[ my public key: https://keybase.io/roblabla; my proof: https://keybase.io/roblabla/sigs/dHVC2Jm2HgxiZRm0LlHdZ4B8lfYIXT8qY3A-hoHs89M ]
hnchat:UWnZd20LafKJcpuGyLTI
- roblablaC and C++ as defined by their current standards are memory unsafe. You may argue that some specific implementations manage to stay as memory safe as they can get away with, but even then, features like union prevents a fully memory-safe implementation.
- While that's true, linux _tends_ to follow the rules a bit better, and not change how APIs work from under your feets. For instance on Linux, permission checks are done when you open a handle. An LSM like SELinux can only allow or deny your rights to open the handle at the permission level you requested, that's it. It cannot allow the handle to be opened, but with less privileges than requested, nor can it do permission check at operation time. So once your open is successful, you can be pretty sure that you've cleared the permission checks bar, and are good to go.
This makes writing robust code under those systems a lot easier, which in turns makes debugging things when it goes wrong nicer. Now, I'm not going to say debugging those systems is great - SELinux errors are still an inscrutable mess and writing SELinux policy is fairly painful.
But there is real value in limiting where errors can crop up, and how they can happen.
Of course, there is stuff like FUSE that can throw a wrench into this: instead of an LSM, a linux security product could write their own FS overlay to do these kind of shenanigans. But those seem to be extremely rare on Linux, whereas they're very commonplace on Windows - mostly because MS doesn't provide the necessary tools to properly write security modules, so everyone's just winging it.
- There are many a ways to disable CTRL+ALT+DEL on windows too, from registry tricks to group policy options. Overall, SAK seems to be a relic of the past that should be kept far away from any security consideration.
- Procmon won't show you every type of resource access. Even when it does, it won't tell you which entity in the resource chain caused the issue.
And then you get security product who have the fun idea of removing privileges when a program creates a handle (I'm not joking, that's a thing some products do). So when you open a file with write access, and then try to write to the file, you end up with permission errors durig the write (and not the open) and end up debugging for hours on end only to discover that some shitty security product is doing stupid stuff...
Granted, thats not related to ACLs. But for every OK idea microsoft had, they have dozen of terrible ideas that make the whole system horrible.
- Linux (well, more accurately, X11), has had a SAK for ages now, in the form of the CTRL+ALT+BACKSPACE that immediately kills X11, booting you back to the login screen.
I personally doubt SAK/SAS is a good security measure anyways. If you've got untrusted programs running on your machine, you're probably already pwn'd.
- In this context, it's talking about Internet Research Agency: https://en.wikipedia.org/wiki/Internet_Research_Agency
- Wouldn't it make sense for a remote control to need to access local network & devices? Like, without this permission, the only way the controller would work is through a cloud service, so I would personally be pretty happy to discover the app requests this permission, as it would likely mean the app will keep working when LG inevitably shuts down their cloud server...
- If you're that paranoid, you _can_ just chose not to fly.
The bigger problem is if the UK has an extradition treaty with the country you live in.
- > I don't think a GPL violation case has yet been litigated.
It has, though it has mainly been under the "breach of contract" approach and not under "copyright infringement" approach. See https://en.wikipedia.org/wiki/Open_source_license_litigation
- You are fundamentally conflating releasing a binary under an open source license with the software being open source. Nobody is saying that they're violating the license of Apache2 by not releasing the training data. What people are objecting to is that calling this release "open source", when the only thing covered by the open source license is the weights, to be an abuse of the meaning of "Open Source".
To give you an example: I can release a binary (without sources) under the MIT - an open source license. That will give you the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of said binary. In doing so, I would have released the binary under an open source license. However, most people would agree that the software would not be open source under the conventional definition, as the sources would not be published. While people could modify it by disassembling it and modifying it, there is a general understanding that Open Source requires distributing the _sources_.
