Notices by mort (mort@fosstodon.org)

Okay this is wild: I just noticed that changing 'PasswordAuthentication' to 'no' in /etc/ssh/sshd_config is no longer enough to disable password authentication in #ubuntu. That's because Ubuntu Server now by default creates a sshd_config.d/50-cloud-init.conf file which contains 'PasswordAuthentication yes' which takes priority over sshd_config.

I would've unknowingly left password auth on if I hadn't double checked.

Why?

More: https://askubuntu.com/questions/1516262/why-is-50-cloud-init-conf-created

#security #linux #server #ubuntuserver

@dalias @marcan He's right though. Nobody *actually* wants Asahi to support S2RAM. People want Asahi to use less power in sleep mode. People who ask for S2RAM *assume* that "adding support for S2RAM" is a quicker way to achieve that than improving power management to the point where S2IDLE uses almost no power in sleep mode.

If you disagree, please, can you link to someone laying out why they want S2RAM for a reason other than sleep power consumption?

What if we had something similar to the #numpy API on the #web and in #node etc? V8 is faster than CPython sure but you still can't get close to the performance of a hand-crafted SIMD number crunching loop written in C when writing #JavaScript (or using #WebAssembly for that matter). You kinda can in #Python thanks to numpy.

You may argue that most web/JS things don't need that level of performance.. but for sites which want to do e.g some pretty complex image prcoessing, SIMD would be great

#Mastodon needs an "expand all posts" button, I appreciate the value of people putting certain topics behind spoiler tags but it's tiresome to have to hit "expand post" for every post in a thread and every post

But no seriously what the fuck is @gregkh trying to achieve here? Before, I could use a CVE count as an argument to spend time upgrading #Linux: "there have been found 5 vulnerabilities in the version we use, we should upgrade to the latest". These days, CVEs are useless for that purpose, everyone knows that pretty much every single one of the thousands of "CVEs" affecting the kernel version we're on is bogus so they aren't useful for that purpose any more so we stay on old kernels for longer

The #CVE count of the #Linux #kernel is not looking good these days compared to any other #OS is it. Maybe time to switch to #FreeBSD or some other system which doesn't claim to find hundreds of significant vulnerabilities every day

@mcepl That's not what I'm saying. I'm saying that if there are enough exploitable vulnerabilities in Linux to fix a hundred of them every single day consistently, clearly it's not a very secure operating system

If there's not enough exploitable vulnerabilities to do that but they're publishing a hundred CVEs per day regardless, that's just a DDOS attack against a deeply imperfect yet useful vulnerability reporting system

@mcepl If FreeBSD started publishing a hundred CVEs about exploitable vulnerabilities per day I would have the same reaction to that

@mcepl Well I knew there were issues, nothing is perfect, but I was under the impression that it was secure enough that you couldn't fix a hundred exploitable vilnerabilities per day and still go strong a month later, yeah.

@mcepl Maybe, I can't recall and I don't think it's very relevant.

@drewdevault Considering autotools changes aren't backwards compatible, this sounds like hell tbh >_> you'd need many versions of autotools and be able to select between them based on which version range each project's configure.ac/Makefile.am file works with

Alternatively, GNU could just take their bloody role as core infrastructure maintainer seriously and stop breaking stuff all the time, but I don't see that happening any time soon

Does anyone know how to contribute to the word lists in #Firefox? The #Norwegian words "noe" (meaning some/something) and "noen" (meaning someone) are missing from the official Norwegian word list and the incorrect red squiggly lines are low-key driving me up the wall.

#mozilla #foss #opensource

@riley Nice thing about those though is that they don’t physically fit :) out of the cables which physically fit, the blue one works better but any cable which fits will work*.

* with the exception of those out of spec charging only cables but we don’t talk about those