MySMS has been doing this for ages, and quite well. I guess this will be a blow on their subscription business model, even if they still have some extra features.
"gparted should not run its UI as root. It should run its UI as a regular user and use PolicyKit or something else similar to gain elevated privileges only when necessary to query or modify devices"
Why? Because Wayland devs decided the UI should not run as root? Because breaking functionality in the name of a misguided sense of security is fashionable?
I know of that workaround, but it is all it is, a workaround. The fact that you need it in Wayland is a consequence of its lack of support for running GUI apps as root. And it won't work for native apps,only for X apps.
Or like being incapable of running GUI apps as root - which breaks among others gparted, and won't ever be fixed for native Wayland apps, but you need to "think of the children" - https://bugzilla.redhat.com/sh...
Let me guess, still no native sound on Linux (pulseaudio only since version 52), still infested with spyware/telemetry/DRM, and still not running most add-ons. Still copying chrome and doing it worst, losing all the advantages Firefox once had.
But still started by SJWs and snowflakes, and that is what matters, not that almost nobody uses it anymore.
Thank the level minded for brave, waterfox and palemoon, or we'd be stuck with chromium.
From what I understand, this attack besides needing root, only touches the DRM part. Widevine is mentioned. So, I guess that with this attack you'll be able to access stuff that you thought you had bought but had only rented, like movies. You'll just have to downgrade the widevine component to one that has documented vulnerabilities that let you access your data on your device.
We might see some good come out of this, if the ruling ends the safetynet anti-consumer nonsense from Google.
If they are forced to allow play store to run on AOSP derivatives, they should also be forced to drop restrictions on installing apps on custom ROMs, unlocked bootloaders and rooted devices. All of these are legal in Europe, so discriminating against them should be forbidden and fined.
I'm only afraid that this commissioner is setting her agenda more on Microsoft's wishes than on consumer needs...
They haven't. They paid half, and promised the other half after one year, depending on their financial situation.
But I've learned my lesson, that was the last time I tried helping Jolla.
Nope, in the first post on that reddit is only what he describes is what he feels were the shortcomings of Arch previous init system. The real reason for choosing systemd is below:
So why systemd over all those alternatives?
First, we don't know if the other systems were really alternatives (at least I don't know).
The answer is boring: Systemd solved many problems, it was there, it worked and we already used many of its tools in our initscripts at the time. There is no specific reason why we did not use $WHATEVER over systemd.
So, basically, they chose systemd just because they were using it. No evaluation of advantages/disadvantages, impact assessment, nothing.
I'm pretty sure it was even more a poetic gesture than deleting my swiftkey account. As you state, my info is already out there and catalogued by every search engine. It is more a statement on how I don't want anything to do with the kings of "telemetry" than anything else.
And with the advantage that even if I am tempted to update it and add more info, I need to start from scratch and that is too much of an effort.
I can just imagine how Microsoft will use this together with all the "telemetry" obtained via windows 10, swiftkey, code compiled with VS2015, skype conversations, office 360 documents, etc.
So, I did the only sensible thing, and have just deleted my linkedin profile, as I had done at the acquisition time with swiftkey. Bye bye samaritan, you will probably still get my data but will have to try harder...
Does the R2 also need passing "iommu=pt" on the kernel command line? Without it, my M5A99X EVO R1 loses the network after some large network transfer (3GB at full speed usually does it), with lots of page faults.
And what if it works? They had the same rejection when they pushed the australis aberration, and didn't care at all. Just look at the stupidified, cumbersome interface Firefox is saddled with.
We should know by now what are the costs of "free". That is why I use a hosts file for ad and tracking block.
I only wonder why they only tested android apps, and left out IOS apps. Without this comparison, the first paragraphs of the article, blaming the tracking and ads on the openness of Android, is little more than wistful thinking.
I think that vi lends itself better to that state of understanding and empathy. I see no reason to write this shared moment in emacs other than a desire to be divisive and non caring towards command line users.
Nice straw man you got there. I didn't even talk of init scripts vs binary crap in my message. But I'll bite.
