where can we watch the asiabsdcon 2023 and 2024 vids?

rwp: thanks for that info, that fixed it.

:-)

So, why powerdxx over powerd on my Lenovo T590?

And then BillyJoeBob left just as I was going to talk about powerdxx working for me when powerd does not.

jfrog.com/blog/leaked-pypi-secret-t…inary-preventing-suppy-chain-attack nice supply chain attack

The JFrog Security Research team has recently discovered and reported a leaked access token with administrator access to Python’s, PyPI’s and Python Software Foundation’s GitHub repositories, which was leaked in a public Docker container hosted on Docker Hub.

the suck!

oops

Docker Hub that planted millions of malicious repositories nearly 20% of these public repositories (almost three million repositories!) actually hosted malicious content.

haha

CI/CD

who was it in this channel talking that crap

pisses me off..like google or m$ is secure or valid place for info. idiots. kubernetes/ssh and python w00t...

I am actually a bit surprised that it took more than a year to find.

m$ solarwinds backdoored everyone..and they probably sat on that shit for 3 letter agencys

when disk space was small, you did not include compilers or interpreters on the box..perl/python/cc on the server..nah, hacker needs to bring their own env, not going to provide it.

ok, grandpa, you tell 'em

but now it's time for bed

how about removing the shells

or even better in-memory /ram os..

oxide computer /smart os went that route

how about unplugging it from the switch

static os, always loaded from good image.

disk drive well anyone can change the os

not .iso that fixed in time

boot cdrom

if you need a chain of trust..

nah shove 15GB of shit on disk and hope it doesn't get backdoored

tripwire/aide it perhaps you get lucky

en.wikipedia.org/wiki/Soft_error cosmic rays..

am i going to get a bit flip on CRC check-summed .iso file ? written in time, like i said. i know it loads into ram, and i can verify the checksums.

a hd,ssd,usb,sd card is read/writeable..but .iso is closed session, write once, read many ...w0rm drive

During the first 2.5 years of flight, the spacecraft reported a nearly constant single-bit error rate of about 280 errors per day.

hi, everyone!

rennj: recently I found some FDDs that I used in 1998, they still work but they are 1.44MBs only... the best archival storage (that I know) seems to be the tapes; LTO-5 or LTO-6, after them the density becomes too high imho, the time would ack if they succeed to keep the data for very long time

par-2

par backups

zfs needs the 2 value

en.wikipedia.org/wiki/Chipkill IBM

sun,hp also had foo like it

zfs needs two storage medium at the same time, for mirroring; I doubt that two simetrical LTO drives could ensure this requirement

yeah zfs needs the 2

not up to date on btrfs foobar..perhaps they copied

for decades long archival storage one should weight a lot if he goes for a LTO tape or a zfs mirror; I saw LTO tapes failing

lto is only option anyway..dlt lost

can go wrong with Verbatim, i know sony is killing off blueray/dvd

cant go wrong // correction

i had robot dvd burning machines...

btrfs? I think btrfs kind of went away since RedHat switched to xfs root some years ago; I liked and used btrfs on my laptop maybe 7 years ago

young minds dvd-studio

Solaris, HP-UX, AIX, Tru64, as well as Linux and Microsoft Windows NT. Key applications for DVD Studio include archival and distribution of large multimedia files, document imaging, GIS, and similar industries

I remember there was some kind of dvd, 100gbs capable, promising archival capabilities but I did not succeed to buy the tape+medium somewhere in 2020 then I lost the track of it

that was 24 years ago !!!

i feel old

i figure btrfs probably copied all the good features of other systems, is what im saying

no clue on it, i dont use it, i think ibm/redhat may push it..if i recall

unlike ubuntu which has openzfs

1-2 years ago, ubuntu had zfs as option for / ; you needed internet connection at the install time and it would be done; otherwise, ext4 for root

