- tyami94Why not? The firmware was already public at one point. If people are analyzing your app to find an S3 bucket full of firmware, I'd assume they'd have a pretty good reason to go through the effort.
- Doesn't matter really, keeping blobs hidden doesn't actually do anything except make it slightly harder to analyze the software. Making all blobs easily and readily available is exactly what I want the vendor to do. Black boxes don't make things secure.
- I agree with you in principle here, but to play devils advocate, $1,000,000 isn't a whole lot of money. A worker will make around that much at $25,000 a year over 40 years. If we have to keep money/capitalism, the limit should probably be around 10-15 million. That's still pretty high, but not egregious. Give or take ~40yrs on a high FAANG salary ($375k/yr). Still firmly upper middle class IMO.
- That's because the data is inherently flawed. The poverty line this year is $15,650 for an individual. That's not poverty, that's destitution. From personal experience, living in WV, you cannot survive on that amount of money without either sleeping under a bridge/in a car or dumpster-diving/shoplifting all of your meals.
Folks say just get on food stamps or medicaid, but it's not that simple. At that level of destitution you may not have a phone, an address, basic ID/documentation, or even a means of getting to the office to apply. Means-testing makes the process so drawn-out and convoluted, that many folks (including myself) don't even bother, because there are more immediate things to worry about (once again speaking from experience).
After years of destitution, I finally managed to make a bit more than twice the FPL and I was still struggling (but significantly better off). Just recently I lost that job for reasons outside my control and after my unemployment runs out I'm back where I started. Everyone I know has a similar story. Any data that says that poverty is decreasing in the US is detached from reality.
- I'd argue it's probably time to drop 32-bit x86 support, but the rest of this stuff is arbitrary and doesn't have any tangible benefit except conveniently providing hardware manufacturers with an excuse to unload new hardware onto people when there's nothing wrong with what they have. (not to mention, pardon the conspiracy theory, they're probably trying to use the TPM to turn the PC into a smartphone-like platform)
- Here's a significantly more credible (stacksmashing) video that demonstrates how ineffective some TPM implementations are. If the TPM was integrated into the CPU die, this attack would likely not be possible. https://www.youtube.com/watch?v=wTl4vEednkQ
Despite the TPM being a pretty good and useful idea as a secure enclave for storing secrets, I'm concerned that giving companies the ability to perform attestation of your system's "integrity" will make the PC platform less open. We may be headed towards the same hellscape that we are currently experiencing with mobile devices.
Average folks aren't typically trying to run Linux or anything, so most people wouldn't even notice if secure boot became mandatory over night and you could only run Microsoft-signed kernels w/ remote attestation. Nobody noticed/intervened when the same thing happened to Android, and now you can't root your device or run custom firmware without crippling it and preventing the use of software that people expect to be able to use (i.e. banking apps, streaming services, gov apps, etc.).
Regardless, this is more of a social issue than a technical issue. Regulatory changes (lol) or mass revolt (also somewhat lol) would be effective in putting an end to this. The most realistic way would be average people boycotting companies that do this, but I highly doubt anyone normal will do that, so this may just be the hell we are doomed for unless smaller manufacturers step up to the plate to continue making open devices.
- I've looked into this fella before because he didn't pass the smell test. He's running a grift selling schlocky cell phones and cloud services. His videos are excessively clickbait-y and show minimal understanding of the actual tech, it's more or less concentrated disinformation and half-understood talking points. GrapheneOS devs also had something to say about him: https://discuss.grapheneos.org/d/20165-response-to-dishonest...
- Halium is a hack around crummy vendors doing sub-par work. It is technically impressive but it doesn't resolve the underlying issue that the crummy vendor kernel will never be updated. Saying that Halium is not a good enough solution in the long-term does not make one a purist, it's a simple fact. Devices that rely on Halium are dead-on-arrival.
- I own one of these devices (pinephone) and it is legitimately not good enough for day-to-day use (despite the incredible efforts of the people who are working on it's software). I only use my phone for locally-stored music, text-only web browsing and calls/SMS. The Pinephone cannot perform any of these tasks competently. The thing it does best is playing music, but this drains the battery. It will not reliably place/recieve calls/texts (and 911 doesn't work IIRC). It can barely handle basic web browsing. KDE on this device literally pegs both CPU cores to 100% all of the time. Phosh is better but still dog-slow. This is the case even with the many years of improvements the community has been making to these devices. It used to be significantly worse, and the software is monumentally better than it ever has been. I love this device, and it deeply saddens me that it has such major flaws.
All of the current Linux phones have major showstopper issues, and saying we're complaining about them being "unable to run modern PC games" is a strawman. The simple fact of the matter is there are no decent mobile Linux options available.
The most endemic problem right now is "Linux" phones that use crummy forked vendor kernels and Halium. For all intents and purposes, these devices are trapped in time and can't meaningfully get software updates for major system components. The 2 decent Halium-free options, the Pinephone and the Librem 5, both still use downstream kernels, and the Pinephone's kernel is maintained by 1 person in their spare time. I think it's apparent that this is not sustainable, and one can't reasonably expect megi to maintain this device forever.
As sad as it makes me feel to say this, I don't foresee these problems improving for a long time. As of now, I remain stuck with a Moto E6 from 2019 (Android 9.0) as it seems to be the final device ever produced with a replaceable battery, headphone jack, SD card slot, and screws instead of glue.
- This is a red herring. They're obviously being silenced because they just obtained evidence that Burger King is recording and algorithmically analyzing every customer interaction to ensure that their wage-slave employees say "You rule!" the correct number of times per order. This is horrifying and dystopic, and it's certainly the bigger story here.
- If you like the KDE tools, Kate is a pretty good replacement for Notepad++. It's a very fast native Qt program with a familiar look and feel.
- The ROMs on these old boards typically don't have the driver needed to speak NVMe. Can't load your kernel if the UEFI doesn't know how to talk to your drive. This patch adds a driver to the ROM that allows it to natively access NVMe drives as block devices, solving the problem. Newer boards don't have this issue since nowadays it's standard practice to embed NvmExpressDxe or a similar driver from the factory.
- I don't know if this is cheating, but there were a few NES games that had extra RAM on the cartridge. Pretty easy to do as the cartridge slot directly breaks out the data and address lines from the CPU.
- This leads to an interesting philosophical debate about where the line to "cheating" is. I'd imagine the NES is more than capable of handling HTTP. I own a small managed network switch with a Web UI (and CGI) all running on an 8051 built into the switch ASIC, and if that can do it, it doesn't seem like such a far fetch that the NES can. The hard part is storage and I/O.
This is purely theoretical, but a 6522 could be used to bitbang SPI, opening the possibility of adding an SD card and Ethernet controller (with a chip like the Wiznet W5500). Add a small amount of SRAM (~16/32Kbit) and a loader ROM, and you'd be able to make the NES into a workable general purpose computer using only the cartridge slot. If needed, one could steal an interrupt from the expansion slot.
Admittedly, this could still be considered "cheating" because the W5500 has a built-in TCP/IP stack, but personally I would feel comfortable saying the NES is hosting the site.
Bitbanging SPI with the 6522 -- https://wilsonminesco.com/6502primer/potpourri.html#BITBANG_...