There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

areyouevenreal

@[email protected]

This profile is from a federated server and may be incomplete. Browse more on the original instance.

areyouevenreal ,

The irony being they are actually correct in some cases. Lots of leftists want to destroy the state, and national borders in favour of a unified world. You also have tankies that want death to America specifically, and honestly I can understand the feeling.

areyouevenreal ,

Why doesn’t lemmy at least have pinned comments and flairs? Seems like a serious omission to me.

areyouevenreal ,

The issue being it seems they block VPNs based on the screenshot. At least that’s what I am thinking this iCloud thing is

areyouevenreal ,

Any of the JetBrains suite.

areyouevenreal ,

Says person who thinks Visual studio is the best IDE

Windows 3.1 saves the day during CrowdStrike outage — Southwest Airlines scrapes by with archaic OS (www.tomshardware.com)

Southwest Airlines, the fourth largest airline in the US, is seemingly unaffected by the problematic CrowdStrike update that caused millions of computers to BSoD (Blue Screen of Death) because it used Windows 3.1. The CrowdStrike issue disrupted operations globally after a faulty update caused newer computers to freeze and stop...

areyouevenreal ,

Mainly people are down voting you because Linux had also been affected by Crowdstrike before. Only a few months ago at that. There aren’t any more defenses in Linux systems against this kind of problem than there are in Windows ones. This isn’t even strictly speaking a security issue either. It’s more like a bug in critical software that just happens to be security related. It’s a bit like when that Grub update broke some people’s arch setups.

areyouevenreal ,

Just because it doesn’t have TCP/IP doesn’t mean there isn’t networking. Networks existed before the Internet and its Internet Protocol after all. It wouldn’t be so much air gapped as so archaic that only the most targeted attacks would work, and only if there is an infected PC acting as an intermediate between the Internet and ye olde network. Chances are it was never connected to the modern Internet as the technologies just aren’t compatible.

areyouevenreal ,

Does it run on Wine?

areyouevenreal ,

I am not saying it is, normally old systems are the least secure. The bit you’re not getting is that this system is almost certainly air gapped, just not by choice. It can’t work with modern networks. It can’t work with modern viruses. Any exploit a modern hacker would think to use probably doesn’t exist yet. It’s a bit like trying to break someone’s car by putting sugar in the fuel, except they ride a horse. Do you get it yet?

areyouevenreal ,

I’m guessing Crowdstrike issues a lot more Windows updates than Linux updates?

Not really. Linux is used for critical servers everywhere. No reason to update it less often.

It’s not that Linux can’t have security problems. I still remember the very first internet virus in 1987 that traveled thru Unix machines. But Windows is the worst OS for critical systems precisely because it is the most common OS. Anything is better than windows. Linux, MacOS, or even an old IBM mainframe OS and those awful tn3270 terminals. Also, Chrome OS in particular has VMs instead of other VMs. It really is designed to be much more secure than Windows

This isn’t a hacking attempt. It’s not a security breach. None of the “Windows is more common” stuff is actually valid in this case. The fact it’s not actually true is even more funny. When it comes to servers and smartphones, and the total number of devices in general, Linux outnumbers Windows. Linux isn’t actually niche in the slightest, only purists running Arch or Ubuntu think that because they ignore any Linux they don’t like, like Android.

You also don’t understand anything about ChromeOS security either. They don’t use VMs for system security. Early Chromebooks actually had virtualization disabled! Sandboxing and virtualization aren’t the same thing. The reason it’s secure is largely because it can’t do anything, it uses an a/b root system, and it has secure boot by default. It’s not that fancy anymore.

Chrome the web browser also has sandboxing on Windows, and modern Windows uses secure boot. Edge and Chrome have the same foundation btw. What it’s missing is the immutable a/b root system, and the fact Windows allows running arbitrary executables when ChromeOS doesn’t. There are actually tools for making Windows immutable, and with group policy or things like S mode you can restrict who can run what executables. Meaning with the right settings it’s almost as secure as ChromeOS. Even more funny Windows actually does use virtualization based security. So you have that backwards too.

Stop talking about shit you don’t understand and learn about it instead.

areyouevenreal ,

Automatically reverting the kernel wouldn’t do anything as the kernel nor the module Crowdstrike uses were updated. Rather the file the module reads was updated and replaced with a corrupted version that causes the module to crash when it tries to read it.

