home.social

Search

1000 results for “Gentoo_eV”

  1. jetsetruri @[email protected] ·

    Using older OSes and older programs to avoid slop

    This started out as a draft around the start of this month, but when writing an "expanded" version of my Mastodon post I began to reiterate the same points so I said, fuck it, might as well just split my draft into two separate posts.

    This is one of them. The other one will be up in a few moments… or hours? I don't know, heh.

    Eternal Sloptember

    I've been following the Open Slopware document per Drew DeVault's post on rsync. If you aren't aware of this, it keeps track of which FOSS programs have began to accept or even embrace AI-generated code.

    I don't like that it's not just Vim, KeePassXC, and rsync, but also ImageMagick, VLC, mpv, Jellyfin, curl, Godot, Calibre, Gitea, GitLab, Bluesky, PeerTube, Mastodon, Lemmy, Lutris, etc.

    tmux, plan9port, Heroic Games Launcher, LLVM, VirtualBox, maybe Nix.

    The worst for me were whole operating systems accepting AI-generated commits, such as the Linux kernel, FreeBSD, GNU Hurd, ReactOS, and even FreeDOS (even programs for 80s/90s hardware isn't safe).

    To explain why this is such a big deal, a lot of people (including me) are skeptical of AI, and want to avoid it however possible, but this makes it harder because it feels like it's being shoved down my throat. Use whatever analogy you want. I've considered low background steel, AI "veganism", even asbestos. But the biggest is that modern AI is a product of capitalism, pushed without ethical consideration by larger companies, and I want to avoid that shit.

    Older operating systems

    Okay, so my first proposal. I think the core system of every OS should be free of AI. I'm mostly referring to kernel and userspace applications, but I've also seen Lubuntu and Nobara, unfortunately, include AI-generated wallpapers, or projects like KOReader use AI-generated images for releases.

    I've been looking into this a bit, and I think older operating systems are a good option, but some may disagree (I'll get into this near the end of this section), and much like internet privacy, it can be a compromise depending on how far back you wanna go. Maybe an OS predating the 2025 winter holidays when Claude Code exploded, November 2022 when ChatGPT was released, October 2021 when GitHub Copilot was first released, or May 2020 when GPT-3 was first published.

    Fortunately, older versions of, say, Debian, have a "frozen in time" archive of packages for each older version used. This may also apply to derivatives like Devuan and Ubuntu, as well as Alpine, CentOS, Fedora, Slackware, FreeBSD, OpenBSD, and, with a bit of extra work (for finding the original sources?), NetBSD

    But, unfortunately, it's often been claimed that running older software is a security risk waiting to happen.

    On one hand, I agree, and one should always exercise caution when running old software (a tool like Lynis could be one in your security arsenal), and the older you go, the more screwed you are by possible RCEs.

    On another hand, I also disagree. I personally believe most security issues are a result of PEBKAC and really involve how well the administrator knows their system. Arch Linux has a very lengthy page on security practices that apply to OSes. Others include Slackware and Gentoo. And for me, a big part of security is the attack surface, which is drastically reduced if you don't have 200 services running and stick to minimal software (imo modern web browsers are an overengineered security nightmare).

    Older applications

    Second of all, I can hoard older versions of software thanks to sites that still host them. Not all source code will compile, but there's a very high chance a Windows binary will be available that can run under WINE (though native performance is only expected on x86 architectures, where you'd have to use an emulator like qemu or box86 otherwise). If I'm unhappy about modern Anki, for instance, I can still run 2.0.52 if I really wanted to. If I'm unhappy about Blender, they too still provide older versions.

    I've been able to do this as on as far back as my laptop, Omoikane (2004), running Slackware 13.37 (2011), after compiling WINE 2.14 (2017), though it relies on the program to be compiled without SSE2 due to the older CPU.

    This also goes both ways! If I want new software, I can set up a container (Distrobox? uhh… Flatpak? shudders), chroot, virtual machine, or emulator. I've been thinking SSH forwarding could make the programs appear natively on the system.


    #ai #slop #linux #debian #retrocomputing #rant #ramble
    #ai #slop #linux #debian #retrocomputing #rant
  2. jetsetruri @[email protected] ·

    Using older OSes and older programs to avoid slop

    This started out as a draft around the start of this month, but when writing an "expanded" version of my Mastodon post I began to reiterate the same points so I said, fuck it, might as well just split my draft into two separate posts.

    This is one of them. The other one will be up in a few moments… or hours? I don't know, heh.

    Eternal Sloptember

    I've been following the Open Slopware document per Drew DeVault's post on rsync. If you aren't aware of this, it keeps track of which FOSS programs have began to accept or even embrace AI-generated code.

    I don't like that it's not just Vim, KeePassXC, and rsync, but also ImageMagick, VLC, mpv, Jellyfin, curl, Godot, Calibre, Gitea, GitLab, Bluesky, PeerTube, Mastodon, Lemmy, Lutris, etc.

    tmux, plan9port, Heroic Games Launcher, LLVM, VirtualBox, maybe Nix.

    The worst for me were whole operating systems accepting AI-generated commits, such as the Linux kernel, FreeBSD, GNU Hurd, ReactOS, and even FreeDOS (even programs for 80s/90s hardware isn't safe).

    To explain why this is such a big deal, a lot of people (including me) are skeptical of AI, and want to avoid it however possible, but this makes it harder because it feels like it's being shoved down my throat. Use whatever analogy you want. I've considered low background steel, AI "veganism", even asbestos. But the biggest is that modern AI is a product of capitalism, pushed without ethical consideration by larger companies, and I want to avoid that shit.

    Older operating systems

    Okay, so my first proposal. I think the core system of every OS should be free of AI. I'm mostly referring to kernel and userspace applications, but I've also seen Lubuntu and Nobara, unfortunately, include AI-generated wallpapers, or projects like KOReader use AI-generated images for releases.

    I've been looking into this a bit, and I think older operating systems are a good option, but some may disagree (I'll get into this near the end of this section), and much like internet privacy, it can be a compromise depending on how far back you wanna go. Maybe an OS predating the 2025 winter holidays when Claude Code exploded, November 2022 when ChatGPT was released, October 2021 when GitHub Copilot was first released, or May 2020 when GPT-3 was first published.

