This profile is from a federated server and may be incomplete. View on remote instance

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Yes, she has Gru's ass 😂.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

BTRFS snapshots are a god send. I really have no idea how many times they've saved me from a complete reinstall. One did happen about a week ago, I completely messed up my Void install. Bring back snapshots with Timeshift, everything is good to go!

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Do share.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

It's still funny 😂... and a real banger, especially the TLS part 🤘.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

It can be done with AI, but it's far more work than actually manually syncing it, since the lyrics prompt is not exactly what is written on the screen. Some parts are deliberately missing, since I presume that the output was garbage with that additional text. Like "https" is missing in some parts.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Certificate! 🤘 😎

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

On a long enough time scale, yes, it will get tidy.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Underrated comment.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Everyone does... it's funny how it eventually works.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Either is fine... more or less...

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Yeah? Try it with building wheel for wxPython apps for 10 arches.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

No, you gotta build everything from the big bang onwards.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Uuu, that's a nice take, I like that.

Too bad it might not be a joke in the future.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Well, just goes to show you, never buy a Mac 😂.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Do share.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

We will never know since it will never happen.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

I may not have noticed all of your comments, I was only quoting from this one, which doesn't mention anything else but Russia/Ukraine conflict. On the other hand, I mentioned "conflicts in general".

And cryptographic data has nothing to do with the sanctions, the sanctions are purely monetary investment related, which also has nothing to do with intellectual investment, but LF decided to include that anyway, just so that they be "good little soldiers" and not get in any legal problems.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

No, I'm just trying to point out how ridiculous this whole situation is and that it was handled by the LF, and especially Linus, in the worst way possible.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

I would say sad... especially seen from other devs.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.

Basically, my stand on this.

And that it was dismissed like it was "no big deal" by Linus and some of the other senior maintainers.

But seriously, Linus's comment regarding this was... just... I have no words... he basically put every Russian in the same basket, called them trolls and added a racist comment on top of that, I mean... yeah, I lost all respect for him. At least his previous fits were about code and only if someone fucked up something, this is completely different.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Then why in the hell was the LF founded in the US? That is something that clearly needs explaining. For example, Sweden is a much better place to do these sorts of things, their software laws are very liberal.

Some of these things need to be rethought if you ask me, this is not something that should be left like this. If no one in the kernel, including Linus, doesn't see a serious problem with "we have to move people around to code", then most of these people are probably braindead... I'm sorry, but if it was me, once I found out I had to move devs around to code, I would have been "fuck this we're moving the foundation".

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

This thread is full of software engineers with just no concept of how society functions, or even a basic understanding of the geopolitical context of any of this.

The whole idea of open source is that you can contribute without restrictions and regardless where you live.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Here's an idea: don't invade sovereign nations unprovoked.

That is a great idea! Unfortunately, not everyone has a say in that, especially mere mortals... you know, people like devs.

Unfortunately there wasn't really any international authority that could do it

There is, the UN, but they silent, as always... at least regarding the US. We all know why...

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Unfortunately, we would never know.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

I still don't think something so important should be beholden to the whims of one company (Linux Foundation) or their country's laws (USA).

Exactly my thoughts.

I would strongly prefer to use an operating system that didn't have this problem. Do any even exist?

I was contemplating using FreeBSD, but then I found about the kernel switch to forbid Russian or Chinese usernames and... well, that's not an option as well IMO.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

US and EU double standards is what this whataboutism is all about. I can state this for a fact, since my country is also in this pickle because of EU double standards. And it is constructive if you have a valid reason to raise the issue. There is a valid reason to raise this issue.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

But moving people around to code isn't 🤨? I'm sure it far easier to justify a donation than to book plane tickets and find places for the devs where to stay. And to be perfectly honest, the whole point of open source is "you can contribute from anywhere". The first time I would've encountered the move people around problem, I would have been "this is not the point of open source, it goes against the very spirit of it, we have to do something about this".

