Awesome. Now how would you strace/ptrace the active process correlated with the return packet?

This is way past my pay grade in the territory of edge-of-abstract – understanding.

See one of my problems is that the malicious software is running across Python, JavaScript, and a ton of dubious packages scattered throughout the machine. It is all interconnected and using unconventional operations. Right now I am just removing a package one and a time and seeing what breaks. I will likely miss how things are interconnected. I am not at all familiar with this type of thing, and learning as I go. The system used unshare, manually created no-label packets with all records obfuscated, used a hidden daemon function in systemd, and no-account to operate outside of namespaces.

Yeah, I could do it. The question is how to redirect a web address to do something useful locally. Like maybe setup an Apache server or something to capture and log any such attempts regardless of how the address is called.

I’m in the process of dismantling software I will never trust or update again and coming across all kinds of sketchy stuff. There is this Python program called Sentry_SDK that is very concerning. Along with several others. It appears to be packaged with most offline AI stuff and is some of the most authoritarian nonsense I have seen. I have air gapped the computer and do not have a package installed like prettier to maybe make the JavaScript readable, and it is enormous. There are many pages that are in the 10k lines plus range.

I already found a place in the back end that is trying to send packets with major obfuscation. The process is preloaded as listening, with every measure taken to prevent discovery of its origin. So that is fun too. I will likely reformat and start over after I have had my fun and saved what I wish to save.

Assuming it is a quoted string for simplicity.
..."http://foo.bar/"...
$ sed -i 's/\/.*\"/injection/g'

That is flawed in practicality, but gets the point across and will result in http:injection. It would take more convoluted escapes to replace the ‘//’.

I was thinking there has to be a way to use the address like a printf like situation. However someone tries to use an address, it just hits a local trip wire. Pass that to anything you don’t want to connect on the internet. It is super lazy and hacky, but I don’t really care. I use an external firewall device with DNS whitelist, so I block everything anyways. Flagging stuff just makes it easy to say something to others that might benefit.

Don’t know, but watching heavy case files on YT from time to time, DNA is solving a lot.

Thanks for your reply. The point here is not about the merits of distrobox for security. This is a constraint that is not easily changed. It is only an element present, not an implementation of sandboxing.

I am looking for the best method that is hopefully less complicated than a systemwide SELinux policy plus Pam and Groups.

If anything, the distrobox is an added issue due to the nobody user.

Complex social hierarchy is a super important aspect to account for too. In the proprietary software realm, you infer confidence in the accumulated wealth hierarchy. In FOSS the hierarchy is not wealth, but reputation like in academia or the film industry. If some company in Oman makes some really great proprietary app, are you going to build your European startup over top of it? Likewise, if in FOSS someone with no reputation makes some killer app, the first question to ask is whether this is going to anchor or support a stellar reputation. Maybe they are just showing off skills to land a job. If that is the case, they are just like startups that are only looking to get bought up quickly by some bigger fish. We are all conditioned to think in terms of horded wealth as the only form of hierarchy, but that is primitive. If all the wealth was gone, humans are still fundamentally complex social animals, and will always establish a complex hierarchy. This is one of the spaces where it is different.

It is democratic. You have a right to all information, the right to error, the right to skepticism, and the right to protest in all nonviolent forms aka the right to offend others.

In this regime of rights, the right to skepticism is the fundamental. You have a right to think for yourself. Authoritarianism is the opposite. Trust is its fulcrum and individual thought, belief, and access to information are not rights of individuals.

You cannot have democracy and citizens without outlets of free expression of all types. There is no way to know if some group is in collusion or spreading misinformation for various purposes. Having the right to anonymously express and check concerns in the public commons is absolutely critical to democracy. Any attempt to remove it is an attack on skepticism, the fundamental cornerstone of democracy that if removed causes total collapse.

Thanks. This was helpful.

jake
Jake
j4ke
Jak3
j@k3
JAK€
jπ⸦kE
𝚥ᎪᏦ⋲
ꓙᏎ🅺Ꮛ
𞋕ꮜ𝈲𝈁
᜴ᚣᜩᗕ
It is not this, but same problem scope. Resolve all to “jake” for further processing. Also specifically looking for that ck.

Yeah, I probably should use Python, it just takes me longer and I am much less likely to keep hacking around with it later. It feels like a foreign language relative to bash. The problem came from greping using for loops, so I’m in that mindset. Point taken though.

