Max-P

That’s fine, the ad co struck a deal with speaker co to not bill for those sound-seconds.

Soon: when you pause a video, it starts playing a video ad with audio, to make sure no silence time gets wasted from your speakers.

Less and less about OpenAI is actually… open at all.

I hope they’re donating big chunks of money to the Internet Archive in return for what’s likely to bring a ton of extra traffic.

Isn’t he the same person who calls adblocking piracy?

He’s also got a generally nuanced opinion of piracy, in that it’s justifiable in some situations. If you call it piracy and you’re okay with piracy then it’s not really a contradiction.

Being willing to talk about it despite working against your interests isn’t always bad depending on context.

A functional desktop Linux is hard. Getting desktop Linux to boot and run stuff isn’t that hard in itself.

The problem is mostly drivers. They’re made for Android specifically, and often for that device specifically as well, so getting them working outside of Android is hard. The second problem is of course manufacturer obstacles, they really don’t want you to do that.

Technically getting a kernel and a working framebuffer is fairly “easy”, because it’s mostly already there, you could just replace the initramfs and run whatever init and software you want. It’s getting the GPU to do stuff that’s a lot harder. WiFi is alright but cellular is a complete nightmare. A lot of those are Java native libraries, which makes it non-trivial to use outside of the Android Framework. But all the kernel stuff, you already have ready to steal right from the manufacturer, or you can take the ones LineageOS uses. It’s only a matter of getting a useful userspace.

And the phone landscape on Linux isn’t that interesting, so people’s attention have been around improving Android itself as it’s much more capable and mature, and is open-source. If Android was closed source we’d have Linux phones already, but for many FOSS entheusiasts, Android is fine and much better polished.

If you’re lucky, PostmarketOS might support your device well. If you’re less lucky you might get a kernel that boots but you can only get a serial shell to it over USB. If you’re unlucky, nothing exists, and you have to do it yourself.

Apple is Apple, it’s not a super great example. They already had iBoot from the iPhones and iPads that they just adapted for the laptops, which is also what the M chips are. Apple’s firmware has always been rather quirky compared to more standard machines.

If you look at the cloud, like AWS and their Graviton instances, they use plain old regular UEFI but ARM, which then can load GRUB and the kernel as usual there. Completely generic and basically the same as x86_64 UEFI. You can load any generic ARM distro there. We already know what ARM PCs would look like.

The main thing here isn’t really x86 vs ARM, it’s embedded vs PCs. You can totally have non-BIOS and non-UEFI compatible machines with x86 CPUs in them, but I only saw this being done embedded in devices, in my case those were industrial machines. With ARM you’ll also see U-boot which is common in stuff like routers and IoT devices because it’s fairly easy to get working and can be controlled with serial ports. But for PCs, it’s gonna be UEFI if anything because Windows support. In the end, CPU is CPU, it runs code.

Why not UEFI everywhere then? Because it’s overkill most of the time, and orders of magnitude more code and complexity which you just don’t need for a router. Your router can start executing its operating system directly from flash. You know in advance where the kernel is located, you don’t need to start initializing PCIe devices and a SATA controller and scan disks for GPT headers and find an EFI partition formatted as FAT32 to find an executable to load into memory and execute, no graphics card to initialize, no keyboard and mouse to monitor for menu, no menus to display because there’s no options, etc. UEFI firmwares aren’t small. The arm64 OVMF firmware for QEMU is a whopping 64MB, that’s more flash than my router even have.

Phones don’t brick with installing a ROM wrong just the same PCs don’t brick when you fail to install an OS correctly on it. It just doesn’t have a bootable OS on it.

Most phones have a download mode / fastboot which does exactly what you’re asking for. You can pretty much always reflash a valid OS with fastboot.

BIOS on PCs is used for compatibility because most hardware manufacturers want to be compatible with existing operating systems. ARM does support UEFI.

Phones just don’t have UEFI, because 99.999% of the time it will run only one operating system: the manufacturer’s flavor of Android. Skipping an UEFI makes it boot faster because it can load directly into the Linux kernel which will initialize the hardware and already knows the precise hardware it’s expecting to be present through its device tree. Chromebooks do that on x86 as well: they skip the firmware part and boot into Linux as early as possible, because it boots faster and it’s a ton of code you don’t need when you can just let Linux deal with it. Both are purpose built to run Linux, there’s no point wasting time with a whole firmware interface nobody should ever need. Fastboot is a perfectly fine low-level bootloader interface that lets you flash ROMs just fine.

Okay so I read the whole thing, and I still don’t know what the actual issue is. A long, long article on their importance of favicons and plenty of shitting on Google for not sending alerts and shit.

But nothing on what’s wrong with them and why they don’t show up, or even an argument of “look, according to all those specs we have our favicon set correctly and it still doesn’t show up”. Nothing. Just blame Google.

That sounds more like a word vomit from a pissed off marketing person that’s clueless about how the web works than anything else.

Meanwhile, VPN providers be like “come on download stuff 😉😉😉”, wouldn’t that be a much easier case for them to prove willful disregard for piracy?

By Twitter’s standards, the “DDoS” is probably just a lot of people tuning in.

You can’t forge a root CA, unless you’ve found a way to break RSA or trick users into installing your malicious CA. The entire chain needs to be valid for browsers to accept it, all the way up to a root that the browser trusts. It’s impossible for a CA to sign a cert but also not make it traceable to them.

If RSA gets broken, the entirety of Internet security would fall apart and the entire Internet would explode into complete chaos. Every SSH server would suddenly be broken wide open. All VPNs would be useless. Tor would be useless.

Which is why we have somewhat moved to quantum resistant crypto with elliptic curves to replace RSA, well before we actually manage to break RSA.

They can MitM, but they can’t forge certs, they need a trusted CA to issue them, and said CA is unlikely to agree to that as that’s a sure way to get their trust removed from browsers and OSes, which would kill off their entire business.

I can’t wait to go to /r/piracy to go download subreddits

That almost sounds like you’d use it how you’d interact with a coworker during a meeting trying to write a document as a group, but with AI instead.

Sounds frustrating as hell.

Yeah no, a company that cares about security doesn’t have tokens in source code, as well known no-no. And those tokens also ideally aren’t fully privileged but scoped so that if it leaks the damage is minimized.

What a joke of a company/product

I wish too, it’s only deployed for family and family businesses because I’m a couple thousand miles away from them. I cobbled this together for the explicit purpose of being able to reinstall Windows remotely. It works wonderfully though!

My real job is DevOps and 100% Linux, and most of the cloud servers are disposable and can be simply be rebuilt at the push of a button in some dashboard.

You can sign the whole thing, it’s not like you have to turn off secure boot and just drop the user to a root shell. There’s nothing to be gained from it, especially if you have physical access to the machine.

Still better than guiding the user to safe mode with command prompt and bitlocker recovery keys themselves.

I wish it was more shareable, but it’s also not as magic as it sounds.

Fundamentally it’s just a Linux install with some heavy customizations so that it does one thing only: boot Linux, and just enough prompts to get it online so that the VPN works, and download the root image into RAM that it boots into so I can SSH into the box, and then a bunch of Linux tools for me to use so I can reimage from there, or run a QEMU with the physical disk passed through so I can VNC into an install even if it BSOD.

It’s a Linux UKI (combined kernel+initramfs into a simple EFI file the firmware can boot directly without a bootloader), but you can just as easily get away with a hidden Debian install or whatever. Can even be a second Windows install if that’s your thing. The reason I went this particular route is I don’t have to update it since it downloads it on the fly, much like the Mac recovery. And it runs entirely in RAM afrerwards so I can safely do whatever is needed with the disk.