You can buy discs online.

Yes. I wouldn’t be preemptively worried about it, though.

Your scan is going to try to read and maybe write each sector and see if the drive returns an error for that operation. In theory, the adapter could respond with a read or write error even if a read or write worked or even return some kind of bogus data instead of an error.

But I wouldn’t expect this to likely actually arise or be particularly worried about the prospect. It’s sort of a “could my grocery store checkout counter person murder me” thing. Theoretically yes, but I wouldn’t worry about it unless I had some reason to believe that that was the case.

I mean, you can probably create something akin to a god, but I don’t see as to whether it being open source or not would change that.

I don’t really have a problem with this – I think that it’s rarely in a consumer’s interest to choose a locked phone. Buying a locked phone basically means that you’re getting a loan to pay for hardware that you pay back with a higher service price. But I’d point out that:

• You can get unlocked phones and service now. I do. There are some privacy benefits to doing so – my cell provider doesn’t know who I am (though they could maybe infer it from usage patterns of their network and statistical analysis). It’s not a lack of unlocked service that’s at issue. To do this, Congress is basically arguing that the American consumer is just making a bad decision to purchase a plan-combined-with-a-locked-phone and forcing them not to do so.

• Consumers will pay more for cell phones up front. That’s not necessarily a bad thing – it maybe makes the carrier market more competitive to not have a large portion of consumers locked to one provider. But there are also some benefits to having the carrier selecting cell phones that they offer in that the provider is probably in a better position to evaluate what phone manufacturers have on offer in terms of things like failure rates than do consumers.

I don’t see why they wouldn’t, or couldn’t do this

There are only 52 organizations that Firefox trusts to act as CAs. An ISP isn’t normally going to be on there.

https://wiki.mozilla.org/CA/Included_Certificates

https://ccadb.my.salesforce-sites.com/mozilla/CACertificatesInFirefoxReport

If whatever cert is presented by a remote website doesn’t have a certificate signed by one of those 52 organizations, your browser is going to throw up a warning page instead of showing content. KT Corporation, the ISP in question, isn’t one of those organizations.

They can go create a CA if they want, but it doesn’t do them any good unless it’s trusted by Firefox (or whatever browser people use, but I’m using Firefox, and I expect that basically the same CAs will be trusted by any browser, so…)

IIRC Russia was talking about detaching their modules and using them to help bootstrap some new station. So I dunno if those will get brought down.

That being said, that was also when that rather pugnacious guy was running Roscosmos, and I dunno if doing a new space station is the top of Russia’s priority list for their limited budget.

kagis

Dmitry Rogozin.

kagis further

It looks like they canceled the idea of reusing the Russian ISS modules back in 2021. So I guess those are destined for SpaceX’s deorbit too.

https://en.wikipedia.org/wiki/Orbital_Piloted_Assembly_and_Experiment_Complex

The Orbital Piloted Assembly and Experiment Complex (Russian: Орбитальный Пилотируемый Сборочно-Экспериментальный Комплекс, Orbital’nyj Pilotirujemyj Sborochno-Eksperimental’nyj Kompleks;[1][2] ОПСЭК, OPSEK) was a 2009–2017 proposed third-generation Russian modular space station for low Earth orbit. The concept was to use OPSEK to assemble components of crewed interplanetary spacecraft destined for the Moon, Mars, and possibly Saturn. The returning crew could also recover on the station before landing on Earth. Thus, OPSEK could form part of a future network of stations supporting crewed exploration of the Solar System.

In early plans, the station was to consist initially of several modules from the Russian Orbital Segment (ROS) of the International Space Station (ISS). However, after studying the feasibility of this, the head of Roscosmos stated in September 2017 the intention to continue working together on the ISS.[3] In April 2021, Roscosmos officials announced plans to exit from the ISS programme after 2024, stating concerns about the condition of its aging modules. The OPSEK concept had by then evolved into plans for the Russian Orbital Service Station (ROSS), which would be built without modules from the ISS, and was anticipated to be launched starting in the mid-2020s.[4][5]

https://en.wikipedia.org/wiki/Russian_Orbital_Service_Station

The Russian Orbital Service Station (Russian: Российская орбитальная служебная станция, Rossiyskaya orbital’naya sluzhebnaya stantsiya) (ROSS, Russian: РОСС)[3] is a proposed Russian orbital space station scheduled to begin construction in 2027. Initially an evolution of the Orbital Piloted Assembly and Experiment Complex (OPSEK) concept, ROSS developed into plans for a new standalone Russian space station built from scratch without modules from the Russian Orbital Segment of the ISS.[4]

I still dunno if they’re gonna get the money for a new space station. Like, deciding to have a war in Ukraine may have kind of killed off the viability of doing a new space station.

If ISP routers are anything like the west that means they control the DNS servers and the ones on router cannot be changed, and likely it blocks 1.1.1.1 and 8.8.8.8 and so on, as Virgin Media does (along with blocking secure DNS) in the UK for example, which definitely opens up a massive attack vector for an ISP to spin up its own website with a verified cert and malware and have the DNS resolve to that when users try to access it to either download the software needed to access this Grid System or if it’s a web portal - the portal itself.

Browser page integrity – if you’re using https – doesn’t rely on DNS responses.

If I go to “foobar.com”, there has to be a valid cert for “foobar.com”. My ISP can’t get a valid cert for foobar.com unless it has a way to insert its own CA into my browser’s list of trusted CAs (which is what some business IT departments do so that they cans snoop on traffic, but an ISP probably won’t be able to do, since they don’t have access to your computer) or has access to a trusted CA’s key, as per above.

