/t/ - Technology

Discussion of Technology

Index Catalog Archive Bottom Refresh
Mode: Reply
Options
Subject
Message

Max message length: 8000

Files

Max file size: 32.00 MB

Max files: 5

Supported file types: GIF, JPG, PNG, WebM, OGG, and more

E-mail
Password

(used to delete files and postings)

Misc

Remember to follow the rules

The backup domain is located at 8chan.se. .cc is a third fallback. TOR access can be found here, or you can access the TOR portal from the clearnet at Redchannit 2.0.

Be aware of the Fallback Plan

8chan.moe is a hobby project with no affiliation whatsoever to the administration of any other "8chan" site, past or present.

(32.03 KB 400x400 brian_fagioli_color.jpg)
(20.40 KB 400x400 brian_fagioli_twatter.jpg)
News Thread Anonymous 05/06/2020 (Wed) 01:48:07 No. 21
Post and discuss the latest in technology happenings. t. Brian Fagioli
>>1907 I can't even tell if $400 is supposed to be a deal anymore. Remember when a flagship GPU cost that much? It's unclear what nVidia's strategy is. Presumably all the good wafers are going to the top-tier cards. Surely they have a surplus of rejects that are good for the new cards> Why is it taking months to release them when it might provide a release valve on the market to have all your models available at once? >It;s beating the 2080 Super Going to send this to my friends that just upgraded their GPUs a few months ago. Massive performance boosts are great but I'm staying far away from new hardware until stock normalizes.
(490.28 KB 650x487 ClipboardImage.png)
AMD Patches GCC for Zen 3 Support https://www.phoronix.com/scan.php?page=news_item&px=AMD-Zen-3-GCC-Plus-AOCC-2.3 Following last month's release of the Ryzen 5000 "Zen 3" processors, AMD has now begun publishing their official compiler support for this extremely compelling processor family. For as extremely great as Zen 3 is, it's the belated compiler support as one of the few critiques we've had -- normally on the Intel side they are often plumbing their compiler targets and new instruction set extension support a year or more ahead of CPU launches (e.g. the most recent example back in July Intel added Alder Lake and Sapphire Rapids to GCC), and that's for when those processors are shipping on schedule. Having the compiler support out well ahead of the launches ensure the support is worked into stable compiler releases by the time the CPUs ship and ideally already used as the default compiler version in major Linux distribution releases. Intel generally remains spot-on in that regard while AMD has been much tighter -- or in the case of Zen 3, basically one month after launch. Apparently AMD doesn't release GCC march settings ahead of time like Intel. Guess it doesn't matter when nobody can get their CPUs right now, but this isn't even the full set of tweaks. Those of us on Gentoo should probably hold off upgrading.
(63.25 KB 1200x1200 ClipboardImage.png)
I guess having all your companies pay an extremely high tax rate doesn’t work so well after all. The bubble is about to burst gentlemen, and I for one am ready for the shit show. https://archive.vn/OiynL
>>1927 Texas had a strong history in computing, especially hardware, before Silicon Valley stole the focus. Imagine if the center of American technology was in Texas instead of California?
(174.99 KB 492x372 ClipboardImage.png)
Linux 5.11 Will Play Nicely With The Sega Saturn Controllers Connected Via USB Adapter https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.11-Sega-Saturn-Control For those fond of the Sega Saturn video game console controllers from the mid-90s, the Linux 5.11 kernel has a fix so a common USB adapter for them will behave nicely. Raising eyebrows this morning was seeing in HID-next a commit mentioning HID: add support for Sega Saturn. What the heck is a kernel being released in 2021 doing with the Sega Saturn from more than two decades prior? The commit is adding a USB HID quirk (HID_QUIRK_MULTI_INPUT) so that it's exposed to user-space in a consistent manner. Disappointed to see this targets a specific adapter, and is more about adapters with multiple controllers on a single USB port, but it's nice to see it's targeting the Saturn splitter in particular. Shocked to see it's not the official Nintento GameCube adapter that's being supported. I'm curious how well original SLS Saturn USB controllers hold up, given they predate XInput.
(949.93 KB 1200x675 ClipboardImage.png)
California files to join US Justice Department's Google antitrust lawsuit https://www.cnet.com/news/california-files-to-join-us-justice-departments-antitrust-lawsuit-against-google/ They're in trouble now.
>>1927 A lot of companies already have offices in Texas. Not surprising to see HQs slowly moving there. I'm worried though because the employees they're bringing want to turn Texas into another California with the same policies that ruined it. >>1975 >Shocked to see it's not the official Nintento GameCube adapter that's being supported. I just use the Mayflash adapter which works fine on Linux. It was cheaper, supported both WiiU and PC (and eventually Switch), ended up having 2 ft more cable length than the official adapter, and was more easily available due to Nintendo's retarded philosophy of always under-stocking high-demand products. I wouldn't be surprised if it outsold Nintendo's own adapter. >>1988 >inb4 we repeat the 2001 antitrust suit with Microsoft which they just dropped and "forgot" about after 9/11
(32.73 KB 1032x462 ClipboardImage.png)
https://github.com/FreeTubeApp/FreeTube/releases/tag/v0.11.0-beta Not that big of news, but I figure it was well worth sharing as FreeTube can be a damn good alternative to using YouTube or even an invidious instance.