Init scripts have been the best solution for over 20 years, not because distro maintainers need to maintain them, but, unlike huge binary hydras obscuring the functionality, they are easy to debug and fix by a sysadmin with only small, standard and tested tools, like vi, cat, etc. When systemd breaks, you are on your own. Either you can take out the disks from the machine and try and open the obfuscated logs in another PC, or you can boot a full distro on a usb stick and do the same. In both cases, pray that the logs haven't been corrupted, as it usually happens when systemd fails to shutdown or reboot. But worst, and more important - if it is a bug in systemd or some of your use cases that isn't supported by the devs, you are well and truly fucked.
You can fuck things up with scripts, sure. The power they give might be misused by some "windows admin". But real system administrators prefer scripts to a unfixable blob with init files, because they know that scripts allow them to be in control of their systems and of being able to support their use cases, instead of having to beg to some rude, conceived developer, for a fix that most of the times will be refused because said developer doesn't see the use. And even if the request is gracefully granted by the magnanimous dev, then the sysadmin will have to wait for months until the package is available for the distribution he is running. A really good idea...
Replacing an (imagined) attack vector with a huge, real one, and losing functionality in the way can only appeal to those who have never known anything else than windows and are afraid of the complexity and the power of a truly configurable system. Really, replacing a simple init with a great collection of scripts by a huge monster, which has everything from process management to IPC to time and date to networking to binary logging inside or tied up to it? Can anyone who is not deluded or a liar claim that it isn't a huge security disadvantage?
Slashdot Mirror
MySMS has been doing this for ages, and quite well. I guess this will be a blow on their subscription business model, even if they still have some extra features.
You don't need extra SiMs anymore, a singe SIM is enough. Roaming fees got abolished mid last year.
Roaming fees are abolished inside the EU. I assume that either the OP's origin or destination (or both) is outside the EU.
Wooosh......
What security hole? I'm more worried about my user data than about some imagined security hole, and blocking root apps won't protect the user data.
Obligatory xkcd - https://xkcd.com/1200/
"gparted should not run its UI as root. It should run its UI as a regular user and use PolicyKit or something else similar to gain elevated privileges only when necessary to query or modify devices"
Why? Because Wayland devs decided the UI should not run as root? Because breaking functionality in the name of a misguided sense of security is fashionable?
I know of that workaround, but it is all it is, a workaround. The fact that you need it in Wayland is a consequence of its lack of support for running GUI apps as root. And it won't work for native apps,only for X apps.
Or like being incapable of running GUI apps as root - which breaks among others gparted, and won't ever be fixed for native Wayland apps, but you need to "think of the children" - https://bugzilla.redhat.com/sh...
Let me guess, still no native sound on Linux (pulseaudio only since version 52), still infested with spyware/telemetry/DRM, and still not running most add-ons. Still copying chrome and doing it worst, losing all the advantages Firefox once had. But still started by SJWs and snowflakes, and that is what matters, not that almost nobody uses it anymore. Thank the level minded for brave, waterfox and palemoon, or we'd be stuck with chromium.
From what I understand, this attack besides needing root, only touches the DRM part. Widevine is mentioned. So, I guess that with this attack you'll be able to access stuff that you thought you had bought but had only rented, like movies. You'll just have to downgrade the widevine component to one that has documented vulnerabilities that let you access your data on your device.
We might see some good come out of this, if the ruling ends the safetynet anti-consumer nonsense from Google.
If they are forced to allow play store to run on AOSP derivatives, they should also be forced to drop restrictions on installing apps on custom ROMs, unlocked bootloaders and rooted devices. All of these are legal in Europe, so discriminating against them should be forbidden and fined.
I'm only afraid that this commissioner is setting her agenda more on Microsoft's wishes than on consumer needs...
The only explanation is in the commit - https://git.gnome.org/browse/gtk+/commit/?id=bdf0820c501437a2150d8ff0d5340246e713f73f
Instead of testing to see if the DPI values were non-zero, the developer just decided to force 96 DPI fully ignoring the detected values.
I won't comment on the developer's abilities, I think that commit speaks for itself
.
Doh, it seems that the URLs didn't survive the submit, so here they are again:
- reddit comments on gtk+ breaking HiDPI - https://www.reddit.com/r/linux/comments/6cf1dq/what_was_the_most_baffling_problem_in_linux_youve/dhuhuk4/
-bugzilla report - https://bugzilla.gnome.org/show_bug.cgi?id=757142
This was broken on purpose on gtk+ by a gnome developer called Matthias Clasen.
