Conversation

Maddy 🏳️‍⚧️ - Floofy fops waff neofox_floof

[Another AUR entry compromised]

That's it! Back to ~~Winnipeg!~~ Gentoo!
4
0
0
lewd shitpost
Show content

@maddy nono, go back to pegging winni

0
0
0

This is a good time for a friendly reminder to keep your personal and sensitive data separate from your gaming or testing hardware, if at all possible.

More plainly: If you can help it, don’t keep your password manager or do your banking on your gaming computer

6
1
0

@vavency Gosh, I love Dankmus’ remixes.

1
0
0

@maddy I mean tbf, you often do need your password manager to login to certain services/games and such

1
0
0

@thibaultmol I use it from my phone most of the time. Could also use it from a private browser session on the gaming computer so it doesn’t keep data on there that could be exfiltrated.

0
0
0

@maddy would something like a cloud password manager be fine on a gaming PC? I use proton pass cause it’s really the only option I know of I can have on all devices

1
0
0

@CinnamonCatYurilover Depends on implementation. If you can access a web client for the password manager in a private browser window, that would be the most secure way to use it, imo.

1
0
0

@maddy Why the gaming computer specifically? Is there something about games being insecure?

1
0
0

@Canageek Just because gamers tend to mess around with mods, occasionally pirate games, run emulators (that have occasionally been infected with malware), or the inspiration for the post, use a community (AUR) package for VR gameplay on Linux that has been infected with credential stealing malware.

Not to mention game DRM or anti-cheat software that could potentially leave your system less secure.

1
0
0

@maddy it’s a browser extension that forces you to have a pin to unlock it

1
0
0

@CinnamonCatYurilover While that sounds safe, I don’t know how extensions store data. I’d still recommend accessing your vault through a browser in a private window on gaming hardware rather than having it handy as an extension.

It’s about how much risk you’re willing to take, and I try to operate on a zero-trust model when it comes to sensitive/important data for myself.

0
0
0

@maddy ahhhh Yeah, I guess overwriting random DLLs so I can run mods isn't the most secure thing you do XD

0
0
0

@maddy Who are these people who can afford to have separate personal and gaming computers?!

0
0
0
@maddy I don't do this because it's too inconvenient to do so with physically separate computers (especially since if I make modifications to games it becomes my development computer too, and then it's even more inconvenient to not have SSH keys to access codeberg/etc on it, plus I sometimes do in-game chat over IRC over an SSH connection to my server) and my laptop doesn't have IOMMU so I can't run something like Qubes.

My new "desktop" will have IOMMU and definitely enough memory to separate stuff into VMs, but it still won't be able to run Qubes because Qubes is x86_64-only and it's Power ISA and I'm not sure if there's anything similar that will run on ppc64le.

I'm probably less at risk than some because I only run free software and generally everything that isn't packaged by my distro I compile myself, but supply chain attacks are still a concern.
0
0
1

@maddy @MaddieM4
I wish games in VMs didn't suck so much, if they run at all.

0
1
0