In Windows, firewall rules can be easily cumulated over time. Every time a new application is launched, the user will be prompted to create a new firewall rule for the app. However, when applications get uninstalled, most of them would not remove the firewall rule it has created.
Once there are more than just a few unused firewall rules, the system becomes less secure due to the exposed protocols and ports. A mocked application at the exact same file path can easily take advantage of existing firewall rules created and make the system vulnerable.
Unused firewall rules can be cleaned up with just 3 lines of PowerShell commands, under elevated command prompt:
My Raspberry Pi 3 died. It was used for running Plex server. It was running inside docker before the Pi died. I was looking for replacement. I looked into my basement and I found two Google_Nexus_5_(lg-hammerhead) phones. Then the story began…
you are fairly familiar with how flashing works, e.g. fastboot stuff.
you’ve already running postmarketos on your phone
you know what docker is
you know that you are probably gonna remove all the fancy UIs from your phone, and switch to postmarketos-ui-fbkeyboard or some console only mode
you’d better have a LAN connection on your phone rather than wifi
I can only prove this is working on my phones for now.
1. Edit kernel config
NOTE: before you make any change to kernel, always backup ~/.local/var/pmbootstrap/cache_git/pmaports/main/linux-postmarketos-qcom-msm8974/config-postmarketos-qcom-msm8974.armv7
Relying on complex tools to manage and build your system is going to hurt the end users. […] “If you try to hide the complexity of the system, you’ll end up with a more complex system”. Layers of abstraction that serve to hide internals are never a good thing. Instead, the internals should be designed in a way such that they NEED no hiding.