(ℹ) Join us now at the IRC channel | ䷉ Find the plain text version at this address.
| schestowitz | > I want to apologise for taking so long to let you know. As | Feb 05 02:38 |
|---|---|---|
| schestowitz | > you know too well, it's very hard to trust people | Feb 05 02:38 |
| schestowitz | > (especially with something like this). So I hope you accept | Feb 05 02:38 |
| schestowitz | > that apology. I trust you enough now to know that we're on | Feb 05 02:38 |
| schestowitz | > the same side. | Feb 05 02:38 |
| schestowitz | I saw some dodgy actors over the years in our orbit. I still have suspicions about some. The only other person whom I allow full access to our server I've known for about 15 years (online) and have cordial/amicable relations with. | Feb 05 02:38 |
| schestowitz | I am pretty certain targeting of pro-privacy persons is done in the ad hominem sense (attempts to discredit), the spying sense, and infiltration-for-subversion sense. Maybe I will write something to that effect one day. RMS trusted far too many people whom he should have have trusted. He does trust me, however, and some people try to seed doubt in his mind. That never worked. | Feb 05 02:38 |
| schestowitz | https://www.reddit.com/r/duckduckgo/comments/lcapgs/well_this_is_concerning/ | Feb 05 02:38 |
| -TechBytesBot/#techbytes-www.reddit.com | Well this is concerning : duckduckgo | Feb 05 02:38 | |
| schestowitz | " | Feb 05 02:41 |
| schestowitz | website certificate not valid, anybody else? | Feb 05 02:41 |
| schestowitz | 4 | Feb 05 02:41 |
| schestowitz | User avatar | Feb 05 02:41 |
| schestowitz | level 2 | Feb 05 02:41 |
| schestowitz | citysmartie | Feb 05 02:41 |
| schestowitz | 16 hours ago | Feb 05 02:41 |
| schestowitz | Firefox is warning me the site is not secure so it isn't just you. | Feb 05 02:41 |
| schestowitz | 2 | Feb 05 02:41 |
| schestowitz | Continue this thread | Feb 05 02:41 |
| schestowitz | User avatar | Feb 05 02:41 |
| schestowitz | level 2 | Feb 05 02:41 |
| schestowitz | MaT4w8b2UmFX | Feb 05 02:41 |
| schestowitz | 10 hours ago | Feb 05 02:41 |
| schestowitz | Yes. Should be safe to load. Just don't sign in or click links on websites that don't have a valid cert. It's not much different than loading HTTP instead of HTTPS. | Feb 05 02:41 |
| schestowitz | Someone correct me if I'm wrong. | Feb 05 02:41 |
| schestowitz | 1 | Feb 05 02:41 |
| schestowitz | User avatar | Feb 05 02:41 |
| schestowitz | level 1 | Feb 05 02:41 |
| schestowitz | MaT4w8b2UmFX | Feb 05 02:41 |
| schestowitz | 10 hours ago | Feb 05 02:41 |
| schestowitz | https://outline.com/6zBUCs | Feb 05 02:41 |
| -TechBytesBot/#techbytes-outline.com | Outline - Read & annotate without distractions | Feb 05 02:41 | |
| schestowitz | Here is the actual article, ran through the Outline service so you don't have to worry about the invalid site certificate. | Feb 05 02:41 |
| schestowitz | 2 | Feb 05 02:41 |
| schestowitz | User avatar | Feb 05 02:41 |
| schestowitz | level 1 | Feb 05 02:41 |
| schestowitz | Complete_Signal_Loss | Feb 05 02:41 |
| schestowitz | 8 hours ago | Feb 05 02:41 |
| schestowitz | hilarious that a very old article, with inaccurate accusations that have already been debunked many time, hidden behind an insure web site. also, no way that i'll click on that outline.com link, no telling how many trackers are hidden there. | Feb 05 02:41 |
| schestowitz | 1 | Feb 05 02:41 |
| schestowitz | User avatar | Feb 05 02:41 |
| schestowitz | level 2 | Feb 05 02:41 |
| schestowitz | MaT4w8b2UmFX | Feb 05 02:42 |
| schestowitz | 4 hours ago | Feb 05 02:42 |
| schestowitz | Outline.com is a service that parses out the main images and text of an article, removing all the excess ads and sidebars. I'm sorry you've never heard of it until now. | Feb 05 02:42 |
| schestowitz | They still have standard trackers (like pretty much all websites) that are easily blocked by basic privacy addons like uBlock Origin. | Feb 05 02:42 |
| schestowitz | " | Feb 05 02:42 |
| schestowitz | x http://calpaterson.com/latency.html | Feb 05 02:49 |
| -TechBytesBot/#techbytes-calpaterson.com | Where's the fastest place to put my server? How much does it matter? | Feb 05 02:49 | |
| schestowitz | # strawman. that's NOT a thin site | Feb 05 02:49 |
| *genr8_ has quit (Quit: Leaving) | Feb 05 05:29 | |
| *GNUmoon has quit (Ping timeout: 268 seconds) | Feb 05 06:29 | |
| *GNUmoon (~GNUmoon@gateway/tor-sasl/gnumoon) has joined #techbytes | Feb 05 07:48 | |
| *bumperSteff (~kennawedd@titan.pathogen.is) has joined #techbytes | Feb 05 07:59 | |
| Techrights-sec | there have been waves of heavy loads on TR but it has remained available | Feb 05 08:00 |
| Techrights-sec | AFAIK the whole time | Feb 05 08:00 |
| Techrights-sec | Ok. I'll reenable the primitive monitoring here, but have no audio for it | Feb 05 08:01 |
