That reminds me, I still need to watch Lower Decks. And Strange New Worlds. And Prodigy. Not sure which series I should start with...
Paper boxes may be equally bad or even worse, since many of them are coated with PFAS (aka "forever chemicals") - which can leach into your food and the environment.
Now whilst the FDA has banned sale of PFAS-coated containers earlier this year, it is expected that such products may remain on the market till sometime next year. Of course, it also doesn't stop someone from ordering cheap PFAS-loaded boxes from AliExpress or elsewhere. And if you're not in the US, you'd have to find out if there's a similar ban in your country, and/or verify whether the manufacturer of whatever container/utensil you're using is PFAS-free.
It would also be prudent to check even non-paper food-related products (spoons, spatulas, chopping boards etc). Even so called 100% recyclable "food safe" plastic, bio-plastics made from plant pulp, and traditionally eco-friendly wooden containers and utensils may be coated with PFAS.
The answers here are only partially correct. If you want to use your device internationally, there are four things or categories you need to consider:
- Carrier locked devices
- Region-specific devices
- Carrier whitelisting
- Regulatory requirements
Carrier locked devices are exactly that, these are the ones sold by your carrier and subsidised, they usually mention that you can't use them with other carriers. Eg the SM-S928U of the S24 works only on AT&T. If you have one of these, you may be able to buy an unlock code online to unlock your phone. Depending on your model, you might also need to flash compatible firmware or unlock additional bands from the service menu, if you want to be able to actually use it with your destination carrier.
Region-specific devices generally have limited cellular bands, meant for usage in that country. Eg although the SM-S928U1 variant of the S24 is factory unlocked (unlike the SM-S928U), it may not carry all the bands required for operation outside the US. If you're unsure about compatibility, use this website to check the bands for your target country/carrier. Generally though, if you travel a lot, it's recommend to buy the international / global variant of a phone. As an alternative, if you have a US variant Samsung, you could use the service menu to enable all bands. Though regardless of the variant, it's always a good idea to check the band compatibility before you purchase the device/travel.
Carrier whitelisting is a recent annoying thing which carriers have started doing for some technologies such as 5G, VoLTE, VoWiFi etc. Some of these features may or may not be critical for you, for eg, if the destination carrier no longer offer 2G/3G services, that means you must be able to get VoLTE in order to make calls. And VoWiFi is needed if you're in an area with poor reception, but have WiFi access. Finally, 5G would be a bonus thing but most carriers allow only whitelisted models to connect to their 5G services. Samsung normally should work in general, but given how many variants Samsung makes, there's no guarantee that your specific variant would be able to use some/all of these services. So you'll need to check with your target carrier in advance to see which of their services your phone would be able to support.
Finally, some countries may have regulatory requirements which may legally prevent shops/carriers from selling you a SIM card, if your phone isn't in their database. For instance, in Japan, it's technically illegal to operate a device without a "giteki" mark - and if your phone doesn't have this, operators may refuse to sell you a card. In this case however, you should be fine if you order a compatible SIM/eSIM online before arrival (eg from Sakura Mobile).
First of all, forget all the Spice-based viewers - by far the best solution for interacting with a Windows guest is using freeRDP. It's extremely smooth and lightweight, and feels like you're interacting with Windows natively - unlike Spice viewers which feel very clunky. With freeRDP, you don't need to configure Samba etc, clipboard sharing works, dynamic resolution works, and you can even use seamless windows (RemoteApps) to make it look like you're natively running a Windows app in Linux!
Just enable Remote Desktop in Windows, and then from your host machine, you can run the following command to connect to your VM:
xfreerdp /v:192.168.122.xxx /u:dexter /p:password /drive:/home/dexter/Downloads,Downloads /cert:ignore /dynamic-resolution +clipboard /scale:180 /f
- Obviously, change the above parameters according to your system.
- Setting a static IP inside Windows would also make it easier, so you can just create a shortcut/script with the above command.
- In my above command, I've shared my Downloads folder. This will appear in Windows as the share
\\tsclient\Downloads. You can then map this share to a drive inside Windows to make it easier to access. - I'm on a HiDPI monitor so I've enabled scaling with the
/scale:180parameter.
Alternatively, you could use a GUI tool like Remmina, which uses freeRDP in the backend.
