StarDreamer @ stardreamer @lemmy.blahaj.zone

Posts

0

Comments

167

Joined

2 yr. ago

Many years ago when I was still doing my undergrad I had a cyber security prof talk about side channels:

”There's no way to prevent side-channels. As long as two components are sharing the same physical resource there will be side channels. The only problem is that these side channels are leaking way more bits than we expected.”

So the question here is how big does the side channel need to be to leak something sensitive from memory? Turning off mitigations will almost certainly lead to larger side channels. Whether that is worth the risk is up to you.

VMs, containers, and running make -j (yep, that's right, -j without specifying the maximum number of parallel jobs)

And Quic, and Pony express, and GFS...

The year is 5123. We have meticulously deciphered texts from the early 21st century, providing us with a wealth of knowledge. Yet one question still eludes us to this day:

Who the heck is Magic 8. Ball?

You're thinking of the OBS (open build service), which does exist.

AUR maintainer for a few niche packages here. It's because it lowers the barrier of entry. Remember this is all a volunteer effort.

What do I do when someone running ubuntu reports an error saying the PKGBUILD doesn't work?

What if the program fails due to a different version of the kernel? (True story, only after 2 weeks of debugging I found out that the user was running Manjaro, which used a different naming convention for the kernel)

What do I do if someone reports a missing library dependency on fedora? Should I also package that library for fedora?

If I'm packaging drivers for specific hardware. I'm not going to install a specific distro just to fix your issue (sorry!). Most of my advice is given on a best effort basis. I made these build scripts for myself since I want native installs for all my software, and thought other people may be interested in them as well. If the responsibility of maintaining them becomes too overwhelming (like with your LUR case). I'll probably host these build scripts in a private repo instead.

Everything fails except old PATA disks. For some reason they tend to last forever.

Or just any dpdk program, where any gdb caused slowdown causes the code to "behave as expected"

"Would anyone at the table like to carve the rump?"

Hmm... I need to test this out then. I have about 200+ entries across multiple folders, but I'm not seeing much of a slowdown. But then again most of my hardware is pretty good (except for one or two devices).

It doesn't matter how many passwords you are storing inside. It's the number of cycles of decryption needed to be performed in order to unlock the vault. More cycles = more time.

You can have an empty vault and it will still be slow to decrypt with a high kdf iteration count/expensive algorithm.

You can think of it as an old fashioned safe with a hand crank. You put in the key and turn the crank. It doesn't matter if the safe is empty or not, as long as you need to turn the crank 1000 times to open it it WILL be slower than a safe that only needs 10 turns. Especially so if you have a 10 year old (less powerful device) turning the crank.

How many KDF iterations did you set your vault to? I have mine at 600,000 so it definitely takes a moment (~3 sec) to decrypt on older devices.

The decryption being compute heavy is by design. You only need to decrypt once to unlock your vault, but someone brute forcing it would need to decrypt a billion+ times. Increasing compute needed for decryption makes it more expensive to brute force your master password.

In fact, LastPass made the mistake of setting their default iteration count to 1000 before they got breached and got a ton of flak for it.

This kinda sounds like a TCP retransmission issue. Do you have a server available somewhere? Can you run iperf3 in both ways and see the retransmission rate?

You may also want to run TCP with both CUBIC and BBR for this test since that may also isolate shallow buffers versus corrupted packets.

Is there a good/easy way to defrag a btrfs filesystem after 3-4 years of continuous use? At this point I can't tell if my SUSE install was slow all those years ago or it's just been getting worse over time.

Multimc devs refuse to let anyone else compile/provide packaging scripts for their application. Their own Linux packages installs into /home and can't be cleanly uninstalled. They also deliberately broke the compile process by removing key files from their git repo. When confronted about it, they decided to threaten to sue the AUR maintainer for trademark infringement on their discord instead.

Isn't the whole point of these things the "bloated" (CI/CD, issue tracker, merge requests, mirroring, etc) part? Otherwise we'd all be using bare git repos over ssh (which works great btw!)

It's like complaining about IDE bloat while not using a text editor. Or complaining there's too many knives in a knife set instead of buying just the chef knife.

That's just a Thinkpad. If they keep making them smaller eventually it will fit in your pocket.

Pretty sure the biggest cost of crimping your own cables is finding a place to store the remaining spool.

Or ensuring the spool is still useful 15 years later while everything has migrated to SFP/QSFP

True story:

Grabs Cat2 cable out of lab storage and hooks everything up to it

"Why is everything so slow?"