rgacogne

gabrielesvelto, 21 days ago to linux

I've updated my tutorial on how to monitor #ECC memory on #Linux to include information about the kernel_lockdown LSM, and how to make it work when it's enabled.

Long story short, you can still monitor corrected & uncorrected memory errors with kernel lock-down enabled, but only using integrity mode. rasdaemon is incompatible with kernel lock-down confidentiality mode, as it deliberately hides kernel information from userspace applications.

https://www.setphaserstostun.org/posts/monitoring-ecc-memory-on-linux-with-rasdaemon/

GrapheneOS, 1 month ago to random

There's a site impersonating the GrapheneOS project for scamming people (grapheneos dot fr). GrapheneOS does not currently sell phones or work with any company/individual selling phones.

We strongly recommend using the very easy to use web installer: https://grapheneos.org/install/web.

rgacogne, 2 months ago to random

Do I have a great #Go developer looking for a job in my contacts?

We at PowerDNS are hiring, remote is not a problem (most of us are remotely working from various places in the EU at the moment): https://careers.open-xchange.com/job/The-Hague-Senior-Software-Developer-PowerDNS-%28Go%29-%28mfd%29/973784855/

bortzmeyer, 2 months ago to random French

Good morning, Brisbane! First "real" day of #IETF119. https://www.ietf.org/how/meetings/119/

We start with the new "all dispatch" session: new job which does not know where it fits and has to be dispatched somewhere in the large IETF.

bagder, 3 months ago to random

c-ares 1.27.0 is here! https://c-ares.org/

Fixes CVE-2024-25629, adds two new functions and fixes a few bugs.

rgacogne, 4 months ago to random

As you can see, #fosdem is going well!

bortzmeyer, 4 months ago to random French

Collection of emails received by a free software maintainer. There are many strange people on the Internet. https://github.com/bagder/emails

But some emails are quite nice such as https://github.com/bagder/emails/blob/main/2023/2023-04-14.md

Brevesdepresse, 8 months ago to random French

🔴🇨🇵INFO -Derrière la chute d'#Anticor, on retrouve notamment Me Thiriez, un avocat proche de la macronie. À l'Élysée, le retrait de l'agrément de l’association anticorruption, qui lui permettait d’agir en justice, n’a attristé personne, écrit Le Monde... lemonde.fr/m-le-mag/artic…https://www.lemonde.fr/m-le-mag/article/2023/09/17/anticor-un-improbable-trio-derriere-la-perte-de-l-agrement-ministeriel_6189741_4500055.html

bagder, 9 months ago to random

"CVE-2020-19909 is everything that is wrong with CVEs"

A claimed "9.8 CRITICAL" flaw in #curl that does not exist.

https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/

rgacogne, 10 months ago to random

"Surprisingly, by chaining four common side effects of shared libraries from official distribution packages, we were able to transform this very limited primitive (the dlopen() and dlclose() of shared libraries from
/usr/lib*) into a reliable, one-shot remote code execution in ssh-agent (despite ASLR, PIE, and NX)."

Qualys continues to deliver, wow! #CVE-2023-38408

https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt

mattblaze, 11 months ago (edited 11 months ago) to photography

Irritated that Capture One (basically a raw image processor bundled with a better version of Lightroom) has moved to an Adobe-style subscription model. At least they still let you buy a permanent copy (and basically give you the current version for free after 5 years as a subscriber).

Having to buy an annual subscription to manage and edit my own work reminds me how vulnerable we are to the business-model-du-jour of proprietary platforms we rely on.

#photography

jpmens, 11 months ago to random

deleted_by_author

bagder, 1 year ago to random

CVE as JSON https://daniel.haxx.se/blog/2023/05/05/cve-as-json/

My latest thing on the #curl site.