| Techrights-sec | any more. | Feb 05 08:01 |
| Techrights-sec | ] | Feb 05 08:01 |
| schestowitz | had to restart TM when I woke up (apache daemon only), realising it was having uptime problems. | Feb 05 08:03 |
| *Akee has quit (Quit: Bye, loosers !) | Feb 05 08:21 | |
| *Akee (~Akee@217.ip-137-74-196.eu) has joined #techbytes | Feb 05 08:26 | |
| *bumperSteff has quit (K-Lined) | Feb 05 08:30 | |
| schestowitz | <li> | Feb 05 08:54 |
| schestowitz | <h5><a href="https://www.cyberciti.biz/linux-news/heads-up-microsoft-repo-secretly-installed-on-all-raspberry-pis-linux-os/">Heads up: Microsoft repo secretly installed on all Raspberry Pi’s Linux OS</a></h5> | Feb 05 08:54 |
| -TechBytesBot/#techbytes-www.cyberciti.biz | Heads up: Google to drop support for all Chrome on 32-bit Linux distributions - nixCraft | Feb 05 08:54 | |
| schestowitz | <blockquote> | Feb 05 08:54 |
| schestowitz | <p>It seems RPi foundation officially recommends MS IDE, and hence this was included Raspberry Pi OS. They should keep this to GUI image for kids or anyone who wish to to learn Python and other stuff using VS Code. Most Linux geeks and power users use RPi as a git server or adblocker and so on as a headless server. There is always a trust issue when unwanted software repo configured and gpg keys are installed | Feb 05 08:54 |
| schestowitz | secretly, which is the main issue. What other problems Linux users may face: [...]</p> | Feb 05 08:54 |
| schestowitz | <p>[...]</p> | Feb 05 08:54 |
| schestowitz | <p> It seems that it contains VS Code IDE for your Raspberry Pi. Now keep in mind this is a server with a lite image, and there is no need to install this on my old RPi 2. Naturally, it made many Linux users unhappy. To make matters worse, the official Raspberry Pi forums admins quickly locked down and deleted the topic threads, claiming it was “Microsoft bashing.”</p></blockquote></li> | Feb 05 08:54 |
| *liberty_box has quit (Ping timeout: 240 seconds) | Feb 05 09:14 | |
| *rianne__ has quit (Ping timeout: 264 seconds) | Feb 05 09:14 | |
| *MinceR has quit (Ping timeout: 260 seconds) | Feb 05 09:23 | |
| *MinceR (mincer@unaffiliated/mincer) has joined #techbytes | Feb 05 09:32 | |
| *liberty_box (~liberty@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 09:46 | |
| *rianne__ (~rianne@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 09:46 | |
| *rianne (~rianne@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 09:59 | |
| *rianne__ has quit (Remote host closed the connection) | Feb 05 10:00 | |
| *liberty_box has quit (Ping timeout: 272 seconds) | Feb 05 10:25 | |
| *rianne has quit (Ping timeout: 276 seconds) | Feb 05 10:25 | |
| schestowitz | https://soylentnews.org/article.pl?sid=21/02/05/0354252 | Feb 05 10:57 |
| -TechBytesBot/#techbytes-soylentnews.org | Raspberry Pi Users Mortified as Microsoft Repository that Phones Home is Added to Pi OS - SoylentNews | Feb 05 10:57 | |
| schestowitz | " | Feb 05 10:58 |
| schestowitz | Quietly, without disclosure or warning, a package added a Microsoft repository and OpenPGP key to the system. | Feb 05 10:58 |
| schestowitz | Yeah, that's shady as hell. | Feb 05 10:58 |
| schestowitz | The latter effectively gives the former full root access, in principle, to the whole system. | Feb 05 10:58 |
| schestowitz | Um.. what? To use an apt repository, you generally add a public gpg key to the keyring, so the automated apt system can verify packages are untampered with. Anyone using a debian-based distro has done this hundreds of times. How is that granting anything root access? | Feb 05 10:58 |
| schestowitz | The former checks in with Microsoft's servers any time APT refreshes its cache. | Feb 05 10:58 |
| schestowitz | Otherwise known as polling the upstream repository during 'apt-get update' to see if there are any changes to download? ie, working as intended, just like every other repo in the system? | Feb 05 10:58 |
| schestowitz | Don't get me wrong, I hate microsoft more than the next guy, but based on the information provided in the summery this is mountain-out-of-molehill if ever I've seen it. | Feb 05 10:58 |
| schestowitz | -- | Feb 05 10:58 |
| schestowitz | - D | Feb 05 10:58 |
| schestowitz | Reply to This | Feb 05 10:58 |
| schestowitz | Re:Alarmist much? (Score: 0) by Anonymous Coward on Friday February 05, @04:16AM (1 child) | Feb 05 10:58 |
| schestowitz | Re:Alarmist much? (Score: 2, Informative) | Feb 05 10:58 |
| schestowitz | by Anonymous Coward on Friday February 05, @04:20AM (#1109182) | Feb 05 10:58 |
| schestowitz | Um.. what? To use an apt repository, you generally add a public gpg key to the keyring, so the automated apt system can verify packages are untampered with. Anyone using a debian-based distro has done this hundreds of times. How is that granting anything root access? | Feb 05 10:58 |