    Fortunately, older versions of, say, Debian, have a "frozen in time" archive of packages for each older version used. This may also apply to derivatives like Devuan and Ubuntu, as well as Alpine, CentOS, Fedora, Slackware, FreeBSD, OpenBSD, and, with a bit of extra work (for finding the original sources?), NetBSD

    But, unfortunately, it's often been claimed that running older software is a security risk waiting to happen.

    On one hand, I agree, and one should always exercise caution when running old software (a tool like Lynis could be one in your security arsenal), and the older you go, the more screwed you are by possible RCEs.

    On another hand, I also disagree. I personally believe most security issues are a result of PEBKAC and really involve how well the administrator knows their system. Arch Linux has a very lengthy page on security practices that apply to OSes. Others include Slackware and Gentoo. And for me, a big part of security is the attack surface, which is drastically reduced if you don't have 200 services running and stick to minimal software (imo modern web browsers are an overengineered security nightmare).

    Older applications

    Second of all, I can hoard older versions of software thanks to sites that still host them. Not all source code will compile, but there's a very high chance a Windows binary will be available that can run under WINE (though native performance is only expected on x86 architectures, where you'd have to use an emulator like qemu or box86 otherwise). If I'm unhappy about modern Anki, for instance, I can still run 2.0.52 if I really wanted to. If I'm unhappy about Blender, they too still provide older versions.

    I've been able to do this as on as far back as my laptop, Omoikane (2004), running Slackware 13.37 (2011), after compiling WINE 2.14 (2017), though it relies on the program to be compiled without SSE2 due to the older CPU.

    This also goes both ways! If I want new software, I can set up a container (Distrobox? uhh… Flatpak? shudders), chroot, virtual machine, or emulator. I've been thinking SSH forwarding could make the programs appear natively on the system.


    #ai #slop #linux #debian #retrocomputing #rant #ramble
    #ramble #rant #retrocomputing #debian #linux #slop
  3. tallship @[email protected] ·

    ## First steps towards Raspberry Pi5 support

    ### Stuart Winter's latest announcement on 05 Oct on the official Linux ARM port:

    Using the new SAIR (Slackware AArch64 Installer Respin) tool, I created a variant of the Slackware AArch64 Installer that uses the Raspberry Pi Kernel fork instead of the upstream Linus Torvalds kernel. To test it, I installed Slackware onto a Raspberry Pi 4, and it worked — a big milestone! 🎉 Why the Pi 4? Because I don’t yet have an RPi5, but this gives me a way to get the core pieces working now so that we’ll be ready to integrate full support for the Raspberry Pi 5 as soon as I can test on real hardware. This is just the beginning, but it’s an exciting step forward. Thanks so much for your support.

    If you're interested in a fully supported rolling distro for your production rPi home or office network you can track development following the Changelog HERE

    Installation guides and video tutorials for rPi4 installation (including a rather comprehensive hardware guide) are located HERE and complete instructions for installation on other popular product lines such as Pine64 as well can be found HERE.

    Stuart and Brent work hard at bringing the very leading edge of computing to the ARM architecture and #Slackware_Linux rides the cusp of that endeavor with their dedication and commitment to the single board computer market.

    For your next #Raspberry_Pi project, consider the simple yet sleek and performant stability that Slackware Linux has been famous for since it was first distributed around campus at Moorehead State University on floppy disks over 30 years ago, predating Debian, Redhat, and every other Linux distribution in the marketplace.

    As for me? Well, it says so in most of my profiles: "Slackware, OpenBSD, and a bit of a Debiantard." And that about sums it up for now!

    ### A bit on source based and rolling Linux distributions:

    - Slackware -current, like Debian testing, Gentoo, and Arch Linux, is a fully rolling Linux distribution. A single command provides complete system updates to the very latest in versioning of packages and ongoing, active development.
    - Unlike most other package based distributions, Slackware linux 'can be' a completely sourced based Linux distro, albeit a mostly inconvenient and rather redundant effort, since a single command can fetch and reinstall every single component of the base system (once initial installation of the machine has been completed), due to Slackware's uniquely historical, and simplistic methodology.
    - Almost all additional packages not already in the official Slackware installation, with exception of a few very large and intensive applications, are #source_based installs, also capable of being fetched, downloaded from the upstream developer source repos, compiled, packaged, and installed locally (including dependencies) - with a single command. Some packages such as Firefox, LibreOffice, etc., are so huge that trusted package repos are maintained so they can be downloaded, and then installed in seconds with a single command.
    - Once you have installed applications, you can share those packages with others freely so they can merely take those packages and install them in a few seconds with a single command. It is however, preferred by most to use the SlackBuilds.org repository for #Slackbuild scripts to compile and install from source (it's a trust issue).
    - Slackware Linux is the oldest, extant Linux distro, and has maintained an aggressive, continuous development cycle since its initial public announcement on Usenet in 1993. The Slackware Team has also traditionally provided the longest running support for release versions over that of all Linux distributions (over a decade before EOL in many cases).

    I hope that helps, enjoy!

    #tallship @mozes #Slackware #FOSS #UNIX #ARM

    #foss #tallship #unix #slackware #slackware_linux #raspberry_pi
  4. tallship @[email protected] ·

    ## First steps towards Raspberry Pi5 support

    ### Stuart Winter's latest announcement on 05 Oct on the official Linux ARM port:

    Using the new SAIR (Slackware AArch64 Installer Respin) tool, I created a variant of the Slackware AArch64 Installer that uses the Raspberry Pi Kernel fork instead of the upstream Linus Torvalds kernel. To test it, I installed Slackware onto a Raspberry Pi 4, and it worked — a big milestone! 🎉 Why the Pi 4? Because I don’t yet have an RPi5, but this gives me a way to get the core pieces working now so that we’ll be ready to integrate full support for the Raspberry Pi 5 as soon as I can test on real hardware. This is just the beginning, but it’s an exciting step forward. Thanks so much for your support.

    If you're interested in a fully supported rolling distro for your production rPi home or office network you can track development following the Changelog HERE

    Installation guides and video tutorials for rPi4 installation (including a rather comprehensive hardware guide) are located HERE and complete instructions for installation on other popular product lines such as Pine64 as well can be found HERE.

    Stuart and Brent work hard at bringing the very leading edge of computing to the ARM architecture and #Slackware_Linux rides the cusp of that endeavor with their dedication and commitment to the single board computer market.

