Ye Power Trippin' Bastards@lemmy.dbzer0.comEnglish · 7 days ago

linuxsucks)...

lemmy.world

-6

Welp... that was quick (around 4 minutes to get banned at "/c/linuxsucks)...

lemmy.world

Artwork@lemmy.world to

Ye Power Trippin' Bastards@lemmy.dbzer0.comEnglish · 7 days ago

Firmware Flashing is Riskier on Linux - Lemmy.World

lemmy.world

Most Linux firmware tools (flashrom, coreboot utilities, vendor‑reverse‑engineered scripts, NVMe tools) load the firmware into ram (assume it’s ECC), trust the RAM is correct, and write directly to SPI/EC/NVME. There’s no double-buffering, memory integrity checks, vendor-grade validation, protected memory regions, or automatic rollback. If the buffer is corrupted, Linux flashes it anyway. Windows OEM flashers never trust raw RAM blindly. Because vendors don’t ship Linux flashers, users rely on flashrom, fwupd (reverse‑engineered metadata), Community EC flashers, Community NVMe firmware tools, and Coreboot scripts. Reverse‑engineering = incomplete understanding = higher brick risk. Windows uses official vendor tools with signed capsules, verified update paths, vendor QA, and recovery logic. Linux gives userspace access to /dev/mem /dev/spidev I²C/SMBus EC registers and PCI config space which is terrible for safety. Windows blocks almost all of this.

It’s sorrowful some people choose to hate, complain, ridicule, and block everything that does not fit their choice…

With just a single idea shared, a lone message posted in a community, with your finite priceless time and experience invested, you may get banned instantly, and permanently, instead of actually learning and discover together…

The single message that resulted in my immediate permanent ban:

Message

It’s not Linux, but your distribution, or you, what makes it “unsafe”.
There are numerous options to harden your Linux environment, and it’s relatively trivial to keep it safer if you ever want it, or actually stop blaming and complaining.

For example, to limit the access for root or custom group hwaccess, without much fuss but to give you an idea, for the most popular distros as Debian-based:

Add a Udev rule:

# /etc/udev/rules.d/90-hwaccess.rules

KERNEL=="mem",        GROUP="hwaccess", MODE="0660"
SUBSYSTEM=="spidev",  GROUP="hwaccess", MODE="0660"
SUBSYSTEM=="i2c-dev", GROUP="hwaccess", MODE="0660"

Set at boot:

setfacl -Rm 'g:hwaccess:rwX' -- \
    /sys/kernel/debug/ec \
    /sys/bus/pci/devices/*/config;

You may then setup SELinux, AppArmor, and secure it via SecureBoot’s shim, too.
Yet, you chose to effortlessly complain instead…

Chat

Artwork@lemmy.worldOP
link
fedilink
English
arrow-up
5
arrow-down
2·
7 days ago
Oh… I see… Thank you!
I could not even imagine such a rule when I noticed the post at home page of LemmyWorld instance, and commented on it… ^^"

Ye Power Trippin' Bastards@lemmy.dbzer0.com

yepowertrippinbastards@lemmy.dbzer0.com

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

This is a community in the spirit of “Am I The Asshole” where people can post their own bans from lemmy or reddit or whatever and get some feedback from others whether the ban was justified or not.

Sometimes one just wants to be able to challenge the arguments some mod made and this could be the place for that.

Posting Guidelines

All posts should follow this basic structure:

Which mods/admins were being Power Tripping Bastards?
What sanction did they impose (e.g. community ban, instance ban, removed comment)?
Provide a screenshot of the relevant modlog entry (don’t de-obfuscate mod names).
Provide a screenshot and explanation of the cause of the sanction (e.g. the post/comment that was removed, or got you banned).
Explain why you think its unfair and how you would like the situation to be remedied.

Rules

Post only about bans or other sanctions that you have received from a mod or admin.
Don’t use private communications to prove your point. We can’t verify them and they can be faked easily.
Don’t deobfuscate mod names from the modlog with admin powers.
Don’t harass mods or brigade comms. Don’t word your posts in a way that would trigger such harassment and brigades.
Do not downvote posts if you think they deserved it. Use the comment votes (see below) for that.
You can post about power trippin’ in any social media, not just lemmy. Feel free to post about reddit or a forum etc.
If you are the accused PTB, while you are welcome to respond, please do so within the relevant post.
Keep the comments in YPTB posts about the moderation action itself, not about the general topic in which the moderation took place.

Expect to receive feedback about your posts, they might even be negative.

Make sure you follow this instance’s code of conduct. In other words we won’t allow bellyaching about being sanctioned for hate speech or bigotry.

YPTB matrix channel: For real-time discussions about bastards or to appeal mod actions in YPTB itself.

Some acronyms you might see.

PTB - Power-Tripping Bastard: The commenter agrees with you this was a PTB mod.
YDI - You Deserved It: The commenter thinks you deserved that mod action.
YDM new - You Deserved More: The commenter thinks you got off too lightly.
BPR - Bait-Provoked Reaction: That mod probably overreacted in charged situation, or due to being baited.
CLM - Clueless Mod: The mod probably just doesn’t understand how their software works.

Relevant comms

[email protected]

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

34 users / day
463 users / week
733 users / month
766 users / 6 months
1 local subscriber
1.79K subscribers
73 Posts
883 Comments
Modlog