- 1 Post
- 70 Comments
Short TL;DR: nothing burger
Longer TL;DR: Linus sees bad changes to the git tree by Kees Cook that he interprets as being of human origin and intentional, calls them “malicious” changes and orders that Kees Cook’s privileges be revoked. Turns out that the “git-filter-repo” tool being used was actually the culprit as it is very powerful and incorrect usage explains the changes. Discussion then moves toward implementing safety checks in the tooling. Kees gets his permissions back.
For those out of the loop: https://news.itsfoss.com/organic-maps-fork-comaps/
Wow this is big news, Comaps is the fork of Organic Maps: https://news.itsfoss.com/organic-maps-fork-comaps/
Let’s be careful to remember that there are different levels of effort and understanding required for different levels of security and privacy. GrapheneOS has taken the approach of offering harm reduction, with sane defaults and options that allow advanced users to take near-complete control over their device (within the limits of the Pixel hardware). This is obvious by their inclusion of the sandboxed Google Play Store as a major feature of the OS, as it is much better than the situation on Google’s Android. It is also not installed by default, forcing users to at least somewhat educate themselves in order to install it.
Accrescent is right in line with this philosophy, and is also not installed by default. Of course if your threat model (or desire) is to achieve the highest level of online anonymity and to have a completely FOSS system, you should not use it… of course you probably shouldn’t use FDroid either, in that case, and should build from source. However, you are clearly in a situation where your threat model does not require those lengths, and FDroid is more of a principled choice.
I think its pointlessly inflammatory to call Accrescent “dangerous” just because it allows for non-FOSS software. Now if you want to criticize whether or not it is fulfilling its stated goals, that is another story.
No, he had access but clearly the router admin interface wasn’t set up to allow remote access. He then needed to access the router from a browser inside the LAN, and he did have the proxmox host configured correctly to access remotely.
Yeah knocking them over while active would probably not be the best, you can even hear the stress on the spindle bearings if you rotate a running hard drive. However you should be free to mount them (securely) in almost any orientation given the discussion in this old post: https://www.silentpcreview.com/forums/viewtopic.php?t=21533&postdays=0&postorder=asc&start=0
CIA surveillance birds 😱
For accessing reddit behind a vpn there is a very reliable system of frontends. Here is the instance I use: https://redlib.freedit.eu/
https://github.com/jersou/mouse-actions
It’s recommended by the easystroke dev too: https://github.com/thjaeger/easystroke/wiki
Then why does the post say “we are looking” as if you are part of a group or team related to this?
The two have completely different goals, and SimpleX’s goal (anonymity) comes with difficulties such as not having typical “accounts”, which means no true simultaneous multi-device support.
GrapheneOS devs have a problem with this guy https://discuss.grapheneos.org/d/20165-response-to-dishonest-attacks-on-the-grapheneos-project-by-robert-braxman
Vesktop is great. However, with the Discord IPO looming (https://www.ign.com/articles/discord-is-reportedly-exploring-an-ipo) it is definitely time to abandon ship.
So it looks like the protocol was audited, but I don’t know about the app or servers. https://www.pindrop.com/article/audit-signal-protocol-finds-secure-trustworthy/
Lmao this is amazing. The future is now…
The openSUSE matrix server had this happen last year, and the admins came up with a good solution of bots that seems to keep things very clean now. I’m sure they might be happy to help if you asked in their admins group
If you set up the system like openSUSE then it makes sense snapper would work. I’d look at the openSUSE docs, its not like btrfs is different in Gentoo right? https://en.opensuse.org/SDB:BTRFS#Default_Subvolumes
Apparently this is a tough problem for mobile devices… GrapheneOS (security hardened OS based on Android) took months to fix a leak someone reported, and had to collaborate with the VPN app providers to do it https://github.com/GrapheneOS/os-issue-tracker/issues/3442
Depends on what your definition of winning is. If we reach a state where it is literally impossible to run your own software without heavy hardware modification, which would exclude 99.9% of users, that would be like big tech winning in my book. That’s why right to repair is important, and we probably also need laws to prevent OEMs from disallowing the use of alternate OS.