How does one flash a ROM without unlocking the bootloader these days?
Shouldn't that break Android Verified Boot?
A pure GSI image could use a Google key, I suppose, but others shouldn't, right?
ozymandias117
joined 1 year ago
For whatever reason org.gtk.Gtk3theme.Breeze-Dark was deprecated
The workaround listed here: https://github.com/flathub/org.gtk.Gtk3theme.Breeze
Is to run: flatpak override --user --filesystem=xdg-config/gtk-3.0:ro
However, that exposes a little extra if you have favorite places stored
I think it works if you only expose xdg-config/gtk-3.0/colors.css, xdg-config/gtk-3.0/gtk.css, and xdg-config/gtk-3.0/settings.ini
The summary here and in the paper isn't very helpful to check what CVEs are relevant
The kernels referenced aren't supported, and it says the issues were reported upstream
Checking some of the references of the paper, it says
By the time we posted this writeup, all the distros have patched this vulnerability.
Do you know what CVEs users should check against?
eSIM requires proprietary google services to activate, so if you're planning on messing with ROMs I find physical to be easier
Isn't #2 the only option?
Websites specifying color for foreground (or background) and assuming browsers will use whatever color they're expecting for the other has always existed, and still exists
If you're getting fancy and specifying colors, you can't cheap out and not specify all colors
If the browser ignores all your colors at that point, then it's displaying as the user intended
If you only specified some of the colors, it's a bug of the website
The even crazier part to me is some chip makers we were working with pulled out of guaranteed projects with reasonably decent revenue to chase AI instead
We had to redesign our boards and they paid us the penalties in our contract for not delivering so they could put more of their fab time towards AI
It's a strange suggestion after very recently working closely with openSUSE to ensure Leap can use the same binaries as SLE, though
It doesn't have to, but GrapheneOS is designed around security first, privacy second, and usability third
If you install Fennec browser on it and open, e.g., https://www.learningcontainer.com/download/sample-pdf-file-for-testing/?wpdmdl=1566&refresh=6697dcd62a0141721228502
The PDF will display inside Firefox
The default web browser on GrapheneOS, Vanadium, doesn't parse PDF's (they're an incredibly insecure format) and passes them off to a sandboxed, hardened app specifically for that usecase
This allows rejecting more permissions than doing it in the same process
Separated over the PCIe bus with an IOMMU between it and system memory, as well as hardware switches to disable it if I'm not reachable
I haven't found a way to remove it entirely. It's the only option I've found so far, but if you know of a better designed option, I'm certainly interested
Well, a.out doesn't make much sense these days.
Gotta move to .elf
Apple's using Qualcomm modems, and the complaint seems to be around the modem
If an attacker gets access to your system, they will be able to ensure you can't get rid of their access
It will persist across operating system installs
However, this requires them to get access first