metiulekm

joined 1 year ago
sorted by: new top controversial old
Software and product repairs to be subject to product liability in the EU in c/technology@lemmy.world
[–] metiulekm@sh.itjust.works 2 points 1 month ago (1 children)

IANAL nor intelligent, but after skimming the text of the directive I felt like the definition of damage is very limited. In particular, if I understand correctly:

our business to lose this giant contract

would not be covered by this directive, this directive is only about a human being hurt in some way,

thousands of consumers left with bricked devices

would be covered in case of "your game installs a kernel-level anticheat and the anticheat breaks PCs", but not in the case of "you uploaded an upgrade to a firmware of the washing machine you produced and it bricked the machines"; the directive is not about a product breaking, but about the product breaking your health, other property or data,

my washing machine to eat my dog

is basically the exact case this directive covers.

Why is OpenSSL able to use a key file my user shouldn't have access to? in c/linux@lemmy.ml
[–] metiulekm@sh.itjust.works 12 points 3 months ago (1 children)

It seems OP wanted to pass the file name to -k, but this parameter takes the password itself and not a filename:

       -k password
           The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the -pass argument.

So, as I understand, the password would be not the first line of /etc/ssl/private/etcBackup.key, but the string /etc/ssl/private/etcBackup.key itself. It seems that -kfile /etc/ssl/private/etcBackup.key or -pass file:/etc/ssl/private/etcBackup.key is what OP wanted to use.

List of useful BTRFS tools in c/linux@lemmy.ml
[–] metiulekm@sh.itjust.works 5 points 5 months ago (1 children)

I like btdu which is essentially ncdu, but works in a way that is useful even if advanced btrfs features (CoW, compression etc.) are used.

sharing my simple wireguard kill-switch for Linux in c/linux@lemmy.ml
[–] metiulekm@sh.itjust.works 10 points 6 months ago (7 children)

I am afraid you are still a bit misled; WireGuard is exactly what they use for the demo video. In general the underlying protocol does not matter, since the vulnerability is about telling the system to direct the packages to the attacker, completely bypassing the VPN.

X.Org & XWayland Hit By Four Security Issues in c/linux@lemmy.ml
[–] metiulekm@sh.itjust.works 17 points 7 months ago (1 children)

My understanding is that all issues are patched in the mentioned releases, the config flag is not needed for that.

The config flag has been added because supporting clients with different endianness is undertested and most people will never use it. So if it is going to generate vulnerabilities, it makes sense to be able to disable it easily, and to disable it by default on next major release. Indeed XWayland had it disabled by default already, so only the fourth issue (ProcRenderAddGlyphs) is relevant there if that default is not changed.

Is anyone here using their hardware TPM chips for credentials? in c/linux@lemmy.ml
[–] metiulekm@sh.itjust.works 10 points 11 months ago (3 children)

The bootloader is stored unencrypted on your disk. Therefore it is trivial to modify, the other person just needs to power down your PC, take the hard drive out, mount it on their own PC and modify stuff. This is the Evil Maid attack the other person talked about.