Round 2! spectre V4!
https://www.cnet.com/news/intel-microsoft-reveal-new-variant-on-spectre-meltdown-chip-security-flaws/
Of course zero real info for us lowly peons, like before only microsoft
and the criminals have the info we get nothing - even congress is mad
about it.
https://www.zdnet.com
I never thought of it that way, now it's mentioned that seems exactly right to
me. Again with flash, I felt this was always pushed by commercial entitites
because it was convenient for advertisers and trackers. You basically "needed"
it then it was used to shove ads in your face.
Some of us hav
On 05/05/2018 03:13 PM, Rick Moen wrote:
> Quoting chill...@protonmail.com (chill...@protonmail.com):
>
>> At minimum, I'd like to see browsers blocking certain possibilities
>> from javascript.
> This isn't going to be provided in the default configurations of major
> Web browsers because the fi
Quoting Alessandro Selli (alessandrose...@linux.com):
> The Openmoko are phones of a different age, when every phone had
> separated hardware components for functions that later SoC put
> together in the same silicon to lower costs.
>
> http://wiki.openmoko.org/wiki/Main_Page
> Latest News
>
On Sat, 5 May 2018 at 11:19:19 -0400
"taii...@gmx.com" wrote:
> On 05/05/2018 03:29 AM, Alessandro Selli wrote:
[...]
>> On 05/05/2018 at 03:34, taii...@gmx.com wrote:
[...]
>>> as evidenced by
>>> many competing products such as the free replicant and the costly GSMK
>>> CryptoPhone from ESD
On Sat, May 05, 2018 at 12:13:20PM -0700, Rick Moen wrote:
>
> IMO, that's the best arrangement we're likely to even get -- other than
> perhaps in 'speciality' Web browsers produced/maintained entirely by
> volunteer teams without industry funding.
Know of any adequare ones?
-- hendrik
__
Quoting chill...@protonmail.com (chill...@protonmail.com):
> At minimum, I'd like to see browsers blocking certain possibilities
> from javascript.
This isn't going to be provided in the default configurations of major
Web browsers because the firms producing and supporting them are
financially
I would mostly agree with the point you're driving at, though I don't think I
would blame individuals who use javascript responsibly.
javascript is much like flash player in that sense, widespread use and used in
situations where it's not useful or needed (read: abused).
IMHO, I think there sh
On Sat, 5 May 2018 10:26:26 +0200
marc wrote:
> Instead of using javascript to calculate your pricing,
> have you considered simply stating your pricing formula ?
> That is more open, more likely to be archived, quoted
> and allows people to reason about it.
You don't need to market your own s
If they used the term "free" it would feel less hyped to me since free software
may bundle with blobs at times.
But anyway here's a couple of devices not affected by the problems in this
thread and supported by Devuan:
EOMA68, shipping a version with Devuan when complete.
Banana PI
Banana Pro
correction - the replicant gx2/gx3 phones don't have libre baseband
firmware, in this case I wonder how ESD america/GSMK made their lauded
"baseband firewall" I shall have to ask them. I swear I read somewhere
that they did
It seems the openmoko GT04 is the only phone on the market with real
m
On 05/05/2018 03:21 AM, Erik Christiansen wrote:
> On 05.05.18 05:32, Andrew McGlashan wrote:
>> But whilst I still can, I'll at least run my own servers and rely on the
>> "cloud" as little as possible. Librem 5 phone coming next year for me.
> If there isn't an ARM board sufficiently free of re
Unfortunately, making technological things overly complicated reduces
the number of hackers from modifying them. This means, unethical
practices like spying on consumers and planned obsolescence are more
likely to succeed. We are living in an a world without ethics where
capital gains are involved.
Hello Steve
> I think you're painting all Javascript with the same brush.
I suppose I wasn't clear enough. I am saying that javascript
as a turing complete (and poorly specified, horribly inefficient,
and badly designed) language allows remote parities to run
arbitrary code on your CPU. That is
Oblivious of the basics of ML/Usenet reply rules?
0) a reply to a message must be sent as a reply to that message, not pasted
into another message's reply;
1) the author of the message one is replying to must be quoted before the
quoted message.
Yet another example of your childish attitude wh
On 05.05.18 05:32, Andrew McGlashan wrote:
> But whilst I still can, I'll at least run my own servers and rely on the
> "cloud" as little as possible. Librem 5 phone coming next year for me.
If there isn't an ARM board sufficiently free of remote control
parasitic low level engines, then perhaps
On Sat, 5 May 2018 01:31:58 +0200
marc wrote:
> > > On top of that I'll only buy hardware that can be free software
> > > down to the bios. It should be nothing to them what runs in the
> > > bios, so I'll wait and see if they can be more flexible there
> > > (for however long it takes).
