Puli 32/64 bit

[muggins]

I find it odd that about half his queries seem to be about security, and the other half about cryptocurrency apts for puppy.

[mikewalsh]

@puppytrue :-

Fred & mikeslr are both correct, y'know. The simple reason you never, ever get any replies is because you don't display a shred of evidence with regard to trying things out, then reporting back with what worked/didn't work. You're not putting any effort in, man!

You seem to think the forum is some kind of giant, interactive FAQ where you just 'plug' a question in, then you get a detailed list of instructions on exactly how to do everything you ask about. No community I have ever belonged to, in nearly 30 years online, has EVER worked like that. Yes, we like to try & help out, followed by attempting to suggest things which may provide a solution.....but there's "give & take" involved. And from what I can see of it, it's all 'give' on our part.....and nothing but 'take' on yours.

So don't be surprised that you don't get any answers.

Mike.

[fredx181]

Im just report entry-level user problem

Again, as mikewalsh said, you're not putting any effort in, just "reporting" is useless if you don't write anything at all about what you've tried to investigate the problem.

[Neo_78]

Regarding the Puli security profiles:

Puli barks as soon as suspicious connections are detected (only during browsing). Then, to prevent hacker attacks, updates the firewall's blacklist with the suspicious hosts.
...
Puli does not release the suspicious host but occupies its available ports in SYN_SENT or similar mode. For details, see profile-specific scripts such as /usr/local/bin/defaultbrowser and /usr/bin/netchecker.
...
According to the profile name, Puli makes hackers crazy. It disables the network periodically to prevent their session become effective. See the details in /usr/bin/netkiller.

Are the mentioned scripts available in an online repository somewhere to check how they work? Are these scripts transferable to other Linux distributions?

[gjuhasz]

Are the mentioned scripts available in an online repository somewhere to check how they work? Are these scripts transferable to other Linux distributions?

Dear Neo_78,

There is no online repository for this unorthodox method implemented in Puli.
To check the profile-specific scripts (/usr/local/bin/defaultbrowser, /usr/bin/netchecker and /usr/bin/netkiller), you need to browse in Puli on one machine and run a Linux hacker distro such as Kali or Parrot on another one. I recommend multiple test series: you should attack Puli from the same domain then from an external domain; using either the black-box or white-box approach.

Please note that in the published version of Puli, the (browser) defense is established by those simple and easy-to-extend scripts. Feel free to add more tricks or tailor them for your own purposes.

I suppose that those scripts cannot be simply copied to other Linux distributions without additional efforts. The modern browsers are equipped with nice but sometimes closed source tools and there are king size solutions for enterprise environment to detect malicious activities and risky applications.

Have fun!

Regards,

gjuhasz

[Neo_78]

Thanks for your feedback @gjuhasz I appreciate it!

[wiak]

Spoof, Randomize device, random all possible - mac, ip, cpu, gpu, etc. Where best for Puli ?

This is extension but where for Puli direct ?
https://addons.mozilla.org/en-US/firefo ... h/?q=Spoof

Blend In and Spoof Everything
Pretend to be using only the most popular fonts, display, network API, and device properties. Always 100% battery, spoof video card, and more.

Browser Plugs Spoof FP Random
Randomize video card, fonts, battery, screen, CPU, RAM, timers, network. Block APIs, WebRTC, and Plugins.

Fingerprint Spoofing
Modify your broswer fingerprint!

Random User-Agent
Automatically change the user agent after a specified period of time to a randomly selected one, thus hiding your real user agent

What kind of posts are these? Is it some kind of Bot typing? If so, should be put in Spam for checking/deleting? I find these posts quite annoying to read, specially since all such posts are time-consuming and taking away time from useful forum contributions. If puppytrue is not a Bot then should explain why they are posting in Bot-like manner (best to stop).

[rockedge]

@wiak I've been suspicious of puppytrue for a while now. There are moments that I am about to delete the "user" and all the posts belonging to it. Not one of them makes much sense to me and they seem very much like diversions. There might be hidden URL's contained within them. Like just a "." can be selected with the BBCode to be a link and then there is a URL that other search bots will find. One of our moderators has found other posts that are using the this tactic.
Examine this line carefully, Contained is the disguised link.

So far I have not looked closely at everything puppytrue has posted so I can not be certain that well disguised URL's to unwanted sites are contained in any of them. Would be also interesting in seeing if there is ever a response to a query from this user.

[Wiz57]

@wiak I've been suspicious of puppytrue for a while now. There are moments that I am about to delete the "user" and all the posts belonging to it. Not one of them makes much sense to me and they seem very much like diversions. There might be hidden URL's contained within them. Like just a "." can be selected with the BBCode to be a link and then there is a URL that other search bots will find. One of our moderators has found other posts that are using the this tactic.
Examine this line carefully, Contained is the disguised link.

