HiddenLayer5

HiddenLayer5, 1 year ago (edited 1 year ago)

I wonder how easy it is to DIY something like that. Like would it be as easy as picking up an off the shelf power supply with the right voltage and current and 3D printing an attachment that fits into the battery slot with a DC jack on the side (or even just gutting a dead battery pack and taking out the batteries and control electronics, soldering a DC jack straight onto the main contacts, and drilling a hole for it to poke through)? Or do modern power tools actually need to authenticate the battery with some kind of tool DRM?

HiddenLayer5, 1 year ago (edited 1 year ago)

I think the main issue for the companies is that power adapters have a nearly unlimited lifespan in comparison to lithium batteries, so it would be less profitable for them to sell you a direct attached power adapter than a bunch of batteries and a charger where you have to keep crawling back to them when the batteries inevitably give out in three years.

It would be trivial to design a blank battery attachment with a DC jack, and just have it hooked up to what is essentially a beefed up laptop charger. There are plenty of applications where a corded tool is perfectly adequate and even superior to cordless tools, so the fact that none of the manufacturers have it as an option hints that it was a business decision as opposed to merely an oversight.

HiddenLayer5, 1 year ago (edited 1 year ago)

Thank you.

Say there’s some exploit that allows some component of KDE to be used to read a file. If it’s running under an unprivileged user - it sucks. Everything in user’s homedir becomes fair game. But if it runs as root - it’s simply game over. Everything on the system is accessible. All config, all bad config, files of all applications (databases come to mind). Everything.

This is also something I’m thinking about: All the hard drives mounted on the server is accessible to the only regular user as that is what my other computers use to access them. I’m the only one with access to the server so everything is accessible under one user. The data on those drives is what I want to protect, so wouldn’t a vulnerability in either KDE or Firefox be just as dangerous to those files even running as the regular user?

Also, since my PC has those drives mounted through the server and accessible to the regular user that I use my PC as, wouldn’t a vulnerability in a program running as the regular user of my PC also compromise those files even if the server only hosted the files and did absolutely nothing else? Going back to the Firefox thing, if I had a sandbox breach on my PC, it would still be able to read the files on the server right? Wouldn’t that be just as bad as if I had been running Firefox as root on the server itself? Really feels like the only way to 100% keep those files safe is to never access them from an internet accessible computer, and everything else just falls short and is just as bad as the worst case scenario, though maybe I’m missing something. Am I just being paranoid about the non-root scenarios?

How does a “professional” NAS setup handle this?

HiddenLayer5, 1 year ago (edited 1 year ago)

Huh. I never even thought of that. I use my ISP’s router in bridge mode and have my own router running on mostly default settings, IIRC the only thing I explicitly changed was to have it forward DNS requests to my Pihole. I should inspect the settings more closely or as you said just configure the server to block the relevant ports from outside the LAN. Thank you.

HiddenLayer5, 1 year ago (edited 1 year ago)

Except they won’t go today or tomorrow. They’ll stay here to finish the job of destroying our planet, then go.

HiddenLayer5, 1 year ago

It’s a pretty classic liminal space.

HiddenLayer5, 1 year ago (edited 11 months ago)

Coding at night with the lights off makes you feel like one of the cool movie hackers.

HiddenLayer5, 1 year ago

Why survive like a Ferengi when you can die like a Klingon warrior?

HiddenLayer5, 1 year ago (edited 11 months ago)

For people who don’t know, there is already a fully Rust OS: www.redox-os.org

Microkernel too which is pretty cool.