●● IRC: #techbytes @ Techrights IRC Network: Friday, December 02, 2022 ●●
● Dec 02
[01:06]		*u-amarsh04 has quit (Quit: Konversation terminated!)
[01:40]		*u-amarsh04 (~amarsh04@3f4eq2qd8h8ka.irc) has joined #techbytes
[01:59]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytes
● Dec 02
[02:01]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytes
● Dec 02
[05:40]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytes
[05:41]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytes
● Dec 02
[07:07]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytes
[07:07]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytes
[07:08]		*u-amarsh04 has quit (Quit: Konversation terminated!)
[07:14]		*u-amarsh04 (~amarsh04@3f4eq2qd8h8ka.irc) has joined #techbytes
● Dec 02
[08:00]		*geert has quit (connection closed)
[08:15]	schestowitz	 <li>
[08:15]	schestowitz	                                    <h5><a href="https://www.dedoimedo.com/computers/apparmor-firefox-self-update.html">Firefox, AppArmor & self-update - Tutorial</a></h5>
[08:15]		-TechBytesBot/#techbytes-www.dedoimedo.com | Firefox, AppArmor & self-update - Tutorial
[08:15]	schestowitz	                                    <blockquote>
[08:15]	schestowitz	                                        <p>Several weeks ago, I wrote an article that provided a basic overview of the AppArmor hardening tool, explained how it works, and showed you a practical example on how to confine and harden the Firefox browser. But wait, not just any which Firefox, but specifically the tarball version that you can download from Mozilla. I'm talking about the tar archive. Grab, extract, run.</p>
[08:15]	schestowitz	                                        <p>So far so good. Using the AppArmor profile (template) from my Kubuntu installation, I was able, with small modifications, to create a custom ruleset for the Firefox tar version running from my home directory. Things are fine, but there be one problem. By default, it cannot update. We shall fix that now.</p>
[08:15]	schestowitz	                                    </blockquote>
[08:15]	schestowitz	                                </li>
[08:20]	schestowitz	<li>
[08:20]	schestowitz	                                    <h5><a href="https://blog.arduino.cc/2022/11/28/see-how-ben-eater-reverse-engineered-an-80s-tv-censoring-device/">See how Ben Eater reverse engineered an 80s TV-censoring device</a></h5>
[08:20]		-TechBytesBot/#techbytes-blog.arduino.cc | See how Ben Eater reverse engineered an '80s TV-censoring device | Arduino Blog
[08:20]	schestowitz	                                    <blockquote>
[08:20]	schestowitz	                                        <p>Upon learning that the internal dictionary of offensive words is not listed anywhere in the manual, Ben Eater had the idea to extract it himself. After a quick teardown, he discovered a single 93LC86 EEPROM chip functioning in 8-bit mode for a total of 2,048 8-bit words. He then connected an Arduino Uno to the EEPROMs SPI bus and read 16-byte chunks before dumping the contents to the serial monitor for 
[08:20]	schestowitz	further investigation.</p>
[08:20]	schestowitz	                                    </blockquote>
[08:20]	schestowitz	                                </li>
[08:21]	schestowitz	<li>
[08:21]	schestowitz	                                    <h5><a href="https://linuxjedi.co.uk/2022/11/30/acorn-riscpc-restoration-part-4/">Acorn RiscPC: Restoration Part 4</a></h5>
[08:21]		-TechBytesBot/#techbytes-linuxjedi.co.uk | Acorn RiscPC: Restoration Part4 LinuxJedi's /dev/null
[08:21]	schestowitz	                                    <blockquote>
[08:21]	schestowitz	                                        <p>Now that we have things running properly in part 3, I figured I should work on the casing a bit. Especially since the current postal strikes in the UK mean that parts I have ordered are getting heavily delayed.</p>
[08:21]	schestowitz	                                    </blockquote>
[08:21]	schestowitz	                                </li>
[08:23]	schestowitz	<li>
[08:23]	schestowitz	                                    <h5><a href="https://drewdevault.com/2022/12/01/I-shall-toil-quietly.html">I shall toil at a reduced volume</a></h5>
[08:23]		-TechBytesBot/#techbytes-drewdevault.com | I shall toil at a reduced volume
[08:23]	schestowitz	                                    <blockquote>
