Email or username:

Password:

Forgot your password?
44 posts total
Terminhell

@BrodieOnLinux watched like an hour+ long primagen vod the other day on this. Wild stuff. I'm scared for what other exploits remain unknown. But it's a necessary evil to find and fix these kinda things.

sivecano

@BrodieOnLinux

it's incidents like this one, that make me want to keep backup copies of my favourite emulator repos (melonDS comes to mind).

I just hope, that they won't start coming after decomps.

soulz

@BrodieOnLinux@mstdn.social I wish Nintendo execs a very terrible rest of their week.

FreeLikeGNU

@BrodieOnLinux Hope this escalates into so much corporate stupidity that people realize what a losing game consoles are. If Sony jumps on this train and the console market tanks from it, they wont hurt as bad since they are already entrenched in the PC space, unlike Nintendo. 1/2

Brodie Robertson

The Nintendo ninjas are at it again, this time it's Ryujinx's turn

Show previous comments
Leandro (Cerberus1746)

@BrodieOnLinux It seems like they offered money or something like that to them?

ralen

@BrodieOnLinux would that really be that pointless to accept the fight and try to stand the project in court? can having more money really make that big difference of who's right here?
acts of nintendo are out of any moral, thats even worse than in that famous meme about cardboard mario

Paco Gutierrez, age 9, always wanted a Nintendo console. However, due to being extremely poor living in Venezuela, it was just a distant dream. Using his creativity and with the help from his uncle, he made a cardboard Super Mario game, posted it on YouTube and the video went viral. Thanks to the video, Nintendo's CEO Doug Bowser personally traveled to Venezuela, to give Paco a Cease and Desist order and sue his family for 200 million dollars.
Brodie Robertson

NIST encouraging emoji passwords, very based

RedstoneLP2

@BrodieOnLinux instructions unclear: allowing emoji when setting passwords, but not when using them for login

(iirc that used to be a [hopefully fixed by now] issue on apple devices)

LRitzdorf

@BrodieOnLinux Emoji? Heck, I just signed up for a system that disallowed *all* special characters in passwords. I want my laundry to be secure, gosh dang it!

Brodie Robertson

The biggest Linux CVE of the century was published nearly 2 weeks early and would you look at that, it's not the biggest Linux CVE of the century

Show previous comments
Till Kamppeter

@BrodieOnLinux What is nice from the reporter of the vulnerability is that they investigated deeply and reported in detail, but they overhyped it, with the 9.9 grade and making pressure against us from #OpenPrinting.

In addition, there was the leak which forced us to disclose quickly, before we had a complete set of fixes (but already enough to prevent the described exploit), perhaps cause by the post on X by the reporter, which stayed only visible for short time ...

#CUPS

elly
@BrodieOnLinux When I first heard about it, I thought "sounds like bullshit".

When liblzma or regresshion happened, we knew exactly *what* was affected and how to roll mitigations before the official patch.

Here the author went "OMG THE BIGGEST CVE EVER DISCOVERED IN LINUX" without providing any details, essentially fearmongering. To put it bluntly, childish and irresponsible.

In the end the vulnerability was in CUPS (completely separate project from Linux, also used by Apple on macOS), and relied on port 631 being open.

Not only most home users don't have printers anymore, most RHEL-like distros like Rocky/Alma or Fedora block it by default in firewalld.

Therefore, you can:
- Change CUPS settings to disable listening on that port
- Block the port on firewall, use localhost:631 or use SSH as SOCKS proxy on remote machine (i.e print server in the office)
- Simply disable CUPS if you don't actively need it, you can start the service when you need to print something and stop it afterwards

Actual Linux vulnerability would be something related to netfilter, bpf and so on. This is honestly just a joke (the way it was described and disclosed).
@BrodieOnLinux When I first heard about it, I thought "sounds like bullshit".

When liblzma or regresshion happened, we knew exactly *what* was affected and how to roll mitigations before the official patch.
SPdeValk 🐘️ ☑️

@BrodieOnLinux why would anyone not run a firewall on any desktop -> block all incoming, allow all outgoing (except 443 UDP, which is just evil)

Brodie Robertson

A copy left license that blocks modifications and distribution is a new one for me

D.C.U.K.

@BrodieOnLinux If it blocks distribution is it even copyleft anymore? Share-Alike is kind of core to the idea of being copy left, but derivative works arguably aren't if we consider CC-BY-ND to be copyleft.

Brodie Robertson

Please read the whole thread but my bullshit censor is going wild with this one. I'm curious to see what actually comes out of this disclosure x.com/evilsocket/status/183816

Brodie Robertson

Fediverse: Mozilla has some serious problems nowadays

Me: ...Did you only just notice

Show previous comments
cameronbosch :endeavourOS:

@BrodieOnLinux I've fully noticed since 2019. And pieces of this a few years before.

