Side channel gives unauthenticated remote attackers access they should never have.
On regular x86 laptops, this mapping is already present in the UEFI firmware, described as ACPI tables. ACPI, which stands for Advanced Configuration and Power Interface, is an open standard that some firmware implementations use to advertise the devices that are part of the system to the operating system through a key-value data structure called “ACPI tables”. At boot, when the operating system detects ACPI tables, it reads them to enumerate the hardware devices and allow the various drivers and kernel modules to interact with all compatible discovered devices.
Why doesn't Quallcomm have this? Seems like a major oversight. Kinda weird that they don't have ACPI. It's an open standard...
That company really is good at marketing. And their customers will parrot their ads and marketing to you all the time. "No, they care about privacy!", "They are climate-neutral!", "They have the most secure devices on the planet!", and so on. Whatever the company says is gospel at this point.
The joke is that there are some people who truly believe chatgpt is a better programmer than humans. It isn't that programming.dev is chock full of beginners who seriously believe the same.
Thank you! I set it to high and that solved the problem for me. This has plagued me for a long time. Finally it has been resolved 🙏
Thanks again!
I configured steam to open on a separate desktop using window rules, but it also grabs the attention and plasma will automatically switch to the desktop it opened to. Is there a way to stop that from happening?
Steam opens 3 windows, so switching to another desktop will be reverted 3 times.
I'm hoping there will be some news about Rust! 😀 The ability to write KDE widgets and Kwin scripts in Rust would be great!
I've read multiple times that CUDA dominates, mostly because NVIDIA dominates. Rocm is the AMD equivalent, but OpenCL also exists. From my understanding, these are technologies used to program graphics cards - always thought that shaders were used for that.
There is a huge gap in my knowledge and understanding about this, so I'd appreciate somebody laying this out for me. I could ask an LLM and be misguided, but I'd rather not 🤣
I've been in the industry a while too and in multiple countries in Europe. Before COVID there were even some visits to tech conferences. Only once did I meet a trans person (or so I think, they never corrected anybody on the pronouns).
This seems to be an internet thing, or at least the loud minority thing, but maybe I'm also just a recluse 🤷
Nobody's really serious on a meme sub. Maybe check your humour meter. It must be broken.
I don't know of a tutorial, but most tools have to have support for I2P built in, otherwise they won't work. A good torrent client that does is qBittorrent.
Browsing I2Ps network with HTTP happens over a SOCKS5 proxy, so if aria supports that, you can use it too. https://geti2p.net/ should have more information.
I would then encourage you to look up how those work and what proof of work actually is. Proof of work requires some work to be done by the client. If you want regular people to browse the internet normally and "do work", that means JavaScript, otherwise it requires them to install an extra binary like TOR or something, which would lock out most of real users. I imagine that's not the goal of site operators.
Now suddenly privacy is important. Fuck everybody else though.
There must be a tool that allows you to build packages for multiple systems in multiple formats (deb, rpm, nix, flatpak, snap, etc.). Does that not exist? After 20 years of these systems existing, somebody must've tried...
Also, it's clear that once again, open source needs some kind of funding model, because it's a little crazy that a project like this can get so popular so fast, the dev flooded with praise, thanks, and issues but not money to maintain and develop it.
How would that work? And how easy would it be to circumvent? Anubis probably forces spinning up a browser or something that supports a JS runtime (again probably a browser), so it's not as easily scriptable as just callling an HTTP endpoint. I'm curious how you would implement a system without JS.
That's good news! They may get more devs that way. Godot is pretty popular at the moment.
The Australian Information Commissioner (OAIC) produced an excellent report on consumer messaging apps within the Australian government.
An analysis of an excellent report into the use of consumer messaging apps within the Australian government.
I wish more pirates used I2P. But it seems like many cannot deal with waiting a day for their download to finish.
Those people who said popular projects wouldn't migrate away from Github can go suck it. @organicmaps@mastodon.social and @cryptpad@fosstodon.org are amazing projects and I'm very happy they left (or are leaving) Github . #fuckGithub When forgejo finally gets federation, I hope there will be a bigger exodus from that Micro$oft enclave.