This is very similar to what is being done here. They're releasing the weights under an open source license - but the overall software is not open source.
- > For instance, it no longer includes mandatory client-side scanning.
It's still unclear whether it really is removed. They turned scanning into something voluntary, and then said big chat providers must do _something_ to monitor abuse. It seems _very_ likely that the regulatory bodies/courts will decide that the bar they must clear to meet this "something" is client-side scanning.
And I agree that the regulation still has a lot of hoops to jump through to be implemented, and will likely be further tweaked. But it's _very_ important to keep raising our concerns, otherwise there will be no pressure to change the currently problematic legislation.
- Google Certified Devices is any device that has GMS (Google Mobile Services) installed - ergo almost all of them. It's worth noting that a _lot_ of apps stop functioning when GMS is missing because Google has been purposefully been putting as much functionality in them instead of putting them in AOSP. So you end up in a situation where, to make an Android phone compatible with most apps, you need GMS. Which in turn means you need your phone to be Google Certified, and hence must implement this specification.
- You can also use phishing-resistant login/2FA like passkeys/FIDO keys, where it is available (and I'm pretty sure amazon supports it), to minimize the risk of accidentally login into a phishing website while under pressure.
- Then amazon should make it clear you aren’t buying a book. Putting buy there is deceptive.
And also, amazon is on the hook for providing an actual, working app here.
- SD/MMC does restrict things a bit, however:
1. SD is not storage-only, see SDIO cards. While I don’t think windows auto-installs drivers for SDIO device on connection, it still feels risky.
2. It’s worth noting stuxxnet would have worked equally well on a bog standard SD drive, relying only on a malformed file ^^.
I wouldn’t plug a random microsd in a computer I cared about.
- A USB can pretend to be just about any type of device to get the appropriate driver installed and loaded. They can then send malformed packets to that driver to trigger some vulnerability and take over the system.
There are a _lot_ of drivers for devices on a default windows install. There are a _lot more_ if you allow for Windows Update to install drivers for devices (which it does by default). I would not trust all of them to be secure against a malicious device.
I know this is not how stuxxnet worked (instead using a vulnerability in how LNK files were shown in explorer.exe as the exploit), but that just goes to show how much surface there is to attack using this kind of USB stick.
And yeah, people still routinely plug random USBs in their computers. The average person is simultaneously curious and oblivious to this kind of threat (and I don't blame them - this kind of threat is hard to explain to a lay person).
- They literally explain in the article they're using FIDO MFA that is phishing proof as the key authenticates the website (it's not your run-of-the-mill sms 2FA, it's using WebAuthn to talk to your MFA).
With this setup, you can't fuck up.
- As far as gameplay goes, palworld is nothing like Pokemon. Sure, you capture monsters in an open field, but its combat is not turn based and it has a large base building emphasis, for instance.
Now, the monster design in pal world is (I think intentionally) very close to Pokemon’s, while also giving them guns, which I suspect is what triggered Nintendo’s action. You can find plenty of Pokemon likes that match its gameplay much closer (cassette beast, tented) that haven’t caused Nintendo’s ire.
- What's frankly ridiculous is that the big softwares like Nginx and Apache don't deal with this on their own. I've been letting Caddy (my http host of choice) deal with TLS for me for _ages_ now. I don't have to think about anything, I don't have to setup automation. I just... configure my caddy to host my website on https://my.domain.com and it just fetches the TLS for me, renews it when necessary, and uses it as necessary.
You don't need to be a professional sysadmin to deal with this - so long as the software you use isn't ass. Nginx will _finally_ get this ability in the next release (and it'll still be more configuration than caddy, that just defaults to the sane thing)...
- I doubt Mullvad has anywhere near the volume of transaction Valve does. And mullvad has plenty of other payment methods, so only a tiny, tiny fraction of their userbase likely pays in mail-in cash.
I don't think Valve could feasibly implement this at their scale - especially if this method was the _only_ way to acquire the games in question.