Notices by 翠星石 (suiseiseki@freesoftwareextremist.com)
-
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 22:00:30 JST 
翠星石
@sun Who would have thought that nodes that can decide where to send bitcoin to can be exploited to send bitcoin to another address? -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 21:57:50 JST
翠星石
@phnt @dj @ryan @p @ins0mniak @lanodan >ARM booting is such a mess that it's very likely not worth the effort.
ARM booting is bad, but certainly isn't as bad as booting AMD64.
>Every SOC manufacturer does their own thing without publicly publishing the specs for it.
The 2 AMD64 CPU manufacturers also do that and it seems that reverse engineering an Aarch64 SoC and writing free init would be easier than reverse engineering a AMD64 CPU and chipset. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 21:39:21 JST
翠星石
@sun They all glow in the dark and require proprietary JavaScript, so they're all shit and I cannot make a recommendation.
Although Njalla doesn't require that you dox yourself and allows you to pay via Monero (now only if they would free their JavaScript or make their site work without JavaScript they would be usable). -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 21:29:02 JST
翠星石
@phnt @dj @ryan @p @ins0mniak @lanodan >Then you are left with a CPU vulnerable to almost all sidechannel attacks which are a bigger threat than an IME backdoor.
You are immune to all sidechannel attacks if you simply don't run proprietary malware on your computer.
Every week or month a new sidechannel attack is found and only the latest CPUs are updated to "fix" those and I'm not running out every year to buy new hardware.
Throwing more proprietary software at a problem caused by proprietary software is an incredible folly, as you are doomed to fail.
>I don't run untrusted code on my computers and block JS. What happens when there's a JS block bypass for your browser?
So far there has been not a single bypass found for javascript.disabled=false and really you will notice if proprietary malware JavaScript is being loaded over tor and you'll be able to kill the process before it manages to leak anything.
I can also just use netsurf with JavaScript compiled out or Emacs Web Wowser.
>GNUBoot won't save you from an exploitable CPU.
Proprietary software won't save you from the inherently vulnerable concept of speculative execution either. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 21:12:47 JST
翠星石
@SuperDicq @newt I mean, proprietary version control is worse than nothing, as the proprietary software will eventually stop you from restoring a previous version, while `cp -r version-2.2.32-final.bak version-2.2.32-final` is guaranteed to work. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 21:08:53 JST
翠星石
@sun >With proprietary software you can't reliably do C-_
Why would of thought? -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:50:53 JST
翠星石
@newt @SuperDicq git works fine in my experience and it doesn't stop you from force resetting if you can't be bothered to clean up properly. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:41:02 JST
翠星石
@p @dj @ryan @phnt @ins0mniak @lanodan >the joke is that proprietary software is assumed to be compromised by state actors and he hopes to work around this by relying on the state actors' adversarial relationships.
Yes, I saw that immediately, but a good joke doesn't rely on false premises that cause the security to totally fall apart, which is what I was pointing out.
>I don't think they make GNUboot for ARM SOCs/SOMs.
Those are future targets, but for ARM stuff coreboot is not relevant, you need a free version of u-boot instead. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:26:04 JST
翠星石
@arcana They couldn't open for even an hour? -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:25:51 JST
翠星石
@p @dj @ryan @phnt @ins0mniak @lanodan >That's what the other three firewalls are for. You'd need four backdoors!
Yes, the attacker just exploits each of the 4 backdoors in sequence.
>No protection against IME backdoors.
I forgot to mention installing GNUboot and once that done there is no IME backdoor, as such proprietary software is not included in the images (on GNUbootable intel computers that came with an IME, the IME is an extra processor added to the NIC and can be disabled by simply not loading anything onto it).
You'd really want to use an KGPE-D16 GNUbooted systemd, as the Opteron 62XX processors appear to not even come with a backdoor processor. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:18:53 JST
翠星石
@p @dj @ryan @phnt @ins0mniak @lanodan >No protection against CISCO backdoors.
>No protection against Huwei backdoors.
>No protection against Juniper backdoors.
>No protection against Checkpoint backdoors.
Someone can come along and exploit every single backdoor regardless, as if a backdoor exists, it can be exploited by more than its authors.
The only solution against backdoors is to use a free software firewall that is free of any backdoors by installing GNU/Linux-libre and configuring netfilter. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:14:43 JST
翠星石
@phnt @dj @dcc @ryan @p @ins0mniak @lanodan >where even a firmware TPM is safer, because you can't easily sniff data happening inside the CPU.
>Look at "firmware TPM"
>Nothing firm, just malicious hardware that runs malicious proprietary software.
Electrical leakage detector enjoyers will be happy to get sniffing. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:11:24 JST
翠星石
@p @dj @ryan @phnt @ins0mniak @lanodan >Clinton wanted to put a freaking spy chip in everyone's computer. >They still wanna do that.
It's already done.
What do you think one functionality IME or PSP or ARM Trustzone is for?
Most people also carry around demon rectangles that could operate as a computer if not heavily restricted and every single one of them contains a spy chip (mobile chipset running proprietary software). -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 20:05:40 JST
翠星石
@catsalad Neither makes any sense as you should just use TCP if the protocol cannot tolerate loss or UDP if the protocol can.
Either way will perform pretty much identically, as there's only one instance of TCP and UDP only adds the packet headers as overhead. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 19:23:53 JST
翠星石
>Disable "predictable interface naming" as the interface names change if you put in any PCIe card (making the naming unpredictable).
>Put in a PCIe NIC
>The existing interface names stay the same and predictably the new NIC gets the next available interface number.
As expected. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 18:59:20 JST
翠星石
Time to drill directly through the Earth's crust and mantle to directly connect countries on the other side of the Earth at the lowest possible latency? -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 18:32:11 JST
翠星石
@rosey @niko Speakers should take decades to die (although junk ones die in a year or less).
I would suggest grabbing a knife and carefully cutting through the wires that power/control the RGB strip (near the start of the strip) and then no more RGB. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 18:28:36 JST
翠星石
@lispi314 @alyx @Breaking911 >Several diseases can also precipitate it, including influenza
No disease can violate the laws of thermodynamics - in order for enough fat to be generated to turn you obese, you must consume enough food to make all that fat.
>Most of the diseases vaccinated for very young also have horrible long-term effects on unvaccinated young children that catch them
Yes, that is what vaccines are for. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 18:25:33 JST
翠星石
@GNUxeava Only 4 years? 20 year old patches finally getting accepted is where it's at. -
Embed this notice
翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 19-Feb-2025 18:25:13 JST
翠星石
@nerthos You can do it today on GNU/Linux-libre in the Church of Emacs.
All GNU social JP content and data are available under the