This is all I’ve run across on reverse engineering, so far but it is quite interesting.
https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b
This is all I’ve run across on reverse engineering, so far but it is quite interesting.
https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b
Some of the trust comes from eyes on the project thanks to it being open source. This thing got discovered, after all. Not right away, sure, but before it spread everywhere. Same question of trust applies to commercial software too.
Ideally, PR reviews help with this but smaller projects esp with few contributors may not do much of that. I doubt anyone has spent time understanding the software supply chain (SSC) attack surface of their product but that seems like a good next step. Someone needs to write a tool that scans the SSC repos and flags certain measures like the # of maintainers.
PS: I have the worst allergies I’ve had in ages today and my brain is in a histamine fog so maybe I shouldn’t be trying to think about this stuff right now lol cough uuugh blows nose
Is there really anything they couldn’t collect?
Well maybe they aren’t experienced info security professionals :)
Inflation.
I get where you’re coming from but is he managing his risk or not?
Does he understand the risk? If yes, good. No? Bad.
Is he ignoring the risk? If yes, bad. No? Good.
Is he weighing the risks against the benefits he receives of using these apps and taking appropriate steps to mitigate those risks? If yes, then good. No? Bad.
Cyber security isn’t “lock everything down at all costs”. Otherwise I would insist you throw your phone in an incinerator along with all your computers, live in a bunker reinforced against nuclear attack with a small army to guard you, never leave it, never talk to anyone… Etc.
It is enabling one to achieve their goals with a tolerable amount of risk. That level of tolerable risk is different for everyone.
FWIW I am on lemmy.world, am not a moderator, and have been seeing the spam comments with the trash and ban icons.
This doesn’t seem that much worse than American rules that have already been in place for a long, long time.
Do you really want to be like the US, though? I think maybe that’s not a great idea. (Source: am from US)
Totally agree. Have been there and done that quite a few times too.
I thought maybe the trash can meant the user was banned?
Very cool. Easily my favorite use for 3d printing.
Related, I think there are several sets of files for various RC cars I have run across. Would be kind of fun to download a whole (RC) car :)
Hopefully people with more of a clue than me will chime in… Meanwhile, my best swag is the filesystem had issues and had to do an fsck? If that’s the case it would boot quickly next time assuming a clean shutdown.
Were there any errors during boot?
Fastboot enabled in BIOS or no? (Not sure if this has anything to do with anything I’m just trying to look useful)
PS: the weird active time could maybe somehow be related to the filesystem being borked needing fsck? I’m not sure.
Load average of 400???
You could install systat (or similar) and use output from sar to watch for thresholds and reboot if exceeded.
The upside of doing this is you may also be able to narrow down what is going on, exactly, when this happens, since sar records stats for CPU, memory, disk etc. So you can go back after the fact and you might be able to see if it is just a CPU thing or more than that. (Unless the problem happens instantly rather than gradually increasing).
PS: rather than using cron, you could run a script as a daemon that runs sar at 1 sec intervals.
Another thought is some kind of external watchdog. Curl webpage on server, if delay too long power cycle with smart home outlet? Idk. Just throwing crazy ideas out there.
I definitely needed that
Not op. I installed windows 10 on my custom built desktop and my kids custom built desktop, on VM, etc. Have not had a problem and it was pretty simple overall. I’m sure some folks do have issues, though. Shit happens. Is windows 11 shittier for install? I’ve never had the desire to try :)
I’ve also installed various Linux distros on the above and a few other computers (Mint, Nobara, Fedora). Aside from Mint not working with my AMD RX 6600, no problems there either, really. And these distros installed easily.
Again, ymmv. I knew Mint would probably fail because the 5.19 kernel does not seem to like my GPU. That’s why I switched to Nobara in the first place (iirc the 6.x kernel wasn’t available at the time)
What a great use of my tax dollars.
I like how you think. Ok, you’re in charge of marketing.
I wonder what’s making it so hard. Probably scope of the breach.
Sounds like MS has their heads up their asses if execs got compromised and baddies are running rampant all over their network. I guess I’m kinda spoiled where I work.
I’d love to be a fly on the wall and see what’s going on. Or, actually, cyber$ec con$ultant >:)
Maybe that’s what I should do as my final gig before retirement. Hmm. I just need to find someone with actual charisma that can schmooze and find customers (since I’d sooner jump off a bridge). Get a handful of top notch cyber incident response and reverse engineering folks, few more engineers. I know I am going off topic but I need to dream if I am to survive Monday after the time change ok?? Let’s see… I would do 32 hour work weeks. Idk how that would play out working an incident, I guess shitloads of comp time and some way to keep from overloading people. Good bennies. 6 weeks of vacation a year. Hell, make it employee owned. WFH when and where possible (can’t really do an incident response 100% remotely, usually). Whaddya say, who’s in? Let’s make enough money to retire early. Fuck work.
Good to know. Well I have 16G now that should give me plenty to spare.
Mint is a good recommendation. I’ve used it for most of a decade because I just want my system to work.