Nutidens thinner eller GHB är lustgas. Det är en större klimatbov än bilar utropar ETC i en rubrik. Vilket naturligtvis är trams. I alla fall om vi pratar om lustgas som berusningsmedel. Visserligen är kväveoxider (som lustgas är) kraftiga växthusgaser, betydligt potentare än koldioxid.
Systemd Looking At A Future With More Varlink & Less D-Bus For IPC
Systemd Looking At A Future With More Varlink & Less D-Bus For IPC
Taking place this week in Berlin was systemd's annual 'All Systems Go' developer conferencewww.phoronix.com
like this
massive_bereavement and ShaunaTheDead like this.
reshared this
Tech Cyborg reshared this.
Ebba Busch åkallar djävulen. Kristdemokraternas partiledare Ebba Busch med ett förflutet i evangeliska kristna kretsar besökte ett bröllop fullt med med fascister och nazister. Jimmie Åkessons bröllop. Där poserade hon bland annat på en bild ihop med Marcus Öhrn, som är sångare i Åkessons band Bedårande barn. Han är bland annat dömd för narkotikabrott och grov rattfylla. Dessutom för sexuellt ofredande efter att antastat två tonårsflickor i en kö på Gröna Lund i Stockholm.
The CUPS explout is here: GitHub - RickdeJager/cupshax
I hope this goes without saying but please do not run this on machines you don't own.
The good news:
- the exploit seems to require user action
The bad news:
- Device Firewalls are ineffective against this
- if someone created a malicious printer on a local network like a library they could create serious issues
- it is hard to patch without breaking printing
- it is very easy to create printers that look legit
- even if you don't hit print the cups user agent can reveal lots of information. This may be blocked at the Firewall
TLDR: you should be careful hitting print
GitHub - RickdeJager/cupshax
Contribute to RickdeJager/cupshax development by creating an account on GitHub.GitHub
like this
NataliaTheDrowned2, echomap, KaRunChiy and ShaunaTheDead like this.
reshared this
Tech Cyborg reshared this.
I think this would likely be most troublesome on some of the OG internet users that got a whole freaking /8, /10, or /12 or something like AT&T or universities. Up until very recently, and possibly even to the present, these organizations had such large IPv4 space, that there was no need to do NAT, and each device had a publicly addressable IP.
There is currently no fix available
Edit: I'm mistaken
The questionable commit:
{
// Add the first line of localized text...
cupsFilePrintf(fp, "*%s.%s %s/", lang->language, ppd_option, ppd_choice);
while (*text && *text != '\n')
{
// Escape ":" and "<"...
if (*text == ':' || *text == '<')
cupsFilePrintf(fp, "<%02X>", *text);
else
cupsFilePutChar(fp, *text);
text ++;
}
cupsFilePuts(fp, ": \"\"\n");
}Can someone explain to me how this allows arbitrary code execution? As far as I can see, all it does iterate through a string and markup some special characters.
Edit: Okay, after reading the blog post, and this fantastic bug report, it sounds like to print to a CUPS server, you send it a message on port 631 using an IPP (some print protocol) server. CUPS then requests attributes of the IPP server, one of which being the print filter command to run ("Foomatic-rip") to use to convert a PS or PDF into native print code. By requesting attributes, an exploit involving string escaping through the use of unexpected spaces or quotes can override the Foomatic print command. Arbitrary text can be supplanted, which will then be executed by the CUPS server.
Discover RSS-Parrot: Your Fediverse-Friendly RSS Reader
Looking for a simple way to stay up-to-date with the latest news, blogs, and podcasts across the web and the fediverse? Check out RSS-Parrot, an easy-to-use RSS reader built with #Fediverse users in mind. Whether you're following your favorite Mastodon accounts or tracking blog updates, RSS-Parrot makes it effortless to manage your feeds in one place.
Key Features:
Fediverse Integration: Keep up with Mastodon, Lemmy, and other fediverse platforms via #RSS.
Streamlined Feed Management: Add, organize, and categorize your feeds from across the web and fediverse.
Customizable Layout: Adjust the reading view to suit your style for a more personalized experience.
Real-Time Updates: Get the latest content as it's published from your favorite sources, including fediverse-based communities.
Accessible Everywhere: Use it on any device with an internet connection for easy feed access on the go.
If you're part of the fediverse or just a fan of #RSSFeeds, give RSS-Parrot a try! It’s a great tool to keep your content organized and up-to-date across platforms.
RSS Parrot
Home of RSS Parrot, a free Fediverse service that lets you turn Mastodon into an RSS or Atom feed reader.rss-parrot.net
Having not yet used this service, I can't comment on the service itself. What I will say is that it sounds interesting, until I realized one VERY important detail.....
Content.
This service is designed to bring you all the content that you feed data locations to pull from. Ok, that's all well and good, but the problem is, there's such a lack of content on the fediverse that it's not overwhelming right now to just log into Lemmy, see the 3-10 replies per day. Log into Mastodon, realize you're following like 6 accounts and 5 of them are bots, with the 6th one barely posting.
This service is like a very useful water pump to pull water out of a body of water, and distribute it to a more convienent tank........and then you place it's input in the middle of the Nevada desert. Doesn't mean the water pump is faulty, or not expertly designed. Just means it needs water to pull from.
That seems to be my frustration with the fediverse. There are very few content CREATORS, who don't revolve around a few basic topics. Politics, Technology........and that's it. And yes, I'm lumping video games, linux, computers, all that into technology. If it's something you need a screen for, or connects to something with a screen, that's lumped into technology.
I mildly care about politics. Under normal circumstances I don't care at all. I usually say "let other people worry about it." But these last 8 years have been just a constant barrage of bullshit, that it becomes necissary to care, as everybody is going to get fucked over otherwise.
Technology I have moderate interest in. I wouldn't call it the most important thing to me, but I wouldn't say I have zero interest either.