    For your next #Raspberry_Pi project, consider the simple yet sleek and performant stability that Slackware Linux has been famous for since it was first distributed around campus at Moorehead State University on floppy disks over 30 years ago, predating Debian, Redhat, and every other Linux distribution in the marketplace.

    As for me? Well, it says so in most of my profiles: "Slackware, OpenBSD, and a bit of a Debiantard." And that about sums it up for now!

    ### A bit on source based and rolling Linux distributions:

    - Slackware -current, like Debian testing, Gentoo, and Arch Linux, is a fully rolling Linux distribution. A single command provides complete system updates to the very latest in versioning of packages and ongoing, active development.
    - Unlike most other package based distributions, Slackware linux 'can be' a completely sourced based Linux distro, albeit a mostly inconvenient and rather redundant effort, since a single command can fetch and reinstall every single component of the base system (once initial installation of the machine has been completed), due to Slackware's uniquely historical, and simplistic methodology.
    - Almost all additional packages not already in the official Slackware installation, with exception of a few very large and intensive applications, are #source_based installs, also capable of being fetched, downloaded from the upstream developer source repos, compiled, packaged, and installed locally (including dependencies) - with a single command. Some packages such as Firefox, LibreOffice, etc., are so huge that trusted package repos are maintained so they can be downloaded, and then installed in seconds with a single command.
    - Once you have installed applications, you can share those packages with others freely so they can merely take those packages and install them in a few seconds with a single command. It is however, preferred by most to use the SlackBuilds.org repository for #Slackbuild scripts to compile and install from source (it's a trust issue).
    - Slackware Linux is the oldest, extant Linux distro, and has maintained an aggressive, continuous development cycle since its initial public announcement on Usenet in 1993. The Slackware Team has also traditionally provided the longest running support for release versions over that of all Linux distributions (over a decade before EOL in many cases).

    I hope that helps, enjoy!

    #tallship @mozes #Slackware #FOSS #UNIX #ARM

    #foss #tallship #unix #slackware #slackware_linux #raspberry_pi
  5. tallship @[email protected] ·

    ## First steps towards Raspberry Pi5 support

    ### Stuart Winter's latest announcement on 05 Oct on the official Linux ARM port:

    Using the new SAIR (Slackware AArch64 Installer Respin) tool, I created a variant of the Slackware AArch64 Installer that uses the Raspberry Pi Kernel fork instead of the upstream Linus Torvalds kernel. To test it, I installed Slackware onto a Raspberry Pi 4, and it worked — a big milestone! 🎉 Why the Pi 4? Because I don’t yet have an RPi5, but this gives me a way to get the core pieces working now so that we’ll be ready to integrate full support for the Raspberry Pi 5 as soon as I can test on real hardware. This is just the beginning, but it’s an exciting step forward. Thanks so much for your support.

    If you're interested in a fully supported rolling distro for your production rPi home or office network you can track development following the Changelog HERE

    Installation guides and video tutorials for rPi4 installation (including a rather comprehensive hardware guide) are located HERE and complete instructions for installation on other popular product lines such as Pine64 as well can be found HERE.

    Stuart and Brent work hard at bringing the very leading edge of computing to the ARM architecture and #Slackware_Linux rides the cusp of that endeavor with their dedication and commitment to the single board computer market.

    For your next #Raspberry_Pi project, consider the simple yet sleek and performant stability that Slackware Linux has been famous for since it was first distributed around campus at Moorehead State University on floppy disks over 30 years ago, predating Debian, Redhat, and every other Linux distribution in the marketplace.

    As for me? Well, it says so in most of my profiles: "Slackware, OpenBSD, and a bit of a Debiantard." And that about sums it up for now!

    ### A bit on source based and rolling Linux distributions:

    - Slackware -current, like Debian testing, Gentoo, and Arch Linux, is a fully rolling Linux distribution. A single command provides complete system updates to the very latest in versioning of packages and ongoing, active development.
    - Unlike most other package based distributions, Slackware linux 'can be' a completely sourced based Linux distro, albeit a mostly inconvenient and rather redundant effort, since a single command can fetch and reinstall every single component of the base system (once initial installation of the machine has been completed), due to Slackware's uniquely historical, and simplistic methodology.
    - Almost all additional packages not already in the official Slackware installation, with exception of a few very large and intensive applications, are #source_based installs, also capable of being fetched, downloaded from the upstream developer source repos, compiled, packaged, and installed locally (including dependencies) - with a single command. Some packages such as Firefox, LibreOffice, etc., are so huge that trusted package repos are maintained so they can be downloaded, and then installed in seconds with a single command.
    - Once you have installed applications, you can share those packages with others freely so they can merely take those packages and install them in a few seconds with a single command. It is however, preferred by most to use the SlackBuilds.org repository for #Slackbuild scripts to compile and install from source (it's a trust issue).
    - Slackware Linux is the oldest, extant Linux distro, and has maintained an aggressive, continuous development cycle since its initial public announcement on Usenet in 1993. The Slackware Team has also traditionally provided the longest running support for release versions over that of all Linux distributions (over a decade before EOL in many cases).

    I hope that helps, enjoy!

    #tallship @mozes #Slackware #FOSS #UNIX #ARM

    #foss #tallship #unix #slackware #slackware_linux #raspberry_pi
  6. Doc Edward Morbius ⭕​ @[email protected] ·

    @leberschnitzel "Linux" is a large number of concepts, some common between a wide range of systems, some relatively specific. Fortunately the common stuff is ... more common, and much of the knowledge is highly durable (I cut my teeth about 40 years ago on BSD Unix, the information's served me well over the decades). Even old books can be quite useful, though there is some obsolete data.

    One of the best elementary Linux books for several decades has been Mark Sobell's Practical Guide. That's actually a series now, tuned to major distros, and there's an Ubuntu-specific edition. sobell.com/UB1/index.html

    O'Reilly & Associates ("ORA") was long the go-to for technical Unix/Linux books, and I'd recommend both UNIX Power Tools (1992, 2002) which though dated is one of the best introductions to the Unix philosophy and basic shell tools, and Linux in a Nutshell which is a very concise overview of major elements: oreilly.com/library/view/unix- and learning.oreilly.com/library/v. Both strongly emphasize terminal / command-line tools.

