Old 386 and 486 code was really easy. I also got lost around the Pentium era as well. At the time, it was getting really hacky to work through extended and expanded memory while also learning to work with 32bit registers.

At the time, correctly or not, I just felt I was learning to navigate a bunch of architecture bandaids and not anything that was going to be static for the next few years. I just kinda put it aside, TBH.

ASM is still useful for MCUs at times and developing that feels like the good ol days…

You can generally cross compile across architectures, but there can be instruction or build nuances that can cause hiccups. Also, you need to build everything against the target architecture as well, not just the kernel.

I would look into something like Doppler instead of Vault. (I don’t trust any company acquired by IBM. They have been aquiring and enshittifying companies before there was even a name for it.)

Look into how any different solutions need their keys presented. Dumping the creds in ENV is generally fine since the keys will need to be stored and used somehow. You might need a dedicated user account to manage keys in its home folder.

This is actually a host security problem, not generally a key storage problem per se. Regardless of how you have a vault setup, my approach here is to create a single host that acts as a gateway for the rest of the credentials. (This applies to if keys are stored in “the cloud” or in a local database somewhere.)

Since you are going to using a Pi, you should focus on that being a restricted host: Only run your chosen vault solution on it. Period. Secure and patch it to the best of your ability and use very specific host firewall rules for minimum connectivity. Ie: Have one user for ssh in and limit another user account to managing vault, preferably without needing any kind of elevated access. This is actually a perfect use case for SELinux since you can put in some decent restrictions on the host for a single app (and it’s supporting apps…)

If you are paranoid enough to run a HIDS, you can turn on all the events for any type of root account actions. In theory once the host is configured, you shouldn’t need root again until you start performing patches.

That’s what you just got shown: Shove the configgy bits into Git.

You will likely have to find the configs you want to save first.

Sorry if it sounded like my rant was directed at you as it absolutely wasn’t. Your comment triggered me, because I absolutely fully agreed with yours as well. ;)

setenforce 0 is much cleaner, I have found.

Its just complex

When a security mechanism becomes more complex to manage than what it is supposed to protect, it becomes a vulnerability itself.

If you had a minimal system that you built from the ground up yourself and wanted to only have that system function in very specific ways, SELinux would be perfect. I would go so far as to say it would be nearing perfection in some ways.

Sorry, but in the real world, ain’t nobody got time for that shit. If you use auto configuration tools or pre-canned configs for SELinux on a system you are unfamiliar with, it’s more likely to cause application issues, create security gaps and will likely be shut off by a Jr. admin who really has no fucking clue what he is doing anyway.

It’s just easier to keep your system patched and ensure basic network security practices anyway.

It’s not impossible to manage these days. In the early days it was, but most everything is automagic now. If I am not mistaken, SELinux can be enabled to ‘log only’ which would give you data better handled by a HIPS anyway. (Don’t quote me on that.)

To add on, it supports up to 20.1.10 and that is where the protocol may shine. However, full spacial sound is not new, and Atmos is just Sony’s proprietary version.

I stole the “sound stick” bit from Benn Jordans blunt overview on atmos: https://youtu.be/5Dw3aKbw5Wo

(Atmos is all caps as well? Meh, whatever.)

I wonder what their answer is going to be for Dolby Atmos? I am sure they could think of a another protocol that is just as pointless for your standard TV sound sticks.

Who the hell writes if 'null'? If it’s a thing, what language would interpret a string like that?

Not sure if that will help in this particular case, but that looks super neat anyway. I have been planning to build a custom modular synthesizer so I’ll try that out anyway. (Thankfully, it’s Kicad integration is free. Yay!)

Build a live boot USB for windows: https://monovm.com/blog/how-to-create-a-windows-live-usb/

There is a chance that the exe is just a wrapper for a compressed archive that contains the app to flash the bios and also the image. If the bios actually supports flashing manually, that would be super convenient.

De-escalation is easy: Russia can get the fuck out of Ukraine. All of it.

If it’s useful to you, that is great.

Will rustc not just overwrite the old binary? If you are just doing a cleanup task, that’s cool. If nuking the last binary is important, then just do it first:

rm ./code; rustc ./code.rs -o ./code; ./code -mah args

I admire the willingness to share your work, but this is easier to do with a disposable one-liner at the prompt that you can repeat with an up arrow and a carriage return, if needed.

Sure, this script would be perfect for something like a cron job, but that would raise quite a few more questions as to why you would complie on a fixed schedule.

I can think of a few edge-cases where this script would be useful, but it just seems like it adds extra steps where extra steps might not be needed.

When I see my Dr. or when I talk to other engineers?

Any in many ways, that is the way engineers should speak to other engineers when analyzing a problem.

If two or more people can actually share a common goal of finding the best solution, everyone involved should be making sure that no time is wasted chasing poor solutions. This not only takes the ability to be direct to someone else, but it also requires that you can parse what others are telling you.

If someone makes something personal or takes something personal, they need a break. Go take a short walk or something. (Linus is a different sort of creature though. I get it.)

TBH, this is part of the reason I chose my doctor (GP). She is extremely direct when problem solving and has no problems theory-crafting out loud. Sure, we are social to a degree, but we share many of the same professional mannerisms. (We had a short discussion on that topic the other day, actually. I just made her job easier because I give zero fucks about being judged for any of my personal health issues.)

It’s a markup language(ish) but it’s not a programming language. XML would be closer to programming, IMHO, since you could have simple things like recursion. That example is even pushing what I would consider “programming”, but anyone can feel free to disagree.

SQL is in the same category for me. It’s a query language and can get super complex, perform some basic logic, but you can’t exactly write “snake” in it. Sure, you could use cmdshell or something else to do something more complex, but that would no longer be SQL.

My simplistic expectation of an actual programming language would be that you can automate an entire platform at the OS level (or lower) instead of automating functions contained within a service or application. (JVMs and other languages that are “containerized” are weird outliers, by my definition.)

I am not trying to step on anyone’s toes here. I just never have really thought about what I personally consider a programming language to be.

Here is a start for you: https://www.msn.com/ko-kr/news/world/20년간-수류탄을-망치로-써온-할머니에-中-화들짝/ar-BB1oYj9a

It’s all Korean URL encoding in that link, btw. Here is a screenshot anyway.

Ok, I admit I don’t understand the humor. My immediate response was, “sounds about right because of how these things happen”.(I can be kinda dumb like that sometimes.)

Security advisories may not be immediately announced until a patch is available. If this is in regards to FreeBSD-SA-24:08.openssh, a patch was available the day before it was announced and then refined for prod over the next few days : https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc

The timing of this stuff is always wonky and it doesn’t look like it hit a could of news places today, about a week after: https://cyberpress.org/vulnerability-in-openssh-freebsd/