modrobert @modrobert@qoto.org
- PGP
- 0x09208346d9245e65
- GitHub
- https://github.com/modrobert
- https://twitter.com/modrobert
- Bitcoin
- bc1qtxmtnc225p767x78k0xwcnhr0u64r655kqvc69
-"When the going gets weird, the weird turn pro..."
Joined Sep 2018
@lynne@pars.ee I guess Ctrl+Q should join Ctrl+S in hell?
@loke Found the tweet to Joanna (QubesOS founder) from 2016, no mention of RPM there specifically (might have done that via email), but the dom0 update part: https://twitter.com/modrobert/status/793406741925007360
@loke In general I think the threat has changed the past decade from being blackhat hackers doing things to government hacking directly through APT groups (https://en.wikipedia.org/wiki/Advanced_persistent_threat) and otherwise government sponsored groups/individuals, their focus is different, and so are their methods. I think central package handling systems and repositories are at risk now more than ever. Their focus are on spyware and backdoors. We need a smart system where binaries can be matched with open source code and checksums stored immutable against blockchain or similar tech.
@loke Yes, I contacted Qubes OS, specifically Joanna Rutkowska (founder) several years ago because it looked so promising except that they rely on rpm packages and updates which could compromise everything, and eventually it did: https://www.qubes-os.org/news/2021/03/19/qsb-067/
modrobert
boosted
Do you isolate different aspects of your computer activities to improve security?
For example, if you install a game on Steam, the creator of that game now has full access to all your personal files, which might not be the most ideal of situations.
The same goes for any other software of course. That NPM library you just installed? Well, it can copy your SSH keys, and so on.
@loke I use 'firejail' in Linux for Firefox, and snap does it for Chromium, both utilize the kernel container system (aka namespace isolation). Any programs which requires internet to function. Sure, VM isolation is safer, I use that for anything Windows related, but also takes a lot more RAM to run practically.
"Monkey MindPong"
https://www.youtube.com/watch?v=rsCul1sp4hQ
modrobert
boosted
TIL there is a 'gpg' python module that interfaces to gnupg through a shared library (libgpgme)
detached signature validation is a simple method call, this makes things much easier, and more robust:
https://github.com/bitcoin-core/bitcoin-maintainer-tools/pull/90
"Signal-Server code not public since April 22 2020 (Last commit on codebase) ?"
https://github.com/signalapp/Signal-Android/issues/11101#issuecomment-798900367
modrobert
boosted
It's Fortran day! Here's a fun general purpose program to compute spacecraft turn maneuvers: https://ntrs.nasa.gov/archive/nasa/casi.ntrs.nasa.gov/19720023254.pdf
modrobert
boosted
Richard #Stallman a.k.a. #RMS is the founder of the Free Software Foundation (#FSF), author of the original versions of **gcc** and **Emacs**, and perhaps best known for his creation of the GNU Public Licence a.k.a. #GPL.
Thanks to the pioneering work of Richard Stallman, Android has a freely available kernel that can boot it, and companies like Samsung are forced to release their augmented kernel source code to us every month, so that we can build — using Stallman's compiler — a working custom recovery like TWRP.
Richard Stallman is currently under coordinated attack by the cancel culture mob. They have him firmly in their sights and have set their hearts on trying to get him removed from the board of the organisation he founded in 1985, and which has been his life's work.
The reason for the attack is that Stallman is alleged to hold views that are "problematic" in the eyes of his detractors.
My own stance is that to even engage in debate of Stallman's views would be to lend credence to the notion that they are somehow germane to the work that Stallman does in support of free software. I contend that they are not, which is not to imply that the accusations leveled at Stallman would otherwise require intellectual or moral contortion to refute. They would not. Stallman's views, even if they were relevant, have been grossly misrepresented.
The attempted silencing of free speech is always painful to behold, but this ill-conceived attack on Stallman is particularly stomach-turning, given how much of his life he has devoted to the freedom of others, including those who accuse him now.
His contributions to free software and his consistent, uncompromising commitment to his beliefs regarding software freedom have made millionaires of others, including many among his accusers now, while Stallman himself continues to lead a life of subsistence.
#Android would not exist if it hadn't been for Stallman.
Without Stallman, we would not have the assurance that important software like #Magisk will continue to exist long after the project's creator has moved on.
Without Stallman, #TWRP would not now exist.
Were it not for Richard Stallman, most of the cheap electronic appliances and gadgets in your home would simply not exist.
Without Richard Stallman's groundbreaking work, the world would be a different and much worse place.
Now you can do something in return. Richard Stallman needs your support.
Please consider signing the petition below:
https://github.com/rms-support-letter/rms-support-letter.github.io
If you need more background before signing, please take the time to do your own research and reach your own conclusions.
"Mob Mentality Threatens The Free Software Movement"
https://www.youtube.com/watch?v=Uun2YhnUNGc
@fribbledom I added an alias to enable colors in xterm:
alias duf='TERM=xterm-color duf -theme light'
BTW: When 'duf-utility' is installed via 'snap' in Ubuntu it shows some local mounts as "squashfs", assuming since it's running within a sandbox (snap), also got this error:
"ERROR: ld.so: object 'libgtk3-nocsd.so.0' from LD_PRELOAD cannot be preloaded (failed to map segment from shared object): ignored.".
After installing from source 'duf' works fine.
modrobert
boosted
Good news, everyone!
Installing duf (the better df alternative) on Ubuntu and various other distros is now as easy as running:
sudo snap install duf-utility
@dannyboy Cancer caused by 'pylint'.
modrobert
boosted
After the most recent shenanigans by Github, I really want to move my projects off it. At the same time I'm lazy, and it takes some effort figuring out how to do it this.
Ideally I'd like to self-host, that means I have yet another system to keep up to date. Then there is Gitlab, but they are also a US corporation, and while they have done less stupid things in the past, the drama around the telemetry is still remembered.
Then there is Sourcehut which is good but has some issues. On the technical side it's that it has sometimes been quite slow when accessed from Asia.
@loke @carcinopithecus@x0r.be Totally agree, it's not just unacceptable from a human rights perspective, it's also unprofessional behavior.
- PGP
- 0x09208346d9245e65
- GitHub
- https://github.com/modrobert
- https://twitter.com/modrobert
- Bitcoin
- bc1qtxmtnc225p767x78k0xwcnhr0u64r655kqvc69
-"When the going gets weird, the weird turn pro..."
Joined Sep 2018