    For general systems-administration guidance, the Unix and Linux System Administration Handbook (a/k/a "Nemeth") remains highly useful, though again, somewhat dated. colorado.edu/coloradan/2018/12

    I'd also recommend a good book covering your principle shell. These days that's either Bash (the Bourne-Again SHell) or zsh (the "new hawtness"). ORA again has a good bash book: oreilly.com/library/view/learn. They've also got a good zsh guide: oreilly.com/library/view/learn. Other sources might include Sobell, No Starch Press (generally), and Prentice Hall (Sobell's publisher).

    There's a whole set of other references, more below.

    In general, "learning Linux" is about:

    • The GUI, for beginners. This is mostly self-explanatory, there are (as with everything else) numerous options, GNOME, KDE, and XFCE are the most popular contenders, with others often based on these, though there are numerous others.

    • The shell. Covered above (bash/zsh, and others). This is your principle command interface to the system and is both powerful, arcane, and evolving (I've learned and moved on through several shells over my career). Mastering the shell is a key success factor.

    • The editor. Numerous options, principle are emacs and vim, and I'd strongly recommend you learn at least one of these. Both are available on nearly all systems, including small embedded systems (e.g., modems, routers, Android devices, though often slimmed-down versions (often via Busybox, its own subject...).

    • Scripting languages. There are several, including not only the shell itself, but old-school options (sed, awk, Perl) and newer arrivals (Ruby, Python, Node.js, Lua, ...), and many others, often obscure and/or specialised. I really only use a few of these myself (sh/bash/sed/awk) and dabble in others (Perl, Python, Ruby), but these are quite powerful.

    • Packaging. The key distinguishing feature of various Linux systems is the packaging system used, defined by package format, interfaces, and philosophy. Ubuntu uses APT ("a package tool"), the DPKG format, and any of various front-ends. Others include RPM (Red Hat, Suse, and others, often under Yum or DNF), Portage (Gentoo), Slack (Slackware), Nix (NixOS), and more: en.wikipedia.org/wiki/Package_). Understanding your package manager and its philosophy, or lack thereof, is key to your Linux experience. Best Debian/Ubuntu book here is The Debian System by Martin F. Krafft, archive.org/details/debiansyst. Debian's own documentation is also excellent, see: debian.org/doc/. (Ubuntu largely follows Debian here, though you might want to check that project's own docs.)

    • Networking. I won't go into details, specifics vary more on what packages you have installed than on distros per se. But know the basics, as covered in texts above, deferring to your distro's quirks as necessary.

    • Kernel. I'm going to de-emphasize this relative to others' comments. Yes, the kernel does vary between versions, but ... in general, you will get by well with the stock kernel, and only need to muck with it as new versions come out or you find out specific device or network drivers/modules have issues or are needed. This is increasingly rare if you stick to widely-used hardware and features.

    • General administration. See the Nemeth and Sobell books for a general overview of topics, but storage, users, permissions, security, and other issues are key here.

    Debian (and Ubuntu) have the option to install and manage a huge set of documentation, including but not limited to manual ("man") pages, info documents, HOWTOs, RFCs, and many package-specific guides and manuals. Look for the "-doc" version of packages if you're seeking additional documentation. You can access and search this through a localhost Web interface by installing the dwww and swish2 packages. Point your browser at localhost/dwww/ for joy after doing this.

    I'll address specific questions on your other toots.

    #Linux #LinuxForBeginners #Books #LinuxBooks #LinuxDocumentation

    #linux #linuxforbeginners #books #linuxbooks #linuxdocumentation
  7. Lynnesbian :bune_ylw: @[email protected] ·
    CW: explanation of LFS and such, long, serious

    @CornishRepublicanArmy okay so

    what most people mean when they refer to linux is "an operating system based on the linux kernel", such as debian or arch or android (although android is Weird and Different so typically not that one). the linux kernel is at the core of an operating system like debian, just like the NT kernel is at the core of windows (if you open a command prompt and type "ver" it'll tell you what NT kernel you're running).

    unlike windows, anyone's allowed to use the linux kernel, as long as you follow the rules of its license. this includes you! you can build your very own linux-based operating system if you want to. however this is difficult for a number of reasons, from simple stuff like "what do i make the default text editor" to much more complex decisions about the underlying software. linux from scratch (LFS) is a guidebook which takes you through the process of creating your own linux-based operating system. it takes a while and involves a lot of complicated stuff, and the end result, in terms of user experience, is pretty inferior to an OS like debian or fedora, which both have large, committed teams working on them. you'll be in charge of a lot of the stuff that would normally be taken care of for you.

    the linux kernel is available in source form. this means that you're free to poke around and modify things as you see fit. you can even change the name to Lynneux! :blobcatsurprised:

    once you change (or don't change) the kernel, it needs to be translated from C and C++ and so on into machine code. this is done by using a compiler. later on in the LFS process, you'll need the compiler again, but you run into a problem - the compiler is in source code form. so you need to compile the compiler... on a computer that doesn't have a compiler. thankfully, you can work around this by using a version of the compiler that someone else has already compiled for you!

    the end result, after several hours or days is a very lightweight and "you" linux install. LFS isn't really the kind of thing you install if you want to get going straight away, in fact, it's the opposite. the guide is designed for people who want to know how linux works at a very low level - stuff like "what happens when i tell my computer to open a file?" for almost everyone else (including me!), you'll want something like ubuntu or debian, where others have done all that work for you.

    gentoo is kind of a halfway point between LFS and e.g. debian. you don't have to compile the kernel yourself, but you can't just run an installer and be done, either. installing gentoo teaches you some stuff about how linux works under the hood without being nearly as complicated, time consuming, or unsupported as LFS.

    and i guess i'll make this a #LynneTeachesTech post :p

    #lynneteachestech
  8. PointlessOne :loading: @[email protected] ·

    Can I …?

    ⚠️ This is a long post. If your client has issues with it try viewing it on the web.

    We all know and love Can I Use? And over the years I stumbled upon a few other useful tools with a Can I …? type of name. So I decided to see what's out there.

    So I downloaded all* zone files from ICANN, as one does. Found all the domains that start with cani and here's what I found.

    * Well, not exactly all. Some GTLD admins are a bit cagy or require too much data to get access. But I've got all the popular ones and then some.

