Though, it looks like it won’t auto-migrate. So it’ll stay directly in your home dir unless you reinstall or move it yourself.

https://hg-edge.mozilla.org/integration/autoland/diff/8a6d6c094cb5a842d415c60bb8395db03b36e531/xpcom/io/nsAppFileLocationProvider.cpp#l1.73

I’ll second the thrift store suggestion. I picked up a Samsung BD-H5100 bluray player at the local FreeGreek for $5 and it has been nice to just pop a disc in and not worry about all the streaming shenanigans.

I’d say you might as well look for a bluray player. Second hand bluray discs are some times cheaper than the DVDs and sometimes the quality bump is nice. IMO, 4k bluray isn’t worth it. I’ve watched a few 4k blurays and while I can tell there’s a difference I’ve never felt myself missing the extra quality when watching a normal bluray.

Another option to consider is an old game console. Anything back to the ps3 has a bluray drive. (Though, not the xbox360, iirc? Also at one point Microsoft forced you to make an account and buy a license to watch blurays, so make sure that’s not a thing for any game console you consider.) And I know at least the ps3 had an official remote you could buy so you didn’t have to use a controller.

From a privacy perspective, all your options are the same as long as you don’t connect whatever you get to the internet.

I’ve always wondered if something like this would work:

Take a relatively short bit of wire, make a flat spiral at one end about the size of the button, tape that spiral to the button. Then take the other end of the wire hook it up to a relay with the other end attached to ground (or any big metal object probably). I would imagine then closing the relay is “touching” and opening the relay is “not touching”.

I have no idea if that would actually work, but it seems to me like it should. You just need something to interrupt the electric field above the “button”.

I just pulled my Bangle.js 2 back out to play with making a better reminder system for myself. It works better than any of the other open source watches I’ve had with my GrapheneOS phone. The hardware isn’t open source as far as I know, but their mobile app (fork of gadget bridge) is, as are all the apps that run on the watch, and (I think?) the watch OS.

Check your state or country’s laws, you might not even need the contract amended. In the state that I live in any contract clause that tries to prevent you from doing any work entirely on your own time with entirely your own materials is explicitly unenforceable.

Plus if it’s just a small open source library (assuming your employer is sane) it’d be a waste of money for them to even ask a lawyer to write a letter to you, because why would anyone care.

If you really care about getting it right, you can find a local employment attorney and have them explain your local laws and edit and/or negotiate your contract for you. I did that once, but I felt like it was probably a waste of the $900 I paid. (I mean, it definitely was a waste in that case because that job was a nightmare and it only lasted 2 months, lol.)

Donating to Mozilla doesn’t change any behavior in Firefox.

Also, donations to Mozilla don’t go towards Firefox development. As far as I’m aware the only way to “give” money to Mozilla Corp (who work on Firefox, as opposed to the Mozilla Foundation) is to subscribe to the VPN service they resell.

I’ve been wanting to play this for years, it seems right up my street, but I’ve never been able to get it working. No matter how much I fiddle with in-game settings, steam input, or proton, I can’t get it to do anything but immediately look down and spin the camera.

1. Post your actual configs and logs or people will only be able to guess. (Censor any secrets.)

2. My guess: It’s probably your nginx config.

3. Why are you using 0.19.4? That version is over a year old.

Be the change you want to see in the world?

I’ve always thought it would be interesting to have a shell that can (semi-?)automatically expand short flags into long flags for you.

Edit: Oh, I just saw your budget. This is ~$800, so maybe not.

There’s the Starlite 5: https://us.starlabs.systems/products/starlite?variant=55242571612540

I’ve got one. It’s got an x86 processor and runs standard fedora just fine, including pen input.

Though, I don’t use it for much because I haven’t found any note-taking software that I actually like using. I used something back in college that just created SVG pages in an HTML notebook which I absolutely loved, but I can’t find it now. It wasn’t open source so I’m guessing it might have just died.

!degoogle@lemmy.ml

Despite the name, in practice it seems to be all about getting away from all big-tech.