There is a great video explaining the basics of what happened here: youtu.be/wAzEJxOo1ts?si=_agkbdBHJnhQmbdP

Microsoft already have a mechanism to disable problematic modules on next boot. Problem being that Crowdstrike registers itself as an essential driver, as they don’t want the system to boot without it for security reasons.

You keep saying Chrome OS uses VMs for security. Unless something has seriously changed since I last read up on their security mechanisms they don’t. Maybe something has changed. Do you have any evidence? If not you’re just talking out of your arse.

areyouevenreal , (edited )

No you don’t have any evidence at all. You were specifically speaking about Chrome OS using VMs inside VMs. That article doesn’t mention VMs once.

I never once disputed that it was more secure than an average Windows installation, because frankly that’s obvious. What you don’t seem to understand is what can be done to lock down modern Windows and Linux systems.

Yes it was a ridiculous system to have kernel mode code on the filesystem. Even if a bad pointer didn’t crash the system a hacker could have put in their own code. And yes such a terrible security system would have affected Linux too. But with ChromeOS, the system is already secure. No need to use a terrible security system like Cloudstrike in the first place.

For one the same article you are referencing talks about using anti-malware on ChromeOS as Chrome OS isn’t malware proof. Though I don’t think it’s possible for Chrome OS to break so badly from one of these products.

ChromeOS though isn’t actually suitable for running servers like Windows and Linux are. It can’t do nearly the same number of things. It’s a bit like comparing a knife to a safety razor. One is safer for shaving sure, however the other one can be used for cooking, hunting, wood work, etc.

Second all kernel mode code lives on the filesystem. How did you think it worked? On Linux and Windows the kernel itself needs storing somewhere, as do the modules.

You keep showing me again and again that you don’t understand the world of computers and modern IT infrastructure. Do you even have any qualifications or work experience in IT?

Edit: I actually did some research myself. ChromeOS can use a Virtual Machine to run Linux software, but not in it’s default configuration. There is also none of this VMs inside VMs stuff you were talking about. If you want to see virtualization really put to work look at a modern server setup or something like Qubes OS.

chromeos.dev/en/linux/linux-on-chromeos-faq#can-i…

areyouevenreal ,

ChromeOS literally is Linux so obviously it can do everything that Linux can. It is effectively a SUPERSET of Linux

This is dumb. I was experimenting with unofficial ChromeOS builds since before the first consumer Chromebook. I’ve also used an actual production Chromebook as well. I’ve even used the distro ChromeOS is derived from which is called Gentoo.

If this was actually a good idea why aren’t some businesses doing it already? Linux servers are everywhere yet I have never heard of one running ChromeOS. Google who make ChromeOS don’t use ChromeOS for servers, they use conventional Linux distros like Debian with their own software running on top such as Borg or Kubernetes.

First I am going to assume you mean a Linux distro (e.g. Debian, Ubuntu) rather than just Linux, as all distributions are a superset of just Linux, as Linux is only the kernel.

It’s also not in anyway a “superset” of a conventional Linux distribution. It doesn’t even have a package manager without having to use a VM. You can’t install a different browser without using a VM. ChromeOS capabilities have improved a lot since I have used it, by supporting VMs at all and by allowing Android apps. That still doesn’t compare to a real Linux server solution. On a Linux machine I can natively run containers, not just VMs. I can install apps natively. I can configure my own security systems and sandboxing. I can even run Windows apps and games with Wine and Proton, android apps with Waydroid. I also get a much newer kernel, older Chromebooks didn’t get kernel updates throughout their entire life. Maybe that’s changes but who knows.

Another big thing Linux servers have is advanced file systems like BTRFS and ZFS, that have advanced RAID like functionality with automatic data integrity protection using checksums, snapshots built in, and other fancy features like transparent file compression. Does ChromeOS even support regular software RAID?

ChromeOS just isn’t designed for servers, it never has been. You’re trying to use a car to haul a lorry load. It’s not that cars are bad, they just aren’t designed to do that. You could use Chrome OS for employee workstations, at least some of them anyway, but not for servers.

Go and use a real Linux distro or a real Linux server and get back to me.

Now you are being ridiculous. We are talking about code than runs in the kernel but is not part of any official kernel module including device drivers.

This is false. That module is signed by Microsoft. That means they tested it themselves. To load a module that isn’t signed on Windows requires serious tinkering and is something no business would do. I have actually done those steps myself, so I have direct personal experience here. If you had watched that video I sent you, which is by a retired Microsoft Engineer, you would know about this.

