Techrights logo

IRC: #techbytes @ Techrights IRC Network: Friday, December 02, 2022

(ℹ) Join us now at the IRC channel | ䷉ Find the plain text version at this address (HTTP) or in Gemini (how to use Gemini) with a full GemText version.

*u-amarsh04 has quit (Quit: Konversation terminated!)Dec 02 01:06
*u-amarsh04 (~amarsh04@3f4eq2qd8h8ka.irc) has joined #techbytesDec 02 01:40
*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytesDec 02 01:59
*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytesDec 02 02:01
*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytesDec 02 05:40
*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytesDec 02 05:41
*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytesDec 02 07:07
*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytesDec 02 07:07
*u-amarsh04 has quit (Quit: Konversation terminated!)Dec 02 07:08
*u-amarsh04 (~amarsh04@3f4eq2qd8h8ka.irc) has joined #techbytesDec 02 07:14
*geert has quit (connection closed)Dec 02 08:00
schestowitz <li>Dec 02 08:15
schestowitz                                    <h5><a href="https://www.dedoimedo.com/computers/apparmor-firefox-self-update.html">Firefox, AppArmor & self-update - Tutorial</a></h5>Dec 02 08:15
-TechBytesBot/#techbytes-www.dedoimedo.com | Firefox, AppArmor & self-update - TutorialDec 02 08:15
schestowitz                                    <blockquote>Dec 02 08:15
schestowitz                                        <p>Several weeks ago, I wrote an article that provided a basic overview of the AppArmor hardening tool, explained how it works, and showed you a practical example on how to confine and harden the Firefox browser. But wait, not just any which Firefox, but specifically the tarball version that you can download from Mozilla. I'm talking about the tar archive. Grab, extract, run.</p>Dec 02 08:15
schestowitz                                        <p>So far so good. Using the AppArmor profile (template) from my Kubuntu installation, I was able, with small modifications, to create a custom ruleset for the Firefox tar version running from my home directory. Things are fine, but there be one problem. By default, it cannot update. We shall fix that now.</p>Dec 02 08:15
schestowitz                                    </blockquote>Dec 02 08:15
schestowitz                                </li>Dec 02 08:15
schestowitz<li>Dec 02 08:20
schestowitz                                    <h5><a href="https://blog.arduino.cc/2022/11/28/see-how-ben-eater-reverse-engineered-an-80s-tv-censoring-device/">See how Ben Eater reverse engineered an ’80s TV-censoring device</a></h5>Dec 02 08:20
-TechBytesBot/#techbytes-blog.arduino.cc | See how Ben Eater reverse engineered an '80s TV-censoring device | Arduino BlogDec 02 08:20
schestowitz                                    <blockquote>Dec 02 08:20
schestowitz                                        <p>Upon learning that the internal dictionary of offensive words is not listed anywhere in the manual, Ben Eater had the idea to extract it himself. After a quick teardown, he discovered a single 93LC86 EEPROM chip functioning in 8-bit mode for a total of 2,048 8-bit words. He then connected an Arduino Uno to the EEPROM’s SPI bus and read 16-byte chunks before dumping the contents to the serial monitor for Dec 02 08:20
schestowitzfurther investigation.</p>Dec 02 08:20
schestowitz                                    </blockquote>Dec 02 08:20
schestowitz                                </li>Dec 02 08:20
schestowitz<li>Dec 02 08:21
schestowitz                                    <h5><a href="https://linuxjedi.co.uk/2022/11/30/acorn-riscpc-restoration-part-4/">Acorn RiscPC: Restoration Part 4</a></h5>Dec 02 08:21
-TechBytesBot/#techbytes-linuxjedi.co.uk | Acorn RiscPC: Restoration Part 4 – LinuxJedi's /dev/nullDec 02 08:21
schestowitz                                    <blockquote>Dec 02 08:21
schestowitz                                        <p>Now that we have things running properly in part 3, I figured I should work on the casing a bit. Especially since the current postal strikes in the UK mean that parts I have ordered are getting heavily delayed.</p>Dec 02 08:21
schestowitz                                    </blockquote>Dec 02 08:21
schestowitz                                </li>Dec 02 08:21
schestowitz<li>Dec 02 08:23
schestowitz                                    <h5><a href="https://drewdevault.com/2022/12/01/I-shall-toil-quietly.html">I shall toil at a reduced volume</a></h5>Dec 02 08:23
-TechBytesBot/#techbytes-drewdevault.com | I shall toil at a reduced volumeDec 02 08:23
schestowitz                                    <blockquote>Dec 02 08:23
schestowitz                                        <p>Software is still the same mess it was when I started writing and working, or perhaps even worse. You can’t overcome perverse incentives. As Cantrill once famously noted, the lawnmower can’t have empathy. The truth he did not speak is that we all have some Oracle in our hearts, and the lawnmower is the size of the entire industry.</p>Dec 02 08:23
schestowitz                                    </blockquote>Dec 02 08:23
schestowitz                                </li>Dec 02 08:23
schestowitzSCALE 20X - CFP Closing Tomorrow (Dec. 2)   InboxDec 02 08:30
schestowitzReminder that the Call for Papers deadline is tomorrow, Friday DecemberDec 02 08:30
schestowitz2nd. We look forward to reviewing your proposals and including you in thisDec 02 08:30
schestowitzyear's SCALE program! Proposals maybe submitted via the SCALE website at:Dec 02 08:30
schestowitzhttp://www.socallinuxexpo.org/scale/20x/cfp/Dec 02 08:30
-TechBytesBot/#techbytes-www.socallinuxexpo.org | CFP | 20xDec 02 08:30
schestowitzThis non-profit event would would not be possible without the help of ourDec 02 08:30
schestowitzvolunteer organizers, and the generous funding support provided by ourDec 02 08:30
schestowitzsponsors. If you wish to sponsor or exhibit at SCALE please emailDec 02 08:30
schestowitzsponsorship@socallinuxexpo.org for more details. To volunteer pleaseDec 02 08:30
schestowitzcontact us via email at staff@socallinuxexpo.orgDec 02 08:30
schestowitzWe look forward to seeing you back in Pasadena on March 9-12, 2023!Dec 02 08:30
schestowitzThe SCALE Team Dec 02 08:30
schestowitz<li>Dec 02 09:09
schestowitz                                    <h5><a href="https://blog.arduino.cc/2022/11/30/this-health-belt-can-provide-early-warning-of-heart-failure/">This health belt can provide early warning of heart failure</a></h5>Dec 02 09:09
-TechBytesBot/#techbytes-blog.arduino.cc | This health belt can provide early warning of heart failure | Arduino BlogDec 02 09:09
schestowitz                                    <blockquote>Dec 02 09:09
schestowitz                                        <p>This health belt has a variety of sensors to monitor key physiological indicators, including thoracic impedance, heart rate, electrocardiogram activity, and motion activity. None of those alone would reliably correspond to upcoming heart failure without many false positives and negatives, but together they provide a clear picture. The sensor array, which is wearable and resembles a cumberbund, communicates Dec 02 09:09
schestowitzvia Bluetooth with the user’s phone. When the signs of heart failure appear, their phone can either notify them to seek medical attention or notify a third party, like a family member or doctor.</p>Dec 02 09:09
schestowitz                                    </blockquote>Dec 02 09:09
schestowitz                                </li>Dec 02 09:09
schestowitz<li>Dec 02 09:09
schestowitz                                    <h5><a href="https://www.schneier.com/blog/archives/2022/12/sirius-xm-software-vulnerability.html">Sirius XM Software Vulnerability</a></h5>Dec 02 09:09
-TechBytesBot/#techbytes-Sirius XM Software Vulnerability - Schneier on SecurityDec 02 09:09
schestowitz                                    <blockquote>Dec 02 09:09
schestowitz                                        <p>Cars are just computers with four wheels and an engine. It’s no surprise that the software is vulnerable, and that everything is connected.</p>Dec 02 09:09
schestowitz                                    </blockquote>Dec 02 09:09
schestowitz                                </li>Dec 02 09:09
schestowitz<li>Dec 02 09:09
schestowitz                                    <h5><a href="https://gizmodo.com/sirius-xm-bug-honda-nissan-acura-hack-1849836987">Researchers Used a Sirius XM Bug to Easily Hijack a Bunch of Different Cars</a></h5>Dec 02 09:09
-TechBytesBot/#techbytes-gizmodo.com | Sirius XM Bug Lets Researchers Hijack Hondas, Nissans, AcurasDec 02 09:09
schestowitz                                    <blockquote>Dec 02 09:09
schestowitz                                        <p>A group of security researchers discovered the bug while hunting for issues involving major car manufacturers. One of the researchers, 22-year-old cyber professional Sam Curry, said that he and his friends were curious about the kinds of problems that might crop up if they investigated providers of what are known as “telematic services” for carmakers.</p>Dec 02 09:09
schestowitz                                    </blockquote>Dec 02 09:09
schestowitz                                </li>Dec 02 09:09
schestowitz<li>Dec 02 09:32
schestowitz                                    <h5><a href="https://danielpocock.com/shaya-potter-debian-warez-expulsion/">Shaya Potter & Debian WaReZ expulsion</a></h5>Dec 02 09:32