| schestowitz | Because Microsoft can force an update package that will be picked up automatically. For example, they can sign an updated kernel, advertise it on their repo and have the update be pushed automatically with a regular apt upgrade. | Feb 05 10:58 |
| schestowitz | For once none of this is Microsoft's fault but rather it's a fundamental design failure in APT. Trust should never be an all-or-nothing matter as it is right now with Debian package system, updates from a different signer should require an explicit user permission to install. | Feb 05 10:58 |
| schestowitz | Reply to This Parent | Feb 05 10:58 |
| schestowitz | Re:Alarmist much? (Score: 4, Informative) | Feb 05 10:58 |
| schestowitz | by Anonymous Coward on Friday February 05, @06:49AM (#1109215) | Feb 05 10:58 |
| schestowitz | or once none of this is Microsoft's fault but rather it's a fundamental design failure in APT. Trust should never be an all-or-nothing matter as it is right now with Debian package system, updates from a different signer should require an explicit user permission to install. | Feb 05 10:58 |
| schestowitz | You can pin packages to particular repos, so you can prevent anything except that one MS malware package from being able to be installed from MS repos*. This feature has existed for decades. | Feb 05 10:58 |
| schestowitz | It is rare that Debian systems use 3rd party repos except local repos controlled by the user (using 3rd party repos defeats the point of a distribution where the packages are curated by the maintainers and trustworthy). But, apt is quite capable, and can handle this use case. | Feb 05 10:58 |
| schestowitz | No package will be installed / upgraded from malware.microsoft.com unless you manually force it except, the package microsoft-vscode will auto upgrade from malware.microsoft.com unless a package of the same name is available from the main repo. Change Pin-Priority to change the policy to your liking. See 'man apt_preferences' | Feb 05 10:58 |
| schestowitz | /etc/apt/preferences.d/microsoft-malware: | Feb 05 10:58 |
| schestowitz | Package: * | Feb 05 10:58 |
| schestowitz | Pin: origin malware.microsoft.com | Feb 05 10:58 |
| schestowitz | Pin-Priority: 1 | Feb 05 10:58 |
| schestowitz | Package: microsoft-vscode | Feb 05 10:58 |
| schestowitz | Pin: origin malware.microsoft.com | Feb 05 10:58 |
| schestowitz | Pin-Priority: 500 | Feb 05 10:58 |
| schestowitz | Apt is extremely capable. If you find yourself wishing that apt could do X, it is quite probable that reading the docs you will find that apt already can do X. | Feb 05 10:58 |
| schestowitz | Unless rasbian included a preference file like above, then I think that the criticism is warranted. Even if you think MS is fantastic and great, least privilege is safer, and not restricting what MS repo can install only adds risk. | Feb 05 10:58 |
| schestowitz | *Usually pinning is used to safely mix stable, backports, testing, unstable and/or experimental packages on the same system, but you have to use common sense when doing this e.g., anything that pulls in glibc from unstable on a stable base system is not something that you can safely mix into your stable system even with pinning. | Feb 05 10:58 |
| schestowitz | Reply to This Parent | Feb 05 10:58 |
| schestowitz | Re:Alarmist much? (Score: 0) by Anonymous Coward on Friday February 05, @07:03AM | Feb 05 10:58 |
| schestowitz | Re:Alarmist much? (Score: 2) | Feb 05 10:58 |
| schestowitz | by RedGreen (888) on Friday February 05, @04:24AM (#1109184) | Feb 05 10:58 |
| schestowitz | They are ignorant assholes with a piss poor attitude towards their users. I just got banned from their for saying it was my GD computer and it is none of their business doing anything to it without my permission. They cannot even bothered to do proper development, this below in Debian gets a package sent back to the maintainer, them being told, hey clown we do proper development here we need your changes listed. | Feb 05 10:58 |
| schestowitz | root@raspberrypi:/home/seeder1# apt changelog raspberrypi-bootloader | Feb 05 10:58 |
| schestowitz | E: Failed to fetch changelog:/raspberrypi-firmware.changelog Changelog unavailable for raspberrypi-firmware=1.20210201-1 | Feb 05 10:59 |
| schestowitz | Now you going to install that, slimy pieces of shit already upgraded it once with my knowledge or permission already. | Feb 05 10:59 |
| schestowitz | -- | Feb 05 10:59 |
| schestowitz | "I modded down, down, down, and the flames went higher." -- Sven Olsen | Feb 05 10:59 |
| schestowitz | Reply to This Parent | Feb 05 10:59 |
| schestowitz | Re:Alarmist much? (Score: 2) | Feb 05 10:59 |
| schestowitz | by RedGreen (888) on Friday February 05, @04:27AM (#1109185) | Feb 05 10:59 |