But then what......
Sports talk among locals is practically non-existant here (except for the Baltimore Oriols, who have a surprisingly strong community).
There's a pro-wrestling community which seemingly has 4 active commentors, including mods, and 2-3 other people who pop in from time to time.
So I try to do my part to write at LEAST one entertaining post per day. Some days I write more. Most days I have half a dozen smaller bite size posts as little jokes or whatever. And then I try to post SOMETHING that people are going to disagree with. I feel like THIS post is that post for the day. Mostly because nobody likes to take responsibility for a community, and nobody likes being called out as being just a consumer, and not a producer of content.
And PeerTube is pathetic. Lemmy at least has some degree of variety. It's not much, but it tries. Peertube on the otherhand is "EVERYTHING IS A LINUX VIDEO!!! ONLY LINUX EXISTS ON THIS PLATFORM!!!"
I can't say I produce any video content, but with a linux only content platform, I can't say I even consume either. It's a service I want to like, but they make it so damned hard.
And Lemmy is easy to keep track of everything, and I run out of content usually within an hour. Even though I log in several times a day. It's like drinking water from a shotglass when you want a galllon.
So I don't see much use for this new thing. Not because it's not a well made product, again, I have no usage experience, but because the sources it's pulling from are barron dry.
GE-Proton9-15 Released
Hotfix build:
Proton:
- Updated wine to latest bleeding edge -- fixes regression in video playback from 9-14
- Updated dxvk to latest git -- fixes regression which causes black textures and stuttering on NVIDIA cards.
- Updated vkd3d-proton to latest git
- import upstream changes for lsteamclient
- update xalia to 0.4.4
Protonfixes:
- Remove deprecated workaround for Total War Rome 2
Drinking 3 cups of coffee linked to preventing multiple diseases
WASHINGTON — A new study suggests that your morning brew might be doing more than just perking you up — it could be protecting you from a range of serious heart conditions. Researchers working with the Endocrine Society have found that drinking a moderate amount of coffee is associated with a lower risk of developing multiple cardiometabolic diseases. In simpler terms, your daily cup of coffee (or three) might help ward off conditions like Type 2 diabetes, heart disease, and stroke.“Consuming three cups of coffee, or 200-300 mg caffeine, per day might help to reduce the risk of developing cardiometabolic multimorbidity in individuals without any cardiometabolic disease,” says Dr. Chaofu Ke, the lead author of the study from Suzhou Medical College in China, in a media release.
Source: studyfinds.org/3-cups-of-coffe…
like this
ShaunaTheDead likes this.
Mathematically it works out to half the ~~cancer~~ type 2 diabetes and stroke.
Edit: Fixed the disease
Direct link: academic.oup.com/jcem/advance-…
tl;dr: Cardiometabolic multimorbidity is the co-occurrence of two or three cardiometabolic diseases, including diabetes, heart disease, and stroke. This study found that habitual coffee or caffeine intake, especially at a moderate level, was associated with a lower risk of new-onset CM.
Seems like a bit of a reach. Habitual caffeine intake means that you won't get both diabetes and a stroke? I'm not convinced this is useful information.
like this
ignirtoq likes this.
like this
ignirtoq likes this.
like this
Chozo likes this.
like this
Chozo likes this.
A problem with the older studies that seemed to indicate that alcohol had health benefits was also that their control group, the people who didn’t drink, turned out largely not to do so because they already had severe medical problems. They weren’t allowed to drink because of them.
Compared to them it looked like the people who did drink were more healthy on average. So they concluded there must be health benefits to drinking alcohol.
This “Science VS” episode is about that (and has a bunch of citations in its transcript): gimletmedia.com/shows/science-…
Which would not be a great headline.
like this
Chozo likes this.
Yes yes, studies show this, studies show that. And they all contradict each other, especially if you just wait a few years for things to come full circle.
It's gotten to a point where I just don't believe them any more.
Maybe coffee does in some circumstances with some people have a link to preventing diseases. Or maybe not.
We've seen, and will continue to see, well researched scientific studies that argue both sides of this, until the end of history.
Believe whatever makes you feel better, that's all you can do, really.
And i can drink coffee and or sugary caffinated drinks right before i go to bed and be asleep in 10 minutes ad sleep like a rock, undisturbable by anything short of 4 alarms up to 12 hours later.
Sugar and caffeine actually make me sleepy.
But thats not how it is for everyone else.
Maybe. But i dont need to have caffeine in order to need multiple alarms to wake up.
I think it's more out of habit.
Like i said, caffeine makes me sleepy. Thats common amongst people with ADHD.
That's the journalists' fault. They have no business going through studies like this, that are not meant for them to make conclusions.
Believe whatever makes you feel better, that's all you can do, really.
Just stop spreading this bs, and stop reading news like these. Believe what accredited sources tell you, like your doctor or other professionals
DO whatever makes you feel better is not bad advice. Some of these studies have overarching trends that I do believe - caffeine and Adderall are protective to your brain, a little bit of speed keeps the brain healthy.
Alcohol and Benadryl are risky over time, so a habit of downers is detrimental to the brain over time.
Logically this makes sense. I think to some extent it's just metabolism/weight, staying lean is healthier all round but there does seem to be a pattern of results showing a habit of doing a little bit of stimulants is good for you.
Almost all science and logic in the history of the world is based on correlation. Discovering the causal link comes later, or more often than not never.
Your glib comment seems smart to people on the internet, but what it actually demonstrates is a complete lack of understand of both words.
Per day***
The headline makes it seem like it's per lifetime or something.
like this
fistac0rpse likes this.
Caffeine is toxic at around 10 grams, which is 80-100 cups of coffee. I'd you're defining "toxin" as triggering adverse effects at any dosage, then you need to include water, oxygen, and every other substance in existence.
