Posts by Grogan

Re: http://sappeur.ddnss.de/Sappeur_Cyber_Security.pdf

Don't even try to argue with these parrots.

Re: Whether it works well in Ubuntu Core, I don't know...

The problem with static linking is that you have immutable code in your binaries.

I won't parrot hypothetical security concerns with statically linked libraries that can't be updated in the application because that's only applicable in specific cases, where there actually is a problem. (i.e. show me a problem before you wag your finger at me)

However, static linking is all well and good, until the static code in your application no longer interoperates with other APIs on the system that have changed. For example, bundle or statically link harfbuzz, and your application will be broken when the system freetype API changes (recent example with Steam a few months ago). Statically link Cairo and your application may stop working when glib/gtk or X11 machinery changes (past example with Firefox). These are just personal examples off the top of my head.

So there are pros and cons to static linking. It MAY make your application more compatible and binaries more reliable with age, but it may end up being even more fragile (depending on circumstances). Often shared libraries are backwards compatible, they still support the old functions at the front end where the internals have changed, or the APIs it depends on have changed, and your application may not know the difference. Of course that's not always the case.

My insurance brokers got after me twice (after I ignored them the first time) to get commercial vehicle insurance, because they know I'm self employed. This is simply driving myself in around my locality in my personal car (i.e. not owned by my "business" or anything), to work on people's computers on-site.

The second time I took their advice. I was just planning on lying if I got in an accident, "I was on my way to McDonalds" or whatever, but since they were already aware of what I do (and contacted me again about it with stronger admonishments), it was sensible to just upgrade insurance.

The bottom line is, I would not be insured if I got in an accident if they could prove I was on my way to a gig.

Re: Ahh...

I'm not a photographer (and I don't really care about imaginary property that much) but that story disgusted me. How those gorilla huggers convinced a judge to award copyright and royalties (past, present and future) to their foundation for that photo is a testament to ridiculous times.

By that logic, Naruto the ape should have been charged with theft for taking the camera.

Re: Regarding touch testing

Typical knee jerk, nannying bullshit that dumbs everyone else down to your level. There is no law that says you have to have both hands on the wheel. I don't at all times, even when I'm not doing anything with the other hand. If you're not competent, by all means restrict your own behaviour.

Re: you focus on EVs were you can

It's fucking ridiculous having to deal with car dealership mechanics now. Expensive, they never do "repairs" (only replace parts... all of them involved that may or may not get wrecked in the process) and the vehicles are stupidly engineered and it keeps you coming back.

Fuck the flippant replies, I've got a vehicle that has a fuel line made of bioplastic. A one piece, shaped fuel line that costs $500 just for the part (thousands in labour and cleanup) when squirrels gnaw through it and pressurized gasoline sprays all under the hood an into the ventilation system and soaks into all the dampening materials. It has happened to me twice since I got that vehicle in 2018. The second time, I asked Ford to reinforce it with some steel braiding or something and they refused. I took the car somewhere else (to a real mechanic) to get that done and so far, nothing has chewed through it. It's a "Ford Fusion" this vehicle.

It's in again right now, for two days for brake work that's going to cost probably $1300.

The last car I had that I could really work on was a 1984 Mercury Topaz. It still had a carburetor you could clean and adjust, even. I drove that thing for 12 years and drove it to the wreckers not because the engine was bad, or that I couldn't keep replacing parts on the car, but because I didn't want to spend the money to get new tires again on a car whose body wasn't going to last much longer. I got 50 bucks for the car (scrap value) but a year later I noticed they were driving my car around the scrap yard (all but driver's seat removed) for hauling parts around. You couldn't kill that thing lol

For decades I've been using a mail program that strips out html junk and presents it as plain text with links. Most of the time it's enough to be able to function. Occasionally, if I absolutely have to deal with an email with some shit that doesn't work (e.g. a button I'm supposed to click whose URL I'm just not getting), I'll have to save it as html (and maybe edit a bit to get it to work) and load it in a browser.

The mail program I use is called Sylpheed. Pry it from my stiff, dead fingers :-)

Re: "Her Majesty's Government has no intention of picking up the tab"

Well... they can't really stop people from using their own end to end encryption anyway. I could send you files right now such that government agencies wouldn't live long enough to break the encryption.

Re: Innovation

I future proofed this system when I built it in 2010... a good Nehalem based Corei7, a deluxe motherboard with solid state capacitors, a big futhermucking Antec case, expensive 1000W power supply etc.

I'm on my third graphics card in this system, but everything else has been just fine. I've got SSD's now too (and one NVME with a PCI-E -> M.2 adapter card)

The only problem I'm running into now is inconsiderate game devs letting AVX instructions creep in. It's only a problem for that, because commercial games are the only things I can't compile. However, it's relatively rare, because most game devs don't want to limit their customers. There are still a lot of CPUs out there that don't have, or don't implement those instructions well.

It's not like the 90's when you had to upgrade very year (when hardware advances were significant). Smart phones are now the same. I use the same one for as many years as I can... I hate having to get a new phone.

Re: Disable swap

You're defeating the most significant and important purpose of swap. It's not so much for giving yourself "extra memory" nowadays. (If you're actually working with data paging in and out of swap, that's not viable. A big compile job can take days, for example)

The most significant use of swap is to aid in memory management. The kernel can't free up anonymous pages. It has no idea if that data is there for a process, or if it's orphaned and it's data that could be lost since it's not backed by data on disk, if you don't have swap. It can't just be dropped.

