mjg59

mjg59, 10 months ago to random

Hitting Twitter with a Googlebot user agent now returns "Unverified web crawlers are not allowed"

mjg59, 10 months ago to random

Discovering that most of my students never experienced Windows ME is probably the thing that has made me feel oldest

mjg59, 10 months ago to random

Welcome to all the new users fleeing twitter! It's important to remember that the Fediverse (the correct term to describe what people frequently call "Mastodon") isn't Twitter and there are different social rules here. In order to avoid upsetting people who've been here for a while already, here's some guidance:

1. Become ungovernable
2. No snitching
3. Otherwise, do whatever the fuck you want

Hope that helps!

vorlon, 10 months ago to random

A lot of people seem to be upset about the kolektiva.social database compromise because the data was unencrypted on a disk. I think this displays a failure to understand how little effective encryption of data happens on servers.

The admin should have been using encryption on their local drives. They also shouldn't have had the data local where it could be caught up by an unrelated warrant.

But if the warrant had been for kolektiva.social itself, served against a cloud provider?

sil, 11 months ago to random

I never know what to do when adding subheading titles to an article.
<h1>Stuart's Food Guide</h1>
<h2>or, Pies I Have Known</h2>
<h3>by Stuart</h3>

but then what do I use for titles for each of the sections? <h1>? <h2>? <h3>? maybe <h4>?

Anyway, now I do know, because @SteveFaulkner has written https://www.tpgi.com/subheadings-subtitles-alternative-titles-and-taglines-in-html/ which Explains All This and it's good.

Short answer:
<hgroup>
<h1>Stuart's Food Guide</h1>
<p>or, Pies I Have Known</p>
<p>by Stuart</p>
</hgroup>

<h2>Section 1: Meat</h2>

mjg59, 11 months ago to random

Quiz! Why is it bad if a measured boot implementation allows you to use the attestation signing keys to sign arbitrary material?

mjg59, 11 months ago to random

Going to be presenting at the Linux Security Summit in Spain in September on a mechanism that lets you tie secrets to the TPM in a per-process mechanism that can even be tied into IMA, and which allows more nuanced outcomes than just using the kernel keyring.

mjg59, 11 months ago to random

Good morning today I am reverse engineering AMI's firmware update tool because of course I am

mjg59, 11 months ago to random

Oh come on Chrome, what format is this timestamp?

{"params":{"reason":"Network changed"},"phase":0,"source":{"id":3431991,"start_time":"722958226","type":7},"time":"723098223","type":107},

mjg59, 11 months ago to random

I know there are people reading this who work for major companies still advertising on Twitter (Apple, Google, and Amazon at least), so: two days before the SF Trans March, Elon is making it even more explicit that Twitter is a transphobic platform. You have the ability to influence the behaviour of your employers. Maybe do that?

mjg59, 11 months ago to random

When Chrome is complaining about err_network_changed how do I get it to tell me exactly what it believes changed about the network

mjg59, 11 months ago to random

and another thing: im not mad. please dont put in the newspaper that i got mad. (http://techrights.org/2023/06/20/code-of-conduct-is-censorship/)

mjg59, 11 months ago to random

"Why don't people use XMPP any more" well for me it's because Signal is just better on every axis I care about

mjg59, 11 months ago to random

Hot take: your desire to run your choice of OS on your work laptop does not trump my desire to ensure the safety of data belonging to our users

GossiTheDog, 11 months ago to Starfield

I remember being absolutely blown away by Frontier Elite II in 1993. It just gave you the keys to your own sandbox and let you make your own fun. I remember it being vast, daunting and required free thinking in terms of how to make money (eg ten year old me figuring out system economies and capitalism).

I hope Bethesda stick the landing with #Starfield and it does a similar thing for a new generation.

mjg59, 11 months ago to random

A friendly reminder that not setting the Runtime access flag on an EFI variable merely means it's not accessible via the runtime variable interfaces, not that the contents are secret in the face of someone simply dumping the contents of flash by hitting the SPI controller

mjg59, 11 months ago to random

Hey uh quick test do any of you have a system where /sys/firmware/efi/efivars/AMITSESetup-c811fa38-42c8-4579-a9bb-60e94eddfb34 exists and if so can you hexdump it, set an admin password in your firmware, hexdump it again and see if it changes? If it doesn't then that's good, if it does then that's bad. DO NOT POST THE HEXDUMP OUTPUT FOR THE LOVE OF GOD

mjg59, 11 months ago to random

Has anyone written a UEFI cracktro yet