Alcohol is a biological toxin at any dosage. I find that people who argue this point aren't doing it from an academic standpoint but to justify their own behavior.
Hm, didn't think of it that way.
I find that people who argue this point aren't doing it from an academic standpoint but to justify their own behavior.
I'm drinking maybe all 2 - 3 weeks a glass wine...
I was talking about toxins in general in reaction to yout toxin comment. I think it's logical to research the possibility of alcohol having some beneficial effects, the world is not black and white.
When it comes to studies of health risks/benefits of alcohol, they unfortunately seem to suffer from the same shortcomings as other health studies: lots of important factors are often ignored, like the type of alcoholic beverage consumed, lifestyle connected to the type or amount of alcohol, previous history of alcohol use... I can, of course, give you a link to a study that finds benefits to moderate alcohol use (although they are far from recomending it). Here's one example from 2023
Personally, I think alcohol probably does more damage than benefit even in moderate dosing, but the truth is we still don't really know and we need much more in-depth studies to find out.
I know you’re hair splitting but there are benefits to other elements in alcoholic beverages.
ncbi.nlm.nih.gov/pmc/articles/…
No need to get sour that occasionally recreational use crosses over into medical use. We don’t make these rules.
There's unsubstantiated and nonsensical assumptions in your comment starting with assuming that anyone who doesn't ingest alcohol does it to avoid exacerbating current health conditions, leading to those that drink moderately being healthier than those who don't drink. That's absurd.
I'll make an assumption of my own. A significant portion of your identify and social life is in "moderate" drinking and you're very keen to justify that as "healthy."
No it wasn’t that long ago
ncbi.nlm.nih.gov/pmc/articles/…
And it’s been cited in more recent blue zone study as well.
This isn’t a ticket for an alcoholic to go off drinking, they’d probably be best off still abstaining as the benefits would be obliterated by the negatives.
There's nothing wrong with polarization. Some things are clear cut enough to remain clear cut.
Let me put it differently, how much poop do you want in your drinking water?
Because I personally don’t want to eat 80 grapes. Besides the sugar content of 80 grapes is not healthy.
That's just wrong, sorry. Demonizing fruits is one of the most dangerous "health trends" on the face of the planet. Right up there with antivaxxers.
And, again you can eat leaves which don't have sugar and have lots of other great nutrients and fiber, while having less water volume.
No one is forcing you to drink it.
You just haven't encountered that kind of peer pressure yet.
“ You just haven’t encountered that kind of peer pressure yet.”
You invited yourself here.
“Demonizing fruit”
Fuck off troll.
than just perking you up
It doesn't, if you're a regular drinker. Rather, you get withdrawal symptoms at morning.
Considering that coffee is probably the highest source of antioxidants in a person's diet, there will be some health benefits. Just dont add dairy milk to it, or it will blunt absorption. Soy milk is fine.
But if you're an overweight, overworked, stress filled couch potato who doesn't exercise and eats poorly, then you're health is screwed regardless of how much coffee you drink 😂
You'd need to explore the topic in further detail, as I'm sure the answer is there.
It may be dose dependent, but it may also be that a "splash" of milk might not impair absorption by much, but would anyone use just a splash of milk?
I was curious about why all of the authors of a study from Oxford University seem to have Chinese names. I didn't find any of their names in a search of Oxford's staff, either.
I have no idea what this means, but maybe the study was actually conducted elsewhere using data from the UK? Maybe there are just a ton of graduate students from China at Oxford in their life sciences program? I'm not insinuating any sinister, it just seems odd and I was trying to understand why.
The study isn't from Oxford. It's from a team of Chinese scientists (likely in China) who used a large dataset collected in the UK.
The study is published in The Journal of Clinical Endocrinology & Metabolism, which the Oxford Academic collects and reproduces for their academic press.
Caffeine gives me brain-destroying headaches if I just drink a single cup a day for a month or two. Inevitably. I've tried to be a coffee drinker a half-dozen times in the past few years because I love the pep I get from caffeine, and every single time, eventually I end up slowly pacing in a dark, quiet room - because even sitting down makes the pain unbearable - wishing the world would end so my head would stop throbbing.
I guess I just wasn't drinking enough?
Israel’s assassination of Hasan Nasrallah, the secretary general of Hizballah, in an apocalyptic bombing attack on Beirut’s southern suburb on Friday is likely, at least in the short term, to cause enormous shock, despair and demoralization among supporters of the resistance to Zionism in Lebanon and across the region.
That is exactly what it is intended to do.
Confirmed by Hizballah on Saturday, Nasrallah’s killing comes after a series of tactical successes in the early stages of Israel’s unfolding full-scale attack on Lebanon, an open-ended assault that may well equal in barbarity Tel Aviv’s ongoing genocide in Gaza.
These are terrible and difficult thoughts to absorb after almost a year of genocide.
First there were the pager and walkie-talkie attacks, followed by a series of assassinations of Hizballah’s senior leaders, and now the head of the organization itself.
As Nasrallah himself admitted in his final speech, the organization suffered a severe blow with the pager attacks. Even worse was to come. Clearly there were serious breaches in security.
Nasrallah’s stature as a tactical and strategic thinker, as the most prominent and trusted leader of the Axis of Resistance, and as a personality capable of inspiring and reassuring supporters even in the worst of times, cannot be overstated.
The euphoria in Israel, Washington and some Arab capitals, will be exceeded only by the grief of Nasrallah’s supporters, who are far more numerous.
And there is no doubt that the loss is real and great from the perspective of a resistance that faces not only Israel’s formidable arsenal, but all the resources of the United States and the collective West.
Israel’s ability to carry out this series of attacks in quick succession will shake the confidence of many in Hizballah’s legendary prowess and operational security.
The attacks will go some way to restoring the prestige Tel Aviv has lost among its Western and Arab backers after a year of military failure in Gaza, and its failure to prevent the Hamas military offensive that wiped out the Gaza division of Israel’s army on 7 October 2023.
