Notices by h3artbl33d :openbsd: :ve: (h3artbl33d@exquisite.social)

Flatpak, after many years, is still an insecure shitshow.

Yes. That article is four years old. It still applies :flan_peek:

@rysiek

This Toot and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this Toot in error, please notify the system manager. This post contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this Toot. Please notify the sender immediately by Toot if you have received this Toot by mistake and delete this Toot from your system.

@pinskia @geerlingguy

Oh damn... Do you know where I can find more in-depth information on this? Seems like Apple isn't exactly open about this.

@geerlingguy

The Apple M4 SoC uses the ARMv9.2-A instruction set. I am way curious whether Apple did adapt the hardware extensions in recent versions like memory tagging (ARMv9.0-A introduced this).

@thomholwerda

Sandboxed Google Play runs unprivileged - line any other app - and thus provides no special access.

MicroG on the other hand, needs to run privileged, requires closed source binaries and much more. It is not really an open source reimplementation.

@solene

This is huge. The difference is enormous.

SoftLRO makes em(4), ixl(4) and bnxt(4) NICs on older hardware go brrrrr:

https://marc.info/?l=openbsd-tech&m=173108537515435&w=2

#OpenBSD

@killyourfm

It is soooo good to see Mike glowing and a
Smiling that much again. And Emily makes an effin great addition to the band.

@killyourfm

This. Still ballin' everytime.

Why I prefer *BSD for hosting? One of the reasons, from 1,5 weeks ago:

A customer at work expected a surge in traffic, due to having a sale, on their WooCommerce-based webshop. #OpenBSD handled it like a champ, dealing with 2,51 million requests in nearly six hours time. This includes dynamic stuff like accounts and the checkout. All from a single VM (8C, 32G).

@silverwizard @neil

Semantics :)

Glad I can keep it with VMs and occassional jails. Had been ging smooth for years - andere many more will follow :runbsdBg:

@silverwizard @neil

Meet? Well, no - it'll overdraft your spare time.

Reminder: when running network cables throughout your house, you'd want CAT6a. Or use fiber (if you know what you are doing or are contracting an installer).

CAT6a is rated for 10Gbit/s up to 100 meters (328 feet for our weird American friends). Anything lower (6, 5e, 5) is subpar. Anything higher is very specific.

The CAT7 standard has tera connectors, rather than RJ45. CAT8 is for shorter runs, and designated for datacenters - whom rather use fiber.

CAT7 with RJ45 is off-standard and you are being lied to. A higher number isn't necessarily better.

@nappex

If you are putting in the work for the next decade(s), I'd recommend going with CAT6a. Right now, 10Gbit might seems like overkill - but you don't want to redo everything in a couple of years because you saved ten bucks.

Most datacenters use fiber - as ethernet is not sustainable.

Just my two cents - you are ofcourse free to do as you please.

@joel

Linux people do what they do because they hate Microsoft. We do what we do because we love Unix.

~ deraadt@

LOL. Microsoft named their ARM translation layer PRISM. Seems they are on a streak to please the NSA. Also: Recall. The NSA couldn't have dreamed up a vendor inplementing such a spying device and marketing it as something positive.

Seems I never wrote an #introduction. Years overdue, here we go:

Hi :flan_wave: I am h3artbl33d. Or Jeroen. Either is fine by me.

I am a Dutchie, mid thirties and somewhat of an ADHDer. My $dayjob consists of infosec, sysadmin and infrastructure. By night, I am a passionate hacker :flan_hacker: TV series and books binger, lazy f*ck.

I am one of the two admins of Exquisite.social, :wheel in EuroBSDcon, proud wearer of Puffy and privacy advocate :flan_peek: I disclose vulnerabilities from time to time, which filled up my clothing cabinet way too much. Furthermore, I am a team member of @secbsd, which is the pentesters OS that doesn't suck.

Did you already spot the recurring theme? That's right, *BSD is my thing. And it should be yours too - because :runbsdBg:

Imagine being a Linux devops with everything hosted at Vultr. That'd be one nightmare week. First the Vultr ToS clusterfuck (reminder: aboard them ASAP) and then the xz backdoor.

Good luck to those having to deal with these issues.

@aral

Thanks for the heads-up. Account suspended on our instance.

There are new updates for Mastodon, fixing a major security issue, GHSA-jhrq-qvrm-qr36. Admins: time to update your instances once again :flan_hacker:

#mastoadmin