I also highly recommend using freeRDP v3.x if possible - this is available in Arch (AUR) and Flatpak. The reason being, freeRDP has made numerous improvements since v3.0 (released December last year), which make it 100% worth the upgrade - but most distros seem to be stuck on 2.xx for some reason.
Let me know if you have any questions. I use Win11 guests on KVM almost daily for testing various things as part of my job, and I access it via freeRDP without any issues.
Wait till you find out that you can even uninstall Linux!
E37: No write since last change
It's easiest to just register a domain name and use Couldflare Tunnels. No need to worry about dynamic DNS, port forwarding etc. Plus, you have the security advantages of DDoS protection and firewall (WAF). Finally, you get portability - you can change your ISP, router or even move your entire lab into the cloud if you wanted to, and you won't need to change a single thing.
I have a lab set up on my mini PC that I often take to work with me, and it works the same regardless of whether it's going thru my work's restricted proxy or the NAT at home. Zero config required on the network side.
Most third-party Lemmy clients should support this. For instance, if you're on Sync, you can just swipe it hide the post (assuming you've configured it that way).
The bypassnro command still works though. Installed 23H2 in a VM yesterday and it worked fine.
Kali is a pentesting distro, it's not designed for malware analysis. The distro you'd want to use for malware analysis is REMnux, but it's mostly meant for static analysis. Static analysis is fine, but you may not be able to dig deep unless you're familiar with decrypting code and using tools like Cutter, Ghidra, EDB etc for debugging. Naturally you'd also need intimate low-level coding experience, familiarity with assembly language and/or Win32 APIs (or whatever APIs the malware is using). So this isn't an area a casual security researcher can just get into, without some low-level coding experience. But you can at least do some beginner-level analysis like analysing the PE headers and using some automated tools which employ signature-based detection, or you could analyse strings and URLs embedded in the malware; stuff like that.
Dynamic analysis is far more easier to get into and more "fun", but the problem is of course, with most malware being made for Windows, Linux is kinda irrelevant in this scenario. But you could still run Linux as a VM host and run the malware inside a Windows VM. The problem with running malware in VMs though is that these days any half-decent malware would be VM/context aware and may evade detection, so for accurate results you'd really want to run the malware on a real machine, and use tools like procmon, IDA, wireshark etc for analysis. But again, decent malware may be able to evade tools like procmon, so it can get quite tricky depending on how clever your malware is. You'd normally employ a combination of both static and dynamic analysis.
Industry pros these days often use cloud-based analysis systems which can account for many such scenarios, such as Joe Sandbox, Any.Run, Cuckoo etc. These offer a mix of both VM and physical machine based analysis. You can use these services for free, but there are some limitations of course. If you're doing this for furthering your career, then it's worth getting a paid subscription to these services.
Coming back to Kali Linux - it's not something you'd want to install permanently on physical machine, as its meant to be an ephemeral thing - you spin it up, do your pentesting, and then wipe it. So most folks would use it inside a VM, or run Kali from a Live USB without installing it.
There are also alternatives to Kali, such as ParrotSec and BlackArch, but really from a pentesting toolbox point of view, there's not much of a difference between them, and it doesn't really matter (unless you're a Linux nerd and like the flexibility Arch offers). Most industry folks use Kali mainly, so might as well just stick to it if you want to build up familiarity in terms of your career.
As for your Surface Go - you could install a normal daily-driver Linux distro on your Surface if you really want to, and then run Kali under KVM - which is personally how I'd do it. Running Linux on Linux (KVM) is pretty convenient has a very low performance overhead. You can also employ technologies like ballooning and KSM to save RAM, if your system has low RAM.
Spent a good chunk of my weekend catching up (online) with an old childhood friend, who I lost touch with over 15 years ago. We also played an old-school PC game (Diablo 2) that we played as kids - and it was so much fun. After that, we decided to make this a thing every weekend and revisit some of the old games we used to play back then and relive the good ol' days, back when the worst of our worries were trying to get get good grades... :)
On to the more mundane stuff, I'm happy to report that my spring onions are doing great. They've survived for nearly two months now, on just some water and liquid fertiliser, in spite of harvesting them regularly. I'm never going to buy spring onions from the market again!
Is this the edible variant, ie Ipomoea Aquatica (aka water spinach)?