And although Hizballah has been hammering Israeli military assets and settlements in the north of historic Palestine with rockets, many in the region are asking why the resistance group’s response to Israel’s escalating aggression has not been harder and harsher – even as Israel intensifies its bombardment of civilians across Lebanon and within its capital.
Another question on many lips is why Iran, which vowed retaliation after Israel’s murder of Hamas leader Ismail Haniyeh in Tehran in July, has acted with such restraint. There is a growing perception that its lack of response only encouraged Israel’s ever more brazen violence.
“Shock and awe” is not victory
Amid the rapidly changing situation and the torrent of emotions after a year of livestreamed genocide in Gaza, now being extended by Israel to Lebanon, it is hard to maintain a long view. But doing so is essential for sound analysis.
It is worth remembering this: In almost any asymmetrical war, when the strongest side – the invader or colonizer – goes on the offensive, it often appears to achieve quick and stunning success.
Indeed “shock and awe” is the name of a Western, specifically American, military doctrine, developed in the 1990s and explicitly touted when the US invaded Iraq in 2003.
Also called “rapid dominance,” its aim is to demoralize and paralyze the adversary with the use of overwhelming and spectacular displays of violence.
The goal according to the doctrine’s authors, is to so “overload an adversary’s perceptions and understanding of events that the enemy would be incapable of resistance at the tactical and strategic levels.”
We’ve seen this time and again in recent decades and we’re witnessing it now.
Just weeks after the 11 September 2001 attacks, the United States attacked Afghanistan, quickly toppling the Taliban government under the pretext that it had sheltered Osama bin Laden.
American confidence following this swift apparent success undoubtedly spurred Washington to go on to its next project: the March 2003 invasion of Iraq.
With the government of Saddam Hussein quickly overthrown and American tanks in control of Baghdad, President George W. Bush gave his infamous “Mission Accomplished” speech on 1 May of that year – words that came to haunt him as the United States became bogged down in a war of attrition against resistance in both Afghanistan and Iraq.
These rapid victories, or so they appeared, sparked real fears at the time that the American forces would roll onwards towards Damascus and Tehran, or perhaps other “rogue states” on America’s hit list.
We know now, from the so-called Afghanistan Papers, that the warmongers in Washington recognized all along that they had lost the war, but lied to the American public for almost two decades that they were winning.
And when the American withdrawal from Afghanistan came in August 2021, the humiliating departure from Kabul airport was widely compared to the chaotic scenes of the defeated Americans evacuating in helicopters from the roof of the US embassy in Saigon, Vietnam.
With respect to Israel too, this pattern has been evident. When Israel invaded Lebanon in 1982 – an assault it dubbed “Operation Peace for Galilee” – its forces quickly swept north to Beirut, besieging and occupying an Arab capital for the first time in the Zionist settler state’s history.
Israel murdered tens of thousands of Lebanese and Palestinian civilians and expelled the Palestine Liberation Organization. But success, from Tel Aviv’s perspective, quickly turned to failure.
During a long occupation, resistance to Israel grew, especially from Hizballah, which did not even exist at the time of the Israeli invasion.
Hizballah and other resistance groups bled Israeli occupation forces for two decades in a grueling war of attrition, until Israel withdrew from occupied southern Lebanon in defeat in May 2000.
Even in the context of the American-backed Israeli genocide in Gaza, Israel’s constant professions that it has placed this or that part of Gaza under its total control, quickly crumble. The fact is that the resistance continues to fight in every part of Gaza.
So far every Israeli-American “day after” plan, in which a defeated Hamas would be replaced by an Arab-backed Palestinian collaborator force, has collapsed.
Distracting from an exhausted Israel’s ongoing failure in Gaza, is perhaps one of the factors spurring Israel to seek spectacular “success” in Lebanon.
Turning point
This sobering moment is a turning point in the long regional war for liberation from racist, Western-backed settler-colonial Zionism. But after a century of Zionism’s depredations and horrors, neither the people of Lebanon nor Palestine have surrendered, and there’s no reason to believe they will now.
On the contrary, after the initial shock, the determination of the resistance will only increase, and its circle will expand, as it has in every phase of the liberation struggle.
Nor does the assassination of Nasrallah, with American bombs and American warplanes, and perhaps other assistance from Washington, change the trajectory of the downward decline of US global power – the power on which Israel relies for its survival.
Let’s recall too that the Zionists have always used assassination as a primary tactic. However, their war is not against individual leaders, but against entire peoples whose determination cannot be so easily snuffed out.
Nasrallah himself assumed the leadership of Hizballah after Israel murdered his predecessor Abbas al-Musawi in 1992. Nasrallah grew the organization to unprecedented strength.
That strength is not based on the will of one individual, but on a base of support deeply committed to the cause and willing – as Nasrallah himself never failed to point out – to make enormous sacrifices on the road to liberation.
If the Israeli army has admitted Hamas cannot be destroyed because “Hamas is an idea, Hamas is a party,” then what about Hizballah?
What is most sobering is that the war to liberate Palestine and the region from Zionism will be no less brutal on the people of the region than the wars to liberate Algeria, Vietnam, South Africa and so many other places targeted by the Euro-American empire.
After all, the occupiers and colonizers are the same countries, and the genocidal hatred their ruling classes bear towards the people whose land and rights they seek to usurp has never dimmed.
Like others before him, Nasrallah gave his life on the road to liberate Palestine, and that struggle did not end today.
Ali Abunimah is executive director of The Electronic Intifada.
Source: Electronic Intifada
abolitionmedia.noblogs.org/pos…
#alAqsaFlood #hezbollah #lebanon #palestine #repression #westAsia
“On the night following Marcellus Khalifah Williams’s martyrdom at the hands of the state, we went to the walls of the Orleans Parish Prison along I-10 in New Orleans, under a waning crescent moon, and scrawled a message:
“America is a prison! Abolition now!”
