Notices by argv minus one (argv_minus_one@mastodon.sdf.org)

#Debian when I was young: “Look at me! I'm new! I can do cool things, like package management! Isn't that cool?!”

Debian now: “I am the Distro of Ages. I was born in the Before Times and shall endure long after all other distros have crumbled to dust.”

@wyatt

So what do you recommend?

@wyatt

So, what I'm getting from this answer is “🤷♂️ Framework is probably the best, but that won't stop me from complaining about it.”

I have a 15-year-old laptop. It is painfully slow. It requires a proprietary charger. The spinning-metal drive will probably have a head crash if I ever drop it. The battery lasts about 12 seconds. It's theoretically repairable except nobody manufactures replacement parts so in practice good luck with that.

In what way would a Framework be worse than that?

RAM in the oldest computer I've used: 655360 bytes

RAM in the newest computer I've used: 34359738368 bytes

Semiconductor manufacturing has come a long, *long* way.

@nopatience

> Smart cards has never, imho, been a realistic solution to almost any organisations; ever.

Why not?

@GossiTheDog

@johnshier

Which controls? MFA? The sum of two weak authentication methods does not add up to a strong authentication method. There's a reason security keeps getting breached despite all the flashy security theatrics of the last few years.

@nopatience @GossiTheDog

@GossiTheDog

Wait, what? I wasn't under the impression that small orgs even think about any of this stuff.

@GossiTheDog@cyberplace.social

1. We're talking about big orgs with zillion-dollar budgets. They can afford smart card infrastructure.

2. Trusting random employees' smartphones to serve as authentication tokens is hilariously stupid.

3. Employees who do know the first thing about security aren't gonna be thrilled installing Microsoft apps on their phones.

4. MFA is the exact opposite of “minimal friction”.

5. If you must use a phone as a hardware token, then at least do it properly: NFC, QR code, etc.

@GossiTheDog

The solution to this problem is not MFA.

When you have a problem with passwords getting compromised/phished/bruteforced, and you solve it with #MFA, now you have two problems.

The solution to this problem is smart cards.

#cybersecurity #infosec #IT

One thing that bothers me about #Syncthing GUIs like Syncthing Tray is that none of them seem to be aware that you can connect to Syncthing over a Unix socket.

There would be serious security benefits to configuring Syncthing to allow access only by Unix socket, but I can't do that if none of the GUIs support it…

@sharina_mc1

AI does not excel in coding, art, or data.

This was patent encumbered and also a DoS vulnerability: tricking anyone into transmitting that sequence would knock them offline!

There must have been a better solution than this.

One possibility comes to mind: switch modes when the computer briefly toggles the DTR signal. https://en.wikipedia.org/wiki/Data_Terminal_Ready

2/

The #Hayes #Smartmodem had a separate data mode (in which bytes are sent/received over the phone line) and command mode (in which the computer sent commands to the modem itself).

Switching from command to data mode was simple: send the command `ATO`.

The reverse was more complicated. The modem would switch from data mode to command mode whenever the computer tried to send the special character sequence `+++`, with a delay before and after the sequence.

1/

#RS232 #modem #retrocomputing

Unless I'm mistaken, DTR is kept active at all times while the computer is using the modem. Its only function is that the modem is to hang up if DTR becomes inactive for 2 seconds.

So, if DTR becomes inactive for only 0.5 seconds and then becomes active again, what happens then? If the answer is nothing, then that could be interpreted as a signal to switch the modem to command mode.

Nobody can trick you into toggling DTR, so that should be fine, no?

3/end

Another possibility comes to mind: use a single-byte escape code instead (ASCII's Data Link Escape code 16 seems appropriate), and add a modem command that sends that literal byte and goes back to data mode.

So, for example, whenever you need to transmit `␐`, you'd instead transmit `␐ATY␍` (for a hypothetical command `ATY` that sends a literal ␐ and switches back to online mode) and then continue transmitting as normal.

'Course, I'm about 45 years too late to be having this thought, but… 🤷♂️

@WhombeX

Oddly enough, I have successfully dodged COVID so far, but have caught a case of Fediverse Chick at least twice now.

Guess I should practice better social-media distancing? 🤭

@ash @phocks

Advances in electronics manufacturing are mainly noted for having made incredibly fast computers possible, but today's dirt-cheap microcontrollers are also incredibly fast.

Back in the day, a dirt-cheap microcontroller was something like a PIC16. Doesn't even have a multiply instruction, let alone an FPU.

Dirt-cheap microcontrollers today can run freaking Linux and are fast enough to do *software emulation* of #retrocomputing devices like floppy drives and sound cards.

Neat.

@tertle950

Both of those things tend to be done in a web browser these days, and yes, modern web browsers require massive computing power.

I could ask programmers to write more efficient code and stop wasting computing resources, but that's about as likely as a unicorn pooping a million bucks on my doorstep.

And for that matter, not even LibreOffice runs all that well on old hardware.

@navi

> it wants control of the source tree

Um no. I have a Maven project with some Rust code, with pom.xml and Cargo.toml in the same folder. That works fine. Cargo DGAF that it's being invoked from another build system instead of directly, nor that the Rust sources are in a different folder than usual (because, again, there is both Rust and Java code in this project). It Just Works™, as Cargo usually does.

@natty @wyatt8740