@cloud_manul@nrw.social avatar

cloud_manul

@cloud_manul@nrw.social

A universal weapon for all tasks concerning Microsoft Azure, PostgreSQL, Oracle and general evil. Caution: Profile may contain a high concentration of Pallas's cats (manuls).

This profile is from a federated server and may be incomplete. Browse more on the original instance.

geerlingguy, to random
@geerlingguy@mastodon.social avatar

Tiny Pi NAS is impossible to recommend: https://www.youtube.com/watch?v=yLZET7Jhza8

cloud_manul,
@cloud_manul@nrw.social avatar

@geerlingguy What I love about ARM boards is their low power consumption and the fact that you don't need any fans in idle mode. What I really hate is that there is always some compromise (speed of the NIC, availability of PCIe 4.0, USB Ports limited to 5 GBit/sec) holding them back. Even the most potent non-server FF board I know comes only with PCIe 3.0 and 1 GBit/sec NIC. I wish someone would make a "pull out all stops" board for enthusiasts. Hopefully, we can get something with A78/X1 cores.

cloud_manul, to random
@cloud_manul@nrw.social avatar

"What is called Klinkenstecker in German may be a phone connector, a phone jack, an audio jack, a headphone jack or a jack plug in the US." It turns out I don't know jack 😟

cloud_manul, to random
@cloud_manul@nrw.social avatar

After cursing at ALSA/pipewire for a few hours because everything should work, but nothing is audible, I looked at the interface definition of my ARM board again... tell me if you can spot anything suspicious... what... the... actual... ? #firefly #rk3588

cloud_manul, to devops
@cloud_manul@nrw.social avatar

For the next meeting with our agile consultants. https://arstechnica.com/gadgets/2024/04/you-can-now-buy-a-flame-throwing-robot-dog-for-under-10000/ #devops

cloud_manul, to random
@cloud_manul@nrw.social avatar

TL;DR: If your SSH key is of the ECDSA type with a key length of 521 bits, make a new one and take care to remove the public key belonging to the burned one from all authorized_keys files. Luckily, ecdsa-sha2-nistp521 is (AFAIK) not the default if you used ssh-keygen or PuttyGen with the default settings. https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

cloud_manul,
@cloud_manul@nrw.social avatar

"The good news: the only affected key type is 521-bit ECDSA. That is, a key that appears in Windows PuTTYgen with ecdsa-sha2-nistp521 at the start of the 'Key fingerprint' box, or is described as 'NIST p521' when loaded into Windows Pageant, or has an id starting ecdsa-sha2-nistp521 in the SSH protocol or the key file. Other sizes of ECDSA, and other key algorithms, are unaffected. In particular, Ed25519 is not affected. "

simontatham, to random
@simontatham@hachyderm.io avatar

We've released version 0.81. This is a SECURITY UPDATE, fixing a in ECDSA signing for .

If you've used a 521-bit ECDSA key (ecdsa-sha2-nistp521) with any previous version of PuTTY, consider it compromised! Generate a new key pair, and remove the old public key from authorized_keys files.

Other key types are not affected, even other sizes of ECDSA. In particular, Ed25519 is fine.

This vulnerability has id CVE-2024-31497. Full information is at https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

cloud_manul,
@cloud_manul@nrw.social avatar

@simontatham Hi and thanks for the quick bugfix. From what I know, ecdsa-sha2-nistp521 has never been the default key type in Puttygen, so "normal" keys (mostly ssh-rsa and ssh-ed25519) should be fine?

joeyh, to random
@joeyh@hachyderm.io avatar

Lasse Collin has started making some commits to #xz, interesting starting point here.

https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f9cf4c05edd14dedfe63833f8ccbe41b55823b00

cloud_manul,
@cloud_manul@nrw.social avatar

@joeyh I am not an expert in C, can you explain what is caused by the addition of the dot?

mirabilos, to random DE
@mirabilos@toot.mirbsd.org avatar

I was considering replying to this comment on the “please update xz package” bugreport earlier with that the discussion is not irrelevant and that it’s the maintainer’s responsibility on new upgrades to check for new legal issues and “other hidden gems”.

