#Ventoy Security Concerns (please boost for visibility)
Ventoy is a popular utility for making USB drives containing multiple operating systems in the form of bootable image files. While very useful in theory, the source tree contains numerous binary blobs without source code. This issue has been brought up to the authors multiple times, have not been corrected, and have even gotten worse (more blobs have been added to the code over time). This is a potential malware vector, similar to the "test files" in the xz-utils backdoor catastrophe.
Recently the author has ignored a very lengthy thread raising security concerns because of these binary blobs. Given the amount of attention the thread has gotten, this seems strange, especially given that the authors have been active since then. https://github.com/ventoy/Ventoy/issues/2795
Stranger yet still, a video by Veronica Explains (@vkc) on how to create bootable USB flash drives got flooded by comments heavily suggesting the use of Ventoy and even being somewhat accusing because Veronica didn't advertise Ventoy. This is... not anything I've seen users of ANY open-source project do, and it feels similar to the social engineering done against Lasse Collin that convinced him to add Jia Tan as a maintainer, thus compromising xz-utils. See the comments of https://www.youtube.com/watch?v=QiSXClZauXA&t=3s
If you're using Ventoy, you may want to consider ceasing its use for the time being out of an abundance of caution. If you truly need its functionality, you might look into something like the IODD SSD Enclosure (https://www.iodd.shop/HDD/SSD-Enclosure) which can emulate an optical drive and allows you to select an ISO saved to the drive to boot from.
I will say, though, at least the highest GSP I've gotten (9.6mil) is with my main (Sheik) and not some rando like Ganondorf....
(But really, I think there's a thing with people around my level ranking online better with some random character as opposed to their actual main)
Meanwhile, I go offline and play against a level-9 I used to struggle hard against, Terry, and succeed with two stocks to spare and no stress.
I used to try to climb the GSP ladder and used to be ranked better but I'm moreso just using online as practice. There's a SSBU club at my college, and a local not to far away from where I live while not at college; *that's* where I want to do well. And get to meet people IRL, make friends, and have fun together.
#SSBU So I've been practicing Sheik a lot lately. I generally don't like playing online, but I decided to go back online and play some and I feel like I'm getting better -- using more Sheik tech, having more toe-to-toe matches and holding my own a lot better -- but I'm only like at about 6mil -ish GSP. (We're not gonna even mention that my Ganondorf is above 7mil...)
A man designs and builds a racecar that is supposed to win a particular race, and another man drives it and wins that particular race. Did the driver do the most to win or did the designer+builder do the most to win?
Found it, part of my ASCII.s stdlib. Came up with a change, which compiles to about 24 bytes, compared to about 55 bytes, but uses a loop. These print out the tenths, hundredths, and thousandths places of a decimal number; I think I'll keep the former code, since it is branchless, I/O aside, and since I might want to remove the thousandths place anyway (since Q16+8 numbers aren't quite that precise).
I'm finding this sequence multiple times; part of it or exactly this keeps on appearing in my compiler's output. I think it's performing a modulo by the Q16+8 value 10.0, then converting the number to ASCII then printing it. Part of the Q16+8 decimal print function, I think.
(Also - 0x30 is ASCII '0', not 'H')
#assembly
As I understand the BSOD today became more popular than ever, truly becoming mainstream and reported about all over the news. Of course, in systemd we are ahead of the curve, as usual, and if you too want to experience your very own BSOD we have your back. Enjoy:
https://www.freedesktop.org/software/systemd/man/latest/systemd-bsod.service.html
Finally no need to feel left out again, just because you use Linux! 💖💘💝
Back to School is now in session. Get up to $200 off a new computer to start your next venture! https://system76.com/specials
I was looking at an aquarium, watching the fish swim, and thought it would be cool if there were creatures that could swim through the air. Then I realized that those are basically just birds....
#justMusing #birds #fish
Besides, executables are generally produced from a very high level, from a compiler. Why add complexity and subjectiveness to make hex dumps easier to read (for example)?
Hello there!
I boost a lot of posts, but I have a few things to say every now and then.
I am largely fine with boosting posts from people I disagree with even on significant, dividing issues. I usually don't, however, if they actively advocate for these ideas... so it goes :/
#Christian #coding #HaikuOS #Linux #privacy #FOSS #Fediverse #SmashBros #SSBU #LegendOfZelda
#fedi22
Note: social.librem.one doesn't support DMs