| schestowitz | without my knowledge. that should be | Feb 05 10:59 |
| schestowitz | -- | Feb 05 10:59 |
| schestowitz | "I modded down, down, down, and the flames went higher." -- Sven Olsen | Feb 05 10:59 |
| schestowitz | Reply to This Parent | Feb 05 10:59 |
| schestowitz | Re:Alarmist much? (Score: 2, Insightful) | Feb 05 10:59 |
| schestowitz | by Eratosthenes (13959) on Friday February 05, @07:36AM (#1109230) | Feb 05 10:59 |
| schestowitz | The lack of a USB boot is a tell. This platform will not end well. Who the hell does only proprietary bootloaders? | Feb 05 10:59 |
| schestowitz | Reply to This Parent | Feb 05 10:59 |
| schestowitz | Re:Alarmist much? (Score: 2) | Feb 05 10:59 |
| schestowitz | by RedGreen (888) on Friday February 05, @10:20AM (#1109249) | Feb 05 10:59 |
| schestowitz | It boots from usb the morons have upgraded the firmware to allow it, flaky as hell for some. Just like the rest of the effort by them clowns. I have managed to solve the morons doing whatever the hell they want with my machine with Ubuntu on my SSD. I use a chainload the sd card boots the machine and the OS runs from the SSD. Tomorrow I try a Debian install out with a debootstrap method I am just reading about now. | Feb 05 10:59 |
| schestowitz | root@zeus-pi:~# uname -a | Feb 05 10:59 |
| schestowitz | Linux zeus-pi 5.8.0-1013-raspi #16-Ubuntu SMP PREEMPT Thu Jan 14 06:28:38 UTC 2021 aarch64 aarch64 aarch64 GNU/Linux | Feb 05 10:59 |
| schestowitz | -- | Feb 05 10:59 |
| schestowitz | "I modded down, down, down, and the flames went higher." -- Sven Olsen | Feb 05 10:59 |
| schestowitz | Reply to This Parent | Feb 05 10:59 |
| schestowitz | Hidden files, hidden motives (Score: 5, Informative) | Feb 05 10:59 |
| schestowitz | by canopic jug (3949) Subscriber Badge on Friday February 05, @04:51AM (#1109194) Journal | Feb 05 10:59 |
| schestowitz | The files are supposedly added by a post-installation script in one package, thus avoiding being listed in any of the package manifests. Give it a try: | Feb 05 10:59 |
| schestowitz | $ ls -1 /etc/apt/trusted.gpg.d/microsoft.gpg /etc/apt/sources.list.d/vscode.list | Feb 05 10:59 |
| schestowitz | /etc/apt/sources.list.d/vscode.list | Feb 05 10:59 |
| schestowitz | /etc/apt/trusted.gpg.d/microsoft.gpg | Feb 05 10:59 |
| schestowitz | $ dpkg -S /etc/apt/trusted.gpg.d/microsoft.gpg | Feb 05 10:59 |
| schestowitz | dpkg-query: no path found matching pattern /etc/apt/trusted.gpg.d/microsoft.gpg | Feb 05 10:59 |
| schestowitz | $ dpkg -S /etc/apt/sources.list.d/vscode.list | Feb 05 10:59 |
| schestowitz | dpkg-query: no path found matching pattern /etc/apt/sources.list.d/vscode.list | Feb 05 10:59 |
| schestowitz | Try to guess which package is responsible for those two added files? None are listed. Someone went out of their way to obfuscate the origins of the two files. So, yes, shady as hell. | Feb 05 10:59 |
| schestowitz | Then there is the question of why the Visual Studio source code could not have been added upstream to the normal Debain repositories. That would have been the expected approach should they have had any good intentions with this move, especially given the past and current history of the company involved. | Feb 05 10:59 |
| schestowitz | So, yes, again, shady as hell. | Feb 05 10:59 |
| schestowitz | Also, normally radical licensing, behavior, or privacy changes require at least a click-through agreement to pretend to notify the end users. That didn't happen. | Feb 05 10:59 |
| schestowitz | So, yes, yet again, shady as hell. | Feb 05 10:59 |
| schestowitz | -- | Feb 05 10:59 |
| schestowitz | Money is not free speech. Elections should not be auctions. | Feb 05 10:59 |
| schestowitz | Reply to This Parent | Feb 05 11:00 |
| schestowitz | Re:Hidden files, hidden motives (Score: 2) | Feb 05 11:00 |
| schestowitz | by sjames (2882) on Friday February 05, @06:34AM (#1109212) Journal | Feb 05 11:00 |
| schestowitz | Then there is the question of why the Visual Studio source code could not have been added upstream to the normal Debain repositories. That would have been the expected approach should they have had any good intentions with this move, especially given the past and current history of the company involved. | Feb 05 11:00 |
| schestowitz | Possibly because it would have then been marked clearly as nonfree. | Feb 05 11:00 |
| schestowitz | Reply to This Parent | Feb 05 11:00 |
| schestowitz | Re:Alarmist much? (Score: 4, Insightful) | Feb 05 11:00 |
| schestowitz | by sjames (2882) on Friday February 05, @06:06AM (#1109208) Journal | Feb 05 11:00 |
| schestowitz | Once you get your repo slipped in by any means, you are on the honor system not to add a package that grants you root access to everything. That's why some bristle at the repo being added so quietly. | Feb 05 11:00 |
