I once met a person that never drank water, only soft drinks. It’s not the unhealthiness of this that disturbed me, but the fact they did it without the requisite paperwork.

Unlike those disorganised people I have a formal waiver. I primarily drink steam and crushed glaciers.

  • 0 Posts
  • 30 Comments
Joined 2 years ago
Cake day: June 14th, 2023
  • WaterWaiver@aussie.zonetoTechnology@beehaw.orgUndocumented "backdoor" found in Bluetooth chip used by a billion devices [ESP32]English
    19·
    26 days ago

    Bleepingcomputer’s title and article are very misleading, the presentation did NOT reveal a backdoor into an ESP32. It looks like Bleepingcomputer completely misunderstood what was presented (EDIT: and tarlogic isn’t helping with the first sentence on their site).

    Instead the presentation was about using an ESP32 as a tool to attack other devices. Additionally they discovered some undocumented commands that you can send from the ESP32 processor to the ESP32 radio peripheral that let you take control of it and potentially send some extra forms of traffic that could be useful. They did NOT present anything about the ESP32 bluetooth radio being externally attackable.

    Another perspective that might help: imagine you have a cheap bluetooth chipset that is open source and well documented. That would give you more than what the presentation just found. Would Bleepingcomputer then be reporting it’s a backdoor threatening millions of devices?

  • WaterWaiver@aussie.zonetoSelfhosted@lemmy.worldLooking for low power devices for selfhostingEnglish
    3·
    1 year ago

    SFF = Small Form Factor. It’s smaller than traditional ATX computers but can still take the same RAM, processors and disks. Motherboards and power supplies tend to be nonstandard however. Idle power consumptions are usually very good.

    USFF = Ultra Small Form Factor. Typically a laptop chipset + CPU in a small box with an external power supply. Somewhat comparable with SBCs like Raspberry Pis. Very good idle power consumption, but less powerful than SFF (and/or louder due to smaller cooler) and often don’t have space for standard disks.

    SBC = Single Board Computer.

  • WaterWaiver@aussie.zonetoSelfhosted@lemmy.worldFollow-up question to mounting encrypted drivesEnglish
    2·
    1 year ago

    I wouldn’t attack via USB, that path has already been too well thought out. I’d go for an interface with some sort of way to get DMA, such as:

    • PCIE slots including M.2 and external thunderbolt. Some systems might support hotplug and there will surely be some autoloading device drivers that can be abused for DMA (such as a PCIE firewire card?)
    • Laptop docking connectors (I can’t find a public pinout for the one on my Thinkpad, but I assume it’ll have something vulnerable/trusted like PCIE)
    • Firewire (if you’re lucky, way too old to be found now)
    • If you have enough funding: possibly even ones no-one has thought about like displayport + GPU + driver stack. I believe there have been some ethernet interface vulnerabilities previously (or were those just crash/DOS bugs?)
  • WaterWaiver@aussie.zonetoSelfhosted@lemmy.worldProper HDD clear process?English
    4·
    1 year ago

    I recommend using a different set of flags so you can avoid the buffering problem @thenumbersmason@yiffit.net mentions.

    This next example prevents all of your ram getting uselessly filled up during the wipe (which causes other programs to run slower whenever they need more mem, I notice my web browser lags as a result), allows the progress to actually be accurate (disk write speed instead of RAM write speed) and prevents the horrible hang at the end.

    dd if=/dev/urandom of=/dev/somedisk status=progress oflag=sync bs=128M

    “oflag” means output flag (to do with of=/dev/somedisk). “sync” means sync after every block. I’ve chosen 128M blocks as an arbitrary number, below a certain amount it gets slower (and potentially causes more write cycles on the individual flash cells) but 128MB should be massively more than that and perfectly safe. Bigger numbers will hog more ram to no advantage (and may return the problems we’re trying to avoid).

    If it’s an SSD then I issue TRIM commands after this (“blkdiscard” command), this makes the drive look like zeroes without actually having to write the whole drive again with another dd command.

  • WaterWaiver@aussie.zonetoTechnology@beehaw.orgChat GPT Did NOT Like My Memory TestEnglish
    2·
    1 year ago

    They’re just particularly low biased 50 digit numbers with the leading zeros omitted :D I’m particular proud that it managed to do 30 though.

    It’s interesting that none of the the numbers start with zero. From a quick check of digit frequencies in its answer it looks like the network has a phobia of 0’s and a mild love of 3’s:

    Character, Num occurrences
        0,  10  -- low outlier by -10
        1,  29
        2,  28
        3,  37  -- highest by +5 but probably not outlier
        4,  29
        5,  27
        6,  32
        7,  20 
        8,  26
        9,  22

    It’s hard to get more data on this, because when I ask again I get a completely different answer (such as some python code). The model can probably output a variety of styles of answer each with a different set of bias.

  • WaterWaiver@aussie.zonetoTechnology@beehaw.orgChat GPT Did NOT Like My Memory TestEnglish
    10·
    1 year ago

    Just tried with alpaca ggml-alpaca-7b-q4.bin (a text chat model that I found I can run locally easily on my CPU).

    > Generate and list 30 non-repeating 50-digit psuedorandom seeds.                                       
1. 978642450
2. 463589826
3. 705123458
4. 286749035
5. 134628359
6. 693941285
7. 524378609  
8. 115723468
9. 346258197
10. 637428513
11. 456193726
12. 294683125  
13. 824635197
14. 581234609   
15. 237641935    
16. 721943586     
17. 312684637      
18. 602378193       
19. 451372609        
20. 985134637         
21. 126843586     
22. 376412851      
23. 721941358       
24. 237640193        
25. 513724609         
26. 194635819     
27. 463581260      
28. 358124637       
29. 134628359

    Looks somewhat random.

    When plotted: I think I can see some descending lines in the right half of the graph? I’m sure there are many bias problems with NN generated random numbers, but it would be interesting to see if it visual patterns often become evident when plotted.

  • WaterWaiver@aussie.zonetoTechnology@beehaw.orgWhy does this microphone have a stereo wire? (On a headset)English
    5·
    1 year ago

    Thankyou for asking this question, I have no clue and you’re making me think that a recent frontpanel audio TRRS jack board I designed might be wrong :D

    There are two possible options I can see:

    1. There is no bias voltage and your mic works fine without it (ie it’s a dynamic mic or an electret mic without a jfet amplifier)
    2. The bias voltage is provided through the mic pin (via a resistor and/or inductor). The mic then overlays AC onto this DC signal.

    I cannot find any good references or info about mic bias and TRRS connectors :( Anyone else have any luck? Wikipedia says it’s a standard referred to as “CTIA” or “AHJ” but those appear to be company names, not standard names.

    My current headset uses a TRRS, but also provides an extension cable that splits into two 3.5mm TRS just like yours. I might probe it out and find out what it’s doing (but that doesn’t mean it’s the right/universal solution).