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

I wasn't saying that Russia is not an ass, I was just saying that the whole point of open source is that it's above borders and nationalities, religion, sexual orientation, etc. It should be an imperative to keep these core values, not bend over backwards when even no warning has been issued, which I'm fairly certain it would have never happened. And on top of that, Linus'es reaction to them being Russian, I mean... come on!

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Like how my preference is Protonmail being hosted by a neutral country based company

I also use Protonmail because of this. Sure, the free plan is not really great, but I only keep important stuff, so I don't get over the 500MB limit, I delete or archive the rest.

kernel....however any novel encryption does have to be noted to NSA and other organizarions in the USA

That may he true, but only if you're a US citizen. For example, my country doesn't have such regulations. In the end, if it's open source, it shouldn't matter whether I report stuff like that to any organization. It's open source, look it up, it's on a git repo online freely for everyone to review the code.

A foreign state actor wanting to send encrypted communications to overthrow another entity isn't going to follow software laws anyway.

Exactly. As if hacking and DDOSing are legal 😒. It's just throwing money away on some people doing pointless things.

On the other hand, having a ln encryption technologies taskforce makes sense IMO. Watching over what's going on in the open source world regarding cryptography, yeah, that is something that can actually be useful... for the country's cyber-security I mean.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

What? Almost none of the tech where I live is from the US. Not to mention that Samsung is the biggest contender to Apple in the US and they're more or less 50/50 with market share ATM.

The US is losing the war on world domination, something they were winning the past century or so, and they don't like that. That's basically the only reason any of this is happening. The war is just an excuse. As always, they would rather have Russia and China out of the picture than having to compete with them... because they can't, especially not with China.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

That's shared source, look it up, it has nothing to do with open source.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Not everywhere. I seriously doubt Cuba has sanctions against anyone.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Political as in freedom to contribute, not political as in "we're banning devs because they work for someone we don't like".

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Let's say that this company pays the best $$$ and that you really need money for... whatever... now, let's reverse the roles and this person is working for a company that has contracts with the US military during the time of the invasion of Iraq.

See my point... there would have been nothing wrong with that, but all of sudden, it's a problem if Russians do it 🤨...

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Sorry, but the US is almost certainly the main culprit here. They're loosing power in every aspect and they want to reinstate that power in every way possible. As any human being, letting go of a position of power is hard. They just can't accept the fact that someone could be better than them in capitalism then them, which the Chinese proved they can.

It served them well when they were 1st, but it's no good when someone else does it.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Sums up my feelings perfectly.

Mine as well.

Not that invested that much, but I seriously, I thought Linus was better than this... I wouldn't expect this even from Stalman to be honest, this is new level of low if you ask me.

What kind of a hellish timeline is this?

I have no idea... if everything is dictated by corps and governments (at least ones that we can't trust with simple things, such as healthcare), I really have really lost all faith in humanity as a whole... not because they're not human, but because no one sees anything wrong with this, in general...

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

They have been stripped of a role because of a thing that has nothing to do with their competence to contribute to the project. Quality of code is all that matters in open source, not who you are or who you work for.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

They do have troll factories there to influence public opinion.

In the Linux kernel? No. Definitely not. Maybe you'd like to see what happened after they got removed from the maintainers list, it was spam and trolling, and that is not OK in any scenario.

The problem is this still leads to questions about transparency about the project in general and how this decision was made and whether it was made by those involved in the project or was an order from the US government.

My personal belief is that it was an advice by the lawyers and they went with it balls in because w
who would care about a few Russian maintainers, right 😒. Linus probably probably put GHK to it, as to not be him that does the PR, split the heat that may come their way, which it did.

I coldheartedly believe that Linus meant what he said since there was no apology afterwards. Russians are bad in general and they all think the same, they support Puttin.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

Even if that is the case, that doesn't mean that their code or the code they approve is garbage. I don't care who you are or who you work for. What you do in your life outside of open source is your own business. Quality of code is what matters in open source.

0x4E4F OP ,
@0x4E4F@infosec.pub avatar

The reality is that there are many other wars around the world, yet the Russians are the only ones getting sanctioned. They should set an example by sanctioning everyone that currently works for a company that enables any military. Maybe then the world will see how stupid this whole thing is.