Re: El Register is catching the same disease as a lot of commenters...

Yes, these are IT buzzwords used to garner clicks. These articles are essentially paid advertising... in this case, gathering marketing data with the survey.

Re: Just don't use ANY anti-virus

The threats nowadays rely more on human trickery. They aren't as much "viruses" with patterns you can detect and heuristics can only be so aggressive without flagging and interrupting legitimate activity as malware activity. They can't exactly block programs that are trying to write to your documents (the results of that are things like that asshole Bitdefender preventing game data from being saved)

Re: I'm guessing that Devuan might [not] be able to use the Debian kernel?

Besides... there is likely a copy of the systemd binary renamed to init in /sbin (and sbin -> /usr/sbin in those silly distros these days)

Also, it's more that the kernel CAN be configured with a different default init path (something other than "/sbin/init") but it doesn't mean that a distributor IS doing that. I'd be surprised if Debian would break that convention.

Re: Cough, Splutter, Gasp

"Why would you even want to be running multiple distro? Is there any benefit to running multiple distros?"

There are a few reasons I do.

1) I always have two Linux systems on the same machine, so I can boot to one to work on (or fix, or make a tarball backup of) the other.

2) I like to have a lean, clean, serious Linux system and another with a lot more crap (e.g. multilib) for goofing around and games. It used to be that I kept a Windows installation for games, but now I boot to another Linux system :-)

Re: In other news....

I am of a mind that security that foils the legitimate user is NFG.

A password that I can't remember is NFG to me.

So what I do, is mix and match different (hard) password phrases, so I just have to remember four 8 character phrases. If I forget what I used on some site or service, I know it's a combination of 2 of those 4. I can always get it before exhausting 5 failed login attempts :-)

The end result is pretty strong 16 character passwords.

Re: When will they learn?

Yes, browsers are like an operating system environment within themselves these days. Especially on platforms (e.g. Linux) where you can't rely on system library versions working correctly and have to bundle static for a lot of things.

Re: This can't be Linux

Any idiot can fill up their storage. That's not "Linux" that's stupid users and (possibly custom) software that doesn't clean up after itself.

Unless overridden in the filesystem, 5% of the storage will still be available for root owned processes. That's why they can still boot in single user mode and fix it.

Re: Ugh

The Orange Ignoranus :-)

Re: eh?

I've only used Windows for games since probably 2000'ish. Nowadays, while I still have a Windows 7 install handy, I very rarely boot to Windows to play games. There's basically one I care about that I can't get to work, Sniper Elite 4, and I don't play it that often anymore. That Windows install could almost go, but it doesn't have to. I never updated anyway, just Service Pack 1 and the Platform update (and runtimes as necessary, usually done by the game installations themselves).

My next build isn't even going to have a Windows install. I really despise Windows 10 (and 8.x before that).

Probably not, and the entire point is that you should not use it. (Because of the stated philosophy that we like)

I take that one step further. If I can't compile it, I'm not using it. This includes software that is open source, but is just too onerous to build.

I didn't appreciate the flippant tone of this article either.

I have canceled my EA subscriptions. I'll buy games from companies more friendly to my environment. I certainly don't need to buy their games.

Re: Well whaddya know

Drunk passenger: "Got room for a large pizza and a case of beer up there"?

Driver: "Sure"

Passenger (leaning forward): Baaaaarrrfffff!

Dinosaur here... I use Trinity Desktop (TDE), a fork of KDE 3.

What's ironic is that back in the day, while I liked KDE, I considered it too bloated. Now on today's hardware, by today's standards, this is the snappiest desktop (other than minimalist standalone window managers like fluxbox) I have. It takes minutes to compile nowadays vs. hours back then, too.

I grew very disenchanted with XFCE, it's no longer the light weight desktop it used to be when it was based on GTK+2. Blech.

Plasma 5 is visually nice, and feature rich but it's very messy with ridiculous dependencies and bloat, as well as making a horrible mess in the user's home. I'll never install that again. That's what got me to switch to Trinity, self contained in /opt/trinity and ~/.trinity.

Re: Such a fuss..

Yep, it's a user login. It's basically a subsystem launched by sshd. If you give users a shell that allows them access to the whole machine (no jailing of any kind, relying solely on filesystem permissions), they will have the same access with SFTP that they do with a SSH shell. It's really not for public downloading.

I've seen (stupid) clients that restrict access to files you own when making use of SSH2/SFTP protocols but if you can log in with that, you have shell access anyway.

Also, it's not at all like FTP. More connection overhead and no control markers in stream for resuming transfers. It's not a replacement for FTP. I use the standard sftp client (I like it... takes wildcards and uses most shell conventions) to transfer files to/from servers but if anything happens you're starting over with that 8 Gb tar archive backup etc.

Re: What the hell did they expect?

I didn't say that programs didn't work, I said it made it more difficult to use them and that a shell replacement was needed to restore arbitrarily removed functionality.

Re: "13 years. 13 years. 13 years is far too long to expect support."

... and crap like that (and things like no downgrade rights for consumer editions of Windows), is why I employ "licensing tools" with no remorse.

I'm still going to help people with Windows XP computers. They don't have to change their lives to suit Microsoft's agendas. Most people who are used to XP don't want a silly new version of Windows

Re: Just say

Yep, not only small businesses but I'd bet that a lot of web hosting companies will avoid HP server hardware. Dell Poweredge or machines built in house.