| schestowitz | Reply to This Parent | Feb 05 11:00 |
| schestowitz | Re:Alarmist much? (Score: 3, Insightful) | Feb 05 11:00 |
| schestowitz | by Arik (4543) on Friday February 05, @06:51AM (#1109216) Journal | Feb 05 11:00 |
| schestowitz | "Once you get your repo slipped in by any means, you are on the honor system not to add a package that grants you root access to everything. That's why some bristle at the repo being added so quietly." | Feb 05 11:00 |
| schestowitz | And this is also why you should never accept automatic updates, period. | Feb 05 11:00 |
| schestowitz | Once you do, then all someone has to do is either takeover, or impersonate, your upstream and you are pwned. | Feb 05 11:00 |
| schestowitz | It's far too insecure a design to be used for anything but a plush toy, and a good argument can be made against even that exception. | Feb 05 11:00 |
| schestowitz | -- | Feb 05 11:00 |
| schestowitz | The *other* sort of Marxist. | Feb 05 11:00 |
| schestowitz | Reply to This Parent | Feb 05 11:00 |
| schestowitz | Re:Impersonation (Score: 0) by Anonymous Coward on Friday February 05, @09:05AM | Feb 05 11:00 |
| schestowitz | Re:Alarmist much? (Score: 2) | Feb 05 11:00 |
| schestowitz | by aristarchus (2645) on Friday February 05, @06:55AM (#1109217) Journal | Feb 05 11:00 |
| schestowitz | but based on the information provided in the summery | Feb 05 11:00 |
| schestowitz | Based on the information provided, Winter is coming. Or, at least, autumn with an Eternal September. Why is Microsoft always presaged with typos and misspellings? Are they all illiterate coding bastards? | Feb 05 11:00 |
| schestowitz | -- | Feb 05 11:00 |
| schestowitz | Tu Quoque, o Buteo buteo? https://www.jpost.com/international/false-claims-in-syria-biden-will-start-war-as-us-presence- | Feb 05 11:00 |
| -TechBytesBot/#techbytes- ( status 404 @ https://www.jpost.com/international/false-claims-in-syria-biden-will-start-war-as-us-presence- ) | Feb 05 11:00 | |
| schestowitz | Reply to This Parent | Feb 05 11:00 |
| schestowitz | here is the official response (Score: 2, Interesting) | Feb 05 11:00 |
| schestowitz | by Anonymous Coward on Friday February 05, @04:18AM (#1109180) | Feb 05 11:00 |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=301068 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Why is vscode / ms repo added without asking to headless server apt repo? - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302231 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Microsoft VSCode repositories installed without user consent + packages use wrong component - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=29&t=302277 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Anyone noticed the SUDO UPDATE is pulling Microsoft files - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302403 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Microsoft Repo installed on a LINUX based os? - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302422 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | New MS trusted source after update? - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302504 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | [Article] Microsoft repo secretly installed on all Raspberry Pi’s Linux OS - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302581 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Questions and feedback about VSCode being added to APT - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302585 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | GPG key installed secretly! DANGER - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302588 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Raspberry forum censorship (locking and locking) - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=302591 [raspberrypi.org] | Feb 05 11:00 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Microsoft GPG key suggestion - Raspberry Pi Forums | Feb 05 11:00 | |
| schestowitz | They locked the first one and then all duplicate threads. | Feb 05 11:00 |
| schestowitz | https://www.raspberrypi.org/forums/viewtopic.php?f=62&t=302070 [raspberrypi.org] | Feb 05 11:01 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Temporary closure of Off Topic - Raspberry Pi Forums | Feb 05 11:01 | |
| schestowitz | Coincidentally, the off-topic discussion forum is locked because of Russian bots. | Feb 05 11:01 |
| schestowitz | Reply to This | Feb 05 11:01 |
| schestowitz | Re:here is the official response (Score: 2) | Feb 05 11:01 |
| schestowitz | by RedGreen (888) on Friday February 05, @04:31AM (#1109187) | Feb 05 11:01 |