To symbolize the extension of the genocidal, fascist carceral systems that permeate every facet of modern america, we wanted to remind commuters that fascism is not some looming specter on the horizon, but material reality right now for so many occupied communities. The orgy of surveillance, the disappearance of unhoused people in the lead-up to the Super Bowl, the social death of the poor as we struggle to afford basic necessities under an ongoing pandemic, the hollow spectacle of electoral politics.
The cages extend into schools, hospitals, mental health facilities, treatment centers, “low-income” housing, into the way we interact and police each other and ourselves.
We wish to remind people of the infinite possibilities for collective resistance against colonialism, of the world-making that continues ongoing in the face of fascism here in the US, in Palestine, and across the globe.
We remain vigilant in attending to Marcellus Khalifah Williams’s collective remembrance: his spirit lives on in our struggle and resistance.
As the genocide in Palestine rages on, we urge folks to escalate against the Zionist entities, and to reconfirm their commitments to decolonial struggles within their communities, collectives, affinity groups, etc.
Destroying Zionism, white supremacy, and capitalism is the only path toward liberatory modes of living, of being free.”
26 September 2024 – Anonymous communique – New Orleans:
The Popular Front for the Liberation of Palestine praises the proposal of the Johannesburg Municipality in South Africa to rename ‘Sandton Street,’ where the American consulate is located, to ‘Leila Khaled Street,’ in appreciation of the role of the Palestinian fighter and her symbolism in the course of the Palestinian struggle against occupation.
The Front considers this symbolic step to reflect an increasing global support for the cause of the Palestinian people, and it is part of efforts to strengthen international solidarity with the right of Palestinians to liberate themselves from occupation.
The Front affirms that this proposal expresses the spirit of struggle that connects oppressed peoples, especially in South Africa, which had an inspiring experience in the struggle against racial discrimination. This step also represents a new affirmation of the important and pressing role that South Africa plays in condemning the crimes of zionist genocide and supporting the legitimacy of our people’s struggle.
The Front also sees this step as a tribute to the struggle of Arab and Palestinian women, and the significant sacrifices they have made for the liberation of Palestine and the dignity and freedom of their people. This makes naming the street after Leila Khaled a symbol of those sacrifices and of women’s contributions to the liberation movement.
The Front calls for confronting the pressures of the zionist federation in South Africa, which rejects the step of naming the street on the grounds that ‘it ignores Johannesburg’s 2017 policy on street naming.
The Front also condemns the repeated attempts by this federation and zionist movements in South Africa to distort the image of the fighter Leila Khaled and to attempt to link her struggle to ‘terrorism,’ emphasizing that history will always bear witness that liberation movements, such as the Popular Front, have always been and will remain at the forefront of resistance to occupation.
The Front emphasizes the importance of continuing public pressure on the relevant authorities in South Africa to accomplish this symbolic step, and calls on everyone to participate in the public comment period that lasts until October 18.
Popular Front for the Liberation of Palestine
Central Media Department
September 27, 2024
like this
KaRunChiy, Rakenclaw and ShaunaTheDead like this.
reshared this
Tech Cyborg reshared this.
sweethome3d is specifically made for interior design.
You can make what ever you want in SketchUp.
like this
DaGeek247 likes this.
Good for you! Seriously!
For the rest of us, a few notes on how you accomplished this would be sha-weet! I think sketch up is the most approachable 3d program, but all my "post Windows" attempts have resulted in crashes and freezes. 😥
like this
DaGeek247 likes this.
- here is how I did it in order (you need a portable SketchUP2024 and latest version of visual c++ 64bit and 32bit)
- 1, install Lutris (not sure if it work with Bottles or plain wine but this is the only way I know works)
- 2, install Wine normally (sudo pacman -S wine) it should come with system 9.17 or higher
- 3, open Lutris and let it download dependencies
- 4, create a new "game" entry inside Lutris set Runner to system 9.17 and executable location to visual c++ and install it normally
- 5, if you try to run SU now (change location from visual c++ to SketchUP exe) it will crash to fix that you need to install a windows component inside winetrick (by click on the glass wine icon on the bottom>winetrick>Select the default wineprefix>install a Windows DLL or component>ucrtbase2019)
- 6, now you should be able to run it but you might see a black screen, to fix that you just have to restart the app a few time then you should be able to click on the check box and it take you to the home screen, it will crash the first time you open a template/model then you can just reopen it and can create a template just like normal
- 7, you're Golden
like this
DaGeek247 likes this.
like this
DaGeek247 likes this.
Autodesks hell in the cloud called fusion 360.
A real* CAD which is free for hobbyists**.
*If you use sketchup long enough, you know I’m right.
**With increasing restrictions and only win/mac compatibility.
Arch Linux and Valve Collaboration
We are excited to announce that Arch Linux is entering into a direct
collaboration with Valve. Valve is generously providing backing for two
critical projects that will have a huge impact on our distribution: a
build service infrastructure and a secure signing enclave. By supporting
work on a freelance basis for these topics, Valve enables us to work on
them without being limited solely by the free time of our volunteers.This opportunity allows us to address some of the biggest outstanding
challenges we have been facing for a while. The collaboration will
speed-up the progress that would otherwise take much longer for us to
achieve, and will ultimately unblock us from finally pursuing some of
our planned endeavors. We are incredibly grateful for Valve to make this
possible and for their explicit commitment to help and support Arch Linux.These projects will follow our usual development and consensus-building
workflows. [RFCs] will be created for any wide-ranging changes.
Discussions on this mailing list as well as issue, milestone and epic
planning in our GitLab will provide transparency and insight into the
work. We believe this collaboration will greatly benefit Arch Linux, and
are looking forward to share further development on this mailing list as
work progresses.
reshared this
Tech Cyborg reshared this.