I didn’t because I didn’t want to bother going in with an annoyed self-righteous “user”.

Now it turns out all three of the involved ones were “string + number @ freemailer” #JiaT75 sockpuppets, so it’s probably okay I didn’t bother.

Not that I blame Sebastian — it was very well hidden, and even my usual diffing between old and new version would not have found it.

I do take away from this to also check the diff between VCS repo at the time of the release and release tarball. Perhaps also between branch and tag if they, like Apache Tomcat, introduce extra commits there.

cloud_manul,
@cloud_manul@nrw.social avatar

@mirabilos What I do at work (mostly because I don't want to end up with test code/test artefacts in production binaries): I build each component twice in my build pipeline. All tests are run this first time, but I discard the output. Then, I do a fresh checkout, delete all test code, and then compile everything again, using the build output for packaging. Would that have helped in the current scenario? So far, I understand the malicious payload was disguised as test data.

cloud_manul, to random
@cloud_manul@nrw.social avatar

It appears the maintainer of #xz had been targeted personally, and his health situation was exploited so that the likely perpetrator of the xz backdoor could take over the repository. https://www.mail-archive.com/xz-devel@tukaani.org/msg00571.html

coffeegeek, to coffee
@coffeegeek@flipboard.social avatar

See this?

That's the "good stuff". Stuff that's held back by paper filters. But not so by cloth or metal filters. It is flavour. It is nuance. It is depth. It is character.

Paper filters rob this from your cup of coffee. Every single one of them.

cc @coffee

cloud_manul,
@cloud_manul@nrw.social avatar

@jannem @gbraad @coffeegeek @coffee This discussion (and the sensible argument on both sides) made signing up for the Fediverse already worth it. Thank you guys! <3

fell, (edited ) to coffee
@fell@ma.fellr.net avatar

You can make coffee in a cup that had tea in it, but you can't make tea in a cup that had coffee in it.

#coffee #tea

cloud_manul,
@cloud_manul@nrw.social avatar

@fell Simple solution: stay on the dark side! <3

cloud_manul, to random
@cloud_manul@nrw.social avatar

#DeutscheBahn, Germany's leading always-half-broken public transportation company, is looking for a Windows for Workgroups 3.11 administrator (could not find an English article, sorry). And before anybody asks: NO. I REFUSE. https://www.heise.de/news/Deutsche-Bahn-sucht-Admin-fuer-Windows-3-11-for-Workgroups-9611543.html

ralphruthe, to random German
@ralphruthe@troet.cafe avatar

Dass irgendwelche deutschsprachigen Blogs oder Websites über meine Cartoons schreiben und sie empfehlen passiert häufiger. Dass meine Arbeit von einer ausländischen Website empfohlen wird bisher noch nie.
https://www.boredcomics.com/here-are-20-hilarious-single-panel-comics-by-ruthe-cartoons/

cloud_manul,
@cloud_manul@nrw.social avatar

@ralphruthe Herzlichen Glückwunsch! :-) Ich bin mir nicht sicher, ob es so ist, aber veröffentlichst du regelmäßig englische Versionen?

cloud_manul, to random
@cloud_manul@nrw.social avatar
cloud_manul, to random
@cloud_manul@nrw.social avatar

Meinen jährlichen Stromanbieterwechsel (diese Wortlänge...) erfolgreich vollzogen. Während es letztes Jahr nur darum ging, den Schaden einzudämmen, komme ich vermutlich nächstes Jahr auf ca. 15% weniger Stromkosten. Muss auch mal sein.

campuscodi, to random
@campuscodi@mastodon.social avatar

Atlassian has updated the severity score of its data-wiping bug (CVE-2023-22518) from a 9.1 to a 10/10

cloud_manul,
@cloud_manul@nrw.social avatar

@campuscodi Judging by the ongoing ensh*ttification of both their Jira and Confluence flagship products, the question remains: Could a wiped out Jira/Confluence instance end up being better for everyone involved? </sarcasm>

cloud_manul, to random
@cloud_manul@nrw.social avatar

https://www.heise.de/blog/Technische-Schulden-sind-agile-Schulden-8986851.html

"Wer in einem Team arbeitet, das von seinem Boss als agil bezeichnet wird, darf sich meiner Meinung nach darauf berufen, Mitspracherecht zu haben und Verantwortung zu tragen. Eine wichtige Art und Weise, dieses Recht und diese Verantwortung auszuüben, lässt sich in einem Wort zusammenfassen: Nein. Soll heißen: Wenn ich als Entwickler oder Team erkenne, dass jemand von mir/uns Blödsinn verlangt, ist Nein die richtige Antwort."

cloud_manul, to devops
@cloud_manul@nrw.social avatar

atomicpoet, to random

These days, I prefer to steer clear of Google whenever possible. It seems like whenever they come up with something impressive, there are only two outcomes:

  1. They end up discontinuing it.
  2. They end up ruining it somehow.

Whenever I purchase something promising from Google, I can't help but anticipate its eventual demise.

cloud_manul,
@cloud_manul@nrw.social avatar

@atomicpoet I think that Google, while being "screwed" in general, is not homogenous. A positive example is a new support policy to their smartphones that gives you seven years of security updates, allowing you to keep the same device and reduce electronic waste a little. https://support.google.com/pixelphone/answer/4457705?hl=en#zippy=%2Cpixel-pro (edited this post to correct a typo)

nixCraft, to linux
@nixCraft@mastodon.social avatar

filesystem comparison

cloud_manul,
@cloud_manul@nrw.social avatar

@nixCraft Using btrfs for big and small systems for 10 years now, with zero problems. Stopped using Red Hat Enterprise Linux for new systems because they started to boycott btrfs with RHEL 8. Never looked back.

SmudgeTheInsultCat, to random
@SmudgeTheInsultCat@mas.to avatar

Who'll be there to bury them?

"Elon Musk Says SpaceX Could Land on Mars in 3 to 4 Years"

https://www.nytimes.com/2023/10/05/science/elon-musk-spacex-starship-mars.html

cloud_manul,
@cloud_manul@nrw.social avatar

@SmudgeTheInsultCat Can they make it a one-way trip? Pretty please?

tagesschau, to random German
@tagesschau@ard.social avatar

AfD-Politiker und Richter Jens Maier auf ganzer Linie gescheitert

Der frühere AfD-Bundestagsabgeordnete Maier sieht sich ungerecht behandelt, weil er nicht in sein Amt als Richter zurückkehren konnte. Doch der Bundesgerichtshof bestätigte heute: Das Richterdienstgericht hat keine Fehler gemacht. Von Max Bauer.

➡️ https://www.tagesschau.de/inland/innenpolitik/afd-richter-maier-106.html?at_medium=mastodon&at_campaign=tagesschau.de

#AfD #Richter #JensMaier

cloud_manul,
@cloud_manul@nrw.social avatar

@tagesschau Gelegentlich klappt es mit der Entnazifizierung in .de dann doch mal. Like.

0xabad1dea, to random

“we can’t find any good candidates for this role” you’re auto-rejecting people with 20 years experience because they don’t have a degree and then AI-sorting the rest by how Jared their name is

cloud_manul,
@cloud_manul@nrw.social avatar

@0xabad1dea @brohrer After an exhaustive analysis (sample size: 1), I found out that people who enjoy Final Fantasy video games and programming Perl make great DevOps engineers (jk)

timonsku, to random
@timonsku@mastodon.social avatar

Academia is fucked and not a useful system to carry science forward

https://mastodon.social/@coreyspowell/111177527047491582

cloud_manul,
@cloud_manul@nrw.social avatar

@timonsku It has always been this way. What changed is that these cases are becoming public.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • thenastyranch
  • magazineikmin
  • ethstaker
  • khanakhh
  • rosin
  • Youngstown
  • everett
  • slotface
  • ngwrru68w68
  • mdbf
  • GTA5RPClips
  • kavyap
  • DreamBathrooms
  • provamag3
  • cisconetworking
  • cubers
  • Leos
  • InstantRegret
  • Durango
  • tacticalgear
  • tester
  • osvaldo12
  • normalnudes
  • anitta
  • modclub
  • megavids
  • lostlight
  • All magazines
    •