So far I have not looked closely at everything puppytrue has posted so I can not be certain that well disguised URL's to unwanted sites are contained in any of them. Would be also interesting in seeing if there is ever a response to a query from this user.

I've deleted a few of puppytrue's posts, mainly because of the "scattergun" tactic where the same post is thrown at several topics. I once tried to reply to
one of their posts, but never received a response. There is also a link in their signature, haven't investigated it yet, seems I remember a number of posts
in Puli topic and EasyOS as well with the same request as the signature. Almost all their posts end with "Where for puppy?" or such.
Wiz

[rockedge]

@Wiz57 Also the email address linked to puppytrue seems odd to me

[Wiz57]

@Wiz57 Also the email address linked to puppytrue seems odd to me

@rockedge I can't see the actual email address, which is the expected behaviour, it only shows me the name "puppytrue"
underlined in blue to indicate a link, this is in the forums "send email" function. You being the admin naturally have a bit more detail, hehe!
Wiz

[rockedge]

it is sinoyaf398@rphinfo.com

[Wiz57]

Interesting indeed! A disposable temporary email address...read here:
https://disposable.help/domain/rphinfo.com

Though it may be considered draconian to block temporary disposable email addresses, if a user really is interested in joining
a community, they could at least use their actual email address. These temporary things are normally only used to "fake" a sign up
for some whatever service, or for spammers to abuse various forums.
Wiz

[mikeslr]

...Would be also interesting in seeing if there is ever a response to a query from this user.

When puppytrue first appeared on the Forum I answered several of his posts. They all revolved around how to securely engage in on-line-trading, and/or use of trading software which required wine. Among the techniques I discussed were the creation of a chrooted 32-bit OS containing Wine and its use under Easypup, EasyOS and Puli. As the author of detailed responses I thought those responses advanced our body of knowledge. You can find their threads by plugging the Term 'Metatrader' into the Search box.

As I don't engage in on-line trading, I have no way of knowing whether the techniques I devised were satisfactory. puppytrue never provided feed-back. Subsequent posts by puppytrue continued to revolve around security concerns sometimes quoting my posts.

IIRC, MikeWalsh had an experience similar to mine when he answered some of puppytrue's posts relating to the security of web-browsers. Under the circumstances I decided that any further response to his posts was a waste of my time and just stopped responding.

I did not consider the possibility that puppytrue was a bot. My hunch was that puppytrue was either very immature or suffering from a metal illness and a fixation on internet trading, in either case posting merely to proclaim his/her existence and seeking acknowledgement of that claim. By refusing to 'take the bait' and respond I hoped (s)he would eventually move on to some other forum where satisfactory responses could be had.

There was silence for a while. Now it seems his/her posting have again begun. As some of the replies have been informative I think deleting the threads he/she started might be in the nature of 'throwing the baby out with the bathwater'. I still think ignoring his posts is the best solution, but don't know of anyway to 'get the word out' to the rest of the community.

Blocking? Wouldn't that just result in his/her appearance under another name? Maybe not. But if so, wouldn't we just be converting a known problem into an unknown problem?

The above was drafted before I learned that puppytrue had registered using a disposable email address.

[mikewalsh]

Interesting indeed! A disposable temporary email address...read here:
https://disposable.help/domain/rphinfo.com

Though it may be considered draconian to block temporary disposable email addresses, if a user really is interested in joining
a community, they could at least use their actual email address. These temporary things are normally only used to "fake" a sign up
for some whatever service, or for spammers to abuse various forums.
Wiz

My view is that use of a 'disposable' merely fits in with this user's apparent obsession with hyper-elevated security measures, and wishing to disguise their on-line presence to the greatest degree possible. Some will go to extreme measures like this for everything, and yet are apparently unaware of the use to which these things are often put.

Which displays extreme naiveté, further reinforcing the impression of the individual being either very young or very "simple".

(*shrug*)

That's just MY view, anyway. (@gjuhasz - Sorry for dragging the thread ever further "off-topic". My apologies...)

Mike.

[gjuhasz]

Dear Puli users,

I published Puli 8.0, intended to be a high security, "kiosk" flavor of the Focal Fossa based puppies.
The default kernel version is 5.15.27oz (kudos to ozsouth).
Special thanks to 666philb, smokey01, pemasu, S-kami, Kros54, Ticoo, Sylvander, members of Puppy Linux forums, teachers, students, and my colleagues, including ethical hackers who helped me with their feedback about Puli.

I uploaded the package to https://sourceforge.net/projects/puppys ... 0_Mar2022/

Although in beta, it runs smoothly on my HP Elitebook 850 G6. It is still under thorough testing on various laptops / desktops (ASUS, Dell, HP, MSI, etc).

