Announcement

Collapse
No announcement yet.

Clear Linux Moving Ahead With Blocking dmesg Access For Non-Root Users

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    So according to Intel, dmesg poses a security risk. Look here, since May 29th. Hardware mitigation on new Intel CPU is a placebo. New security hole discovered.

    https://arxiv.org/abs/1905.12701

    Comment


    • #12
      Originally posted by Konstantin A. View Post
      So according to Intel, dmesg poses a security risk. Look here, since May 29th. Hardware mitigation on new Intel CPU is a placebo. New security hole discovered.

      https://arxiv.org/abs/1905.12701
      Fallout, huh.

      If the kernel command to enable the fix for that isn't "radaway=on" I'm going to be just a little pissed.

      Comment


      • #13
        To get a nice terminal experience, I need to run Wayland or X together with GNOME Terminal in fullscreen?

        If I run the terminal from the Linux kernel, then its a bad, ugly, poor experience. 😞
        Can't have 24-bit color, 4K, pretty color theme, anti-aliased fonts, wallpaper, mouse support?

        Comment


        • #14
          Originally posted by Shtirlic View Post
          At firs glance it looks like security through obscurity, but in this current situation it's okay.
          "security through obscurity" is among the most misunderstood concepts in computer security. It does not mean that obscurity is bad, just that it should not form the base of the security.

          Comment


          • #15
            Originally posted by debianxfce View Post
            Disable CONFIG_SECURITY_DMESG_RESTRICT in your kernel configuration and use mitigations=off in your kernel command line. Use a firewall in your router and a virus scanner in your web folders. Never trust to your OS solutions.

            https://arstechnica.com/information-...-av-detection/
            So you link to an article that warns that there exists a shell script that bypasses current AV checks and you solution is to use a AV scanner... I think you should either rethink your position there or perhaps use a link that proves your assertion and not the reverse.

            Comment


            • #16
              Originally posted by F.Ultra View Post

              "security through obscurity" is among the most misunderstood concepts in computer security. It does not mean that obscurity is bad, just that it should not form the base of the security.
              Sure, obscurity should be just another step to make system more secure, but not the only one step.

              Comment


              • #17
                Originally posted by debianxfce View Post

                Move to North Korea, there you would be happier than in the internet.
                You know I loved your stupid non sense posts, trying to tell everyone that everything you think is right and if they think differently at all then they are stupid dumb ass internet trolls. Those post were so much fun to read. That was because you were just giving out harmless opinions that if people would follow wouldn't cause any damage. But when you try stating your "facts" as you like to call everything you say, by telling people to disable their security in the name of security, you are giving out horrible wrong incorrect advise that is dangerous.

                And funny how you finally respond to one of my posts that don't say anything about having Michael benchmark your "distro" Could it be that you don't have one? or that you are scared that it will do horrible in the benchmarks? That your 'setup' won't win every test? Or is it that you don't actually use the bullshit you spout? I think its the last one. I bet you are a gnome3 systemd redhat loving user. Why else won't you provide your "distro" for Michael to benchmark. I'm sure he would do it just because he knows that that benchmark would get killer views proving that you are wrong with your setup being the best.

                Also never give out "security" advise again. some one might actually listen to you and that would be bad.

                Comment


                • #18
                  Michael unapproved post replying to debianxfce

                  Comment


                  • #19
                    Is Phoronix now going to report about every tiny change in Clear Linux?

                    I don't understand why a distribution which has virtually zero relevance in the distro market is getting so much attention on Phoronix.

                    Comment


                    • #20
                      Originally posted by monraaf View Post
                      Is Phoronix now going to report about every tiny change in Clear Linux?

                      I don't understand why a distribution which has virtually zero relevance in the distro market is getting so much attention on Phoronix.
                      People like me use it. It's also relevant in that it pushes performance, which leads to other distros making the same optimizations.

                      Comment

                      Working...
                      X