1. 6

    TLDR: The laptop was not tampered with.

    Still a good read though :-)

    1. 16

      That he knows of.

      1. 5

        It’s impossible to prove… :)

        1. 5

          For sure haha. One can do better than he did, though.

          For one, he can block evil maid style attacks very cheaply. I’ve done plenty of tamper-evident schemes for that stuff. You can at least know if they opened the case. From there, one can use analog/RF profiling of the devices to detect chip substitutions. It requires specialist, time-consuming skills or occasional help of a specialist to give you black box method plus steps to follow for device they already profiled.

          The typical recommendation I gave, though, was to buy a new laptop in-country and clear/sell it before you leave. This avoids risks at border crossings where they can legally search or might sabotage devices. Your actual data is retrievable over a VPN after you put Linux/BSD on that sucker. Alternatively, you use it as a thin client for a real system but latencies could be too much for that.

          So, there’s a few ideas for folks looking into solving this problem.

          1. 3

            This (and the original article) are a techno solutions to a techno problem that doesn’t really exist.

            If you’re a journo doing this, they will look at your visa and say, you claim to be a journalist, but you have no laptop, we don’t believe you, entry denied.

            I’m pretty sure even a very open country like NZ will do this to you. (If you claim not to be a journalist and start behaving as one, again, violating your visa conditions (ie working not visiting, out you go).

            As to spying on what you have on an encrypted drive….. rubber hose code breaking sorts that out pretty quick.

            I grew up in the Very Bad Old days and tend to have a very dim view of the technical abilities, patience and human kindness of the average spook.

            1. 2

              I got the idea from people doing it. They werent journalists, though. The other thing people did which might address that problem is take boring laptops with them. They have either nothing interesting or some misinformation. Nothing secret happens on it during trip. Might even use it for non-critical stuff like youtube just so its different when they scan it on return.

      2. 5

        TLDR: The laptop was not tampered with in a way he’s foreseen.

        To just say the laptop was not tampered with is missing his point completely.

      1. 4

        It only supports GET requests and it is hardcoded to forward incoming DNS requests to 127.0.0.1:53. This means you need to have a DNS server running on the machine where you run this service.

        Hey, for a moment I thought this makes no sense. But of course this is to be run on a server, not all on localhost 🤦‍

        Neat side project!

        1. 3

          I fixed that! Current version does POST too now.

        1. 4

          I was surprised to hear they were advertising there in the first place…

          Would be nice if they would take it one step further and block all things FB by default unless you explicitly browse to facebook.com yourself.

          1. 2

            Pretty sure that Tracking Protection already kills Like buttons.

          1. 10

            All good reasons, IMO. But it fails to mention any of the well-known problems with C, which would have prevented many vulnerabilities in SQLite. So it reads like they’re just trying to justify their choice, rather than an honest assessment of C. I don’t know what the intention or purpose of this page is, though. And to be fair, I would probably have made the same choice in 2000.

            1. 40

              I don’t know what the intention or purpose of this page is

              Probably to stop people asking why it’s not written in Rust.

              1. 14

                Since it mentions Java but not Go or Rust, I suspect it’s an older page.

                1. 25

                  That’s the beauty of C, it refutes all future languages without having to be recompiled.

                  1. 1

                    It mentions Swift, too.

                      1. 1

                        Yeah, looking at the parent page, it appears it showed up sometime in 2017. I was mislead by the mention of Java as an alternative, because I think it’s rather obviously unsuited for this job.

                  2. 4

                    I tried finding a list of vulnerabilities in SQLite and only this page gave current info. Now, I’m unfamiliar with CVE stats so I don’t know if 15 CVE’s in 8 years is more than average for a project with the codebase and use of SQLite.

                    1. 7

                      […] I don’t know if 15 CVE’s in 8 years is more than average for a project with the codebase and use of SQLite.

                      I don’t know either! I looked at the same page before writing my comment, and found plenty of things that don’t happen in memory-safe languages. There were fewer entries than I expected, but also some of them have descriptions like “Multiple buffer overflows […],” so the number of severe bugs seems to be higher than the number of CVEs.

                      1. 7

                        The 4 in 2009 appear to have been in some web app that used SQLite, not SQLite itself.