Not even a day since Stallman was reappointed to the board of the foundation that he created and the (((Open Source Iniciative))) and a bunch of fags in various projects already want him AND the rest of the board of the FSF out for "letting such a dangerous person represent the FOSS movement". https://archive.is/A93nm https://archive.is/CePo0 The OSI has been at odds with the FSF and Stallman for a while, but still, their reaction and the reaction of everyone who signed the second letter just feels bad. I hope the FSF doesn't cave to the presure (again), otherwise things could get bad fast.
>>3111 Be sure to support the FSF and RMS now. Here's a support letter you can sign: https://rms-support-letter.github.io/ Also give a donation to the FSF and mention your support for RMS.
>>3117 I was withholding funds because of the RMS resignation, but I will go ahead and send it now.
>>3310 The biggest tragedy is not that someone would post retarded shit like that, the biggest tragedy is that some people would actually take seriously something that has shit like >I’m a white dude with a British accent. /Of course/ I have white male privilege. I used to joke that I fell into every job I’ve had (including my doctorate) – that, right there, is white male privilege. I have so much, that I can move to a xenophobic racist country and get a complete pass from the ‘immigrants are bad’ mentality. Many of you on the SC have such privilege – if you don’t think such privilege affects you, /then you have it/. written in it. The gall of some people to outright admit they're worthless and ask for the removal of someone else in the same email.
(965.17 KB 726x2575 trash-fullpage.png)
<US government confirms Russian SVR behind the SolarWinds hack >The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies. >The press release from the White House confirms past media reports citing unofficial sources that the Russian Foreign Intelligence Service, the SVR, was behind the SolarWinds hack. https://archive.is/Yzz89 Is it happening yet?
>>3563 not until the nukes drop. till then it's all blame shifting.
>>3563 They're just trying to ease the public into awareness. SVR even had passwords belonging to Dominions Voting System's staff since 2018, and probably fucked with that election too you can find it in the DB torrents floating around on Pirate bay.
///RESEARCHERS\\\ INTENTIONALLY CONTRIBUTE MALICIOUS CODE TO THE LINUX PROJECT https://archive.is/oHKlR
>>3761 >maintainers are cucks and don't permaban all contributions from the institution as a warning Pathetic.
>>3762 That is literally what they did though? what kind of crack cocaine are you on?
>>3761 literally nothing, this has been happening forever even gnu and anything open source gets troll submissions all the time most of what they call malicious is just amateurs coders not knowing what the fuck theyre doing and opening up security holes thats why theres so many forks for testing, its 90% to check things breaking and 10% for letting autists do the maintainers work for them and find fuck ups and troll code thats why anything outside pure debian or freebsd should be considered a joke
>>3775 >most of what they call malicious is just amateurs coders not knowing what the fuck theyre doing and opening up security holes Did you read the article? They admitted to it publicly by publishing a paper discussing potential security holes in the review process. Or at least, that was their cover. They didn't notify the maintainers beforehand. This was not amateurs submitting amateur code.
>>3776 I was speaking generally test builds are always littered with junk that gets filtered out over time by the community, the maintainers dont really do much, its why theres always a divided in distros whenever a new kernel gets released
>>3776 Those in charge of merge requests also approved it, despite the submission having a massive security flaw while only claiming to fix some typos, and banned the entire university email domain from submitting requests, when all of the malicious submissions from the University were apparently all from Gmail accounts, that I assume were handmade for this test; turning a massive repository into an imprompptu guinea pig was a shameful idea, but it reveals a major weakness in open-source development; for whatever reason (that I have suspicions for that I won't go into detail because it's almost irrelevant; no, I'm not alledging that it was sabotage, though it's not an impossible option; it's simply not what I'm thinking of at this moment), some people don't check enough to see if the things they download haven't tampered with, aside from not going to incredibly obvious websites filled with malware. Some even insist that open-source software is inherently safe, which is ill-advise and encourages the sort of mental laziness that got modern software into the mess it's in today; open-source software is only more likely to get fixed faster if security is compromised because anyone with the knowledge can fix it and submit a pull request (which does not necessarily mean it will be merged into the master branch). Here are at least two reasons why this is not the same as "open-source software is inherently safe": >you need to recompile the program or download the new latest binary of the program in order to have said patch apply to your version in the first place >as I alluded to before, a pull request may not get immediately accepted, or even accepted at all, for a myriad of reasons There's also the fact that fixing a problem is not the same as not having a problem at all, it just means the problem is less able to be a problem. But because some people don't do this, they don't actually take the time to understand what the code for the program they want to use actually does, let alone use any hash verification methods that the owner of the repository may have given the users as an option to verify if the binary is the one that the owner of the repository attempted to serve to the users. The lesson to take from this is to pay attention to merge requests. Understand the languages of the programs that you're using, pay attention to the pull requests and what they actually change, and