I'm curious though, what happened to @organicmaps@mastodon.social? They were blocked by Github?
It took me a while to find, but the newest, best supported phones on the device list are
- PINE64 PinePhone Pro (2021)
- Fairphone 4 (2021) (partial call support)
- PINE64 PinePhone (2020)
- Purism Librem 5 (2020)
- SHIFT SHIFT6mq (2020)
The pixel 3a is not well supported and has problems with wifi, battery, audio, camera, calls, and NFC, so IMO don't base your impression of PostmarketOS on the pixel3a.
Companies are already resisting because they can't figure out a good way to interview people. "We tried nothing and are all out of ideas". Hopefully more companies like Fuck Leetcode pop up to force a change in interview techniques.
OpenTofu’s Slack workspace
Bro... why do opensource projects love proprietary collaboration platforms so much?
Happened to me too and I panicked until I found LocalHistory. I think it was even a merge gone wrong after somebody had force pushed to a branch. What a crazy day that was.
You’re writing dangerously bad C or C++ code already.
Shots fired. Must be footgun that went off somewhere.
Is retroshare the new iteration of this?
It's been a while since picking up rust, but until now, most of what I've written has been CLI tools, proc macro libs, and async networking stuff. Web/application servers have been kept at arm's length while waiting for something to come around like Django.
For those not in the know, Django is a web framework written in Python. It's opinionated, extensive, has many features, and has stellar documentation. It's old too and had major problems taking advantage of (back them) python's new async capabilities as well as "new" technologies like WebSockets. Popular frameworks popped up in the meantime like Flask and FastAPI that do use new technologies and python language features like type hints, however nothing has really come to be quite like Django.
Django's ORM
As usual, there are camps when it comes to this, but I'm in the "keep SQL away from me" or "one language for all" camp. Django's ORM does a mighty fine job of doing so. It's possible to write a django application without ever seeing a line of SQL. It helps me immensely to just think about models, application logic, and presentation.
Django allows defining your models in python, generating and handling database migrations, making complex queries of 1-1, 1-n, m-n relations without an SQL syntax, storing objects, locking rows, optimising queries (again without knowing SQL), and much more.
Queries
My favorite, powerful query simplifications are QuerySet.select_related() and QuerySet.prefetch_related().
An example of Queryset.select_related:
This is useful for a tree of 1-n objects. An example from the documentation: a Book has an author (foreignkey) which is a Person (1-n), with a hometown (foreignkey) that is a City (1-n). An author can have written many books (n-1), a city can have many people (1-n).
Say you wanted to find 10 books from an author that lives in "Marrakesh" with the associated objects (Book, Person, City). In Django that's
```py
Hits the database with joins to the author and hometown tables.
books = Book.objects .filter(author_hometown__name="Marrakesh") .select_related("author__hometown")[:10] book = book[0] person = book.author # Doesn't hit the database. city = person.hometown # Doesn't hit the database. ```
QuerySet.prefetch_related() does the same for m-n / many-to-many relationships and some other queries (see doc). No messing around with SQL, just python.
Migrations
The ORM also takes care of generating and managing migrations for you. To me, that's a major plus as it offloads the need for me to think about whether a specific type exists in the DB of choice. Most of the time django will handle it transparently. There are even django extensions / apps to optimise more SQL query generation like adding views, or choosing which index to use for a specific type or table, and so on.
Django's documentation
If I'm not mistaken, it follows the diátaxis method of documentation
which fits the project very well and allows getting started with django very easily as well as finding good, low-level, in-depth information quickly. Many projects have documentation but it's everywhere and nowhere in terms of location (where to find specific things) and depth (high-level vs low-level), making it less optimal for beginners and experts alike. If you want to step up your documentation game, do give diátaxis a shot.
What prompted this
I'm currently 3 days into exploring the rust web framework ecosystem and banging my head against it. It's very commendable what people have written in their free time and shared with the world, so I will not disparage any projects here. It would just be really cool if a django-like, batteries-included project started or reached production quality sometime. The closest candidate I found is Cot.