I mean, zfs on linux is still behind of zfs on bsd; I think I had zfs on / with FreeBSD 9

i think its all openzfs now

fbsd.linux,openindiana,winblows

everybody is on same page now

crapple even

2020: ZFS on Linux was renamed to OpenZFS and added FreeBSD support, unifying the codebase for both platforms.[\

en.wikipedia.org/wiki/OpenZFS\

oh, funny: github.com/openzfsonwindows/ZFSin; I did not know that does exist, even. I kind of forgot about Windows :-)

yeah the grind of tiring to keep up with technology changes

yeah the grind of trying to keep up with technology changes

Windows Update was fixing some bugs and restart to find new bugs introduced and so on.. I quit that path in 2004

solarwinds or en.wikipedia.org/wiki/Stuxnet

just 2 examples

and yet Lo Jack - tomshardware.com/news/lojack-firmwr…ables-first-uefi-rootkit,37867.html ; check mate :-(

ACPI tables in uefi is crazy stupid.

let alone intel me/amd psp..ring -3 foo BMC

lenovo did m-i-t-m attack just with acpi table

ring -3 is BMC, ring -2 smm, ring -1 is vmm...before you even get to ring 0

one laptop per child closest x86 got to open source

forth boot prom/openfirmware and national semi/amd geode cpu..all open source except for broadcom 802.11s wifi mesh

the wifi drive was binary blob

but the rest of laptop was open

olpc, thank you for reminding of it! olpc had drivers in 2.2.x kernels; I forgot about that nice idea, I'll check how it progresses

uefi is huge cluster fuck..

olpc is dead

long dead...

cell phones in kids pockets now

but hey, Uefi laptops have Safe Boot :-)

ffects-products-from-other-vendors.html

SMM (System Management Mode). ring -2

their own site

Potential Impact: Man-in-the-Middle Attack

I was looking to pine64.org/devices/pinebook_pro

but has too low specs

yeah i want amd ryzen power!

risc-v someday perhaps

Thunderbird RISC-V CPU

Thunderbird "supercomputer-on-a-chip"

1,536 64-bit superscalar RISC-V CPU cores. Four chips can be installed on a single accelerator card, in a form factor similar to a GPU.

Move over GPUs, with 1,536 cores the Thunderbird RISC-V CPU is ready to eat your lunch

could be vaporware..will see, earlier adopters get burned

wow! with chips like that, one needs the interfaces for usb/video/keyb/etc and the laptop is complete

tomshardware probably way more details

hm "InspireSemi claims a 30-60% power efficiency compared to similarly capable solutions." bad journalism or bad announcment or just bad hardware? if it is only 1/3-2/3 as efficient as compareable products, then why should I choose that one?

and it seems like it is just an accelerator board, not a CPU

yeah a pciE card

like a gpu card

buy a nvidia rtx4090 or Thunderbird

cuda / rocm or general purpose

no need for fancy libs

Ah, finally, a PCIe card to take care of my email!

heh, with the right libs to abstract the hardware away.

cuda/rocm/foobar..still need software abstraction for hardware

vmebus < isa < sbus < pci < pciE...busses

> vlbus! :-)

Ah yes, finally I'll be able to play SimCity 2000 (re: vlbus)

but perhaps this discussion should be moved to #freebsd-social

if the repo github.com/freebsd/freebsd-ports is read only mirror then what's with all those commits in there, shouldn't they be in bugzilla instead?

The commits are mirrored from the official git repo

then instead of github usernames, shouldn't a bot be a author of those commits?

or are they not auto mirrored ? :/

why would you rewrite commits for a mirror? the author should be the original email that is in the commit, why do you think it is a github username?

any recommendations for a desktop pdf viewer that can do 2-up (screen shows 2 pages, left and right )

evince?

dch: okular can do that

thanks dkeav , vkarlsen

welp both want a lot of downloads

If a freebsd-update fetch or cron has been run overnight, after I upgraded from 13 to 14 but before I ran the third "install" step (to get rid of old libs) - how can I get rid of the old libs?

The state that freebsd-update kept after the upgrade/install steps is now lost, because of the automated overnight run which I forgot to prevent from happening

nimaje: what do you mean? for example the author of commit freebsd/freebsd-ports 851ec02 is github.com/nunotexbsd which is cpearly a github username

*clearly

polyduekes: GitHub maps it to existing GH users where they do exist

vkarlsen: oh that explains, thanks

I think the mappings are done based on the email addresses listed under the github account

the author is Nuno Teixeira <eduardo⊙Fo> as can be seen via git show 851ec025a5bb3b43b80a0d05c6dfc642815e2706 in the ports repo

wow, it turns out firefox is a perfectly suitable command-line pdf reader in 2-up mode. And I need no more dependencies.

