Posts by gpshead@infosec.exchange
(DIR) Post #AQflVZqgzmni8RzKMK by gpshead@infosec.exchange
2022-12-14T11:20:33Z
0 likes, 0 repeats
@kfogel "a few terabytes" means just buy an SSD. Don't bother with RAID at all. Or buy three hard drives and consider something modern like zfs or btrfs instead of RAID.Buy an extra disk or ssd and use that for regular backups.RAID is not a backup.New to SSDs? Avoid any manufacturers lowest end. Those have very little to no "SLC" write cache and thus can be subject to pauses or stall for tens of seconds at a time under heavy write loads (most notable while you're migrating data over to them, or copying NN gigabyte disk images or video files around).
(DIR) Post #AQgjnFC8WJpsXXH6AK by gpshead@infosec.exchange
2022-12-16T19:16:29Z
0 likes, 0 repeats
@brettcannon @nedbat agreed. pathlib isn't missing things, it has things it should not. APIs that return another Path instance make sense. APIs that manipulate global process state or system state do not.
(DIR) Post #AR7Cg7cyCrVABXAJ1M by gpshead@infosec.exchange
2022-12-30T00:14:29Z
0 likes, 0 repeats
@lamp @GossiTheDog unlikely... many raid0 implementations are unoptimized for traditional filesystems on nvme and will hurt performance more than help.
(DIR) Post #ASSz0wBsN6jahYGBXM by gpshead@infosec.exchange
2023-02-08T10:16:08Z
0 likes, 0 repeats
@mjg59 this smells like System Management Mode. Which UEFI firmware should be doing, but I'd be surprised if it allowed loading other code into SMM.
(DIR) Post #ATgw9uBlMY2JixvyvQ by gpshead@infosec.exchange
2023-03-17T01:38:59Z
0 likes, 0 repeats
@simon Banning software from devices of people who may represent elevated access to things seems like a pretty normal security policy implementation to me.Imagination provides scenarios:Assume software is considered pwned by an adversary. Meaning they can include code and push updates, possibly targeted to only execute on certain people's devices. Despite best efforts, side channels and zero days on platforms always exist. Especially to resourced adversaries might spend an undisclosed one by deploying it if deemed worthwhile. The more information they have on networks of people the better they can plan targeting.Similarly, direct access to individual people with a tailored content feed is a manipulation side channel. Reduce the number of opportunities people have to see said feed, reduce the manipulation.
(DIR) Post #ATmfJxtVuJX5qBMvr6 by gpshead@infosec.exchange
2023-03-19T20:01:02Z
0 likes, 1 repeats
@simon People throughout history have mistaken the ability to speak or write well with possessing knowledge, logic, and reason. LLMs exploit this human animal fallacy.
(DIR) Post #ATy46wZ92Dygf8k0R6 by gpshead@infosec.exchange
2023-03-25T08:01:18Z
0 likes, 0 repeats
@mjg59 APUs have display hardware on die, does that _have_ to bypass the cache?... Regardless the bios starts entirely from cache and is responsible for configuring and initializing ram as one of its earlier tasks soo... just make your OS be Coreboot itself. And get creative with your own system design and abuse the memory controller configs to turn those hundreds of address and data lines into a huge pile of bitbanged HDMI ports! This is how you wind up on hackaday.
(DIR) Post #AUcOCEZNApFiaLAw0O by gpshead@infosec.exchange
2023-04-13T18:55:36Z
0 likes, 0 repeats
@lauren is that really true in the age of young people by default sharing too much information on too many social platforms?
(DIR) Post #AVleDf4XnpV0UDjyC0 by gpshead@infosec.exchange
2023-05-18T03:59:29Z
0 likes, 0 repeats
@lauren @mattblaze ... I wonder how bad the staffing crisis would be if that were implemented.