Sebastian Krzyszkowiak @dos@librem.one

@opensourceopenmind @chesterdott I think the regular Librem 5 gives a bit better bang for the buck 😁 That's what I'm using and I'm still happy with it.

@agx Not today 😄

But sooner than later I think!

whooosh
#phosh #phoc #mobilelinux #linuxmobile

@hardpenguin13 Because people let them. Who cares if your solution is lazy and vastly overreaching if you can just get away with it?

@pocketvj Just some basic lens corrections, de-noising etc. gets you 90% there.

See https://social.librem.one/@dos/112408330992738904, https://social.librem.one/@dos/112988326413463557 and lots of my other photos here tagged as #shotonlibrem5

@mkljczk @janeq @m0bi @dzokero ...i Twitter, i Blip, i identi.ca... (w trochę inny sposób, ale miały)

@janeq @m0bi @dzokero Facebook miał kiedyś bramkę pozwalającą zalogować się do niego klientem XMPP, ale nie było tam nigdy żadnej federacji. Nazywanie tego serwerem XMPP to jednak trochę semantyczne nadużycie; to zupełnie inny przypadek niż Google Talk.

@bananarama @hacks4pancakes @simonmicro It can make things worse if you expose HCI over UART and don't expect it to effectively give access to device's memory.
That seems like a very niche case though.

@rolenthedeep @millihertz Not even over Bluetooth, but over Bluetooth's HCI - so actually over UART and only if you happen to expose HCI there...

@nelson If you use these to exploit other devices, then sure - just like you can with monitor mode and packet injection on a Wi-Fi card that allows you to do it.

Of course you could always use other tools to do the same thing, but probably not as cheap as ESP32.

@nelson Worth adding that the same thing could have been achieved by writing a free replacement for the blob, like it's already happening for ESP32's Wi-Fi: https://esp32-open-mac.be/

@nelson Define "against".

The binary blob has features that let you do more than the official API does.

If your code exposes these capabilities outside, you're in for a nasty surprise, as you may have not factored these capabilities into your threat model. Otherwise - nothing changes; there are features there that you never used cause you didn't know about them, and they still remain unused in your code.

But now that you know about them, you may want to use them creatively in your projects :)

@nelson There's a news story about "undocumented backdoor found in Bluetooth chip used by a billion devices" which turns out to be bunch of undocumented debugging commands accessible over HCI interface as implemented by the binary blob that's used to interface with ESP32's Bluetooth peripheral.

Which is a bad news for you if you exposed that HCI interface into untrusted contexts for some reason, I guess? Otherwise this development is actually empowering the users.

Today we can observe who reads the news with comprehension and who passes stuff forward without second thoughts 😜 #esp32

@dzwiedziu @m0bi I jeszcze Stary Sącz... znaczy, Ojcze Pij Powoli: @gmina

@dzwiedziu @m0bi My mamy gminę @brwinow :) I @fedigov próbujące bardziej zakropkować tę mapę.

@wariat @dzwiedziu @m0bi Nie dziwi - Niemcy od dawna mają bardzo silnie rozwiniętą sieć hackerspace'ów i największy w Europie klub hakerski, co nie pozostaje bez wpływu na instytucje publiczne, zwłaszcza na szczeblach lokalnych. To efekt dekad działania.

For those interested, I’ve pushed the firmware that implements the necessary alt-mode dance to get UART out of the #Librem5's USB-C port to #Debubo’s repository.

It wasn’t pushed before because it was very crude and I wanted to clean it up before pushing. It still is, but I decided to actually get it out regardless rather than risk having it sit and wait for even more months 😛

@alexadeswift @agturcz Actually, they all do seem to be somewhat connected to vitamin D at least 😉