henfredemars

joined 2 years ago
sorted by: new top controversial old
Trump administration begins laying off more than 4,000 federal workers amid government shutdown, court filing shows in c/politics@lemmy.world
[–] henfredemars@infosec.pub 27 points 5 days ago* (last edited 5 days ago) (3 children)

The deal used to be that you took a pay cut relative to the private sector for better job security and sometimes benefits. I don’t see why anyone would accept lower pay to work for the government now unless they were truly desperate.

Wild honeybees now officially listed as endangered in the EU in c/europe@feddit.org
[–] henfredemars@infosec.pub 43 points 5 days ago

That’s probably not a good sign.

How would I go about splitting up programs and files between two drives? in c/linux4noobs@programming.dev
[–] henfredemars@infosec.pub 2 points 5 days ago (1 children)

You can use something like Lutris and have a different Wine directory for each installed game. These can be placed anywhere on your filesystem that you like.

I’m less familiar with GOG. I do know there are a few different launchers that try to solve this and other problems for managing Windows games.

Changed my brakes in c/dull_mens_club@lemmy.world
[–] henfredemars@infosec.pub 6 points 5 days ago (3 children)

I really appreciate the quick overview! Thank you.

Understanding the Coming Premium Apocalypse in c/politics@lemmy.world
[–] henfredemars@infosec.pub 36 points 5 days ago (2 children)

The author is mistaken. Health insurance is already unaffordable, but it can become even more unaffordable.

Everyday AI looks more like the '08 housing bubble in c/technology@lemmy.world
[–] henfredemars@infosec.pub 18 points 5 days ago

Last time I checked gold and silver were at all time highs and the dollar was down more than 10% YTD.

Trump Administration Is Bringing Back Scores of C.D.C. Experts Fired in Error in c/usa@midwest.social
[–] henfredemars@infosec.pub 13 points 5 days ago* (last edited 5 days ago) (1 children)

Completely. I'm lucky enough that in my field I can find another job in a few weeks. If this happened to me, I would demand:

  1. Payment up front for lost time.
  2. A punitive signing bonus.
  3. A severance clause, with lump sum payment due upon termination in the future.

I'd be happy to do business with you, but I will now need additional assurances to move forward.

How would I go about splitting up programs and files between two drives? in c/linux4noobs@programming.dev
[–] henfredemars@infosec.pub 4 points 5 days ago (3 children)

This is a nuanced question with nuanced answers. It really depends on what you want to do and how you want to arrange your data.

Originally, partitioning and /etc/fstab were (and still are) used to lay out important directories such as your home directory, temporary directory, etc. You can add entries here to mount other directories to selected location in your directory tree. For example, you could make entries to mount a secondary drive and then redirect /games to point to that drive. It's pretty easy to move your home directory or documents somewhere else.

However, getting your software to use those directories can vary. Depending on your game launcher of choice, you'd have to figure out how to tell it to install games to your desired location. If you have a more concrete example then I might be able to detail this further.

Trump Administration Is Bringing Back Scores of C.D.C. Experts Fired in Error in c/usa@midwest.social
[–] henfredemars@infosec.pub 37 points 5 days ago (5 children)

I would demand financial compensation before returning. You can't trust such an employer.

Changed my brakes in c/dull_mens_club@lemmy.world
[–] henfredemars@infosec.pub 9 points 5 days ago (21 children)

I don’t know how to do a brake job. How difficult would you say it was to learn?

Give. It. Back. in c/lemmyshitpost@lemmy.world
[–] henfredemars@infosec.pub 23 points 5 days ago (1 children)

My dog swallowed a piece of string once. I gently pulled and it just kept coming.

The core problem with A.I. in c/fuck_ai@lemmy.world
[–] henfredemars@infosec.pub 19 points 5 days ago (1 children)

AI is the finest bullshitting machine ever created.

42
Exclusive: Google Pixel 9a will come with Free YouTube Premium, Google One & More (www.androidheadlines.com)
 

According to our source, those purchasing the Google Pixel 9a will get Fitbit Premium for 6 months, YouTube Premium for 3 months and Google One 100GB for 3 months. This is similar to the freebies that Google offered for the rest of the Pixel 9 series.

I feel like this isn't all that interesting news though because I thought trials were commonly included with new Android phones.

67
Qualcomm says Arm is no longer threatening to take its chip architecture away. (www.theverge.com)
 

This is merely a small blurb. Here's the (nearly) complete text of the article (no real need to visit the page):

Qualcomm says Arm is no longer threatening to take its chip architecture away.

”Arm recently notified us that it was withdrawing its October 22nd, 2024 notice of breach and indicated that it has no current plan to terminate the Qualcomm Architecture License Agreement,” Qualcomm CEO Cristiano Amon said on today’s Q1 2025 earnings call. (Qualcomm reported record quarterly revenue, and Amon says Snapdragon now has 10 percent share of $800-plus Windows laptops at US retail.)

Sounds like the chip licensing drama is coming to an end, although it's hard to know what agreements went on behind the scenes to call off the giants' battle.

