Yeah you probably want a proxy based solution. Have a network that has no internet access except through a proxy that you control.

You would also have to lock dns down. The problem with dns based blocks is that things like dns over https allow people to use an alternative dns server. But, if you control the devices that you are managing, then you can also control what dns server they use.

Noscript. Ublock origin strict/export mode, where you must manually accept connections. Dns filtering. A socks proxy. VPN. Etc, there exist many ways.

But which of these methods is best depends on what you are trying to do.

It is, they are switching from X to wayland.social, a mastodon instance.

(/s, they aren’t actually doing this though.)

This includes sideloaded apps.

This exactly. I have a FOSS app called VirtualXPosed installed (although I never use it anymore), which creates a “virtual android” in which apps can be installed and be manipulated in ways that would normally require root, despite me not having it on my phone.

Despite having “play protect” disabled, google still constantly sends me notifications about it being harmful.

Excellent choice on the new SSD.

If you are buying one of the used Elitedesks, refurbished from a business done with them, they often have their original storage removed and replaced with an extremely cheap, crappy SSD that probably won’t last long and will instead just die on you.

Yes. It’s a frontend for twitter, based on nitter.

It’s similar to invidious for youtube.

There are exactly 3 types of phoronix commenters:

• Trolls
• People falling for the trolling
• Professionals working at intel, red hat, etc who use that site as some kind of communications board for some strange, unknown reason

Firstly, this blog is mostly SEO spam and is probably one of the worst written articles I’ve ever seen. The article itself is more keywords than content. Even the headline is garbage, persisting after reboots is a normal feature of almost all most malware types, including rootkits. In fact, I’d say a lot of cybersecurity blogs are like this, hyping up mundane malware that presents no special threat for the clicks.

But I’ll break this down anyways.

The first bit about the dynamic linker, means doing things like restricting the files an app has access to, in order to prevent manipulation of how code libraries and modules are loaded, in order to prevent the injection of a malicious library. This can be done within the system, and often is by default, like how sudo refuses to load libraries it doesn’t like.

The second bit is literally just recommending you require a password to do admin things. Of course, there’s a lot more nuance to it. Access controls, controlling what user on a system has access to what can become a lot more fine grained, but for the kinds of malware that these articles report on, an admin password will stop them.