                        1. 4

                          The security community generally considers CVE counts a bad mechanism to argue about the security of a project, for the following reasons:

                          Security research (and thus vulnerability discovery) are driven by incentives like popularity, impact and monetary gain. This makes some software more attractive to attack, which increases the amount of bugs discovered, regardless of the security properties of the codebase. It’s also hard to find another project to compare with.

                          (But if I were to join this game, I’d say 15 in 8 years is not a lot ;))

                        2. 1

                          15 vulnerabilities of various levels in the past 10 years.

                          https://www.cvedetails.com/vendor/9237/Sqlite.html

                          How does that compare to other products or even similar complicated libraries?

                        1. 3

                          This looks great. Is this library being written to be part of some large application?

                          1. 8

                            I’ve written ZeroMQ and nanomsg once. This is part of my years-long project to make writing such applications tractable. And by that I mean being able to write them without falling into either callback hell or state machine hell.

                            1. 2

                              On that topic, what is the status of Nanomsg? Is libdill your main focus, or do you grow these projects in parallel? I’ve watched this projects without using them in practice, but I really like the approach of trying to find the right abstractions and patterns for expressive and efficient network programming.

                              1. 1

                                Banal question; libdill? why not just use go?

                            1. 1

                              As a developer who moved from Linux to the macOS platform, this made me think about how many non-native apps I use as replacements for the Apple version. The obvious ones I’m thinking of:

                              • Alfred instead of Spotlight
                              • iTerm2 instead of Terminal
                              • Dropbox instead of iCloud
                              • Chrome instead of Safari
                              • Gmail instead of Mail
                              • Google Maps instead of Maps
                              • VLC instead of iMovie
                              • Spotify instead of iTunes
                              • Signal instead of Messages

                              &c. This surely isn’t a good trend for Apple to allow to continue.

                              1. 13

                                That’s not what’s meant by “native” in this case. Alfred, iTerm, Dropbox, Chrome, and VLC are native. Spotify is Electron, and I’m not sure about Signal. I’m guessing it’s probably a native app that does most of its UI in a WebView.

                                1. 5

                                  Signal for Desktops is Electron.

                                  1. 2

                                    As it might be useful to describe what is meant by native, it means something on a spectrum between “using the platform-supplied libraries and UI widgets”, i.e. Cocoa and “not a wrapped browser or Electron app”, so it’s not clear whether an application using the Qt framework would be considered “native”. It could be delivered through the App Store and subject to the sandbox restrictions, so fits the bill for a “native” app in the original post, but it would also not be using the native platform features which are presumably seen as Apple’s competitive advantage for the purpose of the same post.

                                    1. 2

                                      I’d call QT native. It doesn’t use the native widgets, but then neither do most applications that are available on multiple platforms.

                                      1. 2

                                        It may be native, but it’s not Mac-native in the sense Gruber was talking about. You will find that all three uses of “native” in his article appear as “native Cocoa apps” or “native Mac apps”. He is talking about a quite specific sense of native: apps that integrate seamlessly with all of the MacOS UI conventions (services, system-wide text substitutions, native emoji picker, drag & drop behaviours, proxy icons, and a myriad more). Qt apps do not.

                                  2. 5

                                    Why is it not a good trend? You are still using a Mac .. they sold you the hardware. Should they care about what apps you run?

                                    1. 3

                                      Apps with good experiences that aren’t available on other platforms keep users around. Third-party iOS apps do a better job of moving iPhones than anything else Apple does, because people who already have a pile of iOS apps they use generally buy new iPhones.

                                      Electron is just the latest in a long series of cross-platform app toolkits, and it has the same problems that every other one has had: look & feel, perceived inefficiency, and for the OS vendor, doesn’t provide a moat.

                                      1. 1

                                        Counterpoint, their apps have always been limited and really for people who weren’t willing to learn and use more robust tooling. I mean how many professionals use iMovie.

                                        1. 1

                                          iMovie is a good example. I’m guessing a lot of us prefer VLC.

                                      2. 1

                                        It’s good for the end user but not a good trend for their business model, part of which is to have best-in-class apps. Don’t get me wrong, I like having choice and I think they shouldn’t force you into their own app ecosystem.

                                    1. 6

                                      I think the faulty assumption is that the happiness of users and developers is more important to the corporate bottom line than full control over the ecosystem.