    — Humorous, sarcastic

    Let's start with simpler ones. These are humorous or satirical. They're often completely static, too.

    Can I Trust Google?
    Can I Teach English?
    Can I Poo?
    Can I Shit Now?
    Can I Have a Pass? — I don't know who JR is but they seem to be unable to have a pass.
    Can I Go Visit Puerto Rico?
    Can I Fuck My Phone Yet? — I assume it's a static page and doesn't really track this specific event.
    canideploy.today/
    Can I Use a Purchased Email List?
    Can I Buy Your Username? — <rant> OK, let me tell you that I'm thoroughly unimpressed with this one. It's 3 characters with 2 colors. But it's built in Dart/Flutter and weights 2.5 MB. This page could've been smaller than this rant. </rant>
    Can I Have a Cappuccino?
    Can I Have Some Coffee?
    Can I @eldon?
    Can I Afford a Porsche?
    Can I Do It?
    Can I be a Developer?
    Can I Redeploy?
    Can I Stop Working?
    Can I Wear Yellow?

    — Simple tools

    These are simple tools that require very few inputs (sometimes none at all) and give a simple (or static) answer but are actually useful.

    CanITrack.online — check your browser fingerprint.
    Can I has :has?
    Can I Reach the Net? — if it loads, you can. Simple
    Can I Enjoy It? — tells you whether a product is made by a company with ties to Israel.
    Can I Dodge? — TBH, I don't know what this is. If you know, please tell me so I could update this post.
    Can I Discuss Pay?
    Can I Upgrade to Big Sur Today? — I'm not sure if this still works as expected.
    Can I Trust the Bible? — research of accuracy of different versions the Bible.
    Can I Still Win? — some sort of tournament outcome prediction but I don't know which one.
    Can I Snack? — spaced repetition for snacks.
    Can I Force You to Meditate? — introduction to meditation for those who like a challenge.
    Can I Dig to China? — actually, it's Where can I dig to from my backyard?
    Can I Put My Tree Up? — dates are hard. This one helps answering this specific question without having to consult a calendar.
    Can I call? — time zones are even harder than dates. This will tell you if it's an OK time for a call elsewhere on the planed.
    Can I Bring Wine? and Can I Bring Wine to the Bowl? — tells you if you can bring wine to the Hollywood Bowl on any specific date. Or maybe it's just whether there's a show there on that date, I don't know.
    Can I Blame It on Solarflares?
    Can I be Loud?
    Can I #ballotselfie? — this is for USA only. Apparently, every state has its own rules about ballot photos.
    Can I Afford? — the basics of financial responsibility.

    —— Outdoorsy tools

    Can I Ride? - tells you if canyons around Salt Lake City (USA) are open for bikes.
    Can I Kayak? - tells if Harpeth River (Bellevue, Tn, USA) is good for kayaking.
    Can I Get Under the Bridge? — it's unclear which bridge.
    Can I Bike Today? — again, unclear where but seems like somewhere in the USA.
    Can I BBQ? — activity-specific weather forecast.

    — Advanced tools

    These are tools that either require a lot of input, or provide more complex or exhaustive information.

    —— Dev tools

    Can I Use …? — of course.
    Can I Email …? — Can I Use for email.
    Can I WebView …? — Can I Use for WebViews.
    Can I Animate …? — what CSS properties can be animated.
    Can I Video? — tells you what video/audio formats/codecs are supported by your browser.
    Can I Watch Video? — despite the name give you much more information about features supported by your browser.
    Can I use: Notify — this app will notify you when a specific feature becomes available in specific browsers.
    Can I Stop? — I guess, this tells you whether you can stop supporting a specific browser.
    CanIA11y.com — this redirect to Accessibility Support but I'll allow it because domain starts with Can I and it's a cool tool.
    Can I read It? — how readable is your text?
    Can I DevTools? — what features are available in different browsers' Dev Tools.
    Can I PHP? — Can I Use for PHP features.
    Can I Use Node? — API compatibility table for different JS runtimes.
    Can I Depend on X Already? — compatibility tables for libraries and interpreters on Linux distributions. No Gentoo, though.
    Can I Log4j? — log4j exploitability index.

    —— Outdoors

    Can I Use a Hammock? — the tool to achieve maximum comfort.
    Can I Keep This Disc I Found? — I think this might be applicable to other stuff you find out there.
    Can I Have UKARA? — imitation firearms are regulated in the UK so require permits for airsoft matches.
    Can I Fly a Kite? — activity-specific weather forecast.
    Can I Fly? — planes are outdoors, right?

    —— TV

    Can I Skip It? — this is a neat idea. It tells you which episodes are essential and which you can skip in a show. Unfortunately, it only has a guide for X-Files. I guess, they don't film show the way they used to any more.
    Can I Has a Show plz? — give it three shows you like and it will recommend you another.
    Can I Binge? — tv show binge calculator.

    —— Games

    Can It Run Doom? — technically it's not Can I but it's too cool to skip. It's an extensive database of Doom running on things that are not a first-choice platform. There are challenges, too.
    Can It Game? — a big database of PC with a gaming slant.
    Can I Host a Minecraft Server? —probably outdated.
    Can I Play Ingress After 27 May? — checks if your phone can run Ingress.
    Can I Hit This? — DnD attack calculator. Initiative tracker as a bonus.
    Can I Win? — holdem poker odds calculator.

    —— Cars

    Can I Tow This? — towing calculator. I don't understand anything here but it seem like it might be USA-specific.
    Can I Afford a Car? — car calculator.
    Can I Afford? — can you afford a luxury vehicle like a Tesla Model Y or Porsche 911?

    —— Other tools

    Can I Text 911? — this is for the USA.
    Can I Tell My Boss to Fuck Off? and Can I Tell My Boss to Shove It? — these are basically the same. FIRE calculator, I guess.
    Can I Take This Class? — predict your chances of getting the classes you want at UIUC. Works (only) at every four year university in Champaign-Urbana, IL, USA.
    Can I Have Another Beer? — shows you closest bars on a map.
    Can I Compost It? — apparently composting is not as simple as one might think.
    Can I Airfry It? — airfying is at least as complex as composting.
    Can I be Yours ❤️? — generalisation of relationship establishment. Now you are not confined by the limitations of Tinder. With this you can find a boyfriend, a girlfriend, or even an enemy.
    Can I Send You an Email? — social networking the old school way.
    Can I be pwned? — no affiliataion to Have I been pwned?. Not sure how trustworthy this is.
    Can I Secure …? — a bunch of guide on how to be secure on the internet.
    Can I Publish This? — helps figuring out whether you can get in trouble for publishing stuff. USA-centric.
    Can I Jailbreak? — a succinct guide to iOS jailbreaking. A bit outdated.
    Can I Automate? — PC part picker for smart home stuff.

