In an effort to escape the data-mining AI hellscape that is modern software, I installed Linux on bare metal (a HP laptop) this weekend. I haven't run Linux outside of a VM since I got my first academic VMWare key in around 2013, because I frankly haven't needed to. VMWare, VirtualBox, WSL, Multipass, Lima, Docker Desktop, and the cloud have provided me a ton of capability without having to worry about drivers.
I ended up going with Debian Stable. Canonical seems as enthusiastic to treat me as just another training tool for AI as Microsoft, so Ubuntu wasn't on the table for me. My Red Hat developer account is broken, so I can't connect to RHEL package repositories. I'm not smart enough to run Arch. That left me with Fedora and Debian, and I have been super impressed with Debian recently. Greg K-H did a great episode on the #osspodcast about Debian running a stable kernel release, and the way the team responded to the XZ backdoor was incredible. Plus @joshbressers recommended Debian Stable to me.
I am super impressed by the experience so far. The visual installer in the netinstall image worked pretty seamlessly (I had to ask it twice to detect my NIC, but it found them on the second try). There's a hiccup where Wayland doesn't want to use the AMD GPU in the laptop (even though the drivers are loaded and the card is detected), but there's not much screen tearing in Gnome even with the Intel integrated card being used to drive a 4K display. Honestly, it works better than my work machine (M3 Pro Macbook), because I don't have to randomly restart it to get it to use a USB C monitor, and I don't need a 3rd-party utility to get windows to snap to the sides of the screen (how is that not implemented in MacOS in 2024?).
https://margin.re/2024/05/dalvik-disassembly/
Interesting article about creating tool in #RustLang to assist #Ghidra #disassembly and #reversing of #dalvik.
When this hit master, I quickly found myself using it all the time. For those not using #HelixEditor built straight from source, it’s actually very very stable. I haven’t had any significant breakage since I started following upstream/master 6 months ago.
https://urbanists.social/@markstos/112514799959277933
I had a little Tetris action in my #Wordle 1,059 this morning.
⬛⬛⬛⬛⬛
⬛🟨🟨⬛⬛
⬛⬛🟨🟨⬛
🟩🟩🟩🟩🟩
@kateiacy @sundogplanets Go farmer!
My talk about the NICE Cyber Career Ambassador program is picked up for #BSides SATX! It's a pretty fun little conference in San Antonio.
We have no mechanism to flag when J. Random Packager adds "Supplements: glibc" to their random leaf node package. As a reminder, *we are a project that allows 1,601 minimally-vetted people to deliver arbitrary code executed as root on hundreds of thousands of systems*, and this mechanism allows any one of those people to cause the package they have complete control over to be automatically pulled in as a dependency on virtually every single one of those systems.
— Adam WilliamsonAgain the FOSS world has proven to be vigilant and proactive in finding bugs and backdoors, IMHO. The level of transparency is stellar, especially compared to proprietary software companies. What the FOSS world has accomplished in 24 hours after detection of the backdoor code in #xz deserves a moment of humbleness. Instead we have flamewars and armchair experts shouting that we must change everything NOW. Which would introduce even more risks. Progress is made iteratively. Learn, adapt, repeat.
Computer science guy, electrical engineer, US Air Force officer, jogger, likes teaching programming, aka KC0BFV.
Likes programming in: Rust, Python, JavaScript, C
Reluctantly uses: Roku's BrightScript, C++, anything