Hello I have some strange behavior with my suricata on opnsense and was wondering if anyone is experiencing the same:

I wanted to keep a IPS signature active, dropping the packages, but not get an alert every time, since the source is beyond the scope of my control (neighbour) and the alerts spamming my log.

Since this isn't implemented in the GUI yet, I manually added

include: threshold.config

To /usr/local/etc/suricata/custom.yaml

And added

suppress gen-id 1, sig-id 1234567

To /usr/local/etc/suricata/threshold.config

However after this suricata wouldn't start anymore, giving the error it couldn't load threshold.config, cause it needs to have YAML 1.1 and --- as first lines.

Not only does this differ from the documentation, it also differs form the example file.

With this added anyway suricata will start, but have errors in the logs, it couldn't parse YAML 1.1 couldn't parse --- And couldn't parse suppress gen-id 1, sig-id 1234567

So its still not working....

Anyone got an idea what's wrong here, or how I could drop packets silently?

EDIT: when changing the suppression to

suppress gen_id 1, sig_id 1234567

I get the warning

suppress gen_id 1, sig_id 1234567 is deprecated. Please use suppress gen-id 1, sig-id 1234567 on line 3

When starting suricata

BUT NO parsing error about the suppress line (only about the YAML and --- lines), indicating it works now?

Seems not intended, or do I do something wrong?

Hey people.

i recently heard rumors that Fennec is not updated properly anymore/not secure.

I don't really know what's going on (since the last update on f-droid is from 9.4.25) but am now unsure if its still the right choice.

What I like about fennec:

• -tuned version of firefox
• -not based on chrome
• -supports ad ons
• -possible to play YouTube while phone locked.

Just wanted to hear if someone can confirm the rumors of not being as privacy friendly / safe anymore and if so suggest privacy friendly alternatives, preferable not loosing the things I like.

Hey guys n gurls, I was wondering if it is smart to disable my VPN connection for casual browsing.

Reasons: when having VPN constantly running it may be possible to track me via browser fingerprinting.

Szenario: the connection coming from the VPN which hypothetically downloaded a torrent, tries to watch capitalist propaganda while living in China, etc.pp has this screen ratio, this locale, this addons etc. And (more important) the YouTube login cookie we know belongs to this physical person/telephone number etc.

So I am wondering if I should only use the VPN when "needing" it (read articles not available in country, Netflix, read information government doesn't like, things like that.) Or if I'm missing something here and I could obscure my causal day to day browsing as well without decreasing the security of the VPN.

For reference, the VPN doesn't log anything (for more than a day) to my knowledge

EDIT: From what I understand from the comments: switching the VPN has little to no impact on widely used tracking and if at all makes it easier to corelate data. People emphasize the general lack of full privacy if you are wanted by entities willing to spend enough resources. But for the general need of privacy in normal usecases it makes more sense to just leave the VPN running.

Edit: got told by the kind folks in the community that this is expected and the sentence "can access position while in background" actually just means: will ask you for the permission to access the position from the background but only does so, if you allow it" - that's what I figured, but now im sure. Thanks for the clarification everyone!

Hey guys n gurls,

I recently learned about exodus, and installed it to check my apps. While exodus shows some apps (like bike computer for reference) are allowed to track my position (quite logically).

The strange thing: in system settings it says seeing position is not allowed.

Does this mean that the app wants those permissions but I don't granted them? Or are my system settings bricked? Is this because of lineage? Is this expected?

Would greatly appreciate someone who understands this a little bit more to explain :)

P.S: Is (the tracker part of) exodus even useful when i already use neo store which shows known tracker? Is this maybe even the same database?

Hallo liebe Wiener, ich bin über Ostern in der Stadt und wollte mal fragen ob ihr Gedanken habt was man sich als alternativer Mensch hier anschauen könnte/sollte. Bin zum ersten mal hier, es gibt also keine falschen antworten ;)

Ob ein schöner Park, ne nette Kneipe, ein gutes punk Konzert dieses WE, ein sehenswertes museum oder sonst was, ich würde mich freuen von euch zu hören, was ich gesehen haben sollte bevor ich am Dienstag wieder fahre :)

As the Title says, i am wondering if there is a way to have the pictures big enough that i can see them without clicking on them in my feed. At the Moment it looks like shown in the picture above

Offtopic: can anyone tell me how to post/ crosspost in multiple communities at once?

This is a repost (but hopefully New in this site)