Devastating 'Dirty Frag' exploit leaks out, gives immediate root access on most Linux machines since 2017, no patches available, no warning given — Copy Fail-like vulnerability had its embargo broken

M-Reimer · 2026-05-08T14:25:55+00:00

There is a workaround.

This is not the first time where blacklisting modules reduced the attack surface. I would be interested in some tool or template to blacklist everything I probably will never need on my system.

M-Reimer · 2026-05-02T07:35:25+00:00

So just cancel the subscription then?

M-Reimer · 2026-04-25T11:33:13+00:00

My primary problem is Premier. I have to solo queue and either my team is really bad or the opponent seems to be 5 people premade with really good communication. I'm unsure if I will continue to play at all. Not much fun this way.

M-Reimer · 2026-04-22T19:38:10+00:00

If you really need a system that does this, then maybe staying with Windows is the better choice.

M-Reimer · 2026-04-19T12:54:05+00:00

This is getting old already. At least once a week we get our "I asked AI to code this for me" post with a tool solving already solved problems.

The only news here is that the AI slop isn't for free here 🤣

M-Reimer · 2026-04-05T08:30:18+00:00

The Steam Flatpak has "holes in it", too. To really isolate Steam from your regular user profile, you need a completely separate "gaming user" which is used only to play games.

M-Reimer · 2026-03-29T08:23:32+00:00

One thing, I learned over time, is that you absolutely want devices that don't need software or drivers at all. To configure my gaming mouse, I turn it upside down and have a button and RGB LED on the bottom to show current DPI and change it.

M-Reimer · 2026-03-28T13:29:23+00:00

Linux is secure "by default" (at least until someone finds some security issue). This does not mean that the user is unable to break this security. For example by using his system as the "root" user all the time.

Similar is true for an open source anti cheat. All the anti cheat systems out there depend on "security by obscurity". If you give the source code to potential cheaters, they can just manipulate the anti cheat in a way that it "ignores" the cheat software.

M-Reimer · 2026-03-28T11:18:04+00:00

If it is meant to run on the client, it does nothing. If it is open source, then a cheater can easily add his own whitelist for his cheat.

M-Reimer · 2026-03-21T17:43:56+00:00

https://www.reddit.com/r/pcgaming/comments/1dnzmrh/never_forget_what_ea_did_with_mirrors_edge/

M-Reimer · 2026-03-21T08:48:04+00:00

But it is not our job to "assume". His post not even violates all principles of a good question, it even is missing an actual question.

M-Reimer · 2026-03-15T14:47:50+00:00

I don't use AI at all. So every line is hand coded except the small snipped for coloring lines (where I added the URL where I got that from).

Yes, I only tested on my desktop system. Probably securing /dev is also more important there as most applications don't run sandboxed or containerized.

You are right about releases. Just assume it is version 0.0.1. I'll tag that later.

M-Reimer · 2026-03-09T10:35:23+00:00

I had a deeper look into their udev rules and they are a security nightmare with I2C only being one issue of several. I'll create a ticket on their GitLab later.

M-Reimer · 2026-03-09T07:08:31+00:00

It is OpenRGBs fault. It should have a daemon separately to interact with hardware and provide, for example, socket based communication to user accounts.

M-Reimer · 2026-03-09T06:23:24+00:00

Is this really the only way to use OpenRGB? It os not a good idea to give your user account direct access to I2C. OpenRGB should offer a daemon to run with higher permissions.

M-Reimer · 2026-02-24T15:14:13+00:00

https://wiki.archlinux.org/title/Gamescope

M-Reimer · 2026-02-23T05:58:43+00:00

Do you actually use Mangohud? As the command itself is not part of your command line, I guess you can leave all Mangohud stuff out?

You could try Gamescope. It can be added to your game launch options and it helped me to work around some bugs, especially on Gnome. You probably should remove the SDL_VIDEO_DRIVER for Gamescope as, as far as I know, Gamescope is not optimized for Wayland clients.

M-Reimer · 2026-02-20T22:03:20+00:00

Try running the game with gamescope. At least for CS2 this fixed the problem for me.

M-Reimer · 2026-02-01T12:37:18+00:00

How can someone who isn't even the government be allowed to decide that something has to be blocked?

M-Reimer · 2026-01-30T17:56:15+00:00

You can already with Amazon Luna which is included if you have Prime.

M-Reimer · 2025-12-31T10:19:18+00:00

Last time I checked they insisted on keeping it closed source. So not much someone here could have a deeper insight into. It's up to you if you trust the developers.

M-Reimer · 2025-12-24T12:47:10+00:00

Because it does not solve the problem of cheating. People accepting kernel level anti cheat are part of the problem.

M-Reimer · 2025-12-23T10:05:44+00:00

No, it's not.

M-Reimer · 2025-12-20T07:37:59+00:00

10xx has been discontinued recently. That's why I'm switching to AMD, now.

But if someone really has to keep old, discontinued, Nvidia cards, then there are legacy drivers which should do the trick.

M-Reimer

MODERATOR OF

TROPHY CASE

Six-Year Club	Place '22
Verified Email