The main improvements compared to Puli 7.3:

- Better performance in processing webGL (check, for example: https://madebyevan.com/webgl-water/)
- Handles exFAT filesystems without additional modules
- Better gaming compatibility, e.g., Minecraft
- Bug fixes

Issues to be investigated:

- Lazy profile shall be redesigned
- Some software packages I assembled for Puli 7.3 shall be ported to Puli 8.0.
- Installing some Ubuntu Focal packages thru Puppy Package Manager fails due to missing libraries.

More details in the Help file.

Have fun!

Regards,

gjuhasz

[gjuhasz]

Dear Puli users,

Lazy profile improved. Some bugs fixed, others mitigated.
I still have issues with displaying correct network icon in the tray.

I updated the install package at https://sourceforge.net/projects/puppys ... 0_Mar2022/

Have fun!

Regards,

gjuhasz

(Edit on 20 March 2022: Tray issues fixed.)

[gjuhasz]

Dear Puli users,

Unfortunately, the storage space at SourceForge.net https://sourceforge.net/projects/puppys ... iles/Puli/ is slowly filling up. For this reason, I reorganized the Puli files as follows:

Regarding the 32- and 64-bit Puli versions:

• Puli versions 6.3 and 7.3 remain at SourceForge.net. I deleted the previous ones.

• Puli 8.0 will soon be replaced by Puli 8.1.

Regarding the 32- and 64-bit kernels, applications, and other software:

• Transferred to Google Drive https://drive.google.com/drive/folders/ ... MN9Px_zN3i.

Regarding the earlier Puli versions:

• Readme files and useful links can be found at https://smokey01.com/gjuhasz/.

Have fun!

Regards,

gjuhasz

puli.png (8.62 KiB) Viewed 2759 times

[gjuhasz]

This is the release candidate of Puli 8.1

You can find the detailed description at https://smokey01.com/gjuhasz/Readme-810.html.

The install package (Puli_install.zip) is downloadable from https://sourceforge.net/projects/puppys ... /Puli-8.1/.

Puli-compatible kernels, applications, and other software are available at https://drive.google.com/drive/folders/ ... MN9Px_zN3i.

What's new compared to Puli 8.0:

• Many bugs fixed, unnecessary elements and duplicates removed.

• Major change: language settings automated in Quicksetup (needs language file, see the content of lang-hu_HU_p8.1.pet for reference).

• Preferred kernels: 6.1.6 or higher (kudos to ozsouth, Grey, stemsee, and other forum members).

• See other info in my previous post.

• Known issue: With multiple monitors and a kernel version higher than 6.0.6, the Redshift and Brightness Control applications collide. No problem with single monitor or 6.0.6 (or earlier) kernel.

Have fun!

Regards,

gjuhasz

puli.png (8.62 KiB) Viewed 2754 times

[gjuhasz]

Dear Puli users,

I found why redshift and Brightness Control collide. The main reason for this is that the intel_backlight link is missing from the /sys/class/backlight/ folder in kernel versions higher than 6.0.6 (I detected it using my Dell Latitude 5520 laptop). Fixed. I uploaded the new Puli_install.zip to the SourceForge repository https://sourceforge.net/projects/puppys ... /Puli-8.1/. Date: 2023-Jun-04, MD5: 6fa46234a6deea1bd9f75182391a03e0

Changes:

• I modified the default redshift settings (in the /root/.rshift/ folder and the /root/.config/redshift.conf file)

• Instead of the earlier Brightness_v5p.pet, I created two alternative pets:
  Brightness-mainmonitor_v6p.pet (preferred) only affects the brightness of the primary monitor (i.e. the laptop screen), so it is used to adjust it to the other screens (if necessary).
  Brightness-allmonitors_v6p.pet changes the brightness of all monitors simultaneously.
  Day/night hues are still managed by redshift without any collision.
  The new Brightness packages can be downloaded from the https://drive.google.com/drive/folders/ ... Gzg5e6tzuG folder.

• I replaced the built-in hardinfo and netmon_wce packages with their newer version.

Have fun!

Regards,

gjuhasz

puli.png (8.56 KiB) Viewed 2723 times

[gjuhasz]

Dear Puli users,

Let me proudly announce the final release of Puli 8.1

You can find the detailed description at https://smokey01.com/gjuhasz/Readme-810.html.

The install package (Puli_install.zip) is downloadable from https://sourceforge.net/projects/puppys ... /Puli-8.1/.

(Date: 2023-Jun-11, MD5: f5af3662eba6f6ce359c16d007154ecb)

Puli-compatible kernels, applications, and other software are available at https://drive.google.com/drive/folders/ ... MN9Px_zN3i.

What's new compared to Puli 8.1 rc:

• Bugs fixed, missing links added, duplicates removed. (kudos to forum member ticoo1).

• Puli specific 6.3.0 kernel included in the Puli_install.zip package (kudos to forum member nocsak).

• Further improvements in language swapping in Quicksetup.

• References updated.

• See other info in my previous posts.

• Known issues resolved.

Have fun!

Regards,

gjuhasz

puli.png (8.56 KiB) Viewed 2578 times