-TechBytesBot/#techbytes-danielpocock.com | Shaya Potter & Debian WaReZ expulsionDec 02 09:32
schestowitz                                    <blockquote>Dec 02 09:32
schestowitz                                        <p>Potter was a child prodigy who began a US Navy internship when he was fifteen or sixteen. At the same time, Novare, Inc was hosting some Debian infrastructure on their company servers.</p>Dec 02 09:32
schestowitz                                        <p>Potter claims his software was being deployed to the USS Theodore Roosevelt (Secure Tactical Access Terminal) while at the same time, Debian records show that he was stashing WaReZ on master.debian.org, a server operated by Novare.</p><p>The case of a navy intern committing piracy is interesting for a wide range of reasons that have a lot more to do with Debian than the navy. Debian WaReZ expulsion</p>Dec 02 09:32
schestowitz                                    </blockquote>Dec 02 09:32
schestowitz                                </li>Dec 02 09:32
schestowitz<li>Dec 02 09:35
schestowitz                                    <h5><a href="https://lunduke.substack.com/p/sideloading-is-the-most-important">Sideloading is the most important feature of any SmartPhone</a></h5>Dec 02 09:35
-TechBytesBot/#techbytes-lunduke.substack.com | Sideloading is the most important feature of any SmartPhoneDec 02 09:35
schestowitz                                    <blockquote>Dec 02 09:35
schestowitz                                        <p>Sideloading is the act of installing software, whatever software you want, on a real computer (which includes pocket computers, like smartphones).</p>Dec 02 09:35
schestowitz                                        <p>Seems simple and obvious, right? If you own a computer (or a smartphone), you should be able to install software on it.</p><p>Apple and Google both (strongly) disagree with that. While Google has allowed “sideloading” on Android since the beginning, they have recently begun taking steps to limit that in the future.</p>Dec 02 09:35
schestowitz                                    </blockquote>Dec 02 09:35
schestowitz                                </li>Dec 02 09:35
*u-amarsh04 has quit (Quit: Konversation terminated!)Dec 02 10:56
*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytesDec 02 12:19
*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytesDec 02 12:19
schestowitz>>>>> The recent coverage, based on debian-private, has been very informative.Dec 02 16:18
schestowitz>>>>>Dec 02 16:18
schestowitz>>>>> But it'll make you more enemies.Dec 02 16:18
schestowitz> Dec 02 16:18
schestowitz> Do you think the warez file has added to that list of enemies?Dec 02 16:18
schestowitz> Dec 02 16:18
schestowitz> Fun question: do you think debian-private could contain anything worseDec 02 16:18
schestowitz> than the warez case or do you think we reached the bottom of the barrel now?Dec 02 16:18
schestowitzI was actually referring to another article ;-)Dec 02 16:18
schestowitzApropos, today I resigned from my job after ~12 yearsDec 02 16:18
schestowitzhttp://techrights.org/wiki/Sirius_Open_SourceDec 02 16:18
-TechBytesBot/#techbytes-techrights.org | Sirius Open Source - TechrightsDec 02 16:18
schestowitzhttps://www.fosslife.org/how-cryptographically-verify-your-identity-mastodonDec 02 16:20
-TechBytesBot/#techbytes-www.fosslife.org | How to Cryptographically Verify Your Identity on MastodonDec 02 16:20
schestowitz"Dec 02 16:20
schestowitzFor most users, a simple verification link is sufficient to prove your identity on Mastodon, says Seth Kenlon, “but for your corporate brand, you may want something backed up with cryptography.” Dec 02 16:20
schestowitzTechnology suitable for this task has been in use for years, Kenlon explains: “It's GnuPG, an implementation of PGP, and it's usable for Mastodon now, thanks to the open source project Keyoxide.”Dec 02 16:20
schestowitzThis article walks you through the process, so you can “start building a ring of trust that goes far beyond the old blue Twitter checkmark.” Dec 02 16:20
schestowitzRead more at Enable Sysadmin.Dec 02 16:20
schestowitz"Dec 02 16:20
schestowitz>> Apropos, today I resigned from my job after ~12 yearsDec 02 18:01
schestowitz>> http://techrights.org/wiki/Sirius_Open_SourceDec 02 18:01
schestowitz>>Dec 02 18:01
schestowitz> Let me know if there are any keywords to search for in my databasesDec 02 18:01
schestowitz> Dec 02 18:01
schestowitz> I hope your next role will work out better.Dec 02 18:01
*u-amarsh04 (~amarsh04@3f4eq2qd8h8ka.irc) has joined #techbytesDec 02 19:33

Generated by irclog2html.py 2.6 | ䷉ find the plain text version at this address (HTTP) or in Gemini (how to use Gemini) with a full GemText version.