Steam on Arch is still not supported.
Package signing is used to make sure you only get packages from sources you trust.
Every Linux distro does it and it's why if you add a new source for packages you get asked to accept a key signature.
For a long time, the keys used for signing were just files on disk, and you protected them by protecting the server they were on, but they were technically able to be stolen and used to sign malicious packages.
Some advanced in chip design and cost reductions later, we now have what is often called a "secure enclave", "trusted platform module", or a general provider for a non-exportable key.
It's a little chip that holds or manages a cryptographic key such that it can't (or is exceptionally difficult) to get the signing key off the chip or extract it, making it nearly impossible to steal the key without actually physically stealing the server, which is much easier to prevent by putting it in a room with doors, and impossible to do without detection, making a forged package vastly less likely.
There are services that exist that provide the infrastructure needed to do this, but they cost money and it takes time and money to build it into your system in a way that's reliable and doesn't lock you to a vendor if you ever need to switch for whatever reason.
So I believe this is valve picking up the bill to move archs package infrastructure security up to the top tier.
It was fine before, but that upgrade is expensive for a volunteer and donation based project and cheap for a high profile company that might legitimately be worried about their use of arch on physical hardware increasing the threat interest.
Depends on the vendor for the specifics. In general, they don't protect against an attacker who has gained persistent privileged access to the machine, only against theft.
Since the key either can't leave the tpm or is useless without it (some tpms have one key that it can never return, and will generate a new key and return it encrypted with it's internal key. This means you get protection but don't need to worry about storage on the chip), the attacker needs to remain undetected on the server as long as they want to use it, which is difficult for anyone less sophisticated than an advanced persistent threat.
The Apple system, to its credit, does a degree of user and application validation to use the keys. Generally good for security, but it makes it so if you want to share a key between users you probably won't be using the secure enclave.
Most of the trust checks end up being the tpm proving itself to the remote service that's checking the service. For example, when you use your phones biometrics to log into a website, part of that handshake is the tpm on the phone proving that it's made by a company to a spec validated by the standards to be secure in the way it's claiming.
acknowledgement??
Reflections on 2024 Linux Display Next Hackfest
Reflections on 2024 Linux Display Next Hackfest | Wen.onweb
Hey everyone!The 2024 Linux Display Nexthackfest concludedin May, and its outcomes continue to shape the Linux Display stack. Igaliahosted this year’s event ...melissawen.github.io
like this
ShaunaTheDead likes this.
Många vänsterpartister i Göteborg utreds för brott. Ett av argumenten för att ”pausa” (en omskrivning för suspendera) Kristofer Lundberg från sitt uppdrag som ordförande i Vänsterpartiet Angered är att han är föremåla för en brottsutredning. Det är så klart ett svepskäl. För det finns ju faktiskt fler vänsterpartister i Göteborg som är föremål för brottsutredningar. Minst 4 vänsterpartister har nämligen anmälts för brott av den liberale politikern Axel Darvik.
There are sane people with this many VMs on a personal machine, right? RIGHT?
Half of these exist because I was bored once.
The Windows 10 and MacOS ones are GPU passthrough enabled and what I occasionally use if I have to use a Windows or Mac application. Windows 7 is also GPU enabled, but is more a nostalgia thing than anything.
I think my PopOS VM was originally installed for fun, but I used it along with my Arch Linux, Debian 12 and Testing (I run Testing on host, but I wanted a fresh environment and was too lazy to spin up a Docker or chroot), Ubuntu 23.10 and Fedora to test various software builds and bugs, as I don't like touching normal Ubuntu unless I must.
The Windows Server 2022 one is one I recently spun up to mess with Windows Docker Containers (I have to port an app to Windows, and was looking at that for CI). That all become moot when I found out Github's CI doesn't support Windows Docker containers despite supporting Windows runners (The organization I'm doing it for uses Github, so I have to use it).
reshared this
Tech Cyborg reshared this.
I have probably a couple of more Linux/BSD VMs than here (with some with GPU passthrough and one or two for ARM crossbuilding and so on) but only 2 Windows VMs - the only 2 I have legitimate licenses for.
But am I normal? Most would disagree. 😅
10, plain 11, 7, and funny enough, Server 2022 are all legit licenses (I can get a key for server through my university). Actually, I'm pretty sure the 11 one, I upgraded a Windows 7 VM to 10, then to 11.
Every other Windows version that needs it (11 LTSC, 8.1, and Vista), I just temporarily host a phony KMS server whenever it needs to be reactivated.
I apologize for talking so much about Windows on a Linux sub. May Stallman break into my house and give me 10 lashes as I slumber.
I do have as many too at work.
I use one VM for each iteration of my automation software. Our factory has machines ranging from the 90s to present day, and they use different software environments to be programmed. In order to minimize the risk of data loss, we have one virtual machine with every software environment, that way if one gets corrupted, the damage is contained. It also makes them easier to export to new computers when we need to replace ours.
On the joke, define "sane". 😬
On a serious note, I think there are valid reasons to have several VMs other than "I was bored". In my case, for example, I have a total of 7 VMs, where 2 are miscellaneous systems to test things out, 2 are for stuff that I can't normally run on Linux, 2 are offline VMs for language dictionaries, and 1 is a BlissOS VM with Google programs in case I can't/don't want to use my phone.
I like to run a hypervisor host as just that, a hypervisor host. The host being stable is important, and also reduce attack surface by only having it as that.
An LXC per service is somewhat overkill. A docker host running on LXC could likely run all the docker containers.
Serious answer, I'm not sure why someone would run a VM to run just a container inside the VM, aside from the VM providing volumes (directories) to the VM. That said, VMs are perfectly capable of running containers, and can run multiple containers without issue. For work, our Gitlab instance has runners that are VMs that just run containers.
Fun answer, have you heard of Docker in Docker?