| schestowitz | And they banned the users for very little said, I certainly stood up for my right to have my GD property left being alone not some idiot putting his garbage on it. Commented on how the defenders of the disgusting behaviour were always there to defend the indefensible, as is always the case on the internet. The forces wanting to spread misery have many allies amongst us. | Feb 05 11:01 |
| schestowitz | -- | Feb 05 11:01 |
| schestowitz | "I modded down, down, down, and the flames went higher." -- Sven Olsen | Feb 05 11:01 |
| schestowitz | Reply to This Parent | Feb 05 11:01 |
| schestowitz | Forums shut (Score: 0) by Anonymous Coward on Friday February 05, @07:07AM (1 child) | Feb 05 11:01 |
| schestowitz | Good ol' Lock and Delete (Score: 1, Insightful) | Feb 05 11:01 |
| schestowitz | by Anonymous Coward on Friday February 05, @04:27AM (#1109186) | Feb 05 11:01 |
| schestowitz | You know it's quality when dissenting posts get locked and deleted. | Feb 05 11:01 |
| schestowitz | I believe that's how the Arch Linux forums introduced systemd. | Feb 05 11:01 |
| schestowitz | Reply to This | Feb 05 11:01 |
| schestowitz | Re:Good ol' Lock and Delete (Score: 1) by Eratosthenes on Friday February 05, @07:18AM | Feb 05 11:01 |
| schestowitz | Surveillance maneuvers (Score: 4, Interesting) | Feb 05 11:01 |
| schestowitz | by canopic jug (3949) Subscriber Badge on Friday February 05, @04:42AM (#1109190) Journal | Feb 05 11:01 |
| schestowitz | Like with their takeover of GitHub, this action provides a comprensive geographical survey of their competitor(s). With this "update" M$ gets a full overview of how many active, updated Raspberry Pi running Raspberry Pi OS (formerly Raspbian) there are and where they are located. | Feb 05 11:01 |
| schestowitz | Then there are the surveillance considations caused by Visual Studio itself. It contains substantial amounts of telemetry and this move may well put the Raspberry Pi Foundation on the wrond side of the GDPR even if the servers are inside Europe. And, of course, Brexit will have complicated that substantially. | Feb 05 11:01 |
| schestowitz | -- | Feb 05 11:01 |
| schestowitz | Money is not free speech. Elections should not be auctions. | Feb 05 11:01 |
| schestowitz | Reply to This | Feb 05 11:01 |
| schestowitz | Comment Below Threshold | Feb 05 11:01 |
| schestowitz | Relative (Score: 2) | Feb 05 11:01 |
| schestowitz | by deimios (201) Subscriber Badge on Friday February 05, @05:06AM (#1109199) Journal | Feb 05 11:01 |
| schestowitz | "resource hog Visual Studio Code" - Not to defend it but those who call it a resource hog haven't worked with Eclipse, Netbeans and Visual Studio. | Feb 05 11:01 |
| schestowitz | Sure it is a resource hog compared to vim but let's not go overboard. | Feb 05 11:01 |
| schestowitz | Also this whole thing stinks, why did they go specifically with the MS build on MS servers? There are plenty of community builds like VSCodium that work just as fine. | Feb 05 11:01 |
| schestowitz | Reply to This | Feb 05 11:01 |
| schestowitz | Re:Relative (Score: 2) | Feb 05 11:01 |
| schestowitz | by leon_the_cat (10052) on Friday February 05, @06:12AM (#1109210) Journal | Feb 05 11:01 |
| schestowitz | I tried eclipse about 10 years ago. Still waiting for it to load. | Feb 05 11:01 |
| schestowitz | Reply to This Parent | Feb 05 11:01 |
| schestowitz | Re:Relative (Score: 3, Informative) | Feb 05 11:01 |
| schestowitz | by lte (7062) on Friday February 05, @07:06AM (#1109221) | Feb 05 11:01 |
| schestowitz | Microsoft forbids you from using the C# debugger (vsdbg) with anything other than VS, VS for macOS, and their build of VSCode. So if you wish to write .NET Core applications it's your only real choice as MS push a notification asking you to install their C# extension upon opening a .cs file. There is a Samsung debugger but I'm not sure if there is support for it in VSCode. | Feb 05 11:01 |
| schestowitz | With their current push of ".NET runs on anything!" I wouldn't be surprised if it's down to that. Fun fact: the .NET runtime also sends telemetry by default, at least on macOS and Linux. | Feb 05 11:01 |
| schestowitz | Reply to This Parent | Feb 05 11:01 |
| schestowitz | Re:Relative (Score: 1) by exa on Friday February 05, @08:12AM | Feb 05 11:01 |
| schestowitz | Option (Score: 3, Insightful) | Feb 05 11:02 |
| schestowitz | by Mojibake Tengu (8598) on Friday February 05, @05:31AM (#1109204) Journal | Feb 05 11:02 |
| schestowitz | Go FreeBSD, young man. | Feb 05 11:02 |
| schestowitz | https://www.freebsd.org/where/ [freebsd.org] | Feb 05 11:02 |
| -TechBytesBot/#techbytes-www.freebsd.org | The FreeBSD Project | Download FreeBSD | Feb 05 11:02 | |
| schestowitz | -- | Feb 05 11:02 |
| schestowitz | The edge of 太玄 cannot be defined, for it is beyond every aspect of design | Feb 05 11:02 |
| schestowitz | Reply to This | Feb 05 11:02 |
| schestowitz | Re:Option (Score: 1) by engblom on Friday February 05, @06:30AM | Feb 05 11:02 |