    #tools #tool #BeautifulWeb #BeautifulInternet

    #ballotselfie #tools #beautifulinternet #tool #beautifulweb
  9. Royce Williams @[email protected] ·
    CW: New multi-implementation DNSSEC validation DoS vulnerabilities - CVE-2023-50387 ("KeyTrap"), CVE-2023-50868 (NSEC3 vuln)

    (living doc, updated regularly - if you prefer a low-edit post to boost, use infosec.exchange/@tychotithonu)

    Looks like DNS-OARC coordinated fixes in advance, but no centralized analysis at first other than the announcement from the team who discovered KeyTrap:

    Details may be still partially embargoed until patching ramps up.

    Analysis:

    DoS of all major DNSSEC-validating DNS resolvers (servers, but also maybe local resolvers like systemd's?) at the implementation level. Exploitation described as 'trivial'. Both are CVSS 7.5. DNS is a rich ransom target - but some resolver setups don't even validate DNSSEC.

    "In 2012 the vulnerability made its way into the implementation requirements for DNSSEC validation, standards RFC 6781 and RFC 6840" (per ATHENE)

    Per the Unbound writeup, both vulns require query to a malicious zone (which is probably not hard to trigger, for any DNSSEC-enabled client or server).

    Resolution: patch (recommended); disable DNSSEC validation (discouraged, but can buy you time / mitigate active DoS)

    Fixes mitigate the exhaustion by putting caps on validation activities. These caps appear to have been missing from most implementations.

    Details:

    Two DNSSEC DoS CVEs:

    CVE-2023-50387 ("KeyTrap"): "DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers" (CVSS 7.5)
    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
    seclists.org/oss-sec/2024/q1/1

    (KeyTrap was discovered by ATHENE - their press release here has very important detail:
    athene-center.de/en/news/press)

    CVE-2023-50868: "NSEC3 closest encloser proof can exhaust CPU" (CVSS 7.5)
    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

    MITRE links (now populated):
    cve.mitre.org/cgi-bin/cvename.
    cve.mitre.org/cgi-bin/cvename.

    Vulmon queries:
    vulmon.com/searchpage?q=CVE-20
    vulmon.com/searchpage?q=CVE-20

    VulDB:
    vuldb.com/?id.253829

    Resolver status:

    BIND (patched - vuln since 2000?):
    fosstodon.org/@iscdotorg/11192
    kb.isc.org/docs/cve-2023-50387
    kb.isc.org/docs/cve-2023-50868
    seclists.org/oss-sec/2024/q1/1
    isc.org/blogs/2024-bind-securi
    (note: posts say "Versions prior to 9.11.37 were not assessed." but also have a range of affected versions starting at 9.0.0 - typo?)

    BIND tools:
    dig: no validation
    kdig: no validation
    delv: affected, patched

    dnsmasq (patched - 2.90 has fix):
    thekelleys.org.uk/dnsmasq/CHAN
    lists.thekelleys.org.uk/piperm

    Knot (patched in 5.7.1):
    knot-resolver.cz/2024-02-13-kn
    (kzonecheck also affected, patched?)

    ldns-verify-zone:
    affected per ATHENE paper

    OPNsense (patched):
    forum.opnsense.org/index.php?t

    pfSense:
    (Bundled Unbound: plan appears to be to make a separate package available for manual update?; BIND: optional package)
    forum.netgate.com/topic/186145
    redmine.pfsense.org/issues/152

    Pi-Hole (uses dnsmasq - patch available)
    patreon.com/posts/dnssec-fix-9
    pi-hole.net/blog/2024/02/13/fi

    PowerDNS (patched - all versions affected):
    blog.powerdns.com/2024/02/13/p
    github.com/PowerDNS/pdns/pull/
    github.com/PowerDNS/pdns/pull/
    seclists.org/oss-sec/2024/q1/1

    Stubby:
    [?]
    github.com/getdnsapi/stubby

    systemd.resolved:
    [?]

    Ubiquiti
    [?]

    Unbound (patched - vuln since Aug 2007):
    nlnetlabs.nl/news/2024/Feb/13/
    nlnetlabs.nl/downloads/unbound
    seclists.org/oss-sec/2024/q1/1

    Library status:*
    dnspython (GitHub patched):
    affected per ATHENE paper
    github.com/rthalley/dnspython/

    getdns (used by stubby - no patched release?):
    affected per ATHENE paper
    getdnsapi.net/releases/

    ldns (not yet patched?):
    affected per ATHENE paper
    github.com/NLnetLabs/ldns

    libunbound (used by Unbound):
    affected per ATHENE paper
    no recent patches?
    github.com/NLnetLabs/unbound/t

    Cloud status:

    Akamai:
    akamai.com/blog/security/dns-e

    Cloudflare:
    blog.cloudflare.com/remediatin

    Google DNS:
    (stated as patched in Register and SecurityWeek articles)
    [?]

    NextDNS (patched per forum reply):
    help.nextdns.io/t/h7yxwc5/does

    OS status:

    Debian:
    BIND:
    lists.debian.org/debian-securi
    pdns-recursor:
    lists.debian.org/debian-securi
    Unbound:
    lists.debian.org/debian-securi

    Fedora:
    bodhi.fedoraproject.org/update

    FreeBSD:
    cgit.freebsd.org/ports/commit/

    Gentoo:
    bugs.gentoo.org/show_bug.cgi?i

    Mageia:
    bugs.mageia.org/show_bug.cgi?i

    OpenBSD (unwind):

    Red Hat:
    bugzilla.redhat.com/show_bug.c
    access.redhat.com/security/cve
    access.redhat.com/security/cve

    SUSE:
    suse.com/security/cve/CVE-2023
    bugzilla.suse.com/show_bug.cgi

    Ubuntu:
    ubuntu.com/security/CVE-2023-5
    ubuntu.com/security/CVE-2023-5
    ubuntu.com/security/notices/US

    Windows (Server, DNS Role):
    msrc.microsoft.com/update-guid

    Package status:

    BIND:
    repology.org/project/bind/vers

    dnsmasq:
    repology.org/project/dnsmasq/v

    Unbound:
    repology.org/project/unbound/v

    GitHub:
    github.com/advisories/GHSA-845

    Go (Knot module?)
    github.com/golang/vulndb/issue

    Non-coverage: (no mentions known yet)

    AWS :
    [?]

