this post was submitted on 11 Sep 2023
10 points (63.2% liked)

linuxmasterrace

2166 readers
1 users here now

A community for Linux enthusiasts.

May your htop stats be low and your beard grow long

Welcome to [email protected] former r/linuxmasterrace members and existing Lemmyverse citizens: Feel free to join the newly created [email protected] community.

Let’s make the full transition to the decentralized Fediverse!

founded 1 year ago
MODERATORS
 

Dont use Reddit username or Facebook username or anything like that even if it could be cool. That way you dont have to worry even if some log file or error stack trace recorded your username.

all 26 comments
sorted by: hot top controversial new old
[–] [email protected] 38 points 1 year ago* (last edited 1 year ago) (2 children)

And don't forget to always use password as your password! 🀑

[–] [email protected] 10 points 1 year ago

I use ***************. It’s easier to read it when you write it down.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (2 children)
[–] [email protected] 5 points 1 year ago (2 children)
[–] [email protected] 3 points 1 year ago

Here is an alternative Piped link(s):

https://piped.video/watch?v=dQw4w9WgXcQ

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source, check me out at GitHub.

[–] [email protected] 3 points 1 year ago

XcQ, the link remains closed. Sounds better in german.

[–] [email protected] 35 points 1 year ago (2 children)

Drive your web dev nuts and use [object Object] as user name

[–] [email protected] 4 points 1 year ago

Hello Satan.

[–] [email protected] 3 points 1 year ago (3 children)

OK, I guess it's some sort of sql injection, but what does that actually does?

[–] [email protected] 5 points 1 year ago (1 children)

Not really - a SQL Injektion would be naming my user user"; DROP TABLE USERS;-- or something like that.

My string is harmless but might scare web devs: How often do you see pseudocode like this?

log(INFO, "User "+user.userID+" logged on")

Usually this should print User @[email protected] logged on as the variable content gets converted to a string. But if the variable is not a simple datatype like string, but a complex one, there might be errors. If you do the concatenation above with an object instead of a string, this would only print User [object Object] logged on. Now when the web dev sees this line he's going to try to find the Bug, where this variable gets set to the wrong value/type, when in reality it's just your carefully crafted user name.

[–] [email protected] 3 points 1 year ago
[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Its the String representation of a Object.

If you open your Browser and hit F12, go to the console and type console.log(""+{}) you get an Object {} converted to a string by joining it with another empty string.

[–] [email protected] 1 points 1 year ago
[–] [email protected] 16 points 1 year ago (1 children)

Why would I be worried about my username showing up in logs and errors?

[–] [email protected] 1 points 1 year ago (2 children)

Sometimes you may not want to be identified.

[–] [email protected] 21 points 1 year ago (1 children)
user is not in the sudoers file. This incident will be reported.
[–] [email protected] 3 points 1 year ago

Another one for the naughty list
https://xkcd.com/838/

[–] [email protected] 10 points 1 year ago (1 children)

Ok but your PC username is way more private than your lemmy username, also its not your real name so what's the problem?

[–] [email protected] 14 points 1 year ago

Don't use "user" as your username. Use a personalized one, because it is much easier to identify and obviously it is a requirement in a multi user context.

If you share your logs pseudonymize them, but pick anything other than "user", because it makes it confusing especially when dealing with pam, ssh etc.

Overall not great advise.

[–] [email protected] 9 points 1 year ago (1 children)

Uh, but if you were to post a logfile or whatever online you'd anyways sanitize it before posting, right?

[–] [email protected] 6 points 1 year ago

I would, I know how to use sed

sed -i s/myactualusername/user/g log.txt
[–] [email protected] 4 points 1 year ago
[–] [email protected] 4 points 1 year ago

I don't think this is as much of an issue as people think it is, unless you're going to be sharing your logs with others it's not really going to be much of an issue, especially if it's not your real name. You might be thinking of some app or malicious program looking through them, instead you should be thinking of the real danger of an app or program opening and looking through Personal files on your computer, that's where the real juicy stuff is.