| schestowitz | Re:Option (Score: 3, Interesting) | Feb 05 11:02 |
| schestowitz | by Mojibake Tengu (8598) on Friday February 05, @08:20AM (#1109236) Journal | Feb 05 11:02 |
| schestowitz | YMMV, I observe 12.2 for RPi3, and heard about work progress in current on sdio/wifi for 4. | Feb 05 11:02 |
| schestowitz | Anyway, what the Raspbian team did is pure betrayal dishonorable. | Feb 05 11:02 |
| schestowitz | Trust is a non-renewable resource. | Feb 05 11:02 |
| schestowitz | -- | Feb 05 11:02 |
| schestowitz | The edge of 太玄 cannot be defined, for it is beyond every aspect of design | Feb 05 11:02 |
| schestowitz | Reply to This Parent | Feb 05 11:02 |
| schestowitz | E,E,E (Score: 4, Insightful) | Feb 05 11:02 |
| schestowitz | by PinkyGigglebrain (4458) on Friday February 05, @06:38AM (#1109213) | Feb 05 11:02 |
| schestowitz | Embrace: completed | Feb 05 11:02 |
| schestowitz | Extend: in process | Feb 05 11:02 |
| schestowitz | Extinguish: to be scheduled | Feb 05 11:02 |
| schestowitz | -- | Feb 05 11:02 |
| schestowitz | "Beware those who would deny you Knowledge, For in their hearts they dream themselves your Master." | Feb 05 11:02 |
| schestowitz | Reply to This | Feb 05 11:02 |
| schestowitz | dpkg (Score: 2, Interesting) | Feb 05 11:02 |
| schestowitz | by exa (9931) on Friday February 05, @08:15AM (#1109234) | Feb 05 11:02 |
| schestowitz | On a slightly positive note, this might push Debian folks to add some simple&reasonable config-meddling functionality right into `dpkg`. Lintian is literally screaming at maintainers not to install put custom stuff to /etc/apt, why not push the warning that the package sucks much closer to the users? | Feb 05 11:02 |
| schestowitz | Reply to This | Feb 05 11:02 |
| schestowitz | " | Feb 05 11:02 |
| *rianne (~rianne@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 11:36 | |
| *liberty_box (~liberty@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 11:37 | |
| *rianne has quit (Ping timeout: 240 seconds) | Feb 05 12:45 | |
| *liberty_box has quit (Ping timeout: 276 seconds) | Feb 05 12:46 | |
| *GNUmoon2 (~GNUmoon@gateway/tor-sasl/gnumoon) has joined #techbytes | Feb 05 14:21 | |
| *GNUmoon has quit (Ping timeout: 268 seconds) | Feb 05 14:23 | |
| Techrights-sec | Ok. Added some monitoring with weak sound, | Feb 05 14:30 |
| Techrights-sec | It has to be manuall started here, for now. | Feb 05 14:30 |
| Techrights-sec | The PIA seems to softpedal the situation slightly. | Feb 05 14:30 |
| schestowitz | I don't know the author of this. I hoped it would be Moody when opening the link | Feb 05 14:31 |
| Techrights-sec | there have been waves of heavy loads on TR but it has remained available | Feb 05 14:31 |
| Techrights-sec | AFAIK the whole time | Feb 05 14:31 |
| Techrights-sec | Ok. I'll reenable the primitive monitoring here, but have no audio for it | Feb 05 14:31 |
| Techrights-sec | any more. | Feb 05 14:31 |
| Techrights-sec | Moody is more on top of things. Chen is ok but misses some points rather | Feb 05 14:32 |
| Techrights-sec | often. | Feb 05 14:32 |
| *liberty_box (~liberty@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 14:33 | |
| *rianne (~rianne@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 14:33 | |
| Techrights-sec | In this case he seems to downplay the severity. | Feb 05 14:37 |
| Techrights-sec | This incident is several steps worse than what happened a while back with | Feb 05 14:37 |
| Techrights-sec | Ubuntu and its telemetry. | Feb 05 14:37 |
| Techrights-sec | The RPF is making things worse by trying to downplay the whole thing. | Feb 05 14:37 |
| Techrights-sec | It looks like their approach is to lock and delete as many threads | Feb 05 14:37 |
| Techrights-sec | as they can get away with and are planning on trying to wait it out. | Feb 05 14:37 |
| Techrights-sec | The surface has only been scratched. There is some depth to this incident. | Feb 05 14:37 |
| schestowitz | hopefully somebody like Intel whisleblowers will come out with some docs to explain the fuller context | Feb 05 14:37 |
| schestowitz | whistleblowers are rare, but as RPF finds out, trust is a rare commodity | Feb 05 14:38 |
| Techrights-sec | It would take only a little. However, M$ has probably tied the money | Feb 05 14:39 |
| Techrights-sec | it gave to RPF to some nasty requirements including non-disparagement | Feb 05 14:39 |
| Techrights-sec | clauses and non-disclosure clauses., on top of everything else. | Feb 05 14:39 |
| schestowitz | they win either way. Either they take over or RPF collapses, which is likely what they want. Like OLPC repelling everyone left. | Feb 05 14:39 |
| Techrights-sec | They really, really went out of their way to squander the enormous | Feb 05 14:44 |
| Techrights-sec | trust the community had in RPi. However, we have to remember that | Feb 05 14:44 |