    Azure (Microsoft Server DNS?):
    [?]

    Cisco Umbrella:
    umbrella.cisco.com/blog [?]

    CoreDNS:
    coredns.io/blog/ [?]

    Infoblox:
    blogs.infoblox.com/ [?]

    Quad9 DNS:
    quad9.net/news/blog/ [?]

    News/Press/Forums

    pducklin.com/2024/02/18/the-sc

    theregister.com/2024/02/13/dns

    securityweek.com/keytrap-dns-a

    bleepingcomputer.com/news/secu

    news.ycombinator.com/item?id=3

    darkreading.com/cloud-security

    Detection/Validation:

    Check to see if a server is doing DNSSEC validation (if not an open recursive resolver, you may need to query a zone the server is authoritative for):

    # zone signed, server DNSSEC-enabled:
    $ delv example.net @8.8.8.8
    ; fully validated
    example.net.            4437    IN      A       93.184.216.34
    example.net.            4437    IN      RRSIG   A 13 2 86400 20240225232039 20240204162038 18113 example.net. 94G2PRXins1G9ntfklvCq2mvcgqjB0z9FqQXp77lD/wXR4J3D67ceih1 yNgsYYqlIAOoWKXUekux6Zq9aIwszQ==

    # zone unsigned, server DNSSEC-enabled:
    $ delv google.com @8.8.8.8
    ; unsigned answer
    google.com.             100     IN      A       142.250.69.206

    Tenable:
    tenable.com/plugins/pipeline/i

    Snyk:
    security.snyk.io/vuln/SNYK-UNM

    Exploits:

    (multiple sources describe as "trivial")

    github.com/knqyf263/CVE-2023-5 (not tested)

    #keytrap #nsec3 #CVE202350387 #CVE202350868 #CVE_2023_50387 #CVE_2023_50868
    #dns #dnssec

    #keytrap #nsec3 #cve202350387 #cve202350868 #cve_2023_50387 #cve_2023_50868
  10. Josh :everything_bagel: @[email protected] ·

    I love this. #Linux #Gentoo #Hurd

    hackaday.com/2026/04/13/they-w

    #linux #gentoo #hurd
  11. arisut :gentoo: @alicef ·

    LPC 2025「Kernel Testing & Dependability」MC、タイムテ出た〜🧪✨
    12/12 15:00(JST)〜 KUnit×UAPI→kselftest拡張→内部関数/KVM fuzz→syzbot CI→Coccinelle→kdevops×GenAI→kci-dev→ベンチまで一気通貫🎯
    現地でもオンラインでも参加どうぞ

    lpc.events/event/19/sessions/2

    #lpc2025 #linux #kernel
  12. arisut :gentoo: @[email protected] ·

    LPC 2025「Kernel Testing & Dependability」MC、タイムテ出た〜🧪✨
    12/12 15:00(JST)〜 KUnit×UAPI→kselftest拡張→内部関数/KVM fuzz→syzbot CI→Coccinelle→kdevops×GenAI→kci-dev→ベンチまで一気通貫🎯
    現地でもオンラインでも参加どうぞ

    lpc.events/event/19/sessions/2

    #LPC2025 #Linux #Kernel

    #lpc2025 #linux #kernel
  13. arisut :gentoo: @[email protected] ·

    LPC 2025「Kernel Testing & Dependability」MC、タイムテ出た〜🧪✨
    12/12 15:00(JST)〜 KUnit×UAPI→kselftest拡張→内部関数/KVM fuzz→syzbot CI→Coccinelle→kdevops×GenAI→kci-dev→ベンチまで一気通貫🎯
    現地でもオンラインでも参加どうぞ

    lpc.events/event/19/sessions/2

    #LPC2025 #Linux #Kernel

    #kernel #linux #lpc2025
  14. arisut :gentoo: @[email protected] ·

    LPC 2025「Kernel Testing & Dependability」MC、タイムテ出た〜🧪✨
    12/12 15:00(JST)〜 KUnit×UAPI→kselftest拡張→内部関数/KVM fuzz→syzbot CI→Coccinelle→kdevops×GenAI→kci-dev→ベンチまで一気通貫🎯
    現地でもオンラインでも参加どうぞ

    lpc.events/event/19/sessions/2

    #LPC2025 #Linux #Kernel

    #lpc2025 #linux #kernel
  15. Eva Winterschön @[email protected] ·

    Quite a relaxing Saturday, though still productive. Early morning work on a private cloud architecture for Gentoo VM hosts with Rocky 8/9 VMs, then a very pleasant nap, followed by two hours at the pool for the first time in years, real D3 from the sun!

    Afternoon resumed a legacy effort to process RAW slide scans of old "Scala 200" and "Provia 400" photos from the 90s (always shot at 100 ISO, with exposure coefficient adjustment to get deeper contrast). So, yeah, here's late teenage me.

    #saturday #poolside #reading #photography #oldphotos #happiness

    #saturday #poolside #reading #photography #oldphotos #happiness
  16. mattst88 :gentoo: @mattst88 ·

    I've been on the lookout for faster RAM for my ES47 (mattst88.com/computers/es47/) for a few years.

    It takes ECC RDRAM in large quantities, which is not common because as far as I can tell it was only ever used by this system and by some early high-end Pentium 4s.

    The ES47 currently has 20x 1GB PC800 ECC RIMMs (16 GB effective), which allows the CPUs to run at 1150 MHz. With PC1066 the CPUs could run at 1300 MHz.

    But even 10x 1GB PC1066 ECC RIMMs would cost $300+ on today.

