m0xEE @m0xee@librem.one

@inhosin
А Twitter уже должен работать без VPN или до сих пор блокируют? Может и тут дело в нём? 😅
Если через сайт не работает, можно посмотреть в инструментах разработчика ошибки в консоли, а также историю отправленных сетевых запросов и посмотреть чем они завершились — может появятся какие-нибудь идеи.
@iron_bug

@neural_meduza Копиума 😄

@inference
> state that it *decreases* security and privacy when that's outright malicious to state
I think what they state is that if firmware was open everyone could audit it, and eventually it'll get more secure. Making firmware closed and harder to access does make vulnerabilities harder to find, but makes them impossible to fix by anyone other than the original developer. The fact that making something open makes it more secure by itself is just a widespread misinterpretation.

@inference But address randomization won't even be needed if segmented addressing is used 🤔
As there is no way for one process to do what CPU might treat as addressing memory of another process. Yeah, it makes IPC more complex, microkernels make it more complex as well. But isn't that the proper fundamental solution to this problem? Address randomization is just a quirk!
Neither Linux, nor Windows ever used all the features of PM, only OS/2 did that AFAIK

@inference
> can partially mitigate Spectre and Meltdown etc, but cannot fully do so
It could if it didn't use flat memory model. Spectre/Meltdown wouldn't have happened in the first place if that was the case. 386 protected mode looked so… protected to me with segmented addressing. I've lost track of how stuff works when everyone was transitioning to x86-64 — this design is just asking for trouble. And look where it got us 😂
@rqsd@borg.social

@inference
> Neither of us is crazy
Well, except for those who neither take security measures, nor are conscious about what to expect from their devices, who are like: "Oh, I have all my photos synced eyeCloud, using 'password' as password and now all my nude pics are online!" 😱
@rqsd@borg.social

@inference
> You're basically allowing everyone to pwn you for the entire time
Well, yeah! But if it is not a remote exploit, maybe it's an acceptable threat level for me? I don't want to get a new phone, but I consider physical access fatal so I don't have anything sensitive on my phone. You, being into infosec, have everything patched and up to date and may have more on your phone than me. Neither of us is crazy, let's not get dogmatic — that was my original point actually 😅
@rqsd@borg.social

@inference
Not completely! Secure boot and chain of trust stuff was there for decades, but we still have jailbroken iPhones and all that. Yeah, I know, verified boot is different, okay-okay 😅
And we're only talking well-known exploits here, you can't prove there aren't any 0-day ones. There is no such thing as 100% secure and with physical access the amount of attack vectors is *always* higher. You just choose what security level is acceptable to you.
@rqsd@borg.social

@inference
Because it's *more reasonable* to fix it at firmware level, not because it's the only way. They can't fix it on hardware level, and OS-level patch will likely be more complex and have a bigger impact on performance — and that's it. Imagine we don't have flashable firmware and patchable microcode, would they go for that more complex OS-level solution? Yes, they most probably would. It's possible — that's my point.
@rqsd@borg.social

@inference
> Apple have mitigated M1 vulnerabilities, same as how Intel and AMD have done in their chips.
Exactly! That's why the ones who expect vulnerabilities to be fixed on OS level aren't crazy (I thought that was your point), it's possible, but there is a 99,(9)% chance that it'll never get done😄
The ones who don't want to upgrade aren't unreasonable, maybe the troubles that (ALWAYS!) come with new devices outweight the security risk for them🤷
@rqsd@borg.social

@inference
M1racles is known for over a year — it's a hardware fault that cannot be fixed properly, only mitigated at other levels to a certain point. Is everyone advised to put their M1-bases Macs in the dumpster? I think not, because that hardware isn't exactly old. People expecting vulnerabilities to be fixed on other levels (OS in our case) aren't oblivious, this can be done in theory, but they are wrong because no one has incentive to do so.
@rqsd@borg.social

@inference
It is false, but it's not unreasonable. What are the chances of encountering a threat targeted at specific hardware in the wild? If someone has physical access to your device, you're fscked anyway. And that's security, their privacy is more often threatened by newer software, by stuff marketed as useful features that come built right into their ROM.
I don't disagree with you, but claiming older devices a privacy nightmare is a bit of a stretch too 🤷
@rqsd@borg.social

@mer
So true! But I enjoy shows like this one or Kitakubu Katsudou Kiroku. The fact that they build jokes not only on usual pop-culture stuff and "funny situations" , but also reference Japanese literature and folklore is entertaining. You can never get all the jokes, I bet, even some people watching Futurama don't get all the references, but that's the great thing about comedy — it's multilayered and you can still enjoy it!
@thor @alternative_be

@alternative_be
And there is a comedy show about that: https://en.wikipedia.org/wiki/Joshiraku
Well, rakugo is only a part of the setting, not the main focus of the show, but it's good 😅
@thor

@newt
Probably not. Even CD quality of 44 kHz 16-bit has most of our ears covered😅
I do like the music I have on HDCDs: Tool's Lateralus and several King Crimson records. Those are 18 bit, but it's probably a matter of good sound engineering and proper mastering. Anyway, I sometimes do enjoy music in a quiet room, and what if today I can't feel the difference, but the next day I can? I prefer extra resolution to just be there so I don't have to think about it😄
@WaughheadRex @nerdtronics@mstdn.starnix.network

@nerdtronics@mstdn.starnix.network If you don't do that, your music can get too quiet at moments, but too loud only a few moments later. Your listener will probably just sit there touching the volume knob and will get pissed pretty soon 😅
I mean, sure, audiophiles will pick highest sample rate and bit depth possible, but in real world scenarios the importance of it for most musical genres, ones meant to be enjoyed on the radio, is overblown.
@newt @WaughheadRex

@nerdtronics@mstdn.starnix.network BTW I think you shouldn't be too picky about bit depth as it only affects dynamic range. It is important for classical music and acoustic instruments in general because the difference between most quiet and the most loud sounds is great and everything in between should remain nuanced. EDM music on other hand is often compressed to reduce dynamic range and mastered to have particular level, so it's not that important.
@newt @WaughheadRex

@captainepoch I think Opus is primarily targeted at vocals/speech. And yes, using Vorbis makes sense, it's better suited for streaming, but if your streaming server does re-encoding to several streams using different bitrates on the fly, using source of highest possible quality makes sense thus using lossless codec to transfer original track to the server is the best choice.
@WaughheadRex @nerdtronics@mstdn.starnix.network @newt

@thor If you speak grains in microsound terminology, they should be. Isn't that the core principle of all digital FX based on delay networks? 🤔

@iska@mk.starnix.network
I mi-i-ight believe that, Mozart was born there after all. But gravity? What a joke!
@Sudo_Overflow