moonpiedumplings

First thing you should check is if the school offers VDI - Virtual Desktop Infrastructure. My college has VDI, where you can access a GPU accelerated Windows machine from your browser, preinstalled with tools like Autocad, Photoshop, and other stuff. If your school doesn’t, then you should look at options like VM’s. The problem, however, is that CAD and a lot of other software is GPU intensive, and simply using it in a VM might be too slow for practical usage.

Waydroid is way nicer.

Okay, I hath returned. So I used to play a game called krunker.io. It was browser game, but I would use a native, electron based client. I spent a lot of time tinkering to figure out what options would maximize performance, and because I had a laptop with an Nvidia gpu, a few special flags were needed. Here was the full command that I would run to run the client: gamemoderun prime-run ./crankshaft-portable-linux-x86_64.AppImage -no-sandbox --ignore-gpu-blocklist --enable-gpu-rasterization --enable-native-gpu-memory-buffers --enable-zero-copy --disable-gpu-vsync --disable-frame-rate-limit --ozone-platform-hint=wayland > /dev/null 2>&1 You probably don’t want gamemoderun. But you can play with the rest of the flags there. I don’t remember what was needed and what was there for performance. I’m pretty sure that the first two arguments there were needed though.

I know this issue, I had a similer issue trying to get the client for krunker.io working with my nvidia gpu. I might have the solution saved somewhere, this comment is so I can remind myself to check.

Yes, but there is something important to remember.

By default, most Linux installs put there kernels in /boot, which is not on the btrfs partition. This is not an issue on distros that keep multiple kernel versions, but it can cause issues on distros that only provide one kernel version (Arch and Arch based distros).

Because the kernels are not stored on the btrfs partition, they are not restored by btrfs snapshots. And if the rest of the system, including kernel modules, are a mismatched version due to restoration, then it means your system is unbootable.

A simpler fix is to install ArchLinux’s linux-tls package, which is the stable version of Linux that doesn’t update constantly.

But what I do to get around this, I put /boot on the btrfs partition, and /boot/efi is the seperate efi partition where grub is installed. Then, kernels are restored when I restore a snapshot.

https://training.play-with-docker.com/ This is an interactive, guided docker course in your browser. Of course, docker is easy to install and use on a Linux system.

The way forgejo actions works, is that it is not a universal thing for every repo. Each repo, can have it's own forgejo actions instance connected to it, running stuff. The big benefit of that, is that you can make users bring their own actions servers, and not bother to deploy your own.

• oauth, and control sign ups via there. Don’t let people sign up via forgejo itself.
• anubis, yeah. Or similar.
• forgejo actions is an optional component… and forgejo users can bring their own actions server. Of course, it’s a risk to them since the server owner could execute code in actions. But yeah.

en.wikipedia.org/wiki/Superghost_(game) en.wikipedia.org/wiki/Ghost_(game)

Openbsd is definitely more secure than secureblue. There is only so much you can do to handle the massive monolithic architecture of the Linux kernel. Further down the stack, many parts of Linux, like sudo, dbus, or systemd are regularly hit by zero days. The SELinux domain architecture that Secureblue is interesting, but SELinux is extremely complex and difficult to get right, compared to the much more simpler pledge and unveil sandboxing that openbsd offers. In addition to that, there are further issues like the problematic way that user namespaces interact with browsers. (And user namespaces are frustrating in general, secureblue actually has a short article on their problems). For maximum security, you want to sandbox tabs from eachother using user namespaces (only works on chromium btw, firefox can’t do this so it doesn’t matter) — BUT, if you run your browser in a sanbox created by user namespaces, then you can’t nest them, disallowing you from using that powerful tool to isolate tabs. So you are forced to make a choice: You can either sandbox the browser itself, in exchange for weakening the isolation between tabs, or you can strengthen the isolation between tabs, in exchange for weaking the sandbox around the browser itself. Giving the browser access to user namespaces is questionable though, because see above, user namespaces have led to a lot of vulnerabilities. OpenBSD’s pledge + unveil (but only on chromium again), does not really make such tradeoffs. It can sandbox tabs from eachother, while also sandboxing the browser itself. In addition to that, pledge + unveil do not present a massive kernel attack surface that people have had to restrict for having too many 0days. And this is just one of the many, many examples, where OpenBSD presents a better security posture than Linux. Qubes is technically Xen, a different kernel than Linux. The Xen kernel virtualizes Linux distros, from which you can manage Xen, or do normal Linux app stuff. But nothing stops you from using a BSD virtualized by Xen for management or usage. Qubes talks about why they use Xen here — and the short version is that they did not consider the Linux kernel’s kvm secure enough for their usecase.

FreeBSD, OpenBSD and NetBSD are behind Linux. Look, I dislike permissive licenses too, but you need a source to back this claim up. Right now, each BSD does something special, that Linux (distro’s) can’t trivially replace, even if the usecase is more niche. NetBSD Dev’s make efforts to get it running on many devices as they can. OpenBSD (and it’s subprojects) are highly secure, moreso than Linux. Who do you think makes our beloved OpenSSH? OpenSSH noted for having very few vulnerabilities over it’s two decade long existence, and OpenBSD itself is similar, which is insane because there are products with multiple bad vulnerabilities every year. This is due to a highly security minded architecture - one that Linux lacks. FreeBSD is like Linux before systemd. The ports system results in freebsd packaging many server services that aren’t packaged on Linux. Being able to manage those through the system package manager, and the conviniences that provides, is nice. Different, and not popular don’t mean bad.