#TIL CVE-2020-8705. Intel Boot Guard prevents any unsigned boot firmware code from executing on the CPU on boot, making it impossible to modify and reflash your UEFI/BIOS. But if you enter ACPI S3 "sleep" mode, then reflash the EEPROM, finally wakeup the computer, Boot Guard is bypassed.

I wonder if you can use a microcontroller and a multiplexer to automate this exploit. Sounds like a great way to run a modded BIOS...

Back on my never-ending hiring parade, we're looking for junior and mid-career data scientists!

This will be curation, management, and creating new uses for petabytes of biological and environmental research data -- in other words, actual data science, with emphasis on science! Explore a world where data science doesn't involve targeted advertising!

careers.pnnl.gov/JobOpeningID=

Now, I don't want to sound biased or anything, but the board message also feels empty: fsf.org/news/statement-of-fsf-

A few things give me the wrong impression of it all, specially the second paragraph.

For example "We decided to bring RMS back because we missed his wisdom". One thing is realize that you lack some sort of wisdom, another is "miss". It feels the response is purely emotional and not rational.

Another point: "His historical, legal and technical acumen on free software is unrivaled." As a tech leader/senior dev, my mission is to spread knowledge. If you have a senior/lead that keeps knowledge to themselves (or, worse, doesn't instill curiosity on searching for an answer), then, IMHO, they failed as senior/lead.

Honestly, I stopped reading at that point, 'cause, again, it feels like it was purely emotional decision and not based on technical things.

Show thread

rms addressed the free software community and the only thing he thinks he did wrong was defending Minsky.

No word about things he said, or the talks about how he dealt with FSF employees or anything else.

It's like he believes that people are angry for just that Minsky incident.

Also: "We recognize the need to attract a new generation of activists for software freedom and to grow the movement."

And then, instead of bringing new people, to bring new ideas, you bring old people back (no matter how large their knowledge of free software is). The FSF, and the free software movement as a whole needs new brains to think new things, otherwise it won't get the same position it was in the late 2000s.

Show thread

@dimpase I fully agree on that: native English speakers have absolutely no legitimacy to complain about our usage of names and language. I’ve been threatened far too many times in my carreer because my English skills were not considered enough.

Note that in this particular issue, it also harms some non-native English speakers too, which makes the question of changing the name worth mentionning… but doesn’t provide any legitimacy to any native English speaker’s complain.

@loke @pureevil please rename "utfart" to something more optimistic than "funeral" (uitvaart in Dutch) ;-)

@pureevil the majority seems to be for banning "bit" in revenge to English language

re: distributions 

@amiloradovsky they could have used Debian, you know...

re: distributions 

@amiloradovsky I wish the demise of CentOS came 10 years earlier, when our sysadmin won't allow anything but CentOS on world-facing systems...

re: email 

@MutoShack even more sane would be using postfix or opensmtpd to send email...

needless to say, French speakers counter-attack English with offensive CS word "bit" which must naturally be banned, as well.

Show thread

there is an ongoing fight about renaming Coq to something more agreeable to a native English speaker's ear. Does anything prevent then to pronounce it see-ow-qu ?
Smells of language supremacy to me.

I could also say that Huet must change his surname to something not spelled so offensively for Russian readers...

I also noticed that Lean is a bad name due to potential fat-shaming, and Dutch COC org must be renamed, if English language nazis had their way...

re: desktop computers 

@amiloradovsky I run xmonad on my desktop and Linux laptops. Network managers etc, taking directly to IDEs, be damned. Yes, I run wpa_supplicant and/or dhcpd directly...

re: distributions 

@amiloradovsky yes, and CentOS funboys are crying

Show older
Functional Café

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!