The main problem is when following instructions for command line tools. They might figure out how to use dnf instead of apt, but the extra layers required for ostree are not very friendly. There are a ton of potential frustrations in this area, especially with GPU stuff or hobbyist hardware like Arduino where kernel stuff is needed in userland. At least as of nearly 3 years ago, the documentation in this area sucks. I was on Silverblue for a few years and managed to get through the frustrations due to intermediate experience level. I found toolbox useless compared to distrobox. But using this with something like Arduino was annoying at best. The needed dependencies expected by whatever stuff I wanted to install was usually a big mystery with near useless error failure messages and names of packages and libraries totally unrelated to the package naming in DNF. When updating the base OS, stuff built in these containers is totally useless because I could not update the containers to the new OS image. Playing around with Flash Forth on a microcontroller was even worse. I ended up layering a bunch of stuff on the host because the containers were just not working. When I got an Nvidia machine, I went to Fedora Workstation and have had far fewer issues and frustrations. SB wasn’t bad, but it is a pain to use these if you need kernel level access. Just my $0.02. I was actually on SB for ~2-3 years.

NDA’s

deleted by creator

Becoming a roadie and riding a bike everywhere for years fixed me feeling like this. I had to get over all of my insecurities being in public in a cycling kit. Being around other people riding and racing, it became my normal. Now… I don’t have to look at me, so why the fuck should I care what anyone thinks. They are used to it or whatever, who cares. I’m more interested in inferring their real intelligence versus narcissistic stupidity based on their responses. Old people are all ugly. “For your age” is just an excuse for it. The vanity is boring. People who are judgmental are just projecting their own inadequacy and internal misery.

Chemistry, math, physics, optics, metallurgy… The thing that is hard is how your needs for knowledge will change over time and what is accessible to you at each stage.

For general electronics, The Art of Electronics is the goto book. For actually understanding practical stuff, you need to build a knowledge of the industrial revolution and how it evolved. The inventions of James Watt opened up steam. The Bessemer process scaled iron. Large heavy castings drove the potential for large lathes, but lathes are the key to everything. A lathe is capable of cutting a more precise screw than the one used to operate it. That old screw can be replaced with the new, until you achieve your desired precision.

A reference flat is made using two granite stones rubbed together with water in between until the top one creates suction that can lift the other.

Prussian blue and hand scraping are used to make machine flat surfaces.

Automotive suspension components like springs and torsion bars are a good source of cheap tool steel. Engine heads are a good source of casting scrap and quality hardware. Wipers, window motors, and starters are great for building machines. Understanding how to repair and diagnose this stuff is a major skill. Knowing how to make real controlled heat is fundamentally important.

I’ve never encountered single sources for this stuff.

llama.cpp is at the core of almost all offline, open weights models. The server it creates is Open AI API compatible. Oobabooga Textgen WebUI is more user GUI oriented but based on llama.cpp. Oobabooga has the setup for loading models with a split workload between the CPU and GPU which makes larger gguf quantized models possible to run. Llama.cpp, has this feature, Oobabooga implements it. The model loading settings and softmax sampling settings take some trial and error to dial in well. It helps if you have a way of monitoring GPU memory usage in real time. Like I use a script that appends my terminal window title bar with GPU memory usage until inference time.

Ollama is another common project people use for offline open weights models, and it also runs on top of llama.cpp. It is a lot easier to get started in some instances and several projects use Ollama as a baseline for “Hello World!” type stuff. It has pretty good model loading and softmax settings without any fuss, but it does this at the expense of only running on GPU or CPU but never both in a split workload. This may seem great at first, but if you never experience running much larger quantized models in the 30B-140B range, you are unlikely to have success or a positive experience overall. The much smaller models in the 4B-14B range are all that are likely to run fast enough on your hardware AND completely load in your GPU memory if you only have 8GB-24GB. Most of the newer models are actually Mixture of Experts architectures. This means it is like loading ~7 models initially, but then only inferencing two of them at any one time. All you need is the system memory or the Deepspeed package (uses disk drive for excess space required) to load these larger models. Larger quantized models are much much smarter and more capable. You also need llama.cpp if you want to use function calling for agentic behaviors. Look into the agentic API and pull history in this area of llama.cpp before selecting what models to test in depth.

Huggingface is the goto website for sharing and sourcing models. That is heavily integrated with GitHub, so it is probably as toxic long term, but I do not know of a real FOSS alternative for that one. Hosting models is massive I/O for a server.

No country on Earth is like this. No polity is unified without opposition. Additionally, making this statement here, when it is obviously false, in a place where at least half the people are from the US, and likely all of those are left leaning and just as much victims if not more so, seems like rather tepid malevolence.

It is not a laser beam.