Now Mozilla is REALLY in for it now! 😬

Less A.I., more Firefox and Thunderbird! 🙄

Boiling Steam

@BrodieOnLinux is it bad to mention again when they fuck up?

bruhSoulz :catjam: :eve:

@BrodieOnLinux
All jokes aside I'm actually genuinely grateful for what you do, i cant name a single other content creator that can dish out content as frequently as you while still maintaining good quality. I regret not watching your videos sooner because i was thrown off by the thumbnails looking silly but ive grown to really love them. Keep evolving , never sell out my friend, much love <3<3 :blobaww: :catjam:

Brodie Robertson

I support the harshest of penalties for people who think it's funny to SWAT streamers, people in game lobbies, etc, if your country has the death penalty then you deserve it, otherwise life in prison, there is 0 reason to call in a fake police report

You might think that's harsh but people have died and will continue to die from pulling stupid stunts like this and I have 0 sympathy for anyone who wants to do so.

youtube.com/watch?v=FIEwcTKUFC

Kari'boka
@BrodieOnLinux The usa is such a shit hole... Here in Brazil we have something called presumption of innocence. The police, swat, the Pope.. isn't allowed to do such thing.
Анатолий Богомолов

@BrodieOnLinux I can't even imagine how anyone can think of this as "trolling" or "funny"

Brodie Robertson

It's so sad that "scam" has been watered down to mean a waste of money or a bad deal. You being stupid with your money and falling for slightly deceptive marketing is not a scam, pretending like it is only hurts actual victims of scams who didn't have anyway to know otherwise.

TheFrenchGhosty

@BrodieOnLinux Everything that makes money is a "scam" in a world where greed, and living for your job is considered desirable traits.

The fact that this word is now super common... so much so that its definition changed... is pretty telling.

Yuki Linux

@BrodieOnLinux The only 2 things i want from firefox is to stop using gtk as a base on linux. having to set gtk theme on kde to try an match my system theme to get Firefox to play nice is no fun. Honestly I'm getting tired of it. the Tab section never matches.

An 2 well less of a two. The money the upper management (CEO CFO CTO etc) makes me not want to give them money. It's as bad as EK.

Dušan 🇷🇸 :arch: ⚛️

@BrodieOnLinux That penguin looks ready to threaten you to "install Linux or else"... And I love how it's not a question of if things get tough, but when 🤣

Brodie Robertson

Hot Take:

Every big project needs a Linus Torvalds, I don't mean a BDFL, I mean someone who takes no bullshit, you will do this correctly, you follow procedure or you piss off. Who will give leeway to new devs as they learn, but expects more from long term devs who know better

Show previous comments
Juan Luis

@BrodieOnLinux It's tough, because when Linus scolds someone in public, the perception isn't "this is what happens if you try to bullshit Linus". The perception is "this can happen to *me* in the future if I keep growing in this project and I'm terrified".

I get where you come from but I think we are yet to find a better way.

.

@BrodieOnLinux I’m extending this metaphor to incorporate the workplace (my workplace).

DELETED

@BrodieOnLinux Is that the reality of the man, from someone who actually works with him? As an outsider, my impression has always been that if I were to try contributing to Linux and made one tiny mistake, I could be publicly humiliated by the top dog, or probably anyone below him in the chain of command. The whole structure seems extremely unwelcoming and I've so far avoided making any contributions to the project as a result.

Brodie Robertson

You know you're fucked when the UN tells you stop bullying a FOSS project

Brodie Robertson

I was under the assumption that the FSF had been dwindling in membership for a long time, at least as of the 2022 financial reports that doesn't actually seem to be the case.

You'll see this graph in an upcoming video

Chart of the FSF expenses and revenue showing that both have been growing fairly stably over the years
Brodie Robertson

Here's another graph that's just depressing

Show previous comments
Maciej

@BrodieOnLinux I'm from Poland, work in IT and never heard about programming socks🤔

alihan_banan

@BrodieOnLinux famous western polish femboys and russian 4chaners and discord femboys are the reason

Brodie Robertson

Not only for accessibility reasons but if there are English subtitles available do you use them?

Anonymous poll

Poll

Yes
72
42.1%
No
22
12.9%
On occasion
77
45%
171 people voted.
Voting ended 22 August at 4:06.
Show previous comments
visone

@BrodieOnLinux
I vote no cause my ears still need training in english and listen different accents helps me with that

Askier

@BrodieOnLinux English is my 3rd language, but I use subitles if I can't put volume up enough or the sound quality is less than what my ears demands.

Go Up