> >
>
I am curious as to if there is a point when the major OEM's simply give
up providing security updates for the latest CPU issues or if they will
start doing it in batches as there are just so many of them.
I hope that the security world will also test AMD_x64, POWER, RiscV, ARM
and ARM64 for these
I would agree that I don't want to bash them, I think it's better to just
explain that a blob still exists in those products and the problems with the
modems.
Cheers,
chillfan
‐‐‐ Original Message ‐‐‐
On May 4, 2018 10:52 PM, Daniel Abrecht wrote:
> -BEGIN PGP SIGNED MESSAGE---
> > On top of that I'll only buy hardware that can be free software down
> > to the bios. It should be nothing to them what runs in the bios, so
> > I'll wait and see if they can be more flexible there (for however long
> > it takes).
>
> I've been trying that for a while now, but my server is
On Fri, May 04, 2018 at 05:19:22PM -0500, Jamey Fletcher wrote:
> > I'd prefer to see chips from scratch, rather than patching on features
> > late in the game. We can be pretty sure chip makers will only patch
> > problems as they are found instead of redesigning their chips to prevent
> > future
On Fri, 4 May 2018 at 17:29:24 -0400
"taii...@gmx.com" wrote:
> Purism is a very dishonest company and their
> phone is yet another example of faux-freedom hardware like their
> laptops, they do absolutely nothing to address the real issues like the
> baseband problem.
Not in the least as dish
> I'd prefer to see chips from scratch, rather than patching on features
> late in the game. We can be pretty sure chip makers will only patch
> problems as they are found instead of redesigning their chips to prevent
> future problems.
The problem with doing that is you find yourself facing all n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2018-05-04 20:03, Rick Moen wrote:
>> Librem 5 phone coming next year for me.
> Ah, Librem. Let's see:
> https://web.archive.org/web/20161010040458/https://blogs.coreboot.org/
blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-
On 05/04/2018 02:52 PM, chill...@protonmail.com wrote:
> Well that's only my method of dealing with it.. generally I think it's worth
> waiting for them to properly fix some problems first. At least then people
> vote for what they want from them based on what they're prepared to buy.
>
> Likely
Quoting Andrew McGlashan (andrew.mcglas...@affinityvision.com.au):
> But whilst I still can, I'll at least run my own servers and rely on the
> "cloud" as little as possible.
Indeed, outsourcing in general is pernicious enough, but outsourcing to
unknown infrastructure run by unknown strangers se
Hi,
On 05/05/18 04:04, Hendrik Boom wrote:
> It may not be an option unless I want to get out of computing
> altogether.
The problem is that everything has got a computer in it these days and I
too fear that the only option to avoid all the bad-ness going on is to
opt out of computing as well :(
Well that's only my method of dealing with it.. generally I think it's worth
waiting for them to properly fix some problems first. At least then people vote
for what they want from them based on what they're prepared to buy.
Likely next build for me is ASUS KGPE-D16 with libreboot, I'll still ge
On Fri, May 04, 2018 at 08:28:23AM -0400, chillfan wrote:
> I'd prefer to see chips from scratch, rather than patching on features
> late in the game. We can be pretty sure chip makers will only patch
> problems as they are found instead of redesigning their chips to
> prevent future problems.
>
I'd prefer to see chips from scratch, rather than patching on features late in
the game. We can be pretty sure chip makers will only patch problems as they
are found instead of redesigning their chips to prevent future problems.
My reaction to the situation is that I'll no longer buy new hardwar
On Thu, 03 May 2018 at 16:32:00 -0500
goli...@dyne.org wrote:
> On 2018-05-03 14:22, Alessandro Selli wrote:
>
> Ha!! I saw the title and thought it was going to be a list of some nasty
> bugs that would hold up the RC! Whew!!
You're always kidding ;-)
> golinux (goes back to work . . .)
On 2018-05-03 14:22, Alessandro Selli wrote:
Ha!! I saw the title and thought it was going to be a list of some nasty
bugs that would hold up the RC! Whew!!
golinux (goes back to work . . .)
___
Dng mailing list
Dng@lists.dyne.org
https://mailingli
> https://www.reuters.com/article/us-cyber-intel/next-generation-flaws-found-on-computer-processors-magazine-idUSKBN1I42BZ
It'll likely never be over at this point. I'm reasonably certain that if
the kind of accumulated knowledge and experience we have now were applied
to 386 chips, issues at thi
https://www.reuters.com/article/us-cyber-intel/next-generation-flaws-found-on-computer-processors-magazine-idUSKBN1I42BZ
May 3, 2018
FRANKFURT (Reuters) - Researchers have found eight new flaws in computer
central processing units that resemble the Meltdown and Spectre bugs
revealed in January, a
34 matches
Mail list logo
