**** Cyborg Central ****

Old Androids Never Die, They Just Have A Few Screws Loose

Strix G15 (G532) Sound under Ubuntu Noble Numbat 24.04

May 17, 2024

You should no longer need the audio workaround from previous fixes. On Noble, change the line in /etc/modprobe.d/alsa-base.conf to

options snd-hda-intel model=1043:1433

With the above single line, my G15 now has sound that operates properly, volume control works without the workarounds. I have not tested the headphone jack yet but it likely will be functional now.

A Word about CC’s Defederation Policy

January 25, 2024

This is being posted on the site information page so I can refer people to it in lieu of a FAQ.

CyborgCentral's Mastodon server will not federate with any fediverse server that operates solely for the purpose of promoting political party propaganda. There is no difference between right wing or left wing sources in this regard; if the server exists solely for the purpose of pushing political party crap, it will be defederated.

Helpful Information

September 5, 2023

HOA MOD (n.): A moderator of a social media site, who uses enforcement of appearance rules as a tool to bully users and assert control over other people's words. Attacks are targeted, repeated, over-reaching enforcement of content rules against specific users, usually with a veneer of "nice" wording to give the attacks plausible deniability. An HOA mod values the appearance of peace and safety over truthful and open discussion, and will target users they view as "problematic."

Propaganda is Everywhere

August 21, 2023

In a recent bout of thoughtlessness, I dared to respond to a George Takei post, that spoke of voting "not being a marriage" - presumably, in the interests of convincing leftists that it's really totally completely fine to support a centrist. Of course this is complete hypocrisy, given Mr. Takei's (and most liberals) tendency to consider people who voted for Trump to be equally terrible, if not worse, than Trump himself, despite this supposed "not a marriage" take on voting.

I can kind of understand this position if you consider only Democratic candidates - after all, it is quite safe to disconnect yourself from the average Democrat's in-office accomplishments, as there are few to actually speak of (how's that Roe v. Wade replacement going, guys?) - but I'm not willing to give either group this big of an out. You want to hold Trump voters personally responsible for Trump, well, you had better take personal responsibility for your own politicians too, and everything they've done, or failed to do.

You voted for Hillary in 2016? All the blood she's spilt is on your hands, too. Hope that's okay.

That's not the point though. The worst aspect of this experience was that it happened on Mastodon - which is supposed to be different from other social media. On the one hand, it's quite easy to control your timeline by following and blocking those who you actually want to listen to; on the other, any old Democratic propagandist can start up an account on one of the big sites that are essentially impossible to reasonably de-federate from, as they have substantial numbers of interesting users you would lose as well, and thus the big site serves as a vector for NAFO and other types of centrist bullshit.

The most infuriating thing about it is, doing things the "old-fashioned" blog and RSS way, it was nearly impossible for propagandists to show up on your feed without your prior consent, and while Masto is clearly a little better about it than, say, Twitter was, it's still not good enough. We need a fully-decentralized web where every user has their own instance, and thus complete personal control over what they see, and who sees what they post.

LTT is the Fox News of Tech Journalism

August 14, 2023

I've had Linus Sebastian and his entire media group blocked for well over a year, now, following his completely bullshit and braindead "hey, let's exploit this known PopOS Steam installation bug for views!" but if you gave him a pass for it, you might want to reconsider.

Not only does GN go through several examples of inaccurate or just completely wrong statistical comparisons of hardware, they also revealed that LTT illegally sold off the prototype of Billet Labs' cooling block sample they received - and then savaged in a review.Post image

Just like Fox, LTT is marketing with a thin veil of truthiness, and should never be trusted.

NVD makes up vulnerability severity levels | daniel.haxx.se

March 6, 2023

CVSS is a shitty system

Anyone who ever gets a problem reported for their project and tries to assess and set a CVSS score will immediately realize what an imperfect, simplified and one-dimensional concept this is.

Source: NVD makes up vulnerability severity levels | daniel.haxx.se

Looks like I'm not the only one constantly irritated by the way security vulnerabilities are rated by third parties. One of the biggest annoyances I have at work is poorly-assessed CVEs turning into a series of customers freaking out over something that does not actually affect them, and the usual culprit is a bad CVSS score.

It's also a big time waster - when Ubuntu's assessment of a CVE disagrees with that of the CVSS score, it forces people to start justifying the assessments, which wastes a bunch of time talking that could've been spent fixing something important, or triaging new issues.

The elephant in this particular room is that the security companies have an obvious business motivation to over-rate CVE danger levels, as it's basically free advertising for their service. It works hand-in-hand with what I like to call "security theater CVEs" - those supposedly-massive issues that invariably have a scary-sounding name and a professionally-designed website describing in excruciating detail the bug, and how Super Genius Computer Engineer(tm), who is named and linked in multiple places on said website, conducted a Sherlock Holmes level investigation, and is now Someone You Should Trust(tm) for your computing security needs. Anything even remotely scary gets milked for every advertising dollar it can, and certainly Github, being part of MS now, has every obvious reason to play this game.

It sucks that Github is shoving this kind of crap down developer's throats, but you can set up your own Gitlab instance pretty easily these days too, so there is another choice. I highly recommend trying it out; once I'd gotten the hang of it, adding one to CC was very easy, and I even have free "on-prem" for my own CI systems.

GoDaddy: Hackers stole source code, installed malware in multi-year breach

February 17, 2023

Glad I GTFO'd the karate school's site before this happened. GoDaddy is actively trash, not simply due to their tendency to aggressively "update" their user's sites into non-functionality, but also their lack of security care, and their defense of neo-nazi Mastodon instances (in conjunction with CloudFlare, who nearly always refuses to take action, unless there is a clear legal threat).

Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack.

Source: GoDaddy: Hackers stole source code, installed malware in multi-year breach