[08:23]	schestowitz	                                        <p>Software is still the same mess it was when I started writing and working, or perhaps even worse. You cant overcome perverse incentives. As Cantrill once famously noted, the lawnmower cant have empathy. The truth he did not speak is that we all have some Oracle in our hearts, and the lawnmower is the size of the entire industry.</p>
[08:23]	schestowitz	                                    </blockquote>
[08:23]	schestowitz	                                </li>
[08:30]	schestowitz	SCALE 20X - CFP Closing Tomorrow (Dec. 2)   Inbox
[08:30]	schestowitz	Reminder that the Call for Papers deadline is tomorrow, Friday December
[08:30]	schestowitz	2nd. We look forward to reviewing your proposals and including you in this
[08:30]	schestowitz	year's SCALE program! Proposals maybe submitted via the SCALE website at:
[08:30]	schestowitz	http://www.socallinuxexpo.org/scale/20x/cfp/
[08:30]		-TechBytesBot/#techbytes-www.socallinuxexpo.org | CFP | 20x
[08:30]	schestowitz	This non-profit event would would not be possible without the help of our
[08:30]	schestowitz	volunteer organizers, and the generous funding support provided by our
[08:30]	schestowitz	sponsors. If you wish to sponsor or exhibit at SCALE please email
[08:30]	schestowitz	sponsorship@socallinuxexpo.org for more details. To volunteer please
[08:30]	schestowitz	contact us via email at staff@socallinuxexpo.org
[08:30]	schestowitz	We look forward to seeing you back in Pasadena on March 9-12, 2023!
[08:30]	schestowitz	The SCALE Team 
● Dec 02
[09:09]	schestowitz	<li>
[09:09]	schestowitz	                                    <h5><a href="https://blog.arduino.cc/2022/11/30/this-health-belt-can-provide-early-warning-of-heart-failure/">This health belt can provide early warning of heart failure</a></h5>
[09:09]		-TechBytesBot/#techbytes-blog.arduino.cc | This health belt can provide early warning of heart failure | Arduino Blog
[09:09]	schestowitz	                                    <blockquote>
[09:09]	schestowitz	                                        <p>This health belt has a variety of sensors to monitor key physiological indicators, including thoracic impedance, heart rate, electrocardiogram activity, and motion activity. None of those alone would reliably correspond to upcoming heart failure without many false positives and negatives, but together they provide a clear picture. The sensor array, which is wearable and resembles a cumberbund, communicates 
[09:09]	schestowitz	via Bluetooth with the users phone. When the signs of heart failure appear, their phone can either notify them to seek medical attention or notify a third party, like a family member or doctor.</p>
[09:09]	schestowitz	                                    </blockquote>
[09:09]	schestowitz	                                </li>
[09:09]	schestowitz	<li>
[09:09]	schestowitz	                                    <h5><a href="https://www.schneier.com/blog/archives/2022/12/sirius-xm-software-vulnerability.html">Sirius XM Software Vulnerability</a></h5>
[09:09]		-TechBytesBot/#techbytes-Sirius XM Software Vulnerability - Schneier on Security
[09:09]	schestowitz	                                    <blockquote>
[09:09]	schestowitz	                                        <p>Cars are just computers with four wheels and an engine. Its no surprise that the software is vulnerable, and that everything is connected.</p>
[09:09]	schestowitz	                                    </blockquote>
[09:09]	schestowitz	                                </li>
[09:09]	schestowitz	<li>
[09:09]	schestowitz	                                    <h5><a href="https://gizmodo.com/sirius-xm-bug-honda-nissan-acura-hack-1849836987">Researchers Used a Sirius XM Bug to Easily Hijack a Bunch of Different Cars</a></h5>
[09:09]		-TechBytesBot/#techbytes-gizmodo.com | Sirius XM Bug Lets Researchers Hijack Hondas, Nissans, Acuras
[09:09]	schestowitz	                                    <blockquote>
[09:09]	schestowitz	                                        <p>A group of security researchers discovered the bug while hunting for issues involving major car manufacturers. One of the researchers, 22-year-old cyber professional Sam Curry, said that he and his friends were curious about the kinds of problems that might crop up if they investigated providers of what are known as telematic services for carmakers.</p>
[09:09]	schestowitz	                                    </blockquote>
[09:09]	schestowitz	                                </li>
[09:32]	schestowitz	<li>
[09:32]	schestowitz	                                    <h5><a href="https://danielpocock.com/shaya-potter-debian-warez-expulsion/">Shaya Potter & Debian WaReZ expulsion</a></h5>
