Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
mystes
May 31, 2006

Someone go heckle them and by heckle I mean scream at them to stop pretending OpenOffice is still in development already

Adbot
ADBOT LOVES YOU

pseudorandom name
May 6, 2007

wait, OpenOffice? not LibreOffice?

lol

BobHoward
Feb 13, 2012

The only thing white people deserve is a bullet to their empty skull
yeah the OO side of the fork has been zombie'ing around pretending it's still a real viable project for some inexplicable reason

Progressive JPEG
Feb 19, 2003

BobHoward posted:

yeah the OO side of the fork has been zombie'ing around pretending it's still a real viable project for some inexplicable reason

well yeah isn't that the whole point of any apache project

AnimeIsTrash
Jun 30, 2018

sb hermit posted:

wish we could get a hot take from nbsd

One of you should step up imo.

sb hermit
Dec 13, 2016





AnimeIsTrash posted:

One of you should step up imo.

I'm already putting up my hot takes but they definitely aren't spicy enough for a probation or a ban.

Unless it's anime, but that's someone else's posting gimmick.

mycophobia
May 7, 2008
if you use linux, you watch anime. simple as

Sapozhnik
Jan 2, 2005

Nap Ghost
can confirm

outhole surfer
Mar 18, 2003

mycophobia posted:

if you use linux, you watch anime. simple as

lies. i am professing my hate for anime from the linux



arch, btw, etc

FlapYoJacks
Feb 12, 2009
Lol imagine hating anime in tyool 2022.

lord fifth
Dec 26, 2019

LUCK ???

mycophobia posted:

if you use linux, you watch anime. simple as

wrong. i stopped watching anime when i started using linux (middle school)

pseudorandom name
May 6, 2007

you should watch one punch man it is pretty good

akadajet
Sep 14, 2003

I get second hand embarrassment from reading about people watching anime and using linux

pseudorandom name
May 6, 2007

wow sucks to be you, you should try therapy

Soricidus
Oct 21, 2010
freedom-hating statist shill
linux users watch anime because it’s guaranteed to have subtitles

psiox
Oct 15, 2001

Babylon 5 Street Team

Soricidus posted:

linux users watch anime because it’s guaranteed to have subtitles

:drat:

Cybernetic Vermin
Apr 18, 2005

Soricidus posted:

linux users watch anime because it’s guaranteed to have subtitles

i thought linux audio jokes were properly beaten to death by now, but this is pretty much perfect

Kamrat
Nov 27, 2012

Thanks for playing Alone in the dark 2.

Now please fuck off
Most anime is poorly animated and bad and I refuse to gamble on it any more.

But I digress, how about them linuxes and it's tuxes, 2022 is the year of the linux etc.

jammyozzy
Dec 7, 2006

Is that a challenge?

Soricidus posted:

linux users watch anime because it’s guaranteed to have subtitles

:discourse:

BlankSystemDaemon
Mar 13, 2009



Kamrat posted:

Most anime is poorly animated and bad and I refuse to gamble on it any more.

But I digress, how about them linuxes and it's tuxes, 2022 is the year of the linux etc.
i'm sure some idiot with a gpu will use neural-network assisted frame-interpolation to make things better

BlankSystemDaemon
Mar 13, 2009



https://www.youtube.com/watch?v=wjyOwTToJQk

Kamrat
Nov 27, 2012

Thanks for playing Alone in the dark 2.

Now please fuck off

BlankSystemDaemon posted:

i'm sure some idiot with a gpu will use neural-network assisted frame-interpolation to make things better

I think it's easier to just watch something else

hifi
Jul 25, 2012

deaf people use linux and dumb people use windows

mystes
May 31, 2006

hifi posted:

deaf people use linux and dumb people use windows
I realize that audio output doesn't work in linux, but does speech recognition really not work in windows?

Rufus Ping
Dec 27, 2006





I'm a Friend of Rodney Nano
lol come on

Broken Machine
Oct 22, 2010

mystes posted:

I realize that audio output doesn't work in linux, but does speech recognition really not work in windows?

no it does not

https://www.youtube.com/watch?v=MzJ0CytAsec&t=94s

Antigravitas
Dec 8, 2019

Die Rettung fuer die Landwirte:
I was helping someone find out which USB cable was having intermittent issues and was corrupting poo poo on their e-reader.

I then told them to open whatever disk utility their distro ships and do an fsck of the file system of that reader, because it was shot to bits.

A few extremely confusing exchanges later, I had to check something…

quote:

Disks 3.3+ is a complete rewrite of the old gnome-disk-utility (aka Palimpsest). It no longer appears to include an option to check filesystems

:psyduck:

gparted did the trick…

Sapozhnik
Jan 2, 2005

Nap Ghost
:confused:

Sapozhnik
Jan 2, 2005

Nap Ghost
Image failed to attach

Only registered members can see post attachments!

akadajet
Sep 14, 2003

take ownership: grab Linux by the balls

Antigravitas
Dec 8, 2019

Die Rettung fuer die Landwirte:

Sapozhnik posted:

Image failed to attach



What the gently caress.

outhole surfer
Mar 18, 2003

looking for a new internet janitor job, it seems like every gig out there wants kubernetes regardless of their environment or application

maybe this rant belongs in the security thread, but how the gently caress is it that k8s *still* has no baked in image verification mechanism in 20 loving 22?

for decades now, cryptographically signed sources/binaries have been the standard for distributing software, then dockerhub and gcr come along and everyone just says "yolo bitches, tls is all the integrity guarantee I need"

Sapozhnik
Jan 2, 2005

Nap Ghost
i think you can stick @sha256:whatever on the end of an image tag?

not ideal admittedly but it's something

sb hermit
Dec 13, 2016





that's technically correct.

But unless the hash is baked into the image by all the tools, and is cryptographically signed, and all these items are checked by the deployment tools, then they may as well not exist because no one is going to utilize them and the checksums won't be trustworthy anyway.

Sure, you can roll out your own tooling to do the hash and check it. You can also deploy Gentoo. The vast majority of computer janitors will do neither.

On the other hand, if there is a watering hole attack, the problem will be fixed very fast.

sb hermit fucked around with this message at 22:23 on Feb 21, 2022

outhole surfer
Mar 18, 2003

Sapozhnik posted:

i think you can stick @sha256:whatever on the end of an image tag?

not ideal admittedly but it's something

you *can* but nobody *does*

in the realm of things you *can* do are some pretty robust solutions like portieris, which will check dct and redhat simple signatures (among other things) as an image admission controller....

...but good luck finding signed images. gcr doesn't support dct at all, and dockerhub images are either totally unsigned, or rubber-stamp signed by dockerhub controlled keys

and that's all assuming you found a way to verify the etcd and apiserver and other kube infrastructure images when you deployed them

I get that this is :tinfoil: as gently caress, but it all feels like a major regression in supply chain security from having an os package keyring containing keys from your distro and the occasional 3rd party vendor.

sb hermit
Dec 13, 2016





I get the impression that the sha256 digest is more for identifying an image, rather than for verification. So I guess a CJ could use the tag on a tightly controlled system to make sure things stay on a specific version. But then the tag would need to be updated all the time. Still, it would be useful for a rigorous CM environment.

outhole surfer
Mar 18, 2003

sb hermit posted:

I get the impression that the sha256 digest is more for identifying an image, rather than for verification

this could just be something I dreamt up in a fit of docker hate, but I want to say at one time the docker image hash was only of image metadata, and not of the image contents itself

sb hermit
Dec 13, 2016





well, given that npm malware is found with increasing regularity, it's not like stuff like this is out of the ordinary

https://www.theregister.com/2022/02/03/npm_malware_report/

https://www.theregister.com/2022/01/10/npm_fakerjs_colorsjs/

Bring back cryptographically signed manifests.

outhole surfer
Mar 18, 2003

sadly I don't think it'll happen because there is no money to be made in locking down the supply chain

instead it seems like we're moving in the direction of subscription services that scan images for malware and subscription image blacklists

Adbot
ADBOT LOVES YOU

sb hermit
Dec 13, 2016





nudgenudgetilt posted:

this could just be something I dreamt up in a fit of docker hate, but I want to say at one time the docker image hash was only of image metadata, and not of the image contents itself

From what I remember, the image metadata names the data layers via their sha256 hash. So it's a bit roundabout, but you can still establish a chain of image integrity.

I'm not a docker expert so maybe someone else can correct me on that.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply