cloud_manul

@cloud_manul@nrw.social

A universal weapon for all tasks concerning Microsoft Azure, PostgreSQL, Oracle and general evil. Caution: Profile may contain a high concentration of Pallas's cats (manuls).

This profile is from a federated server and may be incomplete. Browse more on the original instance.

geerlingguy, to random
@geerlingguy@mastodon.social avatar

Tiny Pi NAS is impossible to recommend: https://www.youtube.com/watch?v=yLZET7Jhza8

cloud_manul,

@geerlingguy What I love about ARM boards is their low power consumption and the fact that you don't need any fans in idle mode. What I really hate is that there is always some compromise (speed of the NIC, availability of PCIe 4.0, USB Ports limited to 5 GBit/sec) holding them back. Even the most potent non-server FF board I know comes only with PCIe 3.0 and 1 GBit/sec NIC. I wish someone would make a "pull out all stops" board for enthusiasts. Hopefully, we can get something with A78/X1 cores.

cloud_manul, to random

"What is called Klinkenstecker in German may be a phone connector, a phone jack, an audio jack, a headphone jack or a jack plug in the US." It turns out I don't know jack 😟

cloud_manul, to random

After cursing at ALSA/pipewire for a few hours because everything should work, but nothing is audible, I looked at the interface definition of my ARM board again... tell me if you can spot anything suspicious... what... the... actual... ? #firefly #rk3588

cloud_manul, to devops
simontatham, to random
@simontatham@hachyderm.io avatar

We've released #PuTTY version 0.81. This is a SECURITY UPDATE, fixing a #vulnerability in ECDSA signing for #SSH.

If you've used a 521-bit ECDSA key (ecdsa-sha2-nistp521) with any previous version of PuTTY, consider it compromised! Generate a new key pair, and remove the old public key from authorized_keys files.

Other key types are not affected, even other sizes of ECDSA. In particular, Ed25519 is fine.

This vulnerability has id CVE-2024-31497. Full information is at https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

cloud_manul,

@simontatham Hi and thanks for the quick bugfix. From what I know, ecdsa-sha2-nistp521 has never been the default key type in Puttygen, so "normal" keys (mostly ssh-rsa and ssh-ed25519) should be fine?

cloud_manul, to random

TL;DR: If your SSH key is of the ECDSA type with a key length of 521 bits, make a new one and take care to remove the public key belonging to the burned one from all authorized_keys files. Luckily, ecdsa-sha2-nistp521 is (AFAIK) not the default if you used ssh-keygen or PuttyGen with the default settings. https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

cloud_manul,

"The good news: the only affected key type is 521-bit ECDSA. That is, a key that appears in Windows PuTTYgen with ecdsa-sha2-nistp521 at the start of the 'Key fingerprint' box, or is described as 'NIST p521' when loaded into Windows Pageant, or has an id starting ecdsa-sha2-nistp521 in the SSH protocol or the key file. Other sizes of ECDSA, and other key algorithms, are unaffected. In particular, Ed25519 is not affected. "

joeyh, to random
@joeyh@hachyderm.io avatar

Lasse Collin has started making some commits to #xz, interesting starting point here.

https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f9cf4c05edd14dedfe63833f8ccbe41b55823b00

cloud_manul,

@joeyh I am not an expert in C, can you explain what is caused by the addition of the dot?

mirabilos, to random DE
@mirabilos@toot.mirbsd.org avatar

I was considering replying to this comment on the “please update xz package” bugreport earlier with that the discussion is not irrelevant and that it’s the maintainer’s responsibility on new upgrades to check for new legal issues and “other hidden gems”.

I didn’t because I didn’t want to bother going in with an annoyed self-righteous “user”.

Now it turns out all three of the involved ones were “string + number @ freemailer” #JiaT75 sockpuppets, so it’s probably okay I didn’t bother.

Not that I blame Sebastian — it was very well hidden, and even my usual diffing between old and new version would not have found it.

I do take away from this to also check the diff between VCS repo at the time of the release and release tarball. Perhaps also between branch and tag if they, like Apache Tomcat, introduce extra commits there.

cloud_manul,

@mirabilos What I do at work (mostly because I don't want to end up with test code/test artefacts in production binaries): I build each component twice in my build pipeline. All tests are run this first time, but I discard the output. Then, I do a fresh checkout, delete all test code, and then compile everything again, using the build output for packaging. Would that have helped in the current scenario? So far, I understand the malicious payload was disguised as test data.

cloud_manul, to random

It appears the maintainer of #xz had been targeted personally, and his health situation was exploited so that the likely perpetrator of the xz backdoor could take over the repository. https://www.mail-archive.com/xz-devel@tukaani.org/msg00571.html

coffeegeek, to coffee
@coffeegeek@flipboard.social avatar

See this?