It’s not even over USB by default. It’s an internal binary driver API. The USB part is a custom firmware for the ESP that exposes that api via USB that the people giving the talk wrote because it’s useful for pentesting / development of exploits for other Bluetooth devices.

Yep, I’m seeing it now too. 👍

Idea Not Found

Tried creationg an account and still don’t see it.

Maybe we can find out for sure through the magic of the fediverse…

@antoniovazquezblanco@mastodon.social Is the “backdoor” mentioned in https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/ about what you shared in your RootedCON talk? If so, how worried should people using devices containing ESP32s be?

I mean, if it were a backdoor, the one thing you can be sure of is that the people who put it there wouldn’t be calling it a backdoor, ever.

Though, I think it’s worth pointing out that the while the security company’s blog calls whatever it is a “backdoor”, “backdoor” (nor “puerta” (though, I have no idea if that would be translated literally or to something else)) doesn’t appear in the the slides. So I’m going to lay that one at the marketing people trying to drum it up into something more impressive than it really is.

Huh, that is interesting. Though, that post doesn’t seem to have any info about what the backdoor is either.

Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices. […] This discovery is part of the ongoing research carried out by the Innovation Department of Tarlogic on the Bluetooth standard. Thus, the company has also presented at RootedCON, the world’s largest Spanish-language cybersecurity conference, BluetoothUSB, a free tool that enables the development of tests for Bluetooth security audits regardless of the operating system of the devices. [Emphasis mine.]

Maybe the presentation has nothing to do with the actual backdoor?

Though, this part later might seem to imply they are related:

In the course of the investigation, a backdoor was discovered in the ESP32 chip, […] Tarlogic has detected that ESP32 chips […] have hidden commands not documented by the manufacturer. These commands would allow modifying the chips arbitrarily to unlock additional functionalities, […].

Which, best I can work out, seems to be talking about the information on slide titled “COMANDOS OCULTOS” (page 39 / “41”).

If the “backdoor” is the couple of commands in red on that slide, I maintain what I said above. If it’s not talking about that and there’s another “backdoor” that they haven’t described yet, well, then ¯\_(ツ)_/¯ we’ll see what it is when they actually announce it.

I fully acknowledge there may be something I’m missing. If there’s a real vuln/backdoor here, I’m sure we’ll hear more about it.

What is this article on about?

Here’s the actual presentation: https://www.documentcloud.org/documents/25554812-2025-rootedcon-bluetoothtools/

I don’t speak Spanish and only have the slides to go off of, but this doesn’t sound like a “backdoor”. This sounds like they found the commands for regulatory testing. To do emissions testing you need to be able to make the device transmit on command so that your testing house can verify you’re within legal limits on everything.

These are commands that can be given over USB. You know what else you can do over USB? Fucking anything, these chips have a JTAG USB device. (Now, if these are commands that can’t be turned off, that would be kinda bad, I guess? But still not really a super big problem. And I don’t see anything that implies that in the slides.)

[Edit: It’s not even that this is a “backdoor” in an internal peripheral interface. I think the “backdoor” is if you have software that exposes that interface somehow? Like you’re running an example that blindly copies stuff from an external UART to this interface? Like I think that’s it?]

The tone I get from the slides is more “hey we found this cool tool for doing Bluetooth stuff that doesn’t require writing embedded software”. Which, cool. But that’s sure not the point this article is trying to make.

No, this is fallout from a patchset adding exactly the rust library you suggest to use the DMA library. And despite this only having changes in the rust/kernel tree, the maintainer of kernel/dma showed up to NAK the patch just because he doesn’t like the idea of rust code in the kernel.

Original Patch Set Thread: https://lore.kernel.org/lkml/20250108122825.136021-1-abdiel.janulgue@gmail.com/

3. FOR PURPOSES OF THIS SECTION, “THREE-DIMENSIONAL PRINTER” MEANS A COMPUTER OR COMPUTER-DRIVEN MACHINE OR DEVICE CAPABLE OF PRODUCING A THREE-DIMENSIONAL OBJECT FROM A DIGITAL MODEL

Well, that’s a broad definition. I guess to whomever wrote that, a CNC mill is also a 3d printer.