    #alphaserver #ebay
  17. ktanner :gentoo: :openbsd: @ktanner ·

    We tried Lobster Dogs lobster rolls last night. Very good. Expensive - but then everything is expensive nowadays. Can't speak for other locations, but this Portland-area food cart is worth tracking down. They move around a lot, but locations are usually posted at lobsterdogsfoodtruck.com/locat or on one of those other social media sites. Unfortunately, my son is now addicted to them.

    #pdx #food #lobster #foodcart
  18. Michał Górny :gentoo: @mgorny ·

    The platform labels on the train station in show a great example of how the station was evolving. They are, west to east:

    2 - 1 - 3a [station building] 3

    #jarocin #rail
  19. arisut :gentoo: @alicef ·

    Schedule’s out for Kernel Testing & Dependability @ LPC 2025 🧪✨
    Starts Dec 12, 3:00 PM JST. UAPI+KUnit → kselftests → fuzzing (incl. KVM) → syzbot CI → Coccinelle → kdevops×GenAI → kci-dev → benchmarking. Let’s meet there!

    lpc.events/event/19/sessions/2

    #lpc2025 #linux #kernel
  20. arisut :gentoo: 🎸 @[email protected] ·

    Schedule’s out for Kernel Testing & Dependability @ LPC 2025 🧪✨
    Starts Dec 12, 3:00 PM JST. UAPI+KUnit → kselftests → fuzzing (incl. KVM) → syzbot CI → Coccinelle → kdevops×GenAI → kci-dev → benchmarking. Let’s meet there!

    lpc.events/event/19/sessions/2

    #LPC2025 #Linux #Kernel

    #lpc2025 #linux #kernel
  21. arisut :gentoo: @[email protected] ·

    Schedule’s out for Kernel Testing & Dependability @ LPC 2025 🧪✨
    Starts Dec 12, 3:00 PM JST. UAPI+KUnit → kselftests → fuzzing (incl. KVM) → syzbot CI → Coccinelle → kdevops×GenAI → kci-dev → benchmarking. Let’s meet there!

    lpc.events/event/19/sessions/2

    #LPC2025 #Linux #Kernel

    #lpc2025 #linux #kernel
  22. arisut :gentoo: @[email protected] ·

    Schedule’s out for Kernel Testing & Dependability @ LPC 2025 🧪✨
    Starts Dec 12, 3:00 PM JST. UAPI+KUnit → kselftests → fuzzing (incl. KVM) → syzbot CI → Coccinelle → kdevops×GenAI → kci-dev → benchmarking. Let’s meet there!

    lpc.events/event/19/sessions/2

    #LPC2025 #Linux #Kernel

    #kernel #linux #lpc2025
  23. arisut :gentoo: @[email protected] ·

    Schedule’s out for Kernel Testing & Dependability @ LPC 2025 🧪✨
    Starts Dec 12, 3:00 PM JST. UAPI+KUnit → kselftests → fuzzing (incl. KVM) → syzbot CI → Coccinelle → kdevops×GenAI → kci-dev → benchmarking. Let’s meet there!

    lpc.events/event/19/sessions/2

    #LPC2025 #Linux #Kernel

    #lpc2025 #linux #kernel
  24. Michał Górny :gentoo: @mgorny ·

    After one more project got hit by refusing to accept normalized filenames, I've decided to openly state my opinion about the current situation. Maybe that changes anything.

    TL;DR: everyone agrees on the new standard but PyPI admin abuses their position to block it.

    discuss.python.org/t/change-in

    #pypi #pep625 #python
  25. Michał Górny :gentoo: @mgorny ·

    it is (thanks, @cybertailor).

    It looks like something the cat thrown up, it is completely unresponsive while updating feeds (if you touch it, it even stops showing progress) and has insane locale-dependant date formats.

    However, it doesn't need WebKit and after fighting its completely counter-intuitive way of resizing the headers (maybe that's a Qt thing) it finally shows me what I need and lets me do things more efficiently than did.

    #rssguard #liferea #rss
  26. Michał Górny :gentoo: @mgorny ·

    So apparently a project switched from meaningful versioning to but did not change the rules for SOVERSIONs. Does that mean that they break ABI for the first release every year?

    Perhaps they're making a resolution: "we won't break ABI this year".

    github.com/google/flatbuffers/

    #calver #opensource
  27. Michał Górny :gentoo: @mgorny ·

    Isn't it depressing that there are so many places that are technically within my reach via (by distance) but cannot be reasonably reached because they span across region boundaries and nobody cares to sync the trains?

    I mean, just take a look at . It feels as if every single train towards required at least 40 min wait for a change from .

    #train #zbaszynek #lubuskie #poznan #rail
  28. Michał Górny :gentoo: @mgorny ·

    I can understand that people need to own land and surround their homes with fences and walls to feel secure against all the people out to get them.

    However, I wish that the long series of new houses wouldn't cut off direct access to the , forcing everyone to take a 15-minute detour along a busy road. I mean, people tend to be going there to breathe fresh air, not exhaust fumes.

    #forest #nocar
  29. Eugene account has moved @[email protected] ·

    I'm daily using FreeBSD and Gentoo with "-systemd" global use flag, so I didn't closely watch to the latest news from the Linux world.

    But, really?! They removing text logs from /var/log?? I bet, at 2026 there will be binary database for configuration instead of text files in /etc/ and /usr/local/etc/ 😁

    messydesk.social/@robey/113689

    #Linux #FreeBSD #Gentoo #UnixPhilosophy

    #unixphilosophy #gentoo #freebsd #linux
  30. رویدادهای نرم‌افزار آزاد ایران @[email protected] ·

    #نشست_۲۰۱ #شیرازلاگ

    موضوع: هرآنچه درباره gentoo باید بدانید
    ارائه‌دهنده: امین خزاعی

    ✨حامی این جلسه: مجموعه دیاکو ✨
    💥 با رعایت پروتکل‌های بهداشتی و فاصله اجتماعی💥
    🗓 چهارشنبه ۱۲ خرداد ماه ۱۴۰۰
    🕔 ساعت ۱۹

    📣 برای کسب اطلاعات بیشتر به کانال شیرازلاگ @shirazlug بپیوندید.

    #شخصی‌سازی #لینوکس
    #configuration #gentoo #linux

    #linux #gentoo #configuration #لینوکس #شخصی‌سازی #شیرازلاگ
Next page