                                      Linux distributions have shown for a decade that providing a system for reliable software distribution while retaining full user control works very well.

                                      Both Microsoft and Apple kept the first part, but dropped the second part. Allowing users to install software not sanctioned by them is a legacy feature that is removed – slowly to not cause too much uproar from users.

                                      Compare it to the time when Windows started “phoning home” with XP … today it’s completely accepted that it happens. The same thing will happen with software distributed outside of Microsoft’s/Apple’s sanctioned channels. (It indeed has already happened on their mobile OSes.)

                                      1. 8

                                        As a long-time Linux user and believer in the four freedoms, I find it hard to accept that Linux distributions demonstrate “providing a system for reliable software distribution while retaining full user control works very well”. Linux distros seems to work well for enthusiasts and places with dedicated support staff, but we are still at least a century away from the year of Linux on the desktop. Even many developers (who probably have some overlap with the enthusiast community) have chosen Macs with unreliable software distribution like Homebrew and incomplete user control.

                                        1. 2

                                          I agree with you that Linux is still far away from the year of Linux on the desktop, but I think it is not related to the way Linux deals with software distribution.

                                          There are other, bigger issues with Linux that need to be addressed.

                                          In the end, the biggest impact on adoption would be some game studios releasing their AAA title as a Linux-exclusive. That’s highly unlikely, but I think it illustrates well that many of the factors of Linux’ success on the desktop hinge on external factors which are outside of the control of users and contributors.

                                          1. 2

                                            All the devs I know that use mac use linux in some virtualisation options instead of homebrew for work. Obviously thats not scientific study by any means.

                                            1. 8

                                              I’ll be your counter example. Homebrew is a great system, it’s not unreliable at all. I run everything on my Mac when I can, which is pretty much everything except commercial Linux-only vendor software. It all works just as well, and sometimes better, so why bother with the overhead and inconvenience of a VM? Seriously, why would you do that? It’s nonsense.

                                              1. 4

                                                Maybe a VM makes sense if you have very specific wishes. But really, macOS is an excellent UNIX and for most development you won’t notice much difference. Think Go, Java, Python, Ruby work. Millions of developers probably write on macOS and deploy on Linux. I’ve been doing this for a long time and ‘oh this needs a Linux specific exception’ is a rarity.

                                                1. 4

                                                  you won’t notice much difference.

                                                  Some time ago I was very surprised that hfs is not case sensitive (by default). Due to a bad letter-case in an import my script would fail on linux (production), but worked on mac. Took me about 30 minutes to figure this out :)

                                                  1. 3

                                                    You can make a case sensitive code partition. And now with APFS, partitions are continuously variable size so you won’t have to deal with choosing how much goes to code vs system.

                                                    1. 1

                                                      A case sensitive HFS+ slice on a disk image file is a good solution too.

                                                    2. 2

                                                      Have fun checking out a git repo that has Foo and foo in it :)

                                                      1. 2

                                                        It was bad when microsoft did it in VB, and it’s bad when apple does it in their filesystem lol.

                                                    3. 2

                                                      Yeah definitely. And I’ve found that accommodating two platforms where necessary makes my projects more robust and forces me to hard code less stuff. E.g. using pkg-config instead of yolocoding path literals into the build. When we switched Linux distros at work, all the packages that worked on MacOS and Linux worked great, and the Linux only ones all had to be fixed for the new distro. 🙄

                                                    4. 2

                                                      I did it for awhile because I dislike the Mac UI a lot but needed to run it for some work things. Running in a full screen VM wasn’t that bad. Running native is better, but virtualization is pretty first class at this point. It was actually convenient in a few ways too. I had to give my mac in for repair at one point, so I just copied the VM to a new machine and I was ready to run in minutes.

                                                      1. 3

                                                        I use an Apple computer as my home machine, and the native Mac app I use is Terminal. That’s it. All other apps are non-Apple and cross-platform.

                                                        That said, MacOS does a lot of nice things. For example, if you try to unmount a drive, it will tell you what application is still using it so you can unmount it. Windows (10) still can’t do that, you have to look in the Event viewer(!) to find the error message.

                                                        1. 3

                                                          In case it’s unclear, non-Native means webapps, not software that doesn’t come preinstalled on your Mac.

