Yes I suggested using google when some question comes up. And i believe he has been actively doing that too as he figured out many of his own questions (what is grub, the Windows vs Linux filesystem differences etc.).

https://www.gog.com/forum/general/best_kind_of_linux/post139

Then again the instructions online usually expect you to know something about Linux stuff. For instance, if someone in serverfault or stackexchange says "edit /etc/fstab and add a line to it", they will not explain what /etc/fstab is for, which editor to use (e.g. nano or vi, or the graphical text editor of your choice), how to operate vi, and not necessarily point out to you that you must have sudo/root privileges to edit the file. The instructions expect you to know all that already.

(And this whole thread's scope has been quite confusing: it seemed to start as a simple "Which Linux should I choose and how to install it beside Windows?", but suddenly we are talking about running Linux on a portable USB memory stick which will be used on several different PCs and has to be able to run jar packages etc... I've tried to stick to things I know, like how to identify which USB wifi adapter he has (lsusb! lsusb! did I mention lsusb?) and where to look for its drivers, as I fought with the same issue a half a year ago.)

This thread kinda reminds me what I am doing with Ansible right now at work: I only have a limited understanding of how Ansible works, and now that I've been googling all over why some of our Ansible scripts don't work against CentOS 8 host machines (after lots of searching and reading, it seems to be due to CentOS 8 changes related to what is considered as your "default python" (= there is none in CentOS8/RHEL8, this is an ideological decision by RedHat)).

I have seen maybe dozen different suggestions in how to overcome that; only one of the suggestions has worked for me so far, using the "-e ansible_python_interpreter=/usr/libexec/platform-python" option with the ansible-playbook command).

Some suggestions say "just put the default python interpreter either directly into your Ansible playbook or the inventory file", and I am like "umm so playbooks are obviously these yaml files here, while the inventory files are apparently those files where I list the host machines' IP addresses?". And then I have no idea in what format I should put the option in the inventory files. Yeah I guess I should attend some proper two week Ansible course, but no time for that right now when there is a pressing matter.

I am pretty sure some Ansible guru would be quickly frustrated trying to explain to me what to do exactly, as he is not certain what exactly I am trying to do with Ansible, have I created any separate groups for different hosts, what are the exact errors I get and with which parts of the playbooks etc. And that wouldn't be because that Ansible guru is some kidya gaming forum member, as you put it.

Yes.

Why are you downloading every file individually? Click CODE >> Download ZIP and all the files will be downloaded as a zip file.

dtgreene, yes I have noticed that one great thing about Linux is its allowing people to do whatever they want, so you'll pretty much never be in any situation where there's just NO way to do something. And yes I realize that using git might be faster and easier, but it would require that I have internet access in Linux, which I don't have, which is the entire reason why I need the driver, so it's a catch-22. I ended up downloading the .ZIP file instead and extracting it. Today, I'll go into Linux and try to install it.

timppu, that's a very good point about it being easier to explain commands than graphical ways of doing things, and also about multiple different GUIs working differently (though I've tried Mate and Cinnamon, and I can barely tell the difference, for the most part). Btw, what exactly is PowerShell? I've heard of it and thought it might have something to do with the command line, but in what way is it different? I'm just curious, but I doubt I'll ever use it. About people giving abbreviated instructions and expecting people to fill in the gaps, I've been having exactly that problem from time to time (though you guys seem to usually give me pretty detailed information). Usually I can figure out the missing pieces, but sometimes people are just lazy and give the standard response as an answer, and once you get like 5 people who say exactly the same thing, none of whom actually clarify the specific question that you ask, and it becomes apparent that nobody is actually reading your posts, but just regurgitating from a manual, then you want to punch a hole in the wall!

Engerek01, that's what I ended up doing once I realized that I could. I haven't really used Github before, so I didn't know how it worked, and initially I though I had to download the files individually.



EDIT: By the way, I see posts that say I should disable secure boot before trying to install the driver. Why is that? Does it need to restart automatically into Linux after installation, and do so in such a way with which secure boot would somehow interfere? Why wouldn't I just be able to restart normally? And I read somewhere that someone was only able to get the driver working by enabling secure boot, which implies the opposite! Also, I read that disabling secure boot can cause big problems in Windows, so I'd really rather avoid disabling it if I can. But what would happen if I installed the drivers with secure boot enabled?

I am not a Linux expert, but I see no reason to disable the secure boot. If you were able to install Linux, and now have the chance to select your OS on boot with the GRUB menu, then you are done. As far as I know, all Ubuntu and Ubuntu based distros are digitally signed by Microsoft for the secure boot so you should be fine.


I am - now an ex- Microsoft expert. I used Windows on all my clients while Linux on my servers back in the day. Why Linux on servers? Because there is always a way to fix things on Linux, even tho it may be hard to find it. Especially back in the day where the internet was a luxury. MS Windows on the other hand, if there is a fix, it is usually very simple to figure it out. If there is not, there is not. Last time my Windows 10 crashed, the MS support told me to format. LOL. I tried to fix it for 3 days, failed. And finally gave in and format the PC. That was a first for me, after more than 30 thousand computer fixes in 20 years, I never had to format a PC before.

