You keep using that term, "MITM", I don't think it means what you think it means.
Podman isn't supposed to be used in prod servers. It's for local development. It produces OCI compatible images (through Buildah), and you're supposed to use those with a proper container orchestration tool such as K8s, Nomad, Docker Swarm, or whatever else there is.
Not in support of the above poster's views btw, but I think he gave the analogy in a broader sense. Your take on this mirror analogy is from a micro-level. I still think looking at FB from a birds-eye view, the society mirror assessment is fairly accurate.
Reminds me of a situation where I had to do tech support for a pal who had bought a Chinese phone (later learned it was a Xiaomi device). Turns out for some reason the Chinese model didn't have Google play store pre-installed since it is useless in their home market. However to get around this restriction, you had to locate one of the system apps, then search for a specific app inside it that would then install the Google play store.
Also, unrelated but obligatory. Huawei after the Trump ban now offers a de-googled smartphone experience.
This increase of extreme assault on free-speech platforms should be worrying to everyone. Not too long ago, we were hailing the "internet" as a free fair space. Now it is a free fair space ... for everyone but some kind of people.
I'm for free speech but this specific kind of targeted attacks is getting out of hand.
If HN removed your comment it could be seen as an exhibit A. But you being downvoted has nothing to do with free speech, you’re still allowed to say what you wanted, but if people disagree, they have the right to downvote you.
Except I (throwawei) had to login to another account (this one) to reply you as the downvotes triggered some soft ban limit on the account from replying/commenting.
So much for free speech...
I would post photos holding today's newspaper to prove ownership of both accounts. Probably not worth the trouble anyway
You got banned because some automated system might’ve concluded you were a bot or spam account. You didn’t get banned because of the context of your speech. (At least not to my knowledge)
They're called guidelines not rules or commandments. People violate them all the time and get away with it and I'm pretty sure that's why they're called guidelines. There's one person moderating here and that's dang. I've had plenty of pushback for both the left and the right I've got no shortage of karma.
Kinda new on here but am loving the bare bones feel to the forum. The karma bit in my previous comment was added as a sarcastic aid. I personally don't care much for gaining karma. Thank you for this extra context. Very helpful.
It's the last place where curiosity is not only allowed but encouraged to flourish. It's a special place. I figured you were joking but there's been a lot of green handles around lately and they may not get it. I hear there can be a massive culture shock coming to HackerNews so sometimes calling out the obvious can be helpful.
Get yourself a real handle and join the community officially!
Last I checked it's not illegal to be a fascist. Hacking computer systems and stealing data however is illegal. Whether this is right or wrong is debatable. Free speech shouldn't be.
It actually is illegal in a fair amount of jurisdictions, and depending if your fascism includes calling for imminent lawless action, as fascism quite often does, it may not even be protected in the United States.
1 often capitalized : a political philosophy, movement, or regime (such as that of the Fascisti) that exalts nation and often race above the individual and that stands for a centralized autocratic government headed by a dictatorial leader, severe economic and social regimentation, and forcible suppression of opposition
People that support mass censorship of people discussing political ideas fit the definition of an authoritarian closer than any textbook conservative I know. I'm concerned about all forms of authoritarianism, including those that want to eliminate the free speech of their political opponents by labeling them as "fascists" or "communists" to exempt them from their rights even more than what they would do to a criminal. It's a matter of integrity and it's often confused with support of those ideas. This is because the authoritarian mindset usually categorizes all people who are against it into one category since their ideas cannot stand up to nuance. This is why they seek to ban speech.
If you allow the people who want everyone not like them to be forcibly marginalized or killed to have the same rights as all others, they will relentlessly try to flip that around until they're the only ones with those rights. We have to stop such behavior at almost any cost. This was made blindingly obvious to the majority of the population during WWII.
It's a damn shame how so many are forgetting those lessons now. It could very well lead to something even worse than that war. This is why what you seem to think should be "common knowledge by now" isn't.
Speech and violence are different things. You don't have to be tolerant of bad ideas (and indeed you should not be) but you do have to protect the rights of all human beings to express them.
Protecting the legal rights to publish, and personally/morally tolerating the publication of abhorrent things are two entirely different concepts.
No one person or group should ever be permitted to declare themselves the arbiter of truth.
> You don't have to be tolerant of bad ideas [...] but you do have to protect the rights of all human beings to express them
Is there no limit to this? Knowing how horrible human beings can be to each other, is there really no point at which we draw the line and say, no further? Because there very much are numerous examples of where we do so according to the law.
As uncomfortable as it may be, the conversation about who should be silenced must continue. For as long as we face the prospect of fellow humans encouraging their peers to harm other fellow humans for bad reasons, there is no sane alternative. It's probably something we'll have to deal with until/unless the dubious promises of transhumanism become real.
> Is there no limit to this? Knowing how horrible human beings can be to each other, is there really no point at which we draw the line and say, no further?
Who said there is to be no limit? I explicitly clarified the limit: violence. Words are fine. Violence is not.
> As uncomfortable as it may be, the conversation about who should be silenced must continue.
Not if you want to continue having those conversations. Silencing people is a violation of their human rights, once those go out the window for a certain segment, it is simply a matter of time
before that segment is bent and twisted to include you.
Idk, if we are gonna be more libertarian with speech, why not do the same for hacking? It's really not much of a crime compared to a lot of other things and is arguably a form of speech.
