-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Apr 23, 2024
> This post will cover the software used to stitch together smaller images generated by the control software into a single large image. My IRIS machine with a 10x objective generates single images that correspond to a patch of silicon that is only 0.8mm wide. Most chips are much larger than that, so I take a series of overlapping images that must be stitched together to generate a composite image corresponding to a full chip.
> But there are still some things missing from the modern Android experience. Things which I'm sure used to exist on earlier versions, but have since been scrapped or severely restricted.
> Here's what they stole from us.
> Notice how I, like a gentleman, always mention GNU when mentioning Linux? Well, BSD teaches you why you should. Since BSD and Linux use different userland software, they are not compatible. And while yes, basic usages of such programs like ls, cat, awk is the same, GNU likes to add a lot of custom extensions. You can assume that only POSIX requirements are met. As a result you will find answers for your question on the interwebs which will not work for you, as they are written for GNU-flavored tooling. Unfortunately, POSIX is a weapon for a more civilized age. Folks these days assume a lot and BSDs don’t even come with ZSH out of the box. Ever used the basic Shell? Too bad, as Shell is what you should assume in all your scripts.
> Fact check: while curl is my hobby, I also work on curl as a full-time job. It is a business and I serve and communicate with many customers on a daily basis. curl provides service to way more than a billion people. I claim that every human being on the planet that is Internet-connected uses devices or services every day that run curl.
> A month ago I received an email from the organisers of Rust Nation UK 2024 inviting me to speak at the conference. One of the speakers got COVID and I was chosen to be their replacement. I had less than 48 hours to prepare the slides, which was a fun challenge, but very stressful! The final result was a talk about my work on elfo with the following abstract: [...]
> That narrowed it down to 2,239 recordings, or 34 hours of sex sounds. Anikin made the dataset available here.
> Another reason why open access has failed to take off in the way that many hoped is that academics often don’t seem to care much about supporting it or even using it. Again, given the clear benefits for themselves, their institutions and their audience, that seems extraordinary. Some new research sheds a little light on why this may be happening. It is based on an online survey that was carried out regarding the extent and nature of training in open access offered to doctoral students, sources of respondents’ open access knowledge, and their perspectives on open access. The results are striking:
> "a large majority of current (81%) and recent (84%) doctoral students are or were not required to undertake mandatory open access training. Responses from doctoral supervisors aligned with this, with 66% stating that there was no mandatory training for doctoral students at their institution. The Don’t know figure was slightly higher for supervisors (16%), suggesting some uncertainty about what is required of doctoral students."
> When designing a system, both functional and non-functional requirements are important. They describe different aspects of the system behavior and have severe implications over how it is designed, implemented, maintained, and even deprecated.
> In a nutshell:
> • Functional requirements define what the system should do and are often easy to explain in a flowchart algorithm or use case. For example: what should a certain button do when it’s pressed or when should the notification be shown with what content.
> • Non-Functional Requirements (NFR) define the system behavior in ways that are not easily described using a flowchart. For example: security, reliability, scalability, etc.
> I also made another one that replaces my existing alias for quickly committing and pushing my local changes with Git, and makes the flow a bit more interactive.
> The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and those files will be associated with the project in the URL.
> What this means is that someone can upload malware and “attach” it to a legitimate and trusted project.
> The issue, tracked as CVE-2024-3400 (CVSS score of 10/10), is described as a command injection in the GlobalProtect feature of PAN-OS, the operating system running on Palo Alto Networks’ appliances.
> According to the vendor’s updated advisory, the flaw is rooted in an arbitrary file creation defect and, under specific conditions, can be exploited without authentication to execute arbitrary code with root privileges on a vulnerable firewall.
-- Response ended
-- Page fetched on Sat May 4 03:08:44 2024