I have a real use case! I have a commercial server software that can run on Ubuntu or RHEL compatible distributions. My entire environment is Ubuntu. They also allow the server software to run in a docker container but the container must be running RHEL. Furthermore, their license terms require me to build the docker container myself to accept the EULA and the docker image must be built on RHEL! So I have an LXC container running Rocky Linux that gets docker installed for the purpose of building RHEL (Core is 8) imaged docker containers. It’s a total mess but it works! You must configure nested security because this doesn’t work by default.
Instructions here: ubuntu.com/tutorials/how-to-ru…
LXC is much more light weight than VMs, so it's not as much overhead. I've done it this way in case I need to reboot a container (or something goes wrong with an update) without disrupting the other services
Also keeps it consistent since I have some services that don't run in docker. One service per LXC
I wouldn't call that terribly efficient.
I would do 2-3 VMs with docker and maybe a network share
I have about twice this many VMs and about this many running at any given time.
I use Qubes btw
Its my only computer. I couldn't go back to anything else. Every time I double click Firefox, it opens a new VM. When I close Firefox, the VM is destroyed.
Email is in a separate VM. Email attachments also open in a disposable VM. USB devices are quarantined unless I connect them to a specific VM. Its a game changer.
Cons: I need as much ram as I used to need when I ran Windows. Watching videos is a bit choppy at full screen sometimes. And I can't play any video games.
Sounds like some pretty serious cons
Out of curiosity why do you like qubes? Having everything in a VM doesn't sound that great to me
I get that the main concern of it is security but what do you do that it demands that level of hardening? I've only ever got one virus in my life that I know of as it is and that was on windows
Lol wut? Those pros far outweigh the cons. But I guess I don't care about video games?
I have money on my computer, and I have a company that has customer info. That's enough of a reason for me to want to protect my shit better than running one big, super-vulnerable system
Fwiw I had to tinker a bit to get good video playback, Fedora was always choppy for me for some reason but debian is typically smooth with hw accel disabled.
As for the gaming, depending on your setup (I have a desktop and T480 I keep in sync) you can absolutely run two video cards and do PCI passthrough on one to a gaming VM. I have mine set up with a dedicated NIC and USB card and just use a KVM to swap between Qubes and Windows (for now) and it's worked really well. Had to play around a ton to get the full speed out of the GPU though and it only seemed to work in windows so hopefully get that going for a Linux hvm one day.
Absolutely agree there is no going back, I have all of my work stuff entirely hardware agnostic and a full on replica of my work desktop ready to go in a moment should the desktop die. Apart from that keeping client work isolated has been such a game changer.
I use Debian. Like I said, video is only sometimes choppy. I usually have a few vlc windows open at one time. Something I've learned is that it will use a lot of CPU even if the video is paused. To stop it, I have to manually set the video source to "none" when I pause a video and leave it in the BG.
Or just pause the whole VM. Another great Qubes feature
Something I've learned is that it will use a lot of CPU even if the video is paused.
this has been my experience with it on windows too, so it must be a core VLC thing. if it bothers you, I recommend you to try out MPV. been using it for more than a year, would never go back. If you need more than the on screen controller and key combos, there are quite a few proper GUI players being built on MPV.
like this
HeerlijkeDrop likes this.
Well I do but I have a machine with 3/4 of a terabyte of memory on it.
Work scraps are great sometimes.
How are you running the MacOS VMs. The machine I have is a cheese grater so that makes it easier.
I found a prebuilt OpenCore for KVM. github.com/thenickdude/KVM-Ope…
I then changed the config.plist to make it think it was a 2019 Mac Pro.
On the cheesegrater(2019 MacPro) it’s a little convoluted. During covid times it was my single box lab since it had so much memory (768TB). So I was running nested ESXI hosts and then VMs under that. I also have a M1 MacBook Pro that I had parallels run ARM VMs (mostly MacOS, Windows, and a couple of Debian installs I think).
I have been looking at VMWare alternatives at work so for the hypervisors I’ve been playing around.
I do this stuff for a living but I also do it home for fun and profit. Ok not so much profit. Ok no profit but definitely for the fun. And because I love large electric bills.
That’s a beast of a Mac. Wake on lan is your friend. I have the same problem with my Threadripper. I wrote a script that issues a WOL command to either start/unsuspend my Ubuntu machine so I can turn it off when not in use. It’s probably $70/month difference for me. Most of my virtualization is on Linux but I’ve moved away from VM Ware because QEMU/KVM has worked so well for me. You should check out UTM on the Mac App Store and see if that solves any of your problems.
ETA: mac.getutm.app/
I did this with Qubes a year ago and haven't had any issues apart from figuring out the right flags to get the full performance, otherwise the GPU would cap around 30% under load with low CPU load.
Kind of at the mercy of what your motherboard and bios will allow, mine I had to cheese a little and disable the PCI device on boot so I get to decrypt my disk with no screen lol but it works!
I have two Windows VMs. One for work and presentations. One for games and Adobe. A bunch of random Linux VMs trying to get a FireWire card to work and a Windows 7 VM for the same reason. I’ve also for several Linux VMs trying out new versions of Fedora, Ubuntu, or Debian. A couple servers. Almost none of them are ever turned on because my real virtualized workloads run in docker or LXC! I never could get Mac VM to work but I have an AMD CPU and a MacBook so not too high priority.
Interesting enough, there is a project that I've found that runs Windows in a Docker container as a VM.
I run a Windows 10 LTSC that way to run things like Blue Iris for my security cameras, and some stuff to track my solar installation.
If I could get vbox to work* on my laptop or find the drive to learn QEMU, then I would have plenty on there. For now I'm just stuck with plenty on my desktop running win10.
*I have installed it a few times on my Debian based distro, but I swear every time I do nothing to it and it destroys itself. Works fine one day, then the next I turn on my laptop, after the only changes being that I created and ran a VM and it decided to hate me and not even boot the program. I think I'm just cursed.