48
Android 16 may give you a heads up when your phone's time zone changes (www.androidauthority.com)
 
  • Android will soon be able to alert you when your device’s time zone has been automatically updated.
  • This alert will come in the form of a notification.
  • The feature isn’t live yet in the latest Android 16 preview, but when it does go live, it’ll be opt-in.

Sounds like a nice QOL mini-feature.

35
Why No Hypervisor-Based Security? (infosec.pub)
 

Hello Linux Gurus,

I am seeking divine inspiration.

I don’t understand the apparent lack of hypervisor-based kernel protections in desktop Linux. It seems there is a significant opportunity for improvement beyond the basics of KASLR, stack canaries, and shadow stacks. However, I don’t see much work in this area on Linux desktop, and people who are much smarter than me develop for the kernel every day yet have not seen fit to produce some specific advanced protections at this time that I get into below. Where is the gap in my understanding? Is this task so difficult or costly that the open source community cannot afford it?

Windows PCs, recent Macs, iPhones, and a few Android vendors such as Samsung run their kernels atop a hypervisor. This design permits introspection and enforcement of security invariants from outside or underneath the kernel. Common mitigations include protection of critical data structures such as page table entries, function pointers, or SELinux decisions to raise the bar on injecting kernel code. Hypervisor-enforced kernel integrity appears to be a popular and at least somewhat effective mitigation although it doesn't appear to be common on desktop Linux despite its popularity with other OSs.

Meanwhile, in the desktop Linux world, users are lucky if a distribution even implements secure boot and offers signed kernels. Popular software packages often require short-circuiting this mechanism so the user can build and install kernel modules, such as NVidia and VirtualBox drivers. SELinux is uncommon, ergo root access is more or less equivalent to the kernel privileges including introduction of arbitrary code into the kernel on most installations. TPM-based disk encryption is only officially supported experimentally by Ubuntu and is usually linked to secure boot, while users are largely on their own elsewhere. Taken together, this feels like a missed opportunity to implement additional defense-in-depth.

It’s easy to put code in the kernel. I can do it in a couple of minutes for a "hello world" module. It’s really cool that I can do this, but is it a good idea? Shouldn’t somebody try and stop me?

Please insert your unsigned modules into my brain-kernel. What have I failed to understand, or why is this the design of the kernel today? Is it an intentional omission? Is it somehow contrary to the desktop Linux ethos?

87
A Look Back at 2024: F-Droid's Progress and What’s Coming in 2025 | F-Droid - Free and Open Source Android App Repository (f-droid.org)
 

This year has been a milestone for us, with significant strides in decentralizing app distribution, expanding the F-Droid ecosystem, and solidifying our infrastructure. All of these advancements were made possible thanks to donations, grants, our volunteers and regular contributors. So thank you again to everyone who helped make 2024 another great year for F-Droid. Now let’s take a closer look at what we accomplished.

18
Pixelfed, Instagram's decentralized competitor, is now on iOS and Android (www.engadget.com)
 

Pixelfed is now available as a mobile apps for both iOS and Android. The open source, decentralized platform offers image sharing similar to Instagram. However, Pixelfed has no advertisements and does not share user data with third parties.

8
Tested again and again: Google's AirTag competitors are as unreliable as ever (www.androidauthority.com)
 

The AirTag is the gold standard, but Google had eight months to fix its bad network. It's still not fixed.

43
Is there an equivalent of solar panels for radio waves? (infosec.pub)
 

If I had a strong source of radio-frequency photons, can these be converted to electricity like a solar panel does for light?

12
Google Messages takes a step towards secure messaging across apps and platforms (APK teardown) (www.androidauthority.com)
 

Bullet points taken from article:

  • The latest Google Messages beta supports MLS encryption, RCS’s next step toward E2EE interoperability across apps and platforms.
  • We managed to enable MLS for one-on-one RCS conversations in Google Messages, but we haven’t been able to enable it for RCS group chats yet.
  • This indicates that MLS encryption support could be on the horizon for Google Messages.

Note that Google Messages already does end to end encryption, but there are many cases where this feature doesn't work (such as when communicating with an iPhone).

36
App downloads decline 2.3% in 2024, but consumer spending grows to $127B | TechCrunch (techcrunch.com)
 

Though spending was up, there was another worrying sign about the overall health of the app ecosystem. This year, global app downloads were down by 2.3%, compared with 2023, reaching nearly 110 billion. This downward trend was seen across both app stores, the data indicates.

248
The EU wants Apple to open AirDrop and AirPlay to Android and other platforms (9to5google.com)
 

EU regulation has led to Apple being forced to open up iOS in ways that many never expected, but it’s not done just yet. In an effort to ensure “effective interoperability” with other platforms, the EU wants Apple to make native features of iOS being compatible with Android, including the likes of AirDrop and more.

63
Took my wife to the nail salon today (infosec.pub)
submitted 10 months ago* (last edited 10 months ago) by henfredemars@infosec.pub to c/dull_mens_club@lemmy.world
11 comments fedilink
 

She doesn’t enjoy getting her nails done, but she likes the result. It seems a shame to put up with two hours of something you don’t like but we paid for, but we went again. That’s where I am now.

Maybe when she’s done we’ll pick up some Indian food but maybe not because we haven’t discussed dinner yet.

view more: ‹ prev next ›