Dude you are the person who thinks that the Cloudstrike code running in the kernel that is neither part of the kernel nor part of any official kernel device driver code is somehow equivelent to the actual kernel. You are also the person who made the completely nonsensical claim that ChromeOS Linux “can’t do nearly the same things” of Linux. So GTFO with the snarky shit, because I’m the one wondering how you can be so confused about basic stuff.

For one you apparently don’t listen. I said it’s a kernel driver/module not a core kernel component. It does however still run in kernel mode (ring 0 on x86) and has access to everything any other thing running in kernel mode has access to including the NT kernel itself. It doesn’tq matter from a permissions perspective if it’s a driver/module or a core kernel component, the CPU protections don’t distinguish between the two by design. What does make a difference is when and how it’s loaded into kernel space/kernel mode. That’s why safe mode works, as it just doesn’t load that component.

I am not the one getting basic things wrong here. When I used ChromeOS originally it had maybe half the capabilities it has now, but even now it just isn’t as capable as a conventional Linux distro. Saying it can run VMs means nothing because so can regular Linux, in fact you can run ChromeOS in a VM, or Windows, or FreeBSD all on a Linux machine. Even at the same time if you really want.

I’ve been using the internet since 1983. How bout you? LMFAO.

Using and understanding are not the same. I have a Masters in CS, soon to be starting a PhD in Cyber Security. You meanwhile apparently have no experience or qualifications worth telling me about. I actually use Linux systems daily and run my own Linux based servers. Specifically I use Proxmox since that’s an actual server solution.

Because you didn’t do enough research. My Chrome OS comes with an outer VM, an inner VM, the heavily locked down user mode, and the kernel mode. My Linux programs run in the outer VM by default. I would have to turn on developer mode just to get to the actual user mode.

I did plenty of research. It says the VMs run inside of a container, but a container is not a Virtual Machine. It is technically a form of virtualization, so you’re half right. I would take the time to read up on how containers actually work. They share the same kernel as the host machine, and don’t emulate hardware the way virtualization solutions do.

Also none of this is part of the default setup, which doesn’t include any Linux VMs, just the locked down user space. You actually can do Virtual Machines inside Virtual Machines on Linux. It is called nested virtualization. My hypervisor Proxmox actually supports that as standard. You can also do containers inside virtual machines and virtual machines inside containers. The former I actually use as part of my own server setup. The point being none of this is unique or special in ChromeOS.

areyouevenreal ,

Yeah pretty much all security products need kernel level access unfortunately. The Linux ones including crowdstrike and also the Open Source tools SELinux and AppArmor all need some kind of kernel module in order to work.

areyouevenreal ,

I am not praising crowdstrike here. They fucked up big time. I am saying that the concept of security software needing kernel access isn’t that unheard of, and is unfortunately necessary for a reason. There is only so much a security thing can do without that kernel level access.

areyouevenreal ,

As explained in that source eBPF code is still running in kernel space. The difference is it’s not turing complete and has protections in place to make sure it can’t do anything too nasty. That being said I am sure you could still break something like networking or critical services on the system by applying the wrong eBPF code. It’s on the authors of the software to make sure they thoroughly test and review their software prior to release if it’s designed to work with the kernel especially in enterprise environments. I am glad this is something they are doing though.

areyouevenreal ,

You’re thinking of passive matrix displays. Those were the cheaper option but active matrix screens did exist.

areyouevenreal ,

Crowdstrike already killed some Linux machines. Let’s not pretend Windows is at fault here or Linux is magically better in this area. No one is immune from software that can run as a kernel module going bad.

areyouevenreal ,

None of this has to do with the current outage though.

I hope people in the pharmacy could get their prescriptions or we might have to add peoples names to the list.

Which isn’t Microsoft’s fault. Linux systems have also been taken down by Crowdstrike’s fuck ups in the recent past.

areyouevenreal ,

Except they haven’t done anything shitty this time. What you are doing would be a bit like claiming the Nazis are responsible for micro plastics. Like yeah Nazis are shit but making false allegations is just giving their defenders something to throw in your face. It makes you, and everyone who is critical of Microsoft look dumb. How about you criticize the company that actually screwed up? They are also a multi-billion dollar company, yet you aren’t blaming them for something that is clearly their fault.

areyouevenreal ,

Also fyi Red Hat and IBM are still around and aren’t really a force for good anyway. Stop SIMPing for large companies.

areyouevenreal ,

Well said, that’s one of the points I have been trying to get across.

areyouevenreal ,

I am not shitting on their contributions. All I am saying is that as a large company they aren’t anymore my friend than Microsoft. Generally they still exist and make contributions. Microsoft didn’t kill them like the person I am replying to is insinuating.

areyouevenreal ,

Windows does have a fallback mode called safe mode and that’s exactly what’s being used to fix this utter mess.