                                                          1. 3

                                                            It is actually pretty unclear what non-Native here really means. The original HN post is about sandboxed apps (distributed through the App Store) vs non-sandboxed apps distributed via a developer’s own website.

                                                            Even Gruber doesn’t mention actual non-Native apps until the very last sentence. He just talks/quotes about sandboxing.

                                                            1. 3

                                                              The second sentence of the quoted paragraph says:

                                                              Cocoa-based Mac apps are rapidly being eaten by web apps and Electron pseudo-desktop apps.

                                                        2. 1

                                                          full-screen VM high-five

                                                        3. 1

                                                          To have environment closer to production I guess (or maybe ease of installation, dunno never used homebrew). I don’t have to use mac anymore so I run pure distro, but everyone else I know uses virtualisation or containers on their macs.

                                                          1. 3

                                                            Homebrew is really really really easy. I actually like it over a lot of Linux package managers because it first class supports building the software with different flags. And it has binaries for the default flag set for fast installs. Installing a package on Linux with alternate build flags sucks hard in anything except portage (Gentoo), and portage is way less usable than brew. It also supports having multiple versions of packages installed, kind of half way to what nix does. And unlike Debian/CentOS it doesn’t have opinions about what should be “in the distro,” it just has up to date packages for everything and lets you pick your own philosophy.

                                                            The only thing that sucks is OpenSSL ever since Apple removed it from MacOS. Brew packages handle it just fine, but the python package system is blatantly garbage and doesn’t handle it well at all. You sometimes have to pip install with CFLAGS set, or with a package specific env var because python is trash and doesn’t standardize any of this.

                                                            But even on Linux using python sucks ass, so it’s not a huge disadvantage.

                                                            1. 1

                                                              Installing a package on Linux with alternate build flags sucks hard in anything except portage

                                                              You mention nix in the following sentence, but installing packages with different flags is also something nix does well!

                                                              1. 1

                                                                Yes true, but I don’t want to use NixOS even a little bit. I’m thinking more vs mainstream distro package managers.

                                                              2. 1

                                                                For all its ease, homebrew only works properly if used by a single user who is also an administrator who only ever installs software through homebrew. And then “works properly” means “install software in a global location as the current user”.

                                                                1. 1

                                                                  by a single user who is also an administrator

                                                                  So like a laptop owner?

                                                                  1. 1

                                                                    A laptop owner who hasn’t heard that it’s good practice to not have admin privileges on their regular account, maybe.

                                                                2. 1

                                                                  But even on Linux using python sucks ass, so it’s not a huge disadvantage.

                                                                  Can you elaborate more on this? You create a virtualenv and go from there, everything works.

                                                                  1. 2

                                                                    It used to be worse, when mainstream distros would have either 2.4 or 2.6/2.7 and there wasn’t a lot you could do about it. Now if you’re on python 2, pretty much everyone is 2.6/2.7. Because python 2 isn’t being updated. Joy. Ruby has rvm and other tools to install different ruby versions. Java has a tarball distribution that’s easy to run in place. But with python you’re stuck with whatever your distro has pretty much.

                                                                    And virtualenvs suck ass. Bundler, maven / gradle, etc. all install packages globally and let you exec against arbitrary environments directly (bundle exec, mvn exec, gradle run), without messing with activating and deactivating virtualenvs. Node installs all it’s modules locally to a directory by default but at least it automatically picks those up. I know there are janky shell hacks to make virtualenvs automatically activate and deactivate with your current working directory, but come on. Janky shell hacks.

                                                                    That and pip just sucks. Whenever I have python dependency issues, I just blow away my venv and rebuild it from scratch. The virtualenv melting pot of files that pip dumps into one directory just blatantly breaks a lot of the time. They’re basically write once. Meanwhile every gem version has it’s own directory so you can cleanly add, update, and remove gems.

                                                                    Basically the ruby, java, node, etc. all have tooling actually designed to author and deploy real applications. Python never got there for some reason, and still has a ton of second rate trash. The scientific community doesn’t even bother, they use distributions like Anaconda. And Linux distros that depend on python packages handle the dependencies independently in their native package formats. Ruby gets that too, but the native packages are just… gems. And again, since gems are version binned, you can still install different versions of that gem for your own use without breaking anything. Python there is no way to avoid fucking up the system packages without using virtualenvs exclusively.

