Coming up on this week’s episode of Destination Linux: Google & Canonical are teaming up to bring Flutter to Linux for a cross-platform game changer. How Important is Disk Encryption & Security Keys – should you be using them or do you just prefer being hacked? We’ve got community feedback, a DRM FREE Game called Drox Operative and our beloved tips/tricks and software pick. All of this and so much more on this week’s Destination Linux.
Podcast (mp3): Play in new window | Download | Embed
Subscribe: Google Podcasts | Spotify | Stitcher | Email | TuneIn | RSS
Hosts of Destination Linux 182:
Michael of TuxDigital = https://tuxdigital.com
Ryan, aka DasGeek = https://dasgeekcommunity.com
Noah of Ask Noah Show = https://asknoahshow.com
Want to Support the Show?
Support us on Patreon = https://destinationlinux.org/patreon
Support us on Sponsus = https://destinationlinux.org/sponsus
Destination Linux Network Store = https://destinationlinux.network/store
Want to follow the show and hosts on social media?
You can find all of our social accounts at https://destinationlinux.org/contact
Segment Index
- 00:00 Intro
- 01:06 What’s New with Noah
- 01:10 Ubiquiti Discontinues Their UniFi-Video Products
- 07:30 What’s New with Michael
- 07:42 DLN Xtend gets 2 New Hosts
- 08:23 What’s New with Ryan
- 08:50 PyCharm Impresses Ryan With Their Customer Support (PyCharm Humble Bundle)
- 12:19 Community Feedback: Josh lets us know Collabora via Nextcloud has become so much easier these days
- 15:40 Canonical & Google team up to bring Flutter Apps to Linux
- 20:13 Michael expresses his frustrations with False Claims about Snaps
- 21:18 Michael: Snaps having a company backing it is a good thing
- 23:00 Discussion: are these cross-platform frameworks going to bring more Proprietary software or more Open software?
- 23:30 Is it better to advocate for only Open or try to convince companies in phases?
- 27:46 Security Advisory of the Week: Disk Encryption & Should You Do It?
- 34:41 Main Topic: Two Factor Authentication (2FA) – Tips On How To Protect Your Accounts
- 50:08 Gaming on Linux: Drox Operative 2
- 51:28 Software Spotlight: Solfege – Ear Training Program
- 52:32 Ryan shows off his harmonica skills
- 53:02 Tip of the Week: How To Reset A Forgotten Root Password?
- 57:16 Become a Patron of DL
- 57:43 Show Your Support with DL Swag from the DLN Store
- 58:18 Join the Fraggle-Rockin’ DLN Community
- 58:58 More content at DestinationLinux.Network
- 59:13 New DLN Podcast: the Sudo Show
- 59:20 New Cast on DLN Xtend
- 59:26 The Journey Itself . . .
- 59:35 Preview of the Patron Postshow
Noah was saying “NVR” is dead with Unifi. It’s not true. Unifi Video is dead. NVR is a separate product which is still being manufactured.
Points about proprietary surveillance product etc is still true.
Your security thoughts about MFA, and SMS and authenticator auth is not secure enough. My gosh I think you guys live with tinfoil hat on your head. Yes what you said is probably true and relevant when someone is a high value target or a corporation with millions of dollars at stake.
But for Joe Schmoe out there, the chances his phone’s sim will be targeted and the hacker will also have access to Joe Schmoe password to the particular website is small to nill.
Instead of pushing all this “don’t trust MFA unless hardware based” is just nonsense for most people out there. Instead push people to use secure passwords and change the passwords every 3-6 months. That mixed with MFA with whatever mechanism - is good enough.
I get why you would not want to use Google Auth or Authy but what about opensource OTP clients on android like freeotp+, Aegis Authenticator , or on flathub there is also OTPClient.
I think especially because these can be used completely offline as long as the clock is synced they are not a bad option even if they are not as secure as yubikey.
Let’s say this is true. The problem is it only takes one Joe Schmoe to target 100s of Joes.
Assuming Joe Schmoe has nothing of value to steal directly, his accounts have long established trust which when combined with traditional attacks like credit fraud, phishing and malware (in something like an office doc or video) makes his account valuable. Every Joe is usually just 1 hop to several richer Joes.
Also as cloud email with no deletion is normative and chat logs are usually permanent, it can leak everything anyone has ever said to Joe online (possibly ever) for purposes of blackmail and more access if he’s sent or received passwords for other accounts similarly lacking in 2FA.
I couldn’t agree with you more, Ulfnic.
Attackers definitely mask their activities through their victims and it’s the victim who suffers the worst of it (financial, reputation damage, broken trust, cleaning up the mess, etc.). Hardware tokens are definitely the most secure form of adding 2FA to any account, but they aren’t the “silver bullet” for everything. Great security focuses on many security layers of protection which includes strong/separate passwords for every online account (password manager tool is great for this), 2FA, definitely not running Windows as an OS
, firewalls, staying up on latest patches, and many other security techniques.
Despite all of the “technology” that you can throw at staying safe online, the weakest link is always the user which is where education and security awareness is the best tool. If you can help users become more security-minded, it will greatly give technology a chance to do its job the way that it was intended.
Anyway…those are my thoughts for now. HA!
Continue the discussion at discourse.destinationlinux.network
22 more replies