Cot started in June 2024 and is a long way from django's level but has already grown to something quite impressive. If time allowed it and the project weren't on GitHub, and had a matrix chatroom, it would surely get contributions from me. Here's the announcement on the main dev's blog, which reflects some of my frustrations with the current web framework ecosystem in Rust.
Until Cot is ready, I'll probably be using axum for application server, diesel for the DB-glue, and possibly leptos, yew, or just plain Rinja. Unless of course somebody knows of a django-like web framework in rust that isn't on awesome-rust...
I've tried watching videos about it, but they are not analysing the reasons. Instead it's just whining about the symptoms and hypocrisy of rich CEOs firing employees then buying a yacht. We all know it's terrible, but my question is "why". "herp derp, capitalism" and "omg, it's the fucking CEOs" doesn't explain anything.
I don't have a Github account after deleting it some time after it was ought by Microsoft. Given the rise of anti-US sentiment and calls to stop using their products, more people leaving Github might be a real occurrence. How can I and others who have left, are leaving, and will leave Github, be able to contribute?
Is there any place where financial reports of The Matrix.org Foundation are published? Like, summary of income through donations, who is currently employed by The Matrix.org Foundation and how are ...
As of 2025-03-02, the matrix foundation has not released a single financial report despite being a non-profit.
A custom version of Firefox, focused on privacy, security and freedom.
> We don't want to deal with the administration required to properly handle donations. If we don't need funding, we won't risk becoming dependent on it. And also: no donations means no expectations. This means that people working on LibreWolf are free to move on to other projects whenever they want.
Basically, I'd like to have my own domain e.g onlinepersona@mydomain.com but not go through the hassle of hosting my own email service: I'd like to use another service that handled SPF, DMARC, and whatever else for me, grab the emails from their service using POP, and make it available to my email client on android and Linux using IMAP. SMTP will be through the third party.
This way, if the third party starts doing some bullshit like trying to lock me in, donating to a dickhead, or whatever else I disagree with, I can cancel my subscription, move to another third party, and keep all mails on my server.
How can I achieve this? Which search terms should I be using? "Self host email server" brings up stuff that's the equivalent of self-hosting gmail, AOL, posteo, kollabnow, or whatever, but that's not what I want. "Selfhost POP relay" doesn't have much better results, always bringing up SMTP relay...
I think it's obvious (and has been) that the linux kernel needs more contributors and more maintainers to share the load\*. The Linux Foundation spending 2% on kernel development in 2024 (page 18) does something but not nearly enough.
Is there a way that we as a community / third parties / non kernel devs can fund kernel developers and maybe even get a kernel maintainer in there? Maybe something already exists or do we have to start something ourselves?
\*: Yes, I understand our overworked maintainer problem (being one of these people myself), but here we have people actually doing the work! - Greg KH
I've got 64 GB of RAM and would like to force cargo to dump build artifacts into it. So basically the target/ directory should end up there.
Unless I'm mistaken RAM is much faster than SSDs and since I do rebuild quite often, it would save some R/W cycles on my SSD and allow faster file access.
I do jot mind doing a full rebuild every morning
Solution:
These 2 comments gave me the best indication how to do it: cargo ramdisk and build.target-dir config options.
Would be great if cargo had a build.target-dir-prefix though. One could set and env var CARGO_TARGET_DIR_PREFIX and point it at /dev/shm or /tmp if it's a tmpfs and every rust project would have its artefacts end up in RAM.
Every week or so there seems to be drama about some old dude shouting about how rust in the Linux kernel is bad. Given all the open hostility, is there easier way for R4L to continue their work?
I know little about gradle and have only just started exploring it, so this is just a question out of curiosity.
It's supposedly a language agnostic dependency manager and builder, yet it seems to have only found its niche in Java. C/C++ projects could definitely do with dependency resolution...
I've inherited a systemd service and it uses BindReadOnlyPaths to make certain paths available to the service (doc)
> A bind mount makes a particular file or directory available at an additional place in the unit's view of the file system. Any bind mounts created with this option are specific to the unit, and are not visible in the host's mount table.
The service is running using a specific user and I would like the user to access those read-only paths outside of the service. Is there an possibility within systemd that would allow me to do that?
Edit: solved it with a systemd bind mount