That's the "good stuff". Stuff that's held back by paper filters. But not so by cloth or metal filters. It is flavour. It is nuance. It is depth. It is character.

Paper filters rob this from your cup of coffee. Every single one of them.

#coffee

cc @coffee

cloud_manul,

@jannem @gbraad @coffeegeek @coffee This discussion (and the sensible argument on both sides) made signing up for the Fediverse already worth it. Thank you guys! <3

fell, (edited ) to coffee
@fell@ma.fellr.net avatar

You can make coffee in a cup that had tea in it, but you can't make tea in a cup that had coffee in it.

#coffee #tea

cloud_manul,

@fell Simple solution: stay on the dark side! <3

cloud_manul, to random

#DeutscheBahn, Germany's leading always-half-broken public transportation company, is looking for a Windows for Workgroups 3.11 administrator (could not find an English article, sorry). And before anybody asks: NO. I REFUSE. https://www.heise.de/news/Deutsche-Bahn-sucht-Admin-fuer-Windows-3-11-for-Workgroups-9611543.html

ralphruthe, to random German
@ralphruthe@troet.cafe avatar

Dass irgendwelche deutschsprachigen Blogs oder Websites über meine Cartoons schreiben und sie empfehlen passiert häufiger. Dass meine Arbeit von einer ausländischen Website empfohlen wird bisher noch nie.
https://www.boredcomics.com/here-are-20-hilarious-single-panel-comics-by-ruthe-cartoons/

cloud_manul,

@ralphruthe Herzlichen Glückwunsch! :-) Ich bin mir nicht sicher, ob es so ist, aber veröffentlichst du regelmäßig englische Versionen?

cloud_manul, to random
cloud_manul, to random

Meinen jährlichen Stromanbieterwechsel (diese Wortlänge...) erfolgreich vollzogen. Während es letztes Jahr nur darum ging, den Schaden einzudämmen, komme ich vermutlich nächstes Jahr auf ca. 15% weniger Stromkosten. Muss auch mal sein.

cloud_manul, to random

https://www.heise.de/blog/Technische-Schulden-sind-agile-Schulden-8986851.html

"Wer in einem Team arbeitet, das von seinem Boss als agil bezeichnet wird, darf sich meiner Meinung nach darauf berufen, Mitspracherecht zu haben und Verantwortung zu tragen. Eine wichtige Art und Weise, dieses Recht und diese Verantwortung auszuüben, lässt sich in einem Wort zusammenfassen: Nein. Soll heißen: Wenn ich als Entwickler oder Team erkenne, dass jemand von mir/uns Blödsinn verlangt, ist Nein die richtige Antwort."

cloud_manul, to devops
atomicpoet, to random

These days, I prefer to steer clear of Google whenever possible. It seems like whenever they come up with something impressive, there are only two outcomes:

  1. They end up discontinuing it.
  2. They end up ruining it somehow.

Whenever I purchase something promising from Google, I can't help but anticipate its eventual demise.

cloud_manul,

@atomicpoet I think that Google, while being "screwed" in general, is not homogenous. A positive example is a new support policy to their smartphones that gives you seven years of security updates, allowing you to keep the same device and reduce electronic waste a little. https://support.google.com/pixelphone/answer/4457705?hl=en#zippy=%2Cpixel-pro (edited this post to correct a typo)

cloud_manul, to random
cloud_manul, to random

No. Just: no.

cloud_manul, to LinusTechTips

If you think #linustechtips and eight other Youtube channels associated with Linus Media Group (#lmg) are good customer advice, watch this first.
https://www.youtube.com/watch?v=FGW3TPytTjc

cloud_manul, to random

(In an MMO) defeats a mammoth loots a mammoth obtains a bow Well, that should be the end of the feared guild of sharpshooting mammoth assassins!

cloud_manul, to random

Ow. Ow. OW! (Originally from FB)

cloud_manul, to random

Krass. @tagesschau als hochoffizieller Account der Tagesschau. Und plötzlich steht Mastodon an der Schwelle zum Mainstream.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • InstantRegret
  • ethstaker
  • magazineikmin
  • GTA5RPClips
  • rosin
  • modclub
  • Youngstown
  • ngwrru68w68
  • slotface
  • osvaldo12
  • kavyap
  • DreamBathrooms
  • Leos
  • thenastyranch
  • everett
  • cubers
  • cisconetworking
  • normalnudes
  • Durango
  • anitta
  • khanakhh
  • tacticalgear
  • tester
  • provamag3
  • megavids
  • lostlight
  • All magazines