Vorsicht, stark ätzender, felliger Abfall!

  • 0 Posts
  • 12 Comments
Joined 1 year ago
cake
Cake day: October 7th, 2023

help-circle


  • Do you have to write and maintain your own init scripts, or is that created during installation?

    Packages should come with the necessary scripts (on Gentoo and Alpine they do), but if they don’t for some reason then writing them is pretty simple. I think the updated layout really only needs dependencies and a couple variables defined.

    Void uses Runit which is even simpler, you have one directory per service and at least a script called “run” in there which gets executed by the supervisor. The is usually just one line, that’s all it takes to make a service work. It also has the supervisor take care of handling logging, similar to what Systemd does. I think it’s a very clean, modern take on classic init, except that dependency/ordering doesn’t exist - it just retries until things fall into place. Works well though.


  • I’m just glad I chose arch instead of Gentoo. I got plenty of will power to learn something new but waiting hours or even days for a bunch of software to compile was too much for me.

    But the documentation is really good and I like the simplicity of OpenRC. Give Void or Alpine a go if you want to dip your toes into something similar, but without all the compiling.



  • ed_cock@feddit.detolinuxmemes@lemmy.worldIt do be like that
    link
    fedilink
    arrow-up
    9
    ·
    edit-2
    9 months ago

    I love how a software bug that scrambled his newsgroup subscriptions introduced him to the fandom, that’s so unbelievably nerdy.

    But honestly: Those pipeline memes kinda rub me the wrong way. It feels like fucking with people’s identity by way of stereotyping for… I don’t know, a laugh, if that’s even the point? Saying this as someone who completely fits the furry in IT stereotype.





  • ed_cock@feddit.detotumblr@lemmy.worldCan IT confirm?
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Mechanical locks CAN be designed well.

    So can even the most superfluous IoT devices, though. It’s just that they aren’t.

    they can be way more secure than any digital “smart” lock

    Typical mechanical locks are fundamentally flawed. Think of it like this: They are opened by a short combination of digits, represented by the key. There is no lock-out mechanism if someone keeps trying to guess the combination, even if they try many per second and there is no user-friendly way of resetting the combination if it has been compromised.

    The tolerances, even in good locks, have to be high enough to enable attackers to guess the combination digit by digit, not as a whole, significantly reducing the time needed to guess it. You can try to mitigate this a little with special pins and weird key ways, but it’s ultimately a necessity, otherwise the lock would constantly fail to open or even break.

    When you have a master-keyed system, the digits represented by the master key (the root password, essentially) will always be lower or equal to any non-master key you find. This, too, can be exploited, allowing an attacker to safely derive a master key from any other key in the system.

    Also, keys can be reproduced from photographs. That alone is a disastrous flaw. Just imagine the CVEs that would be written about the flaws above, and the manufacturer’s response. “But you need skills for that” is never an excuse in the digital realm, it shouldn’t be in the analog either.

    Meanwhile a well-implemented digital lock has all the important components on the other side of the door, exposing only a contactless card reader to interact with. The cards or tokens aren’t dumb data storage, they support public/private authentication, meaning they can not be copied by someone walking up to you with a high-powered reader. There is no port to connect to, no pins to jiggle, just a dumb NFC reader that you can’t even open non-destructively.