                                                                    1. 1

                                                                      But with python you’re stuck with whatever your distro has pretty much.

                                                                      I’m afraid you are mistaken, not only distros ship with 2.7 and 3.5 at same time (for years now) it is usually trivial to install newer version.

                                                                      let you exec against arbitrary environments directly (bundle exec, mvn exec, gradle run), without messing with activating and deactivating virtualenvs

                                                                      You can also execute from virtualenvs directly.

                                                                      Whenever I have python dependency issues, I just blow away my venv and rebuild it from scratch.

                                                                      I’m not sure how to comment on that :-)

                                                                      1. 1

                                                                        it is usually trivial to install newer version

                                                                        Not my experience? How?

                                                                        1. 1

                                                                          Usually you have packages for all python versions available in some repository.

                                                          2. 2

                                                            Have they chosen Macs or have they been issued Macs? If I were setting up my development environment today I’d love to go back to Linux, but my employers keep giving me Macs.

                                                            1. 3

                                                              Ask for a Linux laptop. We provide both.

                                                              I personally keep going Mac because I want things like wifi, decent power management, and not having to carefully construct a house of cards special snowflake desktop environment to get a useable workspace.

                                                              If I used a desktop computer with statically affixed monitors and an Ethernet connection, I’d consider Linux. But Macs are still the premier Linux laptop.

                                                              1. 1

                                                                At my work place every employee is given a Linux desktop and they have to do a special request to get a Mac or Windows laptop (Which would be in addition to their Linux desktop).

                                                            2. 3

                                                              Let’s be clear though, what this author is advocating is much much worse from an individual liberty perspective than what Microsoft does today.

                                                              1. 4

                                                                Do you remember when we all thought Microsoft were evil for bundling their browser and media player? Those were good times.

                                                            1. 3

                                                              What are your favorite videos?

                                                              1. [Comment removed by author]

                                                                1. 7

                                                                  Are you saying you’d stop using Firefox because of default “sponsored content” in New Tab?

                                                                  It’s pretty easy to turn that off, just like all the other New Tab content. The article even links detailed instructions.

                                                                  Or is it a matter of principle for you? How do you suppose Mozilla should make money?

                                                                  1. 5

                                                                    It is not “sponsored content” - that concept does not exist in Firefox. Nobody is paying Mozilla to show specific content on New Tab.

                                                                    1. [Comment removed by author]

                                                                      1. 2

                                                                        There are no ads in Firefox. Why did you think there are?

                                                                        1. 4

                                                                          There absolutely are—or were until fairly recently—ads in unfilled tiles on the new tab page. Here’s an example support forum thread asking how to get rid of them.

                                                                          1. 4

                                                                            That was two years ago and that feature was completely dropped.

                                                                      2. 2

                                                                        How do you suppose Mozilla should make money?

                                                                        Should Mozilla make money? Should one of the most important applications in modern-day computing be produced by a company that is incentivized to produce a profit?

                                                                        1. 6

                                                                          Mozilla corp is not incentivized to produce a profit, it is quite openly their goal to “just” keep the lights on. But that already needs quite a bit of cash. That’s a huge difference.

                                                                          Mozilla corp is for-profit, as for certain legal reasons, producing software is not 501(c)3 compatible. It’s a very usual setup.

                                                                          Yes, Mozilla should make money. Otherwise, they’d shut down.

                                                                          1. 2

                                                                            Mozilla is a non-profit, so no, they don’t have to make money. But the people who work for Mozilla don’t work for free. You can’t build a product like Firefox purely on volunteers, so Mozilla should at least be able to pay their workforce.

                                                                            They can’t keep up with the rest of the world and provide a quality, free software alternative browser without money.

                                                                            If you think the work Mozilla does is valuable (I do!) and feel like they should stay away from alternative monetization methods (I do!), you should consider donating to Mozilla so that they don’t have to find other ways of funding development.

                                                                        2. 3

                                                                          Does it have to be libre? If not, Vivaldi is an excellent web browser that believes in making easy things easy and customization easy. It’s the spiritual successor to Opera 12, which was the pinnacle of browser experiences.