Dooshki: i don't think so since in some cases like in freebsd/freebsd-ports 8adfe16 the email isn't listed under the github account

They're not always publicly listed :)

so, github leaks that information via their website?

vkarlsen: lol, today i learnt also btw if you got any reference to how the whole mapping and mirroring works, i would be glad to read it :)

polyduekes: I don't know exactly how it's done, but the man page for git-push talks about a --mirror option. I'd start there.

vkarlsen: oh thanks, i will look at that

cracauer still going strong

any particular reason zfs set sharenfs informs you every use that "No SMB support in FreeBSD yet."

I am not trying to use SMB

then why are you setting it?

if you're not trying to use it?

"sharenfs"

nfs not smb

I haven't checked the source, but I think this is just a log info to the console in either case

since it does what it is supposed to do nfs wise

.. I think

uh i use sharenfs and don't think i've ever seen that

strange

paste.ubuntu.com/p/KfbqjVXppY maybe my config desc helps

well for some strange reason it also shares to smb, which explains the error, but not why it tries to do so

after having manually turned of the smb sharing for all pools on the NAS the error is no more. I must have turned on smb sharing, but don't remember doing so

am still getting a client timeout however

i've not used nfsv4 but connection refused makes me think that nfsd v4 isn't running on the freebsd system

it isn't see the rc.conf

I find it very confusing what is provided by zfs and what is not

all 'zfs set sharenfs' does is add a line to /etc/zfs/exports

but it's the right way™

sure

what is provided by zfs? it's the filesystem. what do filesystems pfovide? files.

not sure i understand what you're asking

zfs is not really a file system :-)

disk pool manager

please look at my pastebin

what exactly is provided by zfs and what is not?

does ports just have the current version or all versions?

of each port

depends on how you use ports I think

like i wonder if i can use ports to retrieve all the past port versions of nginx so i can build and use the exact version i want

if you use them via GIT / SVN then naturally you have history

if you have a FreeBSD ISO - then its probably a snapshot?

not what im asking. im asking about the ports system itself

im looking at cgit and it shows me a port's history going back basically forever so that's promising

but i wonder where it's getting that source from

VCS?

as I said above

ports doesn't store the source of the port does it?

just where to get the source from

at some point CVS was moved to SVN that then again was moved to GIT

are you confusing the pkg package manager and ports?

pkg distributes packages binary - a parallel to apt in the linux world

ya im asking about ports not packages

ok - I don't understand your question then

ports are source

ports is how to build the port AND the source code?

if you install something that way - it requires you to compile it

It was the last time I checked

but - I haven't used ports in quite a while after pkg was introduced - in the "old days" before pkg you always had to compile before installing

how to build a port would also not be a part of the ports system (make, gmake, cmake etc) - its a part of whatever gizmo you want to build

I don't think two ports do it the same way

well first i need to find out if a port contains the source code for the port, or info on where to fetch the source from

seems it is the standard dist + freebsd patches - but once you build it - you should have the entire source set in the ports folder - else I don't see how it can build it

well it could in theory download the source from wherever the port says it lives, but it looks like a port's source is stored in the ports db

that has to be a huge repo. all source for all software that can be built on freebsd through ports system. wow i wonder how big it is

well - I only see patch files

is that like a diff?

a patch file is a format of a file you can apply to a source set to change the code

ok so ports stores, for every port, the port's entire source code, from start to present, in the form of original checkin + patchset for each version

in either case - you need to have the source on disk to apply those

where do you see the entire source set?

in the files dir

I only see patch files in the ones I have checked

ok so if the port doesn't contain the source code for the port, then point to where a port refers to the source externally

here is patch for hurl

maybe it's the master_sites key in Makefile

so if a port's code isn't stored in the port, why bring in code patches? just get the code and build it

because if something is written for linux / gcc it may not compile on freebsd with llvm/clang

so patches are changes to a port's source code in order to get it working on freebsd?

so in order to build it on freebsd - you may need patches

ah

different locations for libs etc etc etc

why is everything pain

?

just pain

Anyone use swayidle?

I'm having issues where my laptop doesn't lock when it goes to sleep. When I try to run the command for swayidle I get: paste.debian.net/1323111

I thought maybe it's because I don't allow processes to see other user's/group's processes so I changed that and still the same error.