with rootkits

These are eventually going to be blocked on Windows. Microsoft are making changes to what’s allowed to run in the kernel after the Crowdstrike issue last year.

Yeah it’s unfortunate. The nftables syntax is a lot easier though!

The same thing has happened before, around 15 years ago… Before iptables there was a system called ipchains. Migration took a while, but it was eventually done, and nobody talks about ipchains any more.

Docker really doesn’t like firewalls, and doesn’t seem to play nicely with them.

These days it’s a frontend for nftables. iptables is a legacy system that’s eventually going to be removed (just like ipchains before it).

On modern systems, iptables is a wrapper around nftables. So you’re essentially using nftables except without the ability to use any of its more powerful features.

iptables is a legacy system that’s going away. If you don’t learn ufw, you’ll have to learn nftables.

Edit: Not sure why I’m being downvoted for telling the truth lol

PyCharm is cross-platform, so you can use it on Linux.

Most VPNs support Wireguard, which is built in to Linux. If your VPN provider doesn’t have a Linux app, you can usually usually download a Wireguard config file from them and use it on Linux. You can import a WireGuard config into NetworkManager using a command like:

sudo nmcli connection import type wireguard file /tmp/example.conf

Then it should appear in the network list in KDE / GNOME / whatever other desktop environment you’re using.

It’s worth buying games on GOG instead of Steam where possible. Games on GOG are DRM-free, so you can download the installer and keep a backup of it, and it’ll work indefinitely.

Some games on Steam are DRM-free, but Steam doesn’t provide a way to download a standalone installer like GOG does.

Snapshots let you very easily revert back to an older snapshot. They’re relatively fast and lightweight.

You should have offsite backups too. Snapshots won’t help if your computer catches fire, gets stolen, etc. Rsync is okay, but has a bunch of downsides:

• It only gives you a single copy.
• If the source data gets corrupted, the backup copy will also get corrupted.
• It’s not safe from ransomware since the client has full write access to the rsync backup (and thus malicious code could delete the backup).

A backup solution like Borgbackup + borgmatic or restic is a better solution and solves the above issues:

• You can easily take daily backups - all the data is deduplicated so it won’t take much more space (assuming you’re not changing every file every day).
• Multiple backups means that if newer data is corrupted, you can just pull files from an older backup.
• Borgmatic has an append-only mode that only allows a client to add new data to a backup, and not delete any old data. This prevents the client from being able to erase the backups

Once you break it a few times, you start to understand the value of btrfs or ZFS snapshots.

I like the default one in KDE (Spectacle). It does everything I need, and can take both screenshots and recordings. I don’t think it works with other DEs though.