                                                                          1. 3

                                                                            what do you mean? they even have prebuilt images for all major platforms. On MacOS, you can install it from Homebrew as well (brew cask install qutebrowser).

                                                                            1. 1

                                                                              What do you do about plugins? I miss a few plugins from Chrome when I tried out qutebrowser, primarily my RSS feed monitoring one as well as my usenet one.

                                                                              The other big one I miss is Join, but that’s sort of a separate thing in terms of how “encompassing” it is.

                                                                              1. 1

                                                                                I just installed qutebrowser too. That is just brilliant. Thanks for linking - I remember stories coming about it before but never made the effort to try it out, but now I can see it becoming pretty regular.

                                                                              1. 1

                                                                                In 2018 there is no excuse to not use HTTPs. Period.

                                                                                1. 2

                                                                                  How about to install the list of certificate authorities to trust and ntpd so you can get the right time (both needed for https)?

                                                                                1. 16

                                                                                  If folks actually read this story Firefox is working pretty hard to make this a non invasive, non privacy compromising feature change, and they’re also opening themselves up for public comment.

                                                                                  Consider voicing your objections rather than simply jumping ship. Having a viable open source option is important for the web ecosystem IMO.

                                                                                  1. 15

                                                                                    If folks actually read this story Firefox is working pretty hard to make this a non invasive, non privacy compromising feature change, and they’re also opening themselves up for public comment.

                                                                                    i just want a freaking browser engine with the possibility of enhancements via extensions. i don’t want to turn off magick features. i just want a browser which displays websites. the new firefox engine is really great, but i fear that now they slowly fill firefox with crappy features until its slow again.

                                                                                    1. 3

                                                                                      What happens on the “New Tab page has zero effect on page load times. If you don’t like what the New Tab page looks like, customize it. Some of your options are:

                                                                                      • set it to blank
                                                                                      • install an extension that takes over
                                                                                      • customize the current experience

                                                                                      For the last option, click the little gear icon in the top right and you should see this https://imgur.com/a/1p47a where you can turn off any section that you don’t like.

                                                                                      1. 7

                                                                                        yes, i know. i still don’t want these features shipped and active by default. if i want pocket, i could install it as extension. heck, i wouldn’t mind if they said “hey, we have this great extension named pocket, care to try it out?” on their default new page, with a link to install it. but not shipped by default.

                                                                                        1. 4

                                                                                          What happens on the “New Tab page has zero effect on page load times.

                                                                                          I don’t care so much about page load times; sites which care are already fast (e.g. no JS BS), whilst those which don’t will soon bloat up to offset any increase in browser performance.

                                                                                          My main complaints with Pocket/Hello/Looking Glass/pdf.js/etc. are code bloat, install size, added complexity, attack surface, etc.

                                                                                          1. 1

                                                                                            You can’t do that on mobile.

                                                                                      1. 1

                                                                                        Firefox for iOS.

                                                                                        1. 1

                                                                                          Can anyone comment on the stability of this board? It has a pretty good price. Is anyone running BSD or Linux on it?

                                                                                          1. 3

                                                                                            I am still working on rendering performance in my Apple ][ emulator. I need to get things fast enough so that it will run at a decent speed on a Raspberry Pi Zero.

                                                                                            This is a side project. Mostly evening and weekend hacking.

                                                                                            https://github.com/st3fan/ewm

                                                                                            1. 3

                                                                                              Bitwise operations in Lua are a bit of a pain unfortunately. I will probably introduce a more convenient API to access 16 bit values.

                                                                                              Maybe you could just update to Lua 5.3, which has bitwise operators.

                                                                                              I am curious why you went with 5.2 in the first place. Maybe in prevision for LuaJIT?

                                                                                              1. 3

                                                                                                For what it’s worth, LuaJIT includes the Lua BitOp module. BitOp is also available as a standard C module for Lua 5.1/5.2, so you can get a consistent API and semantics across both implementations. I have only used it very briefly, but it seems to be working rather well.

