Show newer

Today I learned about gdb-dashboard.

It is a ~/.gdbinit file which will add some nice fancy bells and whistles to to our out-of-the box gdb experience.

github.com/cyrus-and/gdb-dashb

The title says Ubuntu, but it may have an impact on every distro running snapd (I've tested it on Fedora).

Show thread

Yesterday was compromising containers. Today is putting systems running snapd at risk.

Make sure you're running a patched version.
shenaniganslabs.io/2019/02/13/

CVE-2019-5736 / is a good reminder that containers still expose a significant attack surface from the Host. This is why projects like @katacontainers and @flatkvm exist.

I'd like to set up a backup Mastodon account on mastodon.social. Is there some kind of formal procedure to request an invitation?

IMHO, Wayland's biggest problem is that, while it brings a much need renewal to the Linux's display server stack, the *perceived* benefit from an end-user perspective is quite limited.

This means you're stuck pitching *internal* improvements to non-devs, which is a vain task.

BTW, this is another critical security issue successfully mitigated by the default SELinux policies. Looks like @rhatdan was right all along and the initial pain was worth it. 😉

Show thread

If you're running containers, make sure you have SELinux in enforcing mode (the default in RHEL) and patch your nodes.

"runc - Malicious container escape - CVE-2019-5736"

access.redhat.com/security/vul

Color photos from a Bell Labs data center in 1969-70. Note how many women were working in tech back in the early days.

larryluckham.com/1969%20&%2070

I wasn't happy with sharing all clipboard updates on the Host with every @flatkvm session (a malicious app could be snooping), so I implemented a discrete mode and a helper tool ("flatkvm-paste") to only send data on-demand, and to an specific session. github.com/flatkvm/flatkvm-pas

@slp Honestly, if you don't find Telegram's unwillingness (over the years, this isn't new) to adopt a sane crypto policy a bit fishy, you weren't paying attention.

Show thread

Users: "We want multidevice, always-on, end-to-end encryption, like OMEMO."

Telegram: "Here you have Image Search."

Users: "That's nice, but we'd really like to have encryp..."

Telegram: "Hey, we have new stickers!"

Users: "But good crypt..."

Telegram: "Chat Backgrounds."

t.co/Q1LfpopfLi

GNOME 3.32 is due to be released this March, and the theme this cycle is 𝗣𝗘𝗥𝗙𝗢𝗥𝗠𝗔𝗡𝗖𝗘! Check out some of the upcoming optimizations being made GNOME Shell and Mutter:
feaneron.com/2019/01/31/gnome-

The only thing stopping me from making this the default behavior in @flatkvm is that it requires *a bit* of pre-configuration on the Host (configuring PulseAudio to load the module).

Show thread

After a while trying out different emulated audio devices in QEMU, I concluded I was approaching the problem the wrong way.

Audio emulation is inefficient by nature and there's a much better solution: PulseAudio with its native-tcp module.

Last night I've published the first version of flatkvm, a tool to easily run @FlatpakApps isolated with QEMU/KVM.

Still an alpha, but the basic functionality is already there.

github.com/flatkvm/flatkvm

Still an early prototype, but this is flatkvm, a tool to easily run fully isolated with QEMU/KVM. This is what I've been doing when I should've been sleeping 😜

youtube.com/watch?v=nes9e8Frue

At the end of last year I received my Librem 5 devkit from @Purism, this week I'll play with it and toot about it. For the moment, here are photos of the devkit and what it came with, sizes are in centimeters and impressise because of perspective.

#Librem5 #DevKit

Show older
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!