You can see a description of this in this reddit discussion, and the bug and the amazing answers by Mr. Clasen are here.
It did not only break gnome support of HiDPI, but also broke any app using gtk+, like Firefox or libreoffice..
They haven't. They paid half, and promised the other half after one year, depending on their financial situation. But I've learned my lesson, that was the last time I tried helping Jolla.
Hopefully with this certification Jolla will have no more excuses to delay repayment of the suckers that backed it's tablet kickstarter.
Nope, in the first post on that reddit is only what he describes is what he feels were the shortcomings of Arch previous init system. The real reason for choosing systemd is below:
So why systemd over all those alternatives?
First, we don't know if the other systems were really alternatives (at least I don't know).
The answer is boring: Systemd solved many problems, it was there, it worked and we already used many of its tools in our initscripts at the time. There is no specific reason why we did not use $WHATEVER over systemd.
So, basically, they chose systemd just because they were using it. No evaluation of advantages/disadvantages, impact assessment, nothing.
I'm pretty sure it was even more a poetic gesture than deleting my swiftkey account. As you state, my info is already out there and catalogued by every search engine. It is more a statement on how I don't want anything to do with the kings of "telemetry" than anything else.
And with the advantage that even if I am tempted to update it and add more info, I need to start from scratch and that is too much of an effort.
I can just imagine how Microsoft will use this together with all the "telemetry" obtained via windows 10, swiftkey, code compiled with VS2015, skype conversations, office 360 documents, etc.
So, I did the only sensible thing, and have just deleted my linkedin profile, as I had done at the acquisition time with swiftkey. Bye bye samaritan, you will probably still get my data but will have to try harder...
Nice that my Xperia z1 compact has that feature for over one year and half...
Let's see if losing the sd slot and removable battery is as big a sales failure as it was for the S6 and S6 edge.
My impression is that only Samsung fanbois will buy these. Everybody else who prefers style over function will buy an idevice, as always.
Does the R2 also need passing "iommu=pt" on the kernel command line? Without it, my M5A99X EVO R1 loses the network after some large network transfer (3GB at full speed usually does it), with lots of page faults.
And what if it works? They had the same rejection when they pushed the australis aberration, and didn't care at all. Just look at the stupidified, cumbersome interface Firefox is saddled with.
We should know by now what are the costs of "free". That is why I use a hosts file for ad and tracking block.
I only wonder why they only tested android apps, and left out IOS apps. Without this comparison, the first paragraphs of the article, blaming the tracking and ads on the openness of Android, is little more than wistful thinking.
I think that vi lends itself better to that state of understanding and empathy.
I see no reason to write this shared moment in emacs other than a desire to be divisive and non caring towards command line users.
Nice straw man you got there. I didn't even talk of init scripts vs binary crap in my message. But I'll bite.
Init scripts have been the best solution for over 20 years, not because distro maintainers need to maintain them, but, unlike huge binary hydras obscuring the functionality, they are easy to debug and fix by a sysadmin with only small, standard and tested tools, like vi, cat, etc. When systemd breaks, you are on your own. Either you can take out the disks from the machine and try and open the obfuscated logs in another PC, or you can boot a full distro on a usb stick and do the same. In both cases, pray that the logs haven't been corrupted, as it usually happens when systemd fails to shutdown or reboot. But worst, and more important - if it is a bug in systemd or some of your use cases that isn't supported by the devs, you are well and truly fucked.
You can fuck things up with scripts, sure. The power they give might be misused by some "windows admin". But real system administrators prefer scripts to a unfixable blob with init files, because they know that scripts allow them to be in control of their systems and of being able to support their use cases, instead of having to beg to some rude, conceived developer, for a fix that most of the times will be refused because said developer doesn't see the use. And even if the request is gracefully granted by the magnanimous dev, then the sysadmin will have to wait for months until the package is available for the distribution he is running. A really good idea...
Replacing an (imagined) attack vector with a huge, real one, and losing functionality in the way can only appeal to those who have never known anything else than windows and are afraid of the complexity and the power of a truly configurable system. Really, replacing a simple init with a great collection of scripts by a huge monster, which has everything from process management to IPC to time and date to networking to binary logging inside or tied up to it? Can anyone who is not deluded or a liar claim that it isn't a huge security disadvantage?