                                                                                                1. 4

                                                                                                  It is the same kind of API as bit32, unfortunately. The advantage of operators is that instead of this:

                                                                                                  v = bit32.bor(cpu.memory[0xfffc], bit32.lshift(cpu.memory[0xfffd], 8))
                                                                                                  

                                                                                                  you write this:

                                                                                                  v = cpu.memory[0xfffc] | cpu.memory[0xfffd] << 8
                                                                                                  
                                                                                                  1. 2

                                                                                                    I’m on 5.2 (and soon even 5.1) indeed so that i can give LuaJIT a try. If that does not work out or if the speed improvements are not worth it then I will probably just move to 5.3.

                                                                                              1. 5

                                                                                                Please stop writing “please stop X” blog posts.

                                                                                                1. 2

                                                                                                  I’m worried this is yet another attack vector against 1P, and provides easier key export for attackers that gain access to your command line.

                                                                                                  1. 1

                                                                                                    What is the other attack vector?

                                                                                                  1. 16

                                                                                                    “In particular, that employees who had given their careers to the company were told of their termination via a pre-recorded call — “robo-RIF’d” in the words of one employee — is both despicable and cowardly.”

                                                                                                    Wow that sure is some corporate bullshit. I have never heard of this practice. Is this common?

                                                                                                    1. 8

                                                                                                      Oracle is the most corporate of corporate environments.

                                                                                                      I worked for an eCommerce company that was acquired by Oracle quite a number of years ago at this point, and one of my former co-workers posted her story to our alumni mailing list.

                                                                                                      To start with, they came around and removed all the knives and other sharps from the kitchen.

                                                                                                      After a while, she’d finally had enough, and when she told her boss she was going to leave, she was told to run the self termination application and see herself out.

                                                                                                      All I could think of was the suicide booths from Futorama :)

                                                                                                    1. 4

                                                                                                      Although the final modification is not my code, it is still a great pleasure that I contribute my own effort to help make OpenBSD better!

                                                                                                      Why was it not your code?

                                                                                                      I don’t know the full story since Marc.info is down but if this contributor was not mentored to finish the patch then that is a bad experience in my opinion.

                                                                                                      There is nothing worse than making an effort to submit a patch and then have someone “just do it the right way” for whatever reason.

                                                                                                      1. 8

                                                                                                        The committed diff has trivial style changes (using ? : instead of if-else). The contributer was mentioned in the log message, which also stated the committed change was derived from the patch which was submitted. It probably didn’t help that the patch was sent with whitespace mangled so it couldn’t be applied automatically. Given these circumstances I would say it was handled just fine.

                                                                                                        If the change had been more involved I would tend to agree that letting the submitter work out remaining problems is the right thing to do. But I don’t think mentoring should be mandatory and expected in every case.

                                                                                                        You’re saying there was nothing worse but I think there is: I submitted this patch which got committed without any attribution. But I sent it privately to the developer so there is no public record that it happened this way.

                                                                                                        1. 2

                                                                                                          You’re saying there was nothing worse but I think there is: I submitted this patch which got committed without any attribution. But I sent it privately to the developer so there is no public record that it happened this way.

                                                                                                          So there was this one (admittedly very minor) patch I sent to OpenBSD quite a while ago. It got committed much later, without attribution. And I am just glad it’s in :-) I sent it to improve the state of things, and not to get my name in the cvs log. These days I’m actually thinking of doing more and more anonymously, or at least under a pseudonym that isn’t easily connected to me.

                                                                                                          To each their own, I guess. I could think of much worse. Like being told to go away, by the project leader, while trying to help another user on the lists. Thankfully I haven’t received such treatment. Then again, I don’t really try to help others on public lists. :-)

                                                                                                        2. 4

                                                                                                          There is nothing worse than making an effort to submit a patch and then have someone “just do it the right way” for whatever reason.

                                                                                                          Maybe it depends on the goal? I guess if the goal is to train an employee to the house rules, sure, mentor them till the end. If it’s someone who’s coming back to contribute, or trying to contribute a large amount of code, sure, invest the time.

                                                                                                          But for some random person filing what might be a one-off patch, it might just be counterproductive to start by nitpicking about style and detail. And mangled whitespace. It might just scare them off? I don’t suppose most people would feel offended if someone tweaks their diff a little, commits it, and then thanks the sender. I wouldn’t be offended.

                                                                                                          If they come back and start sending more diffs, maybe there’s time to nitpick?