[09:32]		-TechBytesBot/#techbytes-danielpocock.com | Shaya Potter & Debian WaReZ expulsion
[09:32]	schestowitz	                                    <blockquote>
[09:32]	schestowitz	                                        <p>Potter was a child prodigy who began a US Navy internship when he was fifteen or sixteen. At the same time, Novare, Inc was hosting some Debian infrastructure on their company servers.</p>
[09:32]	schestowitz	                                        <p>Potter claims his software was being deployed to the USS Theodore Roosevelt (Secure Tactical Access Terminal) while at the same time, Debian records show that he was stashing WaReZ on master.debian.org, a server operated by Novare.</p><p>The case of a navy intern committing piracy is interesting for a wide range of reasons that have a lot more to do with Debian than the navy. Debian WaReZ expulsion</p>
[09:32]	schestowitz	                                    </blockquote>
[09:32]	schestowitz	                                </li>
[09:35]	schestowitz	<li>
[09:35]	schestowitz	                                    <h5><a href="https://lunduke.substack.com/p/sideloading-is-the-most-important">Sideloading is the most important feature of any SmartPhone</a></h5>
[09:35]		-TechBytesBot/#techbytes-lunduke.substack.com | Sideloading is the most important feature of any SmartPhone
[09:35]	schestowitz	                                    <blockquote>
[09:35]	schestowitz	                                        <p>Sideloading is the act of installing software, whatever software you want, on a real computer (which includes pocket computers, like smartphones).</p>
[09:35]	schestowitz	                                        <p>Seems simple and obvious, right? If you own a computer (or a smartphone), you should be able to install software on it.</p><p>Apple and Google both (strongly) disagree with that. While Google has allowed sideloading on Android since the beginning, they have recently begun taking steps to limit that in the future.</p>
[09:35]	schestowitz	                                    </blockquote>
[09:35]	schestowitz	                                </li>
● Dec 02
[10:56]		*u-amarsh04 has quit (Quit: Konversation terminated!)
● Dec 02
[12:19]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has left #techbytes
[12:19]		*psydruid (~psydruid@jevhxkzmtrbww.irc) has joined #techbytes
● Dec 02
[16:18]	schestowitz	>>>>> The recent coverage, based on debian-private, has been very informative.
[16:18]	schestowitz	>>>>>
[16:18]	schestowitz	>>>>> But it'll make you more enemies.
[16:18]	schestowitz	> 
[16:18]	schestowitz	> Do you think the warez file has added to that list of enemies?
[16:18]	schestowitz	> 
[16:18]	schestowitz	> Fun question: do you think debian-private could contain anything worse
[16:18]	schestowitz	> than the warez case or do you think we reached the bottom of the barrel now?
[16:18]	schestowitz	I was actually referring to another article ;-)
[16:18]	schestowitz	Apropos, today I resigned from my job after ~12 years
[16:18]	schestowitz	http://techrights.org/wiki/Sirius_Open_Source
[16:18]		-TechBytesBot/#techbytes-techrights.org | Sirius Open Source - Techrights
[16:20]	schestowitz	https://www.fosslife.org/how-cryptographically-verify-your-identity-mastodon
[16:20]		-TechBytesBot/#techbytes-www.fosslife.org | How to Cryptographically Verify Your Identity on Mastodon
[16:20]	schestowitz	"
[16:20]	schestowitz	For most users, a simple verification link is sufficient to prove your identity on Mastodon, says Seth Kenlon, but for your corporate brand, you may want something backed up with cryptography. 
[16:20]	schestowitz	Technology suitable for this task has been in use for years, Kenlon explains: It's GnuPG, an implementation of PGP, and it's usable for Mastodon now, thanks to the open source project Keyoxide.
[16:20]	schestowitz	This article walks you through the process, so you can start building a ring of trust that goes far beyond the old blue Twitter checkmark. 
[16:20]	schestowitz	Read more at Enable Sysadmin.
[16:20]	schestowitz	"
● Dec 02
[18:01]	schestowitz	>> Apropos, today I resigned from my job after ~12 years
[18:01]	schestowitz	>> http://techrights.org/wiki/Sirius_Open_Source
[18:01]	schestowitz	>>
[18:01]	schestowitz	> Let me know if there are any keywords to search for in my databases
[18:01]	schestowitz	> 
[18:01]	schestowitz	> I hope your next role will work out better.
● Dec 02
[19:33]		*u-amarsh04 (~amarsh04@3f4eq2qd8h8ka.irc) has joined #techbytes