And now we move on to the second item on the agenda: Advanced Protection against Shrubbery and Why We Need It

to prevent exactly this scenario

I’d love to be in the group that brainstormed this exact scenario

Their contributions are welcome and appreciated.

But, given Microsoft’s history, any suggestions from them should be treated with skepticism.

Not according to my, completely malware free, waybar-git-real!

https://store.steampowered.com/hwsurvey/Steam-Hardware-Software-Survey-Welcome-to-Steam?platform=linux

Arch and Mint are the two most-used distros (Arch with double the Mint users) behind SteamOS(Steamdeck).

Installing Arch from the install medium is daunting for people so I’d recommend EndeavourOS. It’s Arch but using a graphical installer and sane defaults for a desktop PC.

It seems intimidating because there’s a lot of new terms and workflows seem to always involve the terminal. Learn to love the power of the terminal, don’t be one of those “I use Linux but am scared of terminal commands” people.

If you’ve figured how to use wine then you’re capable of searching your way to any solution I’m Arch (it’s probably on the Wiki).

It’s 2024, if you’re not exploiting CI systems to inject your malware into the dependency chain for large open source projects, what even are you doing with your life?

Snapshots are one of the features of copy on write filesystems like ZFS or btrfs.

It looks like Ubuntu has btrfs support, so you could do things like configure the package manager to automatically snapshot before a system upgrade.

https://blackstewie.com/posts/install-ubuntu-24.04-with-proper-btrfs-setup/

That looks like a current guide for setting it up

Being able to segregate “production” and “development” environments is very valuable.

This is a best practice that pretty much everyone, eventually, discovers on their own.

Timeshift is a good piece of software doing a tired trick.

The new hotness is copy on write file systems and snapshots. I can snapshot, instantly, then do a system update and revert to the previous snapshot also instantly.

Instead of using symlinks files, like Timeshift, the filesystem is keeping track of things at the block level.

If you update a block it writes a new copy of the block (copy on write). The old copy is still there and will be overwritten unless it is part of a snapshot. Since the block is already written, snapshots don’t require any data to be copied so they’re instant.

Once you finish the system update, all of the overwritten blocks are still there (part of the snapshot) and reverting is also just a filesystem operation, theres no mass data to be copied and so it is also instant.

It does use disk space, as allocated blocks AND snapshotted blocks are stored. It uses less than Timeshift though, since Timeshift copies the entire file when it changes

ZFS and btrfs are the ones to use.

The short answer is no.

There’s a lot of study on this topic from the cybersecurity perspective. If you could create an undetectable virtualization layer then it would be used for real-world cyberattacks to steal money and the existence would be quickly noticed by security researchers (and future hardware would include changes to mitigate the vulnerability). It wouldn’t be used for creating aimbots for video games.

If you want to read into the technical details, this stackoverflow thread has a lot of links to various papers and articles on the topic: https://stackoverflow.com/questions/39533/how-to-identify-that-youre-running-under-a-vm

Anti-cheat just detects that it’s running on virtual hardware (VMs don’t try to lie to the kernel) and will refuse to allow you to connect.

You won’t get banned but it’ll either stop you when you try to launch the client or it’ll kick you when you try to connect to a game instance.

That would let you hide things from the kernel anti-cheat but the AC can detect that it is running in a VM and just won’t let you play.

It requires either a Direct Memory Access card and supporting software or a video capture card and enough processing power to run fast image classification for AI aim bots.

Anything running directly on the PC can be detected by the kernel anti-cheat.

You can look online for the hardware and prices

It doesn’t stop cheating, it just makes cheating require spending a few hundred dollars and dealing with complex hardware setups. This means that relatively few people try.

Non-kernel anti-cheat can be bypassed by software. So it’s cheap and easily available.

That’s the only difference. Kernel anti-cheat doesn’t prevent cheating, it just makes it more expensive.

Developers who use kernel anti-cheat don’t support Linux because userspace anti-cheat is largely pointless. It doesn’t matter if you personally don’t care, the companies that want anti-cheat do care.

The workaround for kernel anti-cheat requires hundreds of USD in hardware. The workaround for userspace anti-cheat is entirely software.

Because of this, you will have less cheaters if cheating has a $500 price tag. That’s why kernel anti-cheat is effective, there’s no way for that to be solved with a WINE patch.

No, because then you can just run software cheats at kernel level which would be completely undetectable to userspace anti cheat

They were like

yay -S *-git

Yup, just reboot to apply it.

It’ll show up in dmesg: "microcode updated early to Rev. ###’ etc

75C is fine, the CPU will throttle in order to avoid max temps. This isn’t something that should cause instability.

It’s POSSIBLE that this is a bug that’s fixed with a microcode update, see here for installing it: https://wiki.archlinux.org/title/Microcode

TL;DR:

1. Install amd-ucode
2. Edit /etc/mkinitcpio.conf, add microcode after autodetect
3. sudo mkinitcpio -P
4. reboot

If that doesn’t fix it, and it crashes in Windows too, it may be a hardware problem. There isn’t much you need to do in order to get a CPU working.

You’ll fit right in, 'round here.

e: saw you go it fixed, congrats. It’s always DNS