TheGodfather Too many security downsides to actually use it.
Go on....
What is your desktop OS?
TheGodfather It's a crack that requires admin rights...
Of course it needs admin rights one time to do its job. How else is it supposed to work? It's one of the projects with the most stars on GitHub and pretty safe to use.
router99 Go on....
Uses outdated very insecure standards like X11, has outdated packages which lack most security fixes, is a fork of a fork. Uses a base (Ubuntu) which basically has moved to Snap as the main packaging mechanism, but Mint doesn't use Snap, so they get only the second-class packages. Lacks modern exploit mitigations, meaningful MAC policies, sandboxing and verified boot.
TheGodfather Yes, of course it does. And with admin rights it can do nearly anything. I choose not to trust cracks no matter how many stars people have given them. I cannot assume that these people have read and understood the source code. Neither can I understand Powershell code. You are welcome to disagree and put forth arguments on why this piece of crack is fully secure.
- Edited
Relaks The way massgravel works is by "convincing" microsoft servers that the computer can be activated with a digital license.
So if one does not trust massgravel code, it is possible to execute it and then format the computer. During Windows install, the computer still will be recognized by microsoft servers as having a valid license, while being an unaltered installation.
Until there is significant hardware change, that is.
4nu4b During Windows install, the computer still will be recognized by microsoft servers as having a valid license, while being an unaltered installation.
Only with HWID, because the license is bound to the hardware ID. There are also other methods available.
Relaks You are welcome to disagree and put forth arguments on why this piece of crack is fully secure.
Some methods can also be done by hand. But I am not here to waste time convincing people. If you feel better with reinstalling Windows again and again just to get it somewhat working, that's fine. Without activation some things simply don't work.
- Edited
Windows 10/11 IoT versions. They are at least relatively well de-bloated . I realize even with my pi-hole, a vpn and the help of resources such as privacy.sexy, I am probably giving up a lot more data to Microsoft then someone running Qubes or a more hardened OS but my threat model is such that I can opt for the convenience of Windows.
TheGodfather Without activation some things simply don't work.
Enterprise trial provides all of the features of the paid version. It can reactivated up to 9 months IIRC. Then you have to reinstall to get another 9 months. This is no biggie for me.
Thank you all for having patience with my weird behaviours.
- Edited
I'm currently using ChromeOS. Adversary is a competent violent stalker. A laptop with QubesOS installed was compromised before (I know without any doubt that it was compromised). I'm just wondering if GrapheneOS on the next Pixel Tablet (with MTE) will be more safe compared to ChromeOS? (disregarding Google privacy issues)
I hope this doesn't come off as patronizing. For all I know, you are Mitnick-meets-007...or quite simply, more adept than I within the realm of OpSec. But it bears repeating that not GOS -- nor any other security tool -- can/will protect you from a persistent adversary. If someone is stalking you, the solution is far from upgrading your tablet (assuming physical stalking).
Of course you know this. Still, we see many folks become hyper-fixated on thwarting ubiquitous bad-actors; consumed with ideals and concepts that are often impossible to achieve (Tbf, network security is like, the mother of all rabbit-holes too, tho.)
No doubt, the peace of mind alone achieved from using such an effective tool as GOS is noticably beneficial from day one. But you'll never truly appreciate this if you are burdened with persistent doubt. And again...maybe you aren't.
Are you? If you feel like sharing, I can try to help. Either way, I hope that you can remove this person's negative influence en totale and when you do, I hope that you have the wherwithal to compartmentalize any doubt back where it belongs and enjoy living your life! ;)
- Edited
ezlover I'm kind of an idiot when it comes to OpSec. I used Firefox with prefetching enabled (I think that this was what revealed my IP address). The physical stalking stopped I think. You're right, it's always possible to improve something and I don't want this to become my full-time hobby. I'll probably just use whatever I enjoy to use for now.
aosjdio I'm just wondering if GrapheneOS on the next Pixel Tablet (with MTE) will be more safe compared to ChromeOS?
GrapheneOS is more secure than ChromeOS, even without MTE, deducing from what I read from Daniel Micay. However both should be plenty enough to keep stalkers from compromising the system with spyware, as long as you do not accidentally weaken security or make OPSEC mistakes and as long as the stalker does not have access to state-level exploits.
TheGodfather They should not have access to state-level exploits. They're not even wealthy, so I was surprised about QubesOS. It's either that or they somehow managed to read data transferred with HTTPS, after they compromised the router. I don't know what is more likely. They already managed to compromise a basic Linux distro before, but that isn't surprising.
aosjdio It's either that or they somehow managed to read data transferred with HTTPS, after they compromised the router
HTTPS has nothing to do with your router. It works between your endpoint device and the server.
aosjdio so I was surprised about QubesOS.
If you use QubesOS like it's supposed to, a compromise from some hobby hacker will be very unlikely. How do you know that it got compromised?
I use Pop OS. I prefer Debian-based distros and I've found Pop OS's ability to have hard drive encryption built in, built in backup storage when things inevitably go wrong, no snap packages, flatpak automatically included, the ability to install any of the four major desktop environments, and potential paid support from System76 if necessary to be a nice combination. It is Ubuntu without the shortcomings of Ubuntu.
- Edited
TheGodfather The person posted information on social media that could not have been retrieved in any other way. I was in another country in a temporary location, so there's no physical access. The stalker is kind of an idiot in some ways, but he/she is good at manipulating people into helping him/her.
I know for a fact that they are capable of this because someone who was close to him/her in the past told me. The person who told me is currently in hiding as well.
When I mentioned the router I meant some kind of MITM attack, but I think that's unlikely? I didn't see any certificate errors.
aosjdio When I mentioned the router I meant some kind of MITM attack, but I think that's unlikely? I didn't see any certificate errors.
Not possible then via MITM. You would have seen certificate errors.
TheGodfather
Indeed, that is why I use it, I am kind of a n00b with GNU+Linux so that is why I began with Mint, it is quite stable for me and does not demand too much knowledge of terminal commands.
But if I would choose a security-based OS, I would choose Qubes with its sandboxing possibilities, it sounds fantastic, but I honestly don't think I am ready for that kind of difficulty yet.
[deleted]
Windows 11 for the gaming and Fedora KDE on my laptop and surface go