baseless_discourse

cross-posted from: https://mander.xyz/post/16531580

I have tried to follow several tutorial to setup using either ip or nmtui:

• https://linuxconfig.org/how-to-use-bridged-networking-with-libvirt-and-kvm
• https://www.redhat.com/sysadmin/setup-network-bridge-VM

However, the bridge inherits the MAC address of host after enslaving the host hardware enp1s0.... This causes my router to give both the host and the bridge the same ip address, making the ha instance inaccessible.

The red hat tutorial clearly show that the bridge and the host have different IP, so I was wondering if I am doing something wrong.

Alternatively, I can set the home assistant vm to run in NAT and port forward from host, but I have several devices that communicate over different ports. So it would be annoying to forward all these ports. Not to mention, many appliances don't have documentation about the ports they use.

I can also potentially use virtualbox, but it is not well supported on silverblue, especially with secureboot enabled.

cross-posted from: https://mander.xyz/post/16531247

I have tried to follow several tutorial to setup using either ip or nmtui:

• https://linuxconfig.org/how-to-use-bridged-networking-with-libvirt-and-kvm
• https://www.redhat.com/sysadmin/setup-network-bridge-VM

However, the bridge inherits the MAC address of host after enslaving the host hardware enp1s0.... This causes my router to give both the host and the bridge the same ip address, making the ha instance inaccessible.

The red hat tutorial clearly show that the bridge and the host have different IP, so I was wondering if I am doing something wrong.

alternatively, I can set the home assistant vm to run in NAT and port forward from host, but I have several device that communicate over different ports. So it would be annoying to forward all these ports. Not to mention, many appliances don't have documentation about the ports they use.

I can also potentially use virtualbox, but it is not well supported on silverblue, especially with secureboot enabled.

I have tried to follow several tutorial to setup using either ip or nmtui:

• https://linuxconfig.org/how-to-use-bridged-networking-with-libvirt-and-kvm
• https://www.redhat.com/sysadmin/setup-network-bridge-VM

However, the bridge inherits the MAC address of host after enslaving the host hardware enp1s0.... This causes my router to give both the host and the bridge the same ip address, making the ha instance inaccessible.

The red hat tutorial clearly show that the bridge and the host have different IP, so I was wondering if I am doing something wrong.

alternatively, I can set the home assistant vm to run in NAT and port forward from host, but I have several devices that communicate over different ports. So it would be annoying to forward all these ports. Not to mention, many appliances don't have documentation about the ports they use.

I can also potentially use virtualbox, but it is not well supported on silverblue, especially with secureboot enabled.

I have setup my fedora to use LUKS encryoted partitions. But entering two passwords gets quite tiring, as I shutdown my laptop quite often to get the benefit of LUKS (I am assuming nothing is encrypted when in suspend, please correctme if I am wrong)

I am thinking about setting up TPM autodecrypt. However, I was wondering does the decryption happen on boot or after I login?

If it happens on boot, then it seems like the benefit is pretty limited compare to a unencrypted drive. Since the attacker can simply boot my laptop and get the unecrypted drive.

Am I missing something here? I was wondering is there a way for me to enter my password once and unlock everything, from disk to gnome keyring?

With 5 years of OS support and 8 years of security update.

Related threads:

• https://lemmy.world/post/4130880
• https://lemmy.world/post/4129394
• https://feddit.nl/post/2555704

There is no blog article yet, but a email has been sent to some people who pre-ordered the AMD version.

Unfortunately, due to electrical issues we recently found during validation along with late firmware delivery from our silicon vendors, we’ve had to delay the start of mass production for Framework Laptop 13 (Ryzen 7040 Series) until September. We’ll be shipping as many pre-orders as we can before the end of September, but we anticipate that many orders originally in Q3 batches will need to move into Q4. We have prepared substantial production capacity, so we don’t expect the late start to cascade into delays in later batches.

The reason is basically (as far as I understand) because this is the latest iteration of a product, and many drivers are not ready for the product, hence making it hard to conduct effective testing.

And also there are serveral small complications with new hardwares (again, paraphrasing the email):

• The back USB-A expansion card will draw high amount of power when it is empty or pluged in with a USB 2.0 device
• The back HDMI/DP will draw high amount of power, but they are working on fixing the issue through firmware
• The windows installer do not come with the up-to-date wifi driver, yet requires user to log into a microsoft account
• Some linux distro with older kernel might not have ~~wifi~~ good general support out of the box, until updating the kernel, which probably will be covered by either official guide or community guide.

Fortunately, other expansion card like storage, USB-C, and USB-3.0 works fine, and they state that Fedora 38 "will work smoothly out of the box". And they are working on fixing all of these issue or provide detailed guide to tweak these issue yourself.

I am not comfortable that signal depends proprietary google library. However, I find that Molly lags significantly behind signal (around 1 to 2 weeks, so maybe not as significant as I thought), but I am just concerned that if there is a security fix in signal, molly will not be able to react as fast.

I am also quite frustrated with the general lack of communication from the signal team (for example the lack of communication regarding username). I doubt they will have the good will to help molly when there is a critical security fix.

It is frustrating that signal no longer seems like the gold standard for privacy any more; unfortunately, all my friends are on there (ironic, isn't it...).

Secure camera is really good. However I find google camera works better in low light with fast moving object, like in door photo of moving pet etc.

For my use case, I have to install GCAM on my main profile, since my wife like to use it; and I don't want to go through the hassel of transferring photos between profile. But of course, I denied internet access and setup storage scope for GCAM.

But that left me wondering, am I just making my life harder by using secure camera as default? Since it seems that although secure camera is pretty good, it is not as optimized as GCAM. I already have GCAM on my phone, so I cannot think of any privacy benefit by not setting it as the default.

What do you think? do you use GCAM or secure camera, and why?