The N100 is a nice little chip for mini home servers. I run podman containers for all media stuff with no issues. You’re gonna have fun.
andyburke
- 0 Posts
- 6 Comments
Joined 2 years ago
Cake day: June 16th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
2·4 months agoMprotect stops any read and write and execute access to memory in both user and kernel lands (only rx or wx). Stuff like web browsers won’t work unless you have a program to mark it in elf to not use pax. However, this kills a lot of exploits with that turned on by itself (though there are probably work arounds if you are developing exploits which the other features would hopefully catch). That’s why people installed 3rd party unmainlined security patches, but that’s just me maybe idk.
I am having a hard time following what this does or why this is desirable. You’re saying there’s a patch this thing provides that … disables memory access … unless a flag is set in an executable … which will then bypass the security?
Why would anyone want to run unmainlined security patches from a company?
This is how CrowdStrike happened.
This feels like security via business decision which is always the opposite of security. At least this would be open source now? 🤷♂️
The brutal cognitive dissonance you manage to encapsulated in this comment is impressive.
byeeeeeeee
All current popular AI is meant to run on GPU. Why are you going to spend more money to run it on hardware for which it isn’t intended?