@agowa338@chaos.social
@agowa338@chaos.social avatar

agowa338

@agowa338@chaos.social

IT-Specialist with focus on Windows and task automation

  • currently studying computer science

This profile is from a federated server and may be incomplete. Browse more on the original instance.

filippo, to random
@filippo@abyssdomain.expert avatar

Strong agree that sudo is dogma, and logging in as root is just fine, actually.

I think @fanf is even more right about this than he claims.

For single-user workstations, who cares about administrative access. The only real security boundary is the TPM/SEP. really(8) without any further authentication would be just fine.

The flip side is that I don't actually care about sudo's complexity or security, because it's not protecting a security boundary I care about.

https://dotat.at/@/2024-05-02-sudo.html

agowa338,
@agowa338@chaos.social avatar

@filippo @fanf That's why for example alpine linux by default only provides "su" but not "sudo". And that's basically the same as "login as root".

However I'd like to push back on "the only real security boundary is the TPM/SEP" that's not true, you forget about dropping privileges (nobody/nogroup), sandboxing, and namespacing which esp. web browsers heavily rely on.

agowa338,
@agowa338@chaos.social avatar

@filippo @fanf True, but at that point TPM/SEP aren't necessarily security boundaries either. Everything can be bypassed if you use it incorrectly of if it has a security flaw. ;-)

agowa338,
@agowa338@chaos.social avatar

@filippo @fanf Well, which CPU do you have? Either you've a very old one or a very recent one with latest microcode update. Everything in between is vulnerable to at least one hardware flaw that would expose these secrets. Also you forget that I could just wait for you to use it and copy it then. I doubt you went the extra mile to have it stay within the TPM and not just one in ram that gets decrypted by the TPM...
(edit: also if you didn't generate it within the TPM it's exportable...)

agowa338,
@agowa338@chaos.social avatar

@filippo @fanf discrete TPMs were owned previously by snooping the LPC bus, weren't they? But at least you'd need physical access for that one...

netzpolitik_feed, to random German
@netzpolitik_feed@chaos.social avatar

Der Bundestag hat dem Gesetz zu Bezahlkarten zugestimmt. Sowohl die Regelungen als auch die Karten für Asylsuchende selbst wurden im Vorfeld viel kritisiert. Denn sie machen es denen noch schwerer, die sowieso schon wenig haben. https://netzpolitik.org/2024/auch-afd-stimmt-dafuer-bundestag-beschliesst-bezahlkartengesetz/

agowa338,
@agowa338@chaos.social avatar

@netzpolitik_feed Verstehe die Kritik nicht. Gibt doch schon seit längerem ähnliche Bezahlkarten für Arbeitnehmer weil die als Sachleistungen gelten und somit steuerlich besser gestellt sind als z.B. eine 50 Euro Gehaltserhöhung...

ordnung, to random
@ordnung@chaos.social avatar

Btw, reminder to our chaos.social inhabitants at — all of you can generate invites for your friends (at https://chaos.social/invites )

Also, we've dropped stickers at all sticker boxes we could find :rainbow_heart_eyes:

agowa338,
@agowa338@chaos.social avatar

@ordnung
@Bugspriet

Doesn't look like that link works. At least on Android using the chrome mobile browser it only shoes "You need to login or sign up before continuing." even though (as you csn see by me posting) even though I'm already logged in.

agowa338,
@agowa338@chaos.social avatar

@ordnung
Maybe it's something fedilab specific then. It tries to load in it's inapp browser. Maybe it spawns that link in an isolated context???

foone, to random
@foone@digipres.club avatar

I need a hacked/hackable Nintendo Switch, for the obvious reasons...

I need to explore why Wheel of Fortune (2017, Switch) has an image from an incest anime in it, and I can't figure it out in an emulator

agowa338,
@agowa338@chaos.social avatar

@foone I could sell you one, has no controllers, just the console alone. But you're probably able to get them on eBay for the same price...

foone, to random
@foone@digipres.club avatar

I tried to set up a caching HTTP library to avoid hitting the server too many times while doing my testing

and now I've hit the server several hundred times trying to debug why my caching library isn't working!

agowa338,
@agowa338@chaos.social avatar

@foone There's a plugin for Burp suite that'll do exactly this. That's probably way simpler if it is for testing only anyway...

nixCraft, to random
@nixCraft@mastodon.social avatar

BM built a new, state-of-the-art generative AI code model to transform legacy COBOL programs to enterprise Java with a high degree of naturalness in the generated code https://techcrunch.com/2023/08/22/ibm-taps-ai-to-translate-cobol-code-to-java/ There goes high paying COBOL dev jobs to /dev/null.

agowa338,
@agowa338@chaos.social avatar

@nixCraft No it doesn't, it misses the point of why people use COBOL that Java doesn't address.
Also, the cost of error is way greater than just paying a COBOL dev to change a few lines every few months to years...
No sane company would migrate a "if this goes down for more than 5 minutes per year, the company doesn't exist anymore" application from COBOL to Java and almost certainly not via automated AI (nobody to blame/sue)

agowa338,
@agowa338@chaos.social avatar

@nixCraft No, you missed the point. It's not "you don't want to piss off", it's almost always "You cannot afford to screw this up or you're gone". It's way easier to start a new bank from scratch with newly written software then to change something that already works (using COBOL) to something new, when you whole organization depens on it...

These COBOL applications are load bearing and they're the lifeblood of these organizations...

nixCraft, to debian
@nixCraft@mastodon.social avatar

😂

agowa338,
@agowa338@chaos.social avatar

@nixCraft The debian one needs to still be a toddler. Because of stability reasons the updates (growing up) was not yet introduced.

tazgetroete, to random German
@tazgetroete@mastodon.social avatar

Immer mehr junge Frauen ziehen sich XXL-Shirts über ihre Outfits. Quasi als Schutzmantel vor sexualisierten Blicken. Eine gute Idee? Eher nicht. https://taz.de/Tiktok-Trend-Subway-Shirt-fuer-Frauen/!5950216/

agowa338,
@agowa338@chaos.social avatar

@tazgetroete Hey ich habe da eine Idee, kuckt mal hier in meinem Shop:
https://pink-subway-shirt.shop.invalid/

Sorry, habe gerade keine Zeit und Lust für den kurzen Lacher einen ganzen fake online shop aufzusetzen. Aber ihr habt im letzten Satz halt eigentlich schon danach gebettelt dass es jemand tut...

nixCraft, to random
@nixCraft@mastodon.social avatar

You don't hate JIRA, you hate your manager
https://jarvispowered.com/you-dont-hate-jira-you-hate-your-manager/ Sometimes you hate both. LOL.

agowa338,
@agowa338@chaos.social avatar

@nixCraft Except you tried to work with its API, then you HATE JIRA...

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • thenastyranch
  • DreamBathrooms
  • khanakhh
  • magazineikmin
  • osvaldo12
  • Youngstown
  • Durango
  • slotface
  • everett
  • rosin
  • mdbf
  • kavyap
  • ngwrru68w68
  • megavids
  • cubers
  • InstantRegret
  • tacticalgear
  • GTA5RPClips
  • ethstaker
  • tester
  • cisconetworking
  • normalnudes
  • provamag3
  • modclub
  • anitta
  • Leos
  • lostlight
  • All magazines
    •