RedHat was a major military contractor with job postings like this current one [archive] long before they were bought by another older and larger military contractor.

https://en.wikipedia.org/wiki/IBM_and_World_War_II

https://web.archive.org/web/20240530005438/https://www.redhat.com/en/resources/israeli-defense-forces-case-study (original is 404 for some reason)

them: fedora is the lesser evil

me: but why do they have job listings like this [archive] with requirements like “This position requires daily on-site work at Fort Meade and an active Top Secret/SCI clearance with Polygraph” ? 🤔

only hobbyists and artisans still use the standalone carrot.py that depends on peeler.

in enterprise environments everyone uses the pymixedveggies package (created using pip freeze of course) which helpfully vendors the latest peeled carrot along with many other things. just unpack it into a clean container and go on your way.

deleted by creator

deleted by creator

deleted by creator

The canonical documentation is https://www.kernel.org/doc/Documentation/filesystems/proc.rst (ctrl-f oom) but if you search a bit you’ll find various guides that might be easier to digest.

https://www.baeldung.com/linux/memory-overcommitment-oom-killer looks like an informative recent article on the subject, and reminds me that my knowledge is a bit outdated. (TIL about the choom(1) command which was added to util-linux in 2018 as an alternative to manipulating things in /proc directly…)

https://dev.to/rrampage/surviving-the-linux-oom-killer-2ki9 from 2018 might also be worth reading.

How to make your adjustments persist for a given desktop application is left as an exercise to the reader :)

I’m not sure what this comic is trying to say but in my recent experience a single misbehaving website can still consume all available swap at which point Linux will sometimes completely lock up for many minutes before the out-of-memory killer decides what to kill - and then sometimes it still kills the desktop environment instead of the browser.

(I do know how to use oom_adj; I’m talking about the default configuration on popular desktop distros.)

does your resume include a sokoban clone?

I think it depends which side of the debate one is on?

$ systemd-analyze calendar tomorrow
Failed to parse calendar specification 'tomorrow': Invalid argument
Hint: this expression is a valid timestamp. Use 'systemd-analyze timestamp "tomorrow"' instead?
$ systemd-analyze timestamp tuesday
Failed to parse "tuesday": Invalid argument
Hint: this expression is a valid calendar specification. Use 'systemd-analyze calendar "tuesday"' instead?

ಠ_ಠ

$ for day in Mon Tue Wed Thu Fri Sat Sun; do TZ=UTC systemd-analyze calendar "$day 02-29"|tail -2; done
    Next elapse: Mon 2044-02-29 00:00:00 UTC
       From now: 19 years 4 months left
    Next elapse: Tue 2028-02-29 00:00:00 UTC
       From now: 3 years 4 months left
    Next elapse: Wed 2040-02-29 00:00:00 UTC
       From now: 15 years 4 months left
    Next elapse: Thu 2052-02-29 00:00:00 UTC
       From now: 27 years 4 months left
    Next elapse: Fri 2036-02-29 00:00:00 UTC
       From now: 11 years 4 months left
    Next elapse: Sat 2048-02-29 00:00:00 UTC
       From now: 23 years 4 months left
    Next elapse: Sun 2032-02-29 00:00:00 UTC
       From now: 7 years 4 months left

(It checks out.)

Surprisingly its calendar specification parser actually allows for 31 days in every month:

$ TZ=UTC systemd-analyze calendar '02-29' && echo OK || echo not OK
  Original form: 02-29
Normalized form: *-02-29 00:00:00
    Next elapse: Tue 2028-02-29 00:00:00 UTC
       From now: 3 years 4 months left
OK
$ TZ=UTC systemd-analyze calendar '02-30' && echo OK || echo not OK
  Original form: 02-30
Normalized form: *-02-30 00:00:00
    Next elapse: never           
OK
$ TZ=UTC systemd-analyze calendar '02-31' && echo OK || echo not OK
  Original form: 02-31
Normalized form: *-02-31 00:00:00
    Next elapse: never           
OK
$ TZ=UTC systemd-analyze calendar '02-32' && echo OK || echo not OK
Failed to parse calendar specification '02-32': Invalid argument
not OK

Funny that blog calls it a “failed attempt at a backdoor” while neglecting to mention that the grsec post (which it does link to and acknowledges is the source of the story) had been updated months prior to explicitly refute that characterization:

5/22/2020 Update: This kind of update should not have been necessary, but due to irresponsible journalists and the nature of social media, it is important to make some things perfectly clear:

Nowhere did we claim this was anything more than a trivially exploitable vulnerability. It is not a backdoor or an attempted backdoor, the term does not appear elsewhere in this blog at all; any suggestion of the sort was fabricated by irresponsible journalists who did not contact us and do not speak for us.

There is no chance this code would have passed review and be merged. No one can push or force code upstream.

This code is not characteristic of the quality of other code contributed upstream by Huawei. Contrary to baseless assertions from some journalists, this is not Huawei’s first attempt at contributing to the kernel, in fact they’ve been a frequent contributor for some time.

Wasn’t Huawei trying to put a Backdoor into linux?

as far as i know, that has not happened.

what makes you think it did?

fremdscham++ 😬

The headline should mention that they’re breaking 22-bit RSA, but then it would get a lot less clicks.

A different group of Chinese researchers set what I think is the current record when they factored a 48-bit number with a quantum computer two years ago: https://arxiv.org/abs/2212.12372

I guess the news here is that now they’ve reached 22 bits using the quantum annealing technique which works on D-Wave’s commercially-available quantum computers? That approach was previously able to factor an 18-bit number in 2018.

🥂 to the researchers, but 👎 to the clickbait headline writers. This is still nowhere near being a CRQC (cryptanalytically-relevant quantum computer).

All two-letter TLDs are ccTLDs.

However, several of them are not in ISO 3166-1.

Or you could just… learn to use the modern internet that 60% of internet traffic uses? Not everyone has a dedicated IPv4 anymore, we are in the days of mobile networks and CGNAT. IPv4 exhaustion is here today.

Where are you getting 60%? Google’s IPv6 Adoption page has it under 50% still:

(while other stats pages from big CDNs show even less)

If you have ::/0 in your AllowedIPs and v6 connections are bypassing your VPN, that is strange.

What does ip route get 2a00:1450:400f:801::200e (an IPv6 address for google) say?

I haven’t used wireguard with NetworkManager, but using wg-quick it certainly adds a default v6 route when you have ::/0 in AllowedIPs.

You could edit your configuration to change the wireguard connection’s AllowedIPs from 0.0.0.0/0 to 0.0.0.0/0,::/0 so that IPv6 traffic is routed over it. Regardless of if your wireguard endpoint actually supports it, this will at least stop IPv6 traffic from leaking.

ipv4 with an extra octet

that was proposed as “IPv4.1” on April 1, 2011: https://web.archive.org/web/20110404094446/http://packetlife.net/blog/2011/apr/1/alternative-ipv6-works/