- Windows ME
- Glorious Leader's Red Star OS
- Temple OS
- Don't use an operating system - sacrifice all your your time to studying the ways of the mighty Zarthadonatoxator instead. All hail Zarthadonatoxator! Zarthadonatoxator is the only true way!
I think this VM is still on Sonoma, actually. I still need to upgrade.
I can't remember exactly what I did to get an installer image, but there's a million shell scripts online for downloading macOS installer images. For booting it, I use this premade OpenCore for KVM/Proxmox. I have to check if I made other modifications (I run on an AMD CPU), but I think I mainly just had to set the serial and model - I personally used a 2019 Mac Pro.
dd if=whatchamacallit.dmg of=whatchamacallit.img. I think you can get a net install image through macrecovery, which is a utility included with OpenCore packages.
Ytterligare en present till de gängkriminella. Regeringen har beslutat att anonyma vittnen ska införas. Det har enligt all forskning ingen som helst betydelse vad det gäller brottsbekämpning. Det minskar inte brottsligheten alls men innebär en kraftig minskning av rättssäkerheten. Och det används i allmänhet inte i de länder där det finns.
Bitcoinhandel var inte olaglig. Svea hovrätt har ändrat Västmanlands tingsrätts dom gällande ett fall med bitcoinhandel. En man, Linus Dunkers, dömdes för grovt skattebrott i tingsrätten. Detta då han haft inkomster från bland annat köp och försäljning av kryptovaluta men inte tagit upp detta i sin inkomstdeklaration. Enligt hovrätten hade mannen inte något uppsåt vilket krävs för straffansvar.
This week in KDE Plasma: converging 6.2
This week in Plasma: converging 6.2
The core Plasma team remains deep in bug-fixing mode until Plasma 6.2.1, with lots of bugs fixed this week! This is the second-to-last week of development before the repos are frozen, and we’…Adventures in Linux and KDE
like this
ShaunaTheDead likes this.
reshared this
Tech Cyborg reshared this.
MediaTek Chipsets Zero-Click Vulnerability Detected by Researchers, Can Affect Routers and Smartphones | Technology News
MediaTek Chipsets Zero-Click Vulnerability Detected by Researchers, Can Affect Routers and Smartphones
MediaTek chipsets are reportedly carrying a critical vulnerability which might make it easy for hackers to exploit remote code execution (RCS) attackers.Siddharth Suvarna (Gadgets 360)
like this
ShaunaTheDead, KaRunChiy and stack like this.
reshared this
Tech Cyborg reshared this.
Original blog post. That website has too much JavaScript
N0x0n
in reply to petsoi • • •Someone a short ELI ? I read the article and the comments... But I have no idea what this is about.
Maybe someone has an article that explains for someone not being educated as computer scientist ?
Brahvim Bhaktvatsal
in reply to N0x0n • • •DBus is a system-wide messaging system. It's for stuff like notifications and system-wide events, ...or so do I think. But the aim is to allow all programs, running system-wide, to announce anything for others programs to react to.
This post requests people to use Varlink instead.
This is similar to the PulseAudio versus Pipewire and X11 versus Wayland situations.
umbrella
in reply to Brahvim Bhaktvatsal • • •ijhoo
in reply to umbrella • • •The main reason is that Dbus is not available during early stages of boot. There are many others.
Varlink seems to be better or the same compared to dbus in all except two things:
- json doesn't handle 64bit integers, it handles 52bit (or 54bit?) (size of mantissa for floats)
- you cannot (yet) list all things connected to the bus
Details here:
media.ccc.de/v/all-systems-go-…
N0x0n
in reply to Brahvim Bhaktvatsal • • •Thank you :)) ! I have the same question as @umbrella if your have any other insights to share !
Brahvim Bhaktvatsal
in reply to N0x0n • • •I'm unfortunately not aware.
What I do know is that D-Bus (and not "DBus") apparently doesn't work with MIME types directly. I may have been misinformed here - but this is some information I have received.
Essentially, the data sent cannot be assigned a type or format.
On the web, all data sent by a server has a MIME type ("
text/html", "image/png", "video/mp4").Android's system for inter-process ("running program") communication, intents, does include.
...Even Windows does, with its whatever complicated APIs.
D-Bus doesn't, so Tuxes too, don't. ...Yet.
D-Bus is apparently also not secure enough. Probably not as bad as X11, but not good enough.
So far, KDE and GNOME have had their own " wrapper" systems to allow using D-Bus through a layer of their code to cover little inconveniences like this.
ReversalHatchery
in reply to N0x0n • • •Lussy [any, hy/hym]
in reply to petsoi • • •PushButton
in reply to petsoi • • •The only argument I see in favour of varlink is the ease of debugging, and this should never being an argument in a technical decision.
When your stuff is running in "prod", your " ease of debugging" is thrown away, but the system continue to suffer.
Json for IPC is a terrible idea.
jbk
in reply to PushButton • • •nyan
in reply to petsoi • • •Snarwin
in reply to nyan • • •namingthingsiseasy
in reply to Snarwin • • •This has always been the whole point behind the Trojan Horse that is systemd. Now that Poettering/Red Hat control the entire userspace across virtually all distros, he/they can use it as a vehicle to force all of them to adopt whatever bullshit
he thinks of next.
This is what the Linux ecosystem gave away when they tossed their simple init system to adopt the admittedly convenient solution that is systemd. But in reality, the best solution was always to drop
init, and instead replace it with an alternative that was still simple to replace if the need should arise. But now that everyone is stuck on systemd, they're all at the mercy of Poettering's Next Stupid Idea.Convenience comes at a price. systemd is the Google Chrome of Linux userspace. Get out while you can.
Iapar
in reply to namingthingsiseasy • • •winterayars
in reply to petsoi • • •