                                                                                                          marc.info works for me right now. Here’s the committed version: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin/dmesg/dmesg.c.diff?r1=1.27&r2=1.28

                                                                                                          1. 4

                                                                                                            There was no thank you. No “hey that is a great fix, ready for something bigger?”. Just silence and a fixed up commit.

                                                                                                            Most contributions start small. Most contributors start with a small patch to get their feet wet.

                                                                                                            Now I don’t know the OpenBSD project, but like all open source projects it probably heavily depends on contributors. So why not make people feel inclusive and foster their work. Help them grow into productive contributors.

                                                                                                            That is not happening here.

                                                                                                            1. 5

                                                                                                              | Based on a diff from xiao_nan (at) dsi (dot) a-star (dot) edu (dot) sg - thanks.

                                                                                                              https://marc.info/?l=openbsd-cvs&m=150373760724279&w=2

                                                                                                              1. 3

                                                                                                                I see your point.

                                                                                                                I’ll note that I’ve (nearly?) always been thanked in private by the committer when I’ve sent a patch to OpenBSD. I’ve always felt inclusive in my communications with the OpenBSD committers. I assumed the OP was also thanked, and that they also felt inclusive and good about it:

                                                                                                                Although the final modification is not my code, it is still a great pleasure that I contribute my own effort to help make OpenBSD better!

                                                                                                                I’ll also note that I’ve received more silence and fewer thank yous from Mozilla. My first (trivial) patch went in silence. Maybe I got some automated message congratulating me for the r+. Not that I mind. (Sorry, I know this topic isn’t about Mozilla, but since I brought it up already.. anyway I don’t mean to bash)

                                                                                                                1. 2

                                                                                                                  No worries. Mozilla is far from perfect when it comes to contributor engagement. I’m sorry that was your experience. Shoot me a bug number if you need help to get things moving.

                                                                                                          1. 2

                                                                                                            I’m generally sympathetic to Mahmoud Al-Qudsi’s position here but there appears to be several alternatives that I think are very reasonable.

                                                                                                            1. D-link and others register a domain name that resolves to 192.168.1.1 or equivalent. For the general user this is probably a big user experience win anyway.
                                                                                                            2. Corporate networks install their own trusted root certificates.
                                                                                                            1. 4

                                                                                                              D-link and others register a domain name that resolves to 192.168.1.1 or equivalent. For the general user this is probably a big user experience win anyway.

                                                                                                              If they register a single domain name, doesn’t it means the device on your local network has the private key for the corresponding certificate, which means it is compromised?

                                                                                                              1. [Comment removed by author]

                                                                                                                1. 1

                                                                                                                  They could generate a new cert for every device they sell, each for their “gateway” hostname, so that there isn’t one global key for all Linksys routers. You’re still always going to have to have a private key on the router, though.

                                                                                                                  1. 1

                                                                                                                    Yes but don’t worry … those router admin pages are generally not behind SSL :-)

                                                                                                                    1. 1

                                                                                                                      If I read it right it is for a name that includes a device fingerprint as well as the IP address, so they can’t be reused.

                                                                                                                    2. 1

                                                                                                                      From a generic vendor POV, none of that is very reasonable.

                                                                                                                      1. Some places have no guaranteed Internet access. On some of them it is even prohibited (e.g. industrial applications) and considered a vulnerability.

                                                                                                                      2. The typical procurement/delivery/service subcontracting structure in large industrial projects (think oil rigs, power plants, mines, tunnels) makes maintaining your own DNS/CA ineffective and impractical. It requires getting everyone, from e.g. government subcontractors drafting requirements for the bidding round through foreign contractors hired 4 levels down in the bigcorp management hierarchy to actual device vendors to understand, implement and maintain this infrastructure. Typically it’s thousands of configurable devices sourced from dozens of vendors, with vastly different configuration/provisioning implementations - and most of them don’t have elaborate setup options like say Cisco IOS systems do. How do you provision your cert to an arbitrary vendor’s PLC or industrial endpoint switch? What if you have two thousands of them? The setup would take longer than configuring them in the first place, and further maintenance (these certs should expire, don’t they?) is a nightmare. So inevitably, solutions for these projects converge to lowest common denominator, which is more often than not is simple airgapped L3/L2 network split into a bunch of subnets and no trust chain whatsoever.