Package management isn’t going to save you from this as it didn’t save the Linux systems affected last time. It didn’t stop Arch Linux from failing to boot after a Grub update either.

Windows also has drive cloning tools, that isn’t unique to Linux.

NixOS isn’t immutable. It’s not an a/b root system and / isn’t read only. Rather it’s what’s known as reproducible. I am not convinced NixOS would make this any easier either given how simple the fix was. Funnily enough though tools exist called ansible and puppet for configuring systems in repeatable ways that apply to both other Linux systems, Windows systems, and even macOS.

There are like one or two valid points in this whole comment and the rest is pretty much falsehoods and misconceptions.

Edit: Forgot to mention tools exist to make Windows immutable as well. So that is an option.

areyouevenreal ,

The other fix was reboot your Windows computer at least 15 times.

How is that an argument against anything I have said?

Not everyone was affected though

Only machines running crowdstrike were affected, not all Windows machines. So in neither case were all systems affected. In this case though Microsoft doesn’t bare any responsibility as they didn’t distribute the software. In the case or Arch and EndeavourOS they had a responsibility to check packages before they shipped them to users. In this case the OS maker was more at fault.

areyouevenreal ,

Lots of security systems are kernel level (at least partially) this includes SELinux and AppArmor by the way. It’s a necessity for these things to actually be effective.

areyouevenreal , (edited )

Just because they open in 7-Zip or whatever doesn’t mean they are just a zip file. There are several kinds of archives. EXEs are a special case as well. They aren’t archives at all. Rather they can contain archives or extra content along with being an executable. One reason is self extracting archives. Here an archive is packaged with an extraction program as an exe all in one. The other case is exes that have extra resources like images, videos, graphics textures, etc. Either way it’s an executable plus some extra stuff, not a zip archive. DLLs I am not sure about, but I suspect something similar is happening here.

Next time you should research stuff before posting it on Lemmy. Things are sometimes more complicated than they appear.

docx you are correct about though. Specifically it’s a zip file that contains XML files and resources.

Edit: I actually found an article on self extracting archives, it’s quite an interesting technology to be fair even if it causes confusion: en.m.wikipedia.org/wiki/Executable_compression

areyouevenreal ,

You are actually correct. They can contain archived files or resources that can be unpacked with an archive program (including on Linux btw), but they aren’t just a zip file. That’s why my Linux archive manager (ark I think) offer to open one, but won’t execute it. They can see the extra content even if they can’t execute the file as intended.

areyouevenreal ,

Mate I saw the blind leading the blind and had to step in. You could have actually opened some exes on Linux as the other guy suggests. In fact I am surprised you never noticed your system presenting that option. It just isn’t actual proof of what they said, even if it appears like it. In fact I am a bit lost how neither of you realized something weird was going on. On what planet would an executable format being a zip file make any sense? Exes actually can include several executable formats.

There are things like self extracting archives that make this all more confusing. They are basically an archive with an extraction program in the same file. Installer exes work in a similar way too. Not all exes can be extracted since not all of them contain secret hidden archives or extra resources.

There actually are tools to show you the contents of an executable file, and you could probably learn a lot by using one. They contain more than just a blob of machine code like one might assume. Often they contain data as well, and instructions and information on how to load the executable like what memory layout to use.

I am annoyed that people upvoted the other guy without double checking as well. Now we have more people walking around spreading misinformation just because of some guy on Lemmy. This is why things like climate change become contentious issues. People come to their own conclusions based on partial information, and since it appears to make sense without proper investigation it gets spread around like wildfire. It’s only when you actually know what’s going on at a deeper level that it becomes possible to spot the flaws in the reasoning.

areyouevenreal ,

Okay that’s actually slightly different from what I was expecting. Does the .text file contain machine code or assembly language by any chance? It seems the archive program can pull out the executable code as well, similar to the binary analysis tools I have worked with.