Powershell is Microsoft's response to the power of Terminal on Linux. CMD or the Command Prompt (which are in fact 2 different things even tho most people think they are the same) is just a DOS-Like application that runs on Windows. While on Linux, everything you do is actually run on the terminal, even when using a GUI. That gives the terminal ultimate power, as you are dealing with the system itself.

MS initially wanted to get rid of the black screen, hence they nerfed down CMD. But then, times have changed and strangely people leaned to typing to codes rather than trying to navigate and clicking to a constantly changing interface. That was the problem with GUI, every MS system has an insanely different layout. Add the differences between languages and it became very hard to follow the guides on the internet. Click here, open that, drag this.... while on Linux the fixes were usually just copy-pasting a line. How can you describe someone to install skype on windows? On Linux, one can simply type...

sudo apt install skype

The power of that simplicity forced MS to develop the Powershell. A terminal-like application with insane capabilities. It is much more complicated and powerful than CMD, with the same amount of insanity where a wrong command can mess up your system just like the terminal. Everything has a price :)

Wow, I wrote too much. Sorry about that. I must be getting old.

The "problem" with secure boot is that using it disables loading of unsigned modules, which is what some random out-of-tree module is likely going to be. If that's the case, then the module simply won't load. You can of course sign them.

https://wiki.debian.org/SecureBoot#Secure_Boot_limitations

https://wiki.debian.org/SecureBoot#MOK_-_Machine_Owner_Key

https://docs.fedoraproject.org/en-US/Fedora/23/html/System_Administrators_Guide/sect-signing-kernel-modules-for-secure-boot.html

Some people just prefer to disable secureboot for simplicity.

Engerek01, no, I'm glad you wrote that, because it's very informative.

clarry, thanks for the tip. I think I'll try signing it if it's not too difficult.

At this point, I've been able to get the Java Swing programs to run, but not JavaFX, and I get an error that I sort of expected, implying that JavaFX isn't installed (I'm using the default version 11, which seems to work fine with the Swing programs compiled in version 8).

So I can either install JavaFX or install the JDK/JRE version 8, which I think includes JavaFX, anyway. Which method is easier? I think I might install the version 8, because then I know it's completely compatible with what I built.

But then the issue is that it still doesn't have the internet. I'll try to fix that too, which would probably make it easier to install Java, except that I also want to install Java onto a Mint installation on a USB drive which will NOT have an internet connection, so I guess it's best to figure out how to do that offline, before I install my WiFi driver on the Mint installation that I put on the HD.

But once I get the WiFi and Java working I think that's all that I'll need.

It doesn't actually require that you have internet access in Linux. All it requires is that you have internet access on a system that has git installed or for which there's a version of get available for download, and there are versions of git for Windows and Mac OS. (It should even be possible to run it on Android via termux, though I haven't tried it myself.)

Fun fact: Git was written by Linus Torvalds (the original author and current maintainer of the Linux kernel) when he became frustrated with the situation with version control software, and nothing available fit the needs of the kernel. So, he took a few weeks and wrote git. (Note that Torvalds is no longer the maintainer of git; he passed maintainership on to someone else so he could focus on the Linux kernel.)

I didn't know that. But I got the file, anyway, so I'm going to try to install it now...

EDIT: IT WORKS! Guess what OS I'm using right at this very moment? And I didn't have to plug in a cable at all! And JavaFX works now, too!

These are the kind of questions that I should let you just google. :)

https://en.wikipedia.org/wiki/PowerShell

I think all Windows 10 versions probably have it. I guess you could call it the next generation Windows command prompt with much more features that make working in Windows command line more feasible, but I guess it is more than that.

Yeah, I get that impression now. Maybe I'll look into that some time, but for now I'm delving into Linux. Now that I got my WiFi and Java working, the next thing is to put a new installation on a USB stick, but that should be easy, and I have notes for how to get everything set up, and have already tested and been able to do it all. I think I'll do it tomorrow though.

Sorry about the delayed reply, but I spent some time checking this out and can confirm that your post is not quite correct.

Yes, it is the "host" responsibility to check the switch position, but this isn't software only. First, Sandisk's KB article at (cut-and-paste needed since forum keeps munging the URL):

kb.sandisk.com/app/answers/detail/a_id/6971/~/sandisk-microsd-memory-card-is-write-protected-or-locked

highlights the need for a replacement card if the switch is non-functional.

Claimed workarounds on Windows did not work when I tested them, at least the non-destructive ones (neither registry editing, diskpart or Windows disk management). Using hdparm in Linux did not work either (see attached screenshot).

However the great caveat (and the reason I mentioned the need to test in my post), is that the type of USB adaptor you use matters. The SD card I used for testing (a Sandisk 32GB SD) had working write protect when used with a Veho SD/MMC/RS-MMC USB adaptor. However write protect failed (i.e. the card was writeable) when used with an Integral USB adaptor. This indicates that the write-protect switch is implemented at host hardware level, not software.

