PassingThrough

Since you mention setup instead of any manual install screwery, I’d say root(uid 0) is still very real, you just didn’t setup any login for it. Every time you sudo (substitute-user-do), you(probably uid 1000) are running that command as root instead of you. In fact, just sudo -i and you are now “logged in” as root.

Edit: Missed the context. Should still be useful info but you probably are not accidentally remoting into an account you never setup the login for.

Raspbian is sometimes a compromise between security and usability, because it is designed to go into the hands of new users. It also used to ship with a default “pi/rasberry” login hardcoded and IIRC permitted root password login over ssh. Things experience users change or turn off, but needs to start friendly for the rest, you know?

By doing this, they can take a step in the right direction by separating the root and login user, without becoming annoying asking for a password frequently as a newbie copies and pastes tutorial commands all week.

And as I said it’s unlikely, even very unlikely, but just not impossible. Everything comes with a risk, I just believe it’s up to you, not me, what risks mean in your environment. Might be you’d like to have the convenience on the home dev server, but rather have as much security as possible on a public facing one.

Or maybe you’d like to get really dialed in and only allow specific commands to be run without a password, so you can be quick and convenient about rebooting but lock down the rest. Up to you, really, that’s the power of Linux.

Thanks!

Nah, the point would be to use it as a dumb phone, but as you point out it’s still Android, a “Smart” OS compacted into a “Dumb” shell, not a purpose built dumb phone OS. My concern would be the (lack of) optimization or bloat of said OS causing poor performance that results in a bad experience navigating even the dumb functions. The tablet I mentioned for example(RCA), you could make a sandwich between basic app launches…

Either way, enjoy the experience!

What make and model of cheap “dumb” phone did you choose? And how’s it running so far?

I might one day try something similar, but my experience with cheap hasn’t been good, and if it can barely turn on like a certain cheap tablet I once had, the experiment would end quickly.

If you’ve got a VPS at your disposal, many of the homepage softwares I’ve tried over the years have some amount of caching to make them quite fast or even operate offline(“Homer” for one required me to deeply purge my cache as it would still appear when my site was offline…despite having replaced it long ago! 😂). Or, if you wanted to roll your own static HTML page, you can absolutely add a Service Worker for your own offline caching.

That’s where I’m at now. I use a custom ServiceWorker static HTML for my homepage and tab page on all my devices. This page is a bouncer, checks if I’m at home or not(or if my local dashboard is offline) and either redirects me to the local homepage which has all my HomeLab services on it, or if it fails just tells me I might be abroad or offline and lists a few public websites.

And yes, this works offline or over a shitty connection. Essentially the service worker quickly provides the cached page from the browser storage, then tries to take the time to check the live version. If it gets one, it updates the cache, if not, enjoy the offline version.

Might be a bit over the top, but I set up a custom homepage startpage, and then grabbed the New Tab Override extension so that it opens on new tabs as well as being my homepage.

So if you can think of any websites that might do what you want like cardd or link tree, or are interested in making your own little webpage and hosting it somewhere free, that might work and as a bonus will be the same across all your browsers and devices. Could even load it up on someone else’s computer if you remember the link.

In Debian, you will want to modify your /etc/sudoers file to have the NOPASSWD directive.

So where you find something like this in that file:

%sudo ALL=(ALL:ALL) ALL

Make it like this:

%sudo ALL=(ALL:ALL) NOPASSWD:ALL

In this example, powers are given to the sudo %group, yours might just say pi or something else the user fits into.

Also, please note that while this is convenient, it does mean anyone with access to your shell has a quick escalation to root privileges. Some program you run has a shell escape vulnerability and gets a shell without a password, this means they also get root without one too. Unlikely to happen, sure, but I believe one should make informed decisions.

Looking at it, seems not. Google store page says it doesn’t follow best practices and may soon no longer be supported. AFAIK it’s a single dev hobby project so this might be the end of it. Ah well. I’ll just no longer have as many free skins for games.

I only break out Chrome(or Edge) for two reasons:

One is access to serial ports to flash ESP devices, or update the firmware on my XR glasses. Firefox can’t do that.

The other is to automate Twitch drop collection. The addon I found to reload broken streams and collect drops while I’m at work only has a Chrome version.

Regarding 2, it feels to me as time wears on there are fewer and fewer online spaces in general. I fear it won’t be long before the internet is just a handful of “competing” social media companies and that one outlier group running the “Fediverse” that the propaganda says is the “Dark Web”.

Everything ends someday. It might be something we thought we’d move past with the digital age but, even digital requires resource input to keep going and that means it can and will end.

This does not surprise me at all. What were they supposed to do? Flash is dead, which broke most of the games on a site like this anyway. And kids, even young ones, go straight to Fortnite level video gaming these days, not flash sites.

It’s sad for those of us who grew up on this kind of thing, but like many other relics of the past the world moves on to something new. The Internet Archive and Flashpoint Archive will museum whatever functions without a server connection and the rest is lost to history, revered in our memories.

It’s just the nature of things. Like how a mere handful of social media websites today replace an internet once flooded with personal websites and small communities. I’m sure the next Cartoon Network sponsored game will just be a Fortnite event or Metaverse room.

Not entirely a nothing burger, I think. If there’s any truth to the anti-cheat outrage, there’s a large population of average joes handing out ring 0 access to a growing number of third or fourth party companies for the purpose of kernel level anti-cheat in video games.

Still a supply chain attack or a vulnerability in one of the A/C programs, but not as impossible as we would like it to be.