I once met a