So as long as you have the right USB adapter, SD's write protection switch should be fully secure from a software perspective.
In addition, only one post in this thread so far has given a recommendation truly relevant to the OP's request: Linux may not have spyware at OS level, but it doesn't stop applications from excessive "phone home" behaviour (e.g. Firefox will connect to tiles.services.mozilla.com every time you open a new tab - probably a leftover from their failed advertising experiment but still one with privacy implications).

This at the moment is where Windows scores better - the availablility of third party application firewalls (e.g. Outpost, ZoneAlarm, Jetico, Comodo - see this list for more examples) that allow Internet access rules to be configured on a per-application basis, and which can be used to detect and prevent phone-home activity. The best you can do on Linux is keep an eagle eye on netstat as comparable software is pretty thin on the ground - if you're interested, check out TuxGuardian, Douane or OpenSnitch (which looks the most promising, but even when complete, wouldn't provide much better control than Windows' own inadequate firewall).

As such, I'd suggest a different approach. Consider an older version of Windows (7 or maybe 8), use NTLite to strip out the applications (which have been the biggest cause of security issues in the past) and other unneeded features.

Then select, install and configure a top-flight firewall.

Then consider process control software as a backup. Sadly, the only example I have found for Win7+ is EXE Radar Pro which requires online activation - if you're happy to stick with 32-bit Windows then Malware Defender should be worth a look -
see this Wilders thread for more information.

Well I'm not downgrading Windows, but what I did was take Windows 10 offline and I just use it for compatibility with games, and installed Mint on another partition, which I'm using for the internet. Also, I use Firejail, and the default included firewall, which I set to block everything incoming that I didn't initiate.

I looked through all the pages of this thread so far, this is the only mention of Linux From Scratch (LFS). One other post warns against Gentoo, but I'd say if you have a lot of time (this is a Linux thread on a gaming forum, not judging though) and want to slog your way through what building a Linux system actually means, I suggest LFS, or LFS with helper scripts if the raw book instructions are too tedious, or Gentoo if LFS-plus-helper-scripts is too hard.

It's not the easiest, and it's orders of magnetude more error prone (building your kernel without support for some of your hardware or filesystem, or building a video player without support for your favorite video formats, or an audio player which only plays WAV files...) but when you've interacted with the system, configuration files, and auxillary applications at that level, the specific quirks of any distro will matter less: you'd probably be able to use whatever distro you want afterwards without running into too many catastrophic failures.

Where LFS would especially become tedious, more than the installation itself, is keeping it updated when new source code or patches are released. But if you can keep your LFS system up to date when bugs are announced upstream, you might be able to patch systems of a different distro before they release updated packages: there can be a lag between upstream bugs and e.g. Fedora having a fixed package available. LFS / Gentoo: very much the "most PRIVATE", not so much the second part "preferably be easy to install and use", but there is Documentation :-) Caveat emptor.

No end user documentation is ever going to dive into the technical details and reveal the fact that the write protect is fake. It's easier for them to tell a normie to just buy a new card. Yeah that's a bunch of workarounds for various things, none of which have anything to do with the card's write protect signal.

I don't know if hdparm is supposed to work on sdcards but if it does, it's still not going to change the mount options of your partition. Your screenshot shows you continuing to use a read-only filesystem after running hdparm. Of course it won't suddenly start writing. You're getting closer to the truth: that write protect switch is a lie, and can be bypassed. Indeed, the sd card specification says that the position of the write protect switch is unknown to the internal circuitry of the card (see attachment).

However, the conclusion that write protect is implemented in host hardware is wrong. Hardware delivers the signal (if it is wired at all..), the rest is implemented in the drivers (both the high level sd/mmc layer and the low level controller driver), which are both software.

It's actually a somewhat common thing that the write-protect line in hardware is sometimes missing (floating), miswired, or has a resistor pulling it high/low (sometimes by accident, sometimes because the slot is for micro-sd cards which don't even have that write protect switch) and then it doesn't work at all and developers need to add quirks to their drivers (or the device tree) to disable the write-protect support. Sometimes it's the other way around and a given driver does not have support for reading the status of the write protect pin. In this case, you'll see a message like "host does not support reading read-only switch, assuming write-enable." When sd card support was first coming to Linux in 2005, drivers needed to be updated to add support for that switch...

https://lwn.net/Articles/126098/ Example of bypassing write-protect:
https://patchwork.kernel.org/project/linux-arm-kernel/patch/20190529071843.24767-2-andrew.smirnov@gmail.com/

https://elixir.bootlin.com/linux/v4.14/source/drivers/mmc/core/host.c#L272

Notice how write protect capability can be either disabled (0) or just not supported (-1):
https://elixir.bootlin.com/linux/v4.14/source/drivers/mmc/core/sd.c#L822

So read-only flag is only set if write-protect capability is implemented in driver, and has not been disabled, and the switch has been enabled.
https://elixir.bootlin.com/linux/v4.14/source/drivers/mmc/core/sd.c#L884

Yeah I wrote that somewhat tongue-in-cheek. In fact, Gentoo was one of the most stable Linux distros I've used, and once configured & installed, worked great with no need for babysitting (unlike some modern distros that try to be helpful and do crazy things behind your back). But there's no getting around the fact that it's rather time-consuming.. otherwise I could still be using it today.