i tried to gdisk it, but there's no gdisk, fdisk or parted in recovery shell. tried to mount at least something. /dev/sdb3 mounted. sdb is the HDD i put instead of the ODD to keep large files (movies, music, etc) on. i opened it, and.. it wasn't sdb, it was my root partition!
so i realized it had something to do with the disk order in bios/uefi. rebooted the laptop, but i don't remember what key opens the uefi settings, pressing everything i could didn't help.
but it just booted into my os.
laptop scared me >.>
yesterday i had to force poweroff it, after systemd failed to kill a hanged vm even though it reached target shutdown (!). it worked ok after that, though.
but now, after i started it, it dropped me into a recovery shell. said that it was unable to mount sda3 bc of unknown filesystem "LUKS_crypto". my root partition isn't encrypted (it should be, though... at least the most sensitive data is on LUKS), so i thought the headers were corrupt!
also you're extracting value from all of your employees? if you want to do good in the world maybe form a coop, refuse funding, work in something that's sustainable as a business instead of a fucking tech startup?
Ah sorry yeah that's not
a) as disruptive
b) as empowering
c) as well-paying
d) other reason
take your pick
@rain (cont.) ... they had to distribute it under the same licence. So of course, if you were downloading software that linked with and contained Webkit, somewhere, buried deep in the terms and conditions, you would find a link to a zip file to the specific bundle shipped with that software (and nothing later), which contained only the source code, stripped of documentation, build instructions, git logs, etc.
realistically, without insider knowledge, you could not modify and build your won version of ...
i think using rings for unlocking phones would be a good idea. you put on a ring, bring your phone close to it and enter the unlock password. next time you touch your phone with that ring, it unlocks automatically. if you take it off, it detects that, erases the unlock password from its memory and stops working that way.
more reliable than a fingerprint reader, easily disabled (just take it off), can't be emulated like other biometrics, but doesn't require entering the password each time either
developers having powerful development hardware is actively harmful to usable software existing
there is literally an order of magnitude of power difference between the machines many developers use to create their software and the machines that their users will have - and that's assuming the users have brand new (but average) hardware
today's developers write software pretending that there will always be infinite resources, because the computers we have *let* them do that without consequences
protests, tech side
there should be a crowdfund-like platform for protests. one person suggests a place and sets a goal, how many people should come. people sign up for that protest. if enough people sign up, everyone gets notified and goes there. if not, nobody comes, so in theory, we don't get protests with just 10 people when we need a thousand.
i dunno, do people in HK do this? it isn't a perfect scheme, but it allows some kind of decentralization...
on android (9+) phones, you have to go to your settings > security and location > lock screen preferences. enable "show lockdown option". now if you want to quickly disable biometric auth (fingerprint, face, voice, etc), hold the power button until power menu appears and choose lockdown. (google's help page: https://support.google.com/android/answer/9075927#lockdown .)
so. this feature is available on ios 11.2 and up and android 9 and up.
on apple's phones before iphone 8, you can rapidly press the power button five times. this will enable sos mode and disable your touch/face id, requiring you to enter your PIN/passcode. on newer phones, it is done by squeezing the power button and one of volume buttons for a few seconds. (their own website isn't clear enough about it, so here's a different link: https://www.imore.com/how-quickly-disable-touch-id-when-you-need-extra-security .)
if done right, with a way to disable biometrics, this kind of auth protects you from usual people looking over your shoulder, by not showing the the passcode, but also (sadly, only if you have enough time, ~10s) from the police, by not allowing them to use your fingerprint/face to unlock your phone.
i'm not talking about three-letter agencies here, if you have to deal with them, your situation is probably much more complicated.
but in most cases, you can either see the police approaching or expect them (or someone else like them, e. g. going through customs). so a phone with biometric auth has to have a way to quickly disable that auth, as in few cases it is less secure than passcode. (modern phones do have it, i'll write about it later.)
the key here is that in most people's threat model, there aren't non-state-owned attackers who own that expensive equipment. so just leaving your phone on your desk with fingerprint auth on generally doesn't put you at risk (but it may, depending on your situation).
and as for state-owned entities, it's in most cases police. they have both expensive equipment and could collect fingerprints from your phone's screen/panel or force you to put your finger on it.
in my opinion, biometric auth on phones is safer than just a passcode when done right. you unlock your phone many times a day, for a person watching over your shoulder it won't be hard to see your passcode. it wouldn't be hard to have you unlock your phone at a specific place with cctv cams, given that the attacker is determined enough.
with biometrics, there's nothing to spy on. it's just your fingerprint or face, one either needs your body or expensive equipment to unlock your phone.
a strange girl interested in infosec and coding. loves her girlfriend. always wants more communication, so dm please!
A Mastodon instance for info/cyber security-minded people.