| Techrights-sec | one of the continuous side goals of M$ is to drive wedges between | Feb 05 14:44 |
| Techrights-sec | communities and community members. | Feb 05 14:44 |
| Techrights-sec | Yes, the OLPC was a big-ass warning to RPF. | Feb 05 14:44 |
| Techrights-sec | Same with the long-ass trail of dead companies that somehow thought | Feb 05 14:44 |
| Techrights-sec | that just they would be the first to partner with M$ and survive anyway. | Feb 05 14:44 |
| Techrights-sec | There is still time for Eben to dismiss the board members involved and fire | Feb 05 14:44 |
| Techrights-sec | the culpable staff and their managers. | Feb 05 14:44 |
| schestowitz | Maybe those people took a personal bribe on the side for the cult... in which case even sacking would not harm them | Feb 05 14:44 |
| Techrights-sec | By the time people left the OLPC, Intel and M$ had already entered it. | Feb 05 14:46 |
| Techrights-sec | Bribe or status, either way there is at least one quisling in the group and | Feb 05 14:46 |
| Techrights-sec | some naive fools, however technically skilled they may be otherwise. | Feb 05 14:46 |
| Techrights-sec | Again, what makes them think they will be the first to survive | Feb 05 14:46 |
| Techrights-sec | a partnership (of sorts) with M$? | Feb 05 14:46 |
| Techrights-sec | "£500,000 £999,999" | Feb 05 14:48 |
| Techrights-sec | https://www.raspberrypi.org/about/supporters/ | Feb 05 14:48 |
| Techrights-sec | # I would be very surprised if there was not both a non-disparagement | Feb 05 14:48 |
| Techrights-sec | # clause and a non-disclosure agreement or other similar limitations | Feb 05 14:48 |
| Techrights-sec | # attached to the money; | Feb 05 14:48 |
| Techrights-sec | # didn't M$ Frontpage used to have a license prohibiting its use | Feb 05 14:48 |
| -TechBytesBot/#techbytes-www.raspberrypi.org | Our supporters - Raspberry Pi | Feb 05 14:48 | |
| Techrights-sec | # in making web pages critical of M$? | Feb 05 14:48 |
| Techrights-sec | # see: http://www.microsoftvolumelicensing.com/userights/Downloader.aspx?DocumentId=1095 | Feb 05 14:48 |
| Techrights-sec | # scan for 'disparage' | Feb 05 14:48 |
| Techrights-sec | https://github.com/RPi-Distro/raspberrypi-sys-mods/blob/master/debian/raspberrypi-sys-mods.postinst#L42-L63 | Feb 05 14:48 |
| -TechBytesBot/#techbytes-github.com | raspberrypi-sys-mods/raspberrypi-sys-mods.postinst at master · RPi-Distro/raspberrypi-sys-mods · GitHub | Feb 05 14:48 | |
| Techrights-sec | https://github.com/XECDesign | Feb 05 14:48 |
| -TechBytesBot/#techbytes-github.com | XECDesign · GitHub | Feb 05 14:48 | |
| Techrights-sec | # whoever is this microsofter's supervisor, plus whoever signed off | Feb 05 14:48 |
| Techrights-sec | # on the deal itself, all need to go | Feb 05 14:48 |
| *rianne has quit (Ping timeout: 276 seconds) | Feb 05 15:02 | |
| *liberty_box has quit (Ping timeout: 256 seconds) | Feb 05 15:02 | |
| *tr_guest|68803 (51002695@gateway/web/cgi-irc/kiwiirc.com/ip.81.0.38.149) has joined #techbytes | Feb 05 15:21 | |
| *tr_guest|68803 (51002695@gateway/web/cgi-irc/kiwiirc.com/ip.81.0.38.149) has left #techbytes | Feb 05 15:22 | |
| *rianne (~rianne@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 15:30 | |
| *liberty_box (~liberty@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 15:31 | |
| *liberty_box has quit (Ping timeout: 240 seconds) | Feb 05 16:10 | |
| *rianne has quit (Ping timeout: 240 seconds) | Feb 05 16:10 | |
| *rianne (~rianne@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 16:36 | |
| *liberty_box (~liberty@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 16:36 | |
| *liberty_box has quit (Ping timeout: 240 seconds) | Feb 05 17:17 | |
| *rianne has quit (Ping timeout: 240 seconds) | Feb 05 17:17 | |
| *rianne (~rianne@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 17:28 | |
| *liberty_box (~liberty@host81-154-168-60.range81-154.btcentralplus.com) has joined #techbytes | Feb 05 17:29 | |
| Techrights-sec | apachectl graceful might be a better , smoother way to restart and won't affect | Feb 05 19:05 |
| Techrights-sec | the legitimate connections as much | Feb 05 19:05 |
| schestowitz | I guess the graceful restarts would be more of a concern for ecommrce sites | Feb 05 19:05 |
| schestowitz | > So have been there. | Feb 05 23:46 |
| schestowitz | > Here's a little link to techrights - :) | Feb 05 23:46 |
| schestowitz | > | Feb 05 23:46 |
| schestowitz | > https://raspbian.io/ | Feb 05 23:46 |
| schestowitz | > | Feb 05 23:46 |
| -TechBytesBot/#techbytes- ( status 500 @ https://raspbian.io/ ) | Feb 05 23:46 | |
| schestowitz | > You are awesome, you know! and appreciated!!!! | Feb 05 23:46 |
Generated by irclog2html.py 2.6 | ䷉ find the plain text version at this address.