Armin Weigl @arminweigl@librem.one

Durch diese Waffe stirbt alle 25 Sekunden ein Mensch. Jedes Jahr ca. 1,3 Millionen weltweit.
Umso konsequenter wir gegen all die hochmotorisierten BMWs, Audis und Porsches vorgehen, desto schneller werden unsere Straßen wieder sicher. #Autogewalt #Verkehrswende #VisionZero #StadtpanzerRaus

the team behind material for mkdocs have built a new static site generator

i open their webpage and it lags my entire pc with, i think, this background animation of "moving lines". taking a screenshot took several seconds and chromium stopped rendering the ui at one point

any idiot can make an efficient static site. it takes pure brilliance to make it inefficient (why does it need 1 GB of GPU memory?!)

Why does my soundbar have 184 systemd service files

@mjg59 sounds like someone carefully removed all the extra service files. *runs away*

#Caturday #cats

Ich hab jetzt endlich rausgefunden, was hocheffiziente Brenner sind! 🤓😆😄

https://youtu.be/FyUG3FQEHOE

ich finde die afd sollte den afd-hitler inhaltlich stellen und nicht aus der partei ausschließen

wenn man ein parteiausschlussverfahren einleitet und das dann scheitert stärkt ihn das nur noch mehr und es schafft einen peinlichen präzendenzfall der noch mehr leute zum abhitlern animiert

wenn man ihn jetzt sozial ausgrenzt hitlert er nur noch mehr

man sollte ihm sofort regierungsverantwortung übertragen um ihn zu entzaubern

@lerk

Könnte damit beginnen: Überall wo zum Schutz der Kinder kein Cannabis verkauft werden darf, sollte auch Tempo 30 gelten.

"Das ist das Denkmal, das für den Berliner Bürgermeister Kai Wegner (CDU) ,an Geschmacklosigkeit kaum zu überbieten‘ ist. Es ist das Denkmal für Walter Lübcke, der für seine christdemokratischen Überzeugungen von einem Rechtsextremisten ermordet wurde. Danke Zentrum für Politische Schönheit" - Anne Rabe (🟦)

This is your regular reminder that doas suffers from the exact same conception flaws as sudo.

It is a suid root binary.
It parses, as root, a text file that contains global instructions for what user is allowed to run what command as what other user. There is quoting involved. The syntax is not absolutely trivial (though simpler than sudo's).

Is doas better code? Probably. I trust that it's cleaner than sudo; its configuration file syntax certainly is. Has it been audited more, is it more trustworthy than sudo? Definitely, it comes from OpenBSD, and if there's one thing OpenBSD does well, it's that.

But does it solve the fundamental problem that causes the issues with sudo?

No. It does not.

If you use doas, you are not "choosing the more secure tool", at least not by its conception. You are simply trusting doas to do a better job of not being buggy while performing the exact same tasks as sudo in the exact same dangerous environment.

It is not a bad choice. You are probably right to do that. But you should know what you are doing exactly.

If you choose to use sudo-rs instead, you are still running a suid root binary that performs complex parsing, without the advantages of the simpler doas syntax or the experience of OpenBSD in hardening. You get the benefit of memory safety, but other kinds of bugs are still possible in Rust. You are basically trusting the sudo-rs authors to write a non-buggy sudo - and even with Rust's help, it is probably more difficult than writing a non-buggy doas.

It's a pick your poison situation.

If you want real security instead, you should reconsider your approach to privilege gain, study your use cases, and implement tailored specific solutions. Yes, it is a lot more work, but privilege gain is the single most dangerous thing you can do on Unix, so hardening it takes work.

Sometimes there is no why, only do

Sam Altman, 2015:

What comes first?

BREAKING: In Gießen herrscht komplett verkehrte AfD-Welt: Bürgermeister lässt die friedlichen Demonstrationen von Polizei mit barbarischer Gewalt zusammenschlagen. Warum werden die, die sich für Demokratie & Rechtsstaat einsetzen, zusammengeschlagen und nicht die, die beides zerstören wollen???

Die Polizei ist komplett entfesselt! Sie kennt keine Zivilisation mehr: Schädel-Hirn-Trauma, offene Brüche, sehr viele Krankenwagen danach. Die Polizei ENTZIEHT den friedlichen Demonstrierenden sogar den Schutz. So ist ein Auto in eine Menge gefahren! Das Ganze muss ein Nachspiel haben!

The next dominoes in the AI bubble that I expect to fall (if you’d excuse the mixed metaphor):

Insurance companies explicitly exclude coverage of any system using AI and any outputs of AI systems.
Lawyers in big companies issue advice that using AI systems is too high risk.
Big companies demand IT suppliers provide an enterprise-management system switch to disable all AI functionality in products, or provide an AI-free version.

The first is starting. A consortium of insurance companies has asked their regulator to approve this blanket exclusion. Their argument is that the risks of these systems are too unpredictable to be able to insure. They can’t reason about systemic or correlated risk if you add a bullshit generator anywhere in an operational flow.

The second has happened in a few places, but is not widespread. Some places are hedging. When I was at MS, the AI policy was basically: ‘look, we give you all of these shiny toys! Please use them! By the way, you accept all legal liability for their output! Have fun!’. One ruling that this kind of passing-the-blame-to-employees-for-correctly-using-company-provided-tools policy is unenforceable and the lawyers will get very nervous.

The third is a consequence of the first two. If your lawyers tell you something is high risk and you can’t buy insurance, you want to make sure it isn’t used.

Nikolas Stihl (65) ist Enkel des Gründers der Traditionsmarke (Weltmarktführer bei Motorsägen) & sitzt dem Beirat und dem Aufsichtsrat vor.

Im Interview mit der SZ sagte Stihl nun:

"Wenn die AfD an die Regierung käme, würde Deutschland sehr viel schneller an die Wand fahren, als wir es heute tun. Das ganze Wirtschaftsprogramm der AfD ist völliger Blödsinn, damit wäre Deutschland innerhalb kürzester Zeit ruiniert."

#noAfD

someone pls alt text this shit
edit: thanks @quinn!!

Die CDU/CSU ist ein Sicherheitsrisiko für Deutschland und Europa.

Die deutsche Presse und die Opposition hätte unter einem grünen Wirtschaftsministerium bei Füllständen von etwa 60% zu Beginn des Winters eine massive Kampagne geführt. Und auch nicht zu unrecht.

Das sagt so viel über die deutsche Presselandschaft aus.

Ein Anker und ....

On the 4th October, 1936, the British Union of Fascists had planned a march to the East End of London.

Despite the petition of East Londoners, with 100,000 signatures over two days, the Home Office declined to ban the march. Authorities refused to allow a counter-march by the Ex-Servicemen's Movement Against Fascism, because the fascists had organised their march first.

On the day, around 3,000 fascists turned up for the march, protected by more than double that number in police.

The fascists and police were resisted by over ONE HUNDRED THOUSAND anti-fascists who erected barricades, chanting "They Shall Not Pass". Police attempted to dismantle the barricades and clear a path for the fascists, and were pelted with rotten vegetables, and the contents of chamber-pots thrown from upstairs residents.

There's a damn good reason why fascism had a hard time establishing itself in the UK; I'm pretty sure it wasn't the government nor the police.

https://en.wikipedia.org/wiki/Battle_of_Cable_Street

#fascism #antifa