if you download binaries, at least verify the hashes so that you're at least more sure that it's the intended one and not some malicious executable that was able to pass itself off as the real thing because you either didn't know how to verify, or you did, but you didn't do so this time and you're about to regret it. Also, banning the entire domain probably earned them some bad blood between them and some members of the university (and maybe even outside the university); again, none of the university's email addresses were submitting the malicious pull requests, so they may have angered an undetermined amount of people for an action that won't actually defend the project against malicious pull requests, or even punish those who submitted said pull requests. >>3762 As >>3763 said, they did and that's the problem; they target on the entire university's domain when the malicious code was apparently submitted by pull requests by Gmail accounts; they not only were neglectful about checking what the submission actually did, they also did an incredibly bad job at punishing the university; if they ever wanted to do it again, nothing about them banning the university's domain will stop them, as they almost never used them back in this incident (there was apparently one, but it quite literally did nothing).
>>3841 This was a pretty great post, anon; I'm increasingly interested in Information Security, so I enjoyed reading it. Thanks for the effortpost. >let alone use any hash verification methods that the owner of the repository may have given the users as an option This is probably a retarded question, but I've always wondered: what's stopping the developers from just changing the hash to cover up any changes they've made to the software after the fact? If you're given both ends of the verification process by the same people, isn't that a massive security risk in itself? I understand that it works against unintended alterations by attackers, but what if the source itself is knowingly compromised?
>>3848 Different anon here. >I understand that it works against unintended alterations by attackers That's the only thing the hash method is intended to do. The functionality (malicious or not) of the software is outside of the scope of this protection. >what if the source itself is knowingly compromised? There's no real solution outside of reading the code. You can mitigate this by only using software you get from reputable sources or sandboxing programs or whatever other method works for you, but ultimately if whatever you're using has malicious stuff in it or vulnerabilities then the only thing you can do to avert using it is reading the code. There's no magic solution.
>>3864 >That's the only thing the hash method is intended to do. Fair enough. >ultimately if whatever you're using has malicious stuff in it or vulnerabilities then the only thing you can do to avert using it is reading the code. There's no magic solution. Makes sense. Ultimately, I guess it goes without saying that's why FOSS is so important. I'm really starting to wonder if stuff like Rust, the (((Ethical Software))) "movement", the grsecurity issue, the U Minnesota scandal, the RMS goings-on, and so forth aren't all part of a coordinated dogpile to discredit FOSS now that more people are seriously interested in it. Wouldn't surprise me in the least.
>>3865 ...Huh. Apparently echoes glow even when covered in pitch-black darkness. That's actually pretty hilarious.
Over 25% Of Tor Exit Relays Spied On Users' Dark Web Activities archive.is/Cuck0
>>3848 yes, ive made that point so many times, dsa hashing is to detect changes not made by whoever signed it, eg. a mitm glownigger sending you an infected copy or an indian playing around at the hosting server its protection from thirdparties not the devs themselves if they wanted to they could put up clean source code and then compile malware, sign it and put it up for download with a clean checksum, so you check the source code -- its clean download the binary and verify the hash -- its clean and then run the malware like a fool thats why smart people are so anal about compiling from source and dont give a fuck about dsa, you can do all the fancy cryptographic buffoonery you want, it wont do shit when the attackers are the devs themselves thats why you unironically never trust code from a team with a jew in it, NEVER, t@lpiot and the israeli botnet is real
Glimpse, the fork of Gimp created solely because some cunts disliked the name, is officially pausing its development because the only guy that was developing it got fed up with the size of the project and everyone else only knew how to beg for donations or manage a social media account. The project's repository was archived, and the Discord group doesn't accept new members, so it's safe to claim that Glimpse is dead. Source: https://archive.is/ip8lc
(30.82 KB 400x534 f1878719936.gif)
>>4205 Wow who could've predicted this.
(226.35 KB 1618x824 mvps.png)
>go get new MVPS hosts file after getting new phone >find message at top of page >just got out of the Hospital ... I now have some severe health issues to deal with (complete Kidney failure ... need a Kidney transplant) plus another operation ... large needles inserted into my spine ...however I will try to better maintain the MVPS HOSTS file. Well just got back from Hospital again (excessive water in lungs) I find out the world goes more to shit in even the smallest of ways every day.
News on the linux phones made by Purism, they have just started shipping their very expensive USA manufactured phones this June, their most recent post on their website says there's a 60 day lead time but otherwise no estimation on when customers will receive their product and still no sign of their cheaper ///chinese\\\ made phones beginning production. For the full bloated news, it's on https://puri.sm/posts/
(116.03 KB 750x1000 commie.jpg)


Quick Reply
Extra
Delete
Report

no cookies?