.reloc is probably the relocation table used by the OS to load the program into an address space.

areyouevenreal ,

Bruh an exe is not an archive. Some just happen to contain an archive, not all. As me and the other guy discovered some archive utilities can read them, but what they are doing is closer to a binary analysis tool than unpacking an actual archive. It’s not about being nerdy, it’s about getting your facts right.

areyouevenreal ,

You’re still trying to weasel out of being wrong. It’s not an archive nor is it compressed. Go read what a Portable Executable is. It’s not about being diplomatic or whatever. Just admit you’re wrong and go and read about how it actually works. You might learn something.

areyouevenreal ,

The solution here isn’t to upgrade your PC for Microsoft’s sake. The solution is to use an OS that actually respects you and your time. Use Linux, or FreeBSD, or even macOS. Alternatively install Gentoo and spend even more time updating, but with spectacular performance and customizability when you’re not updating.

areyouevenreal ,

Fascism has always been a right wing ideology. While leftists have made some terrible mistakes, you shouldn’t pretend they are the only or main threat to democracy.

areyouevenreal ,

You’re missing something though: phone cell or battery capacity has been getting bigger, not smaller. The issue isn’t the batteries, it’s the other hardware and software needing more and more energy. Modern phones are much faster, have better screens at higher resolution, brightness, even refresh rate. All of this uses energy, even with modern technology being as awesome as it is. Qualcomm, TSMC, ARM, and Apple put quite a bit of work into making these things as efficient as they can be, but we keep demanding more and more from these devices. For many they replaced laptops after all.

It’s a bit like complaining that your new ultra high performance sports car is getting bad range, and complaining about the fuel tank or battery instead of the engine. The tank has only gotten bigger or at least stayed the same, but the engine has gotten hungrier and hungrier with each generation.

areyouevenreal ,

You’re blaming the wrong thing again. Newer phones have higher capacity batteries than the old bricks by far. The issue is the screen, SoC, and modem power consumption has gone up too.

areyouevenreal ,

It’s 6.8", that’s called a tablet or phablet at that point. Change my mind.

areyouevenreal ,

Windows for ARM devices before this generation aren’t even that old.

areyouevenreal ,

Where did you get this from? Their predecessors weren’t UEFI locked. Qualcomm themselves are working on mainline Linux support. Unless you have sources I am calling bullshit.

areyouevenreal ,

Their source is they made it the fuck up. The most recent devices from previous generations running Windows on ARM weren’t boot locked. Only the surface RT was boot locked.

areyouevenreal ,

All of them modern Windows for ARM devices released since Windows 10 have been boot unlocked to my knowledge, just with very poor driver support. Lookup Linaros articles on the subject.

areyouevenreal ,

Then why didn’t you say you’re out of the loop when writing the comments? You’ve just potentially misled a bunch of people for no good reason. These products are controversial enough as is without falsehoods being layered on top.

areyouevenreal ,

Yeah that’s fair.

I wouldn’t be best impressed if they killed a device and locked you out.

Luckily someone actually did hack it: openrt.gitbook.io/open-surfacert

Would you be interested in using something like that to run Linux or Windows 10?

areyouevenreal ,

The 8cx Gen 3 was only released like one or two years ago, and is fast enough for day to day use. Sure the new ones are a fair bit faster, but the old ones were more than fast enough for web browsing, light programming, and running emulators. Heck they are also fast enough for server use if you need a power efficient cheap home server. They did make a couple desktop versions after all.

areyouevenreal ,

I don’t think it will necessarily be an easy process, and their are some limitations. Still it’s good to see.

areyouevenreal ,

Not really plenty of people take up drugs for fun rather than as a coping mechanism. A lot is just because of curiosity too. The motives are diverse.

Solution? Don’t rally for drugs, rally for improving life conditions so that people wouldn’t try to escape reality.

That doesn’t remove the other, more sensible reasons people do drugs. See above statement.

It’s not always possible to improve the quality of life. We should definitely try though, don’t get me wrong. There will always be heartache, sorrow, mental health issues and disabilities though. That’s just the human condition. Sometimes drugs are actually the less self destructive coping mechanism, especially with psychedelics. In some cases something that’s recreational for one person, is a medicine for a second person, and an addiction for a third. See amphetamine/adderall for an example.

areyouevenreal ,

That’s not something I ever associated with microkernels to be honest. That’s just clustering.

I was more interested in having minimal kernels with a bunch of processes handling low level stuff like file systems that could be restarted if they died. The other cool thing was virtualized kernels.

areyouevenreal ,

I wasn’t making a counter claim. I was agreeing with you. Like what?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines
    •