in reply to Jonathan Lamothe
Off hand, I cannot think of a way to isolate a network interface except with namespaces. If that is true, the simplest way would be with a container, especially an LXD container which is is functionally like a full OS with it's own kernel.
in reply to Bruce Elrick
sudo apt install snapd
snap install lxd
lxd init --auto
lxc launch ubuntu:jammy mycontainer
lxc shell mycontainer
curl -fsSL https://tailscale.com/install.sh | sh
tailscale up
...
snap install lxd
lxd init --auto
lxc launch ubuntu:jammy mycontainer
lxc shell mycontainer
curl -fsSL https://tailscale.com/install.sh | sh
tailscale up
...
in reply to Bruce Elrick
And of course tailscale is just an example of a simple-to-use Wireguard implementation as a proof of concept
in reply to Bruce Elrick
Also, it occurs to me that likely the snap install lxd hides granting some privileges to the user who has sudo privs (via an lxd group).
In principle there might be a much slimmer container that could do the same, but I am too lazy to figure it out.
in reply to Jonathan Lamothe
@Bruce Elrick Though it looks like lxd is in Debian's apt repository without the need for snaps. 😎
Bruce Elrick likes this.
in reply to Bruce Elrick
@Bruce Elrick A bit of a heavier solution than I was looking for, but in the absence of a better solution, I'll probably go this route. Thanks for the help.
in reply to Jonathan Lamothe
You're welcome. If you find something lighter-weight in the future, I'd love to learn about it.
in reply to Jonathan Lamothe
Nope, since the kernel cannot route usrsa's traffic different from userb's traffic.
Jonathan Lamothe likes this.
𝕕𝕚𝕒𝕟𝕖𝕒 🏳️⚧️🦋
in reply to Jonathan Lamothe • • •N. E. Felibata 👽 likes this.
charlie :blobfoxcomputer:
in reply to Jonathan Lamothe • • •Jonathan Lamothe likes this.
Jonathan Lamothe
in reply to charlie :blobfoxcomputer: • •@MJ :blobfoxcomputer: Someone else pointed out that the fastest way to get a company to stop using Windows would be for someone to file a wrongful dismissal suit and to subpoena their Windows Recall records in the suit.
It cuts both ways.
like this
pizzapal and DrFriendless 🇵🇸 like this.
pizzapal
in reply to Jonathan Lamothe • • •silverwizard
in reply to Jonathan Lamothe • • •Jonathan Lamothe
in reply to silverwizard • •DrFriendless 🇵🇸 likes this.
silverwizard
in reply to Jonathan Lamothe • • •Hypolite Petovan
in reply to Jonathan Lamothe • • •Aaron Rainbolt
in reply to Jonathan Lamothe • • •Theoretically, if you're forgetful, ADHD, or multitask like crazy, you can use Recall as a memory supplement. Whatever you were working on, your computer remembers so that you can view it later. Additionally, it runs everything you do through an AI so that the search capabilities work "really well" (we hope!). (edit: originally I thought Recall also suggested what you wanted to do next, I was wrong, nevermind on that) That's supposedly going to help you work more efficiently.
Of course this comes with huge security and legal risks, plus privacy concerns since Microsoft's software is now watching everything you do on your computer.
If they had forgone the AI bit, released it as an open-source project, made it an opt-in application that you have to intentionally install, and implemented some actually good security, Recall might have actually been quite handy. The concept has merit, it's just the implementation is horribly flawed and a massive liability. They might still be able to redeem it somewhat if they open-source it and make the security better (i.e., *actually* encrypt the database and require the user to provide their password to decrypt it before viewing it), but I don't find that too likely to happen.
Shaun Griffith
in reply to Jonathan Lamothe • • •Keith D
in reply to Jonathan Lamothe • • •rsp
in reply to Jonathan Lamothe • • •Jonathan Lamothe likes this.
balduin
in reply to Jonathan Lamothe • • •Jonathan Lamothe
in reply to balduin • •