They can make your browser go to the wrong IP address, but they can’t make that IP address present information over https that your browser believes to belong to a valid site.

I’d also add, on an unrelated note, that if the concern is bandwidth usage, which is what the article says, I don’t see why the ISP doesn’t just throttle users, based entirely on bandwidth usage. Like, sure, there are BitTorrent users that use colossal amounts of bandwidth, will cause problems for pricing based on overselling bandwidth, which is the norm for consumer broadband.

But you don’t need to do some kind of expensive, risky, fragile, and probably liability-issue-inducing attack on BitTorrent if your concern is bandwidth usage. Just start throttling down bandwidth as usage rises, regardless of protocol. Nobody ever gets cut off, but if they’re using way above their share of bandwidth, they’re gonna have a slower connection. Hell, go offer to sell them a higher-bandwidth package. You don’t lose money, nobody is installing malware, you don’t have the problem come right back as soon as some new bandwidth-munching program shows up (YouTube?), etc.

I don’t really understand the attack vector the ISP is using, unless it’s exploiting some kind of flaw in higher-level software than BitTorrent itself.

A torrent should be identified uniquely by a hash in a magnet URL.

When a BitTorrent user obtains a hash, as long as it’s from an https webpage, the ISP shouldn’t be able to spoof the hash. You’d have to either get your own key added to a browser’s keystore or have access to one of the trusted CA’s keys for that.

Once you have the hash, you should be able to find and validate the Merkle hash tree from the DHT. Unless you’ve broken SHA and can generate collisions – which an ISP isn’t going to – you shouldn’t be able to feed a user a bogus hash tree from the DHT.

Once you have the hash tree, you shouldn’t be able to feed a user any complete chunks that are bogus unless you’ve broken the hash function in BitTorrent’s tree (which I think is also SHA). You can feed them up to one byte short of a chunk, try and sandbag a download, but once they get all the data, they should be able to reject a chunk that doesn’t hash to the expected value in the tree.

I don’t see how you can reasonably attack the BitTorrent protocol, ISP or no, to try and inject malware. Maybe some higher level protocol or software package.

What hardware and Linux distro would you use in this situation?

The distro isn’t likely to be a factor here. Any (non-super-specialized) distro will be able to solve issues in about the same way.

I mean, any recommendation is going to just be people mentioning their preferred distro.

I don’t know whether saltwater exposure is a concern. If so, that may impose some constraints on heat generation (if you have to have it and storage hardware in a waterproof case).

Five Guys does milkshakes with bacon. I’d think that bacon ice cream would work.

Faster isn’t always better – there’s software from the era that relied on hardware limitations to throttle itself – but I’d think that emulators probably have pretty good support for such throttling.

I can see people wanting to use retro software, but what surprises me is this being preferable to modern hardware running old software in emulation.

Especially a laptop, because I doubt that power management is that amazing on DOS.

Maybe there is something out there for which this addresses compatibility problems, but…

Too much Balatro.

If there’s a better way to configure Docker, I’m open to it, as long as it doesn’t require rebuilding everything from scratch.

You could try using lvmcache (block device level) or bcachefs (filesystem level caching) or something like that, have rotational storage be the primary form of storage but let the system use SSD as a cache. Dunno what kind of performance improvements you might expect, though.

If someone hasn’t written a software package to do so already, it’s probably possible to write one to dump and clone all the comments and posts on a server.

I’d call Reddit and the Threadiverse and Usenet and such forums. They’re just broad, with many different categories, or “meta-forums”, as compared to a site with a dedicated-to-a-single-topic forum.

Some other drawbacks of having many independent forums:

• You have to create and maintain a ton of accounts.

• Different, incompatible markup syntax.

• Often missing features (e.g. Markdown has tables; few forums let one create tables)

• Some forum systems ordered comments by time rather than parent comment, which was awful to browse.

• Often insane requirements to get an account. I can think of a few forums that were very difficult to get access to, either because the “new user” system was incompatible with some email system or just had other problems.

I mean, there are a lot of websites with “comment” sections, which is kind of a lightweight forum attached to a webpage, and they’re almost invariably awful.

I’m definitely on the same page as the EFF on this one.

One limitation that may or may not matter for your particular use case: I don’t believe that Xephyr has a mechanism to do pass-through 3d acceleration. So if you’re gonna have everything go through Xephyr, one constraint is that any window that you’re sticking in a dwm is just gonna have access to a plain-Jane framebuffer.

If you’re only managing terminal windows – you mention tmux as an alternative, so that may be what you’re going for – then that may not be a concern, though there are some accelerated virtual terminal software packages.

EDIT: I have not done this myself, but it sounds like it’s possible to run nested compositors inside Wayland.

https://old.reddit.com/r/swaywm/comments/196h5bl/is_nested_swaywm_supported/

I don’t know if that can be used in the same way, but running dwl – like the X11 dwm window manager, but a Wayland compositor – inside a host Wayland session might work, if you’re using Wayland rather than X11 as the “host” environment. I’d guess that that wouldn’t have the same limitation.

The AI trials used a combination of “smart” CCTV cameras that can detect objects or movements from images they capture and older cameras that have their videofeeds connected to cloud-based analysis.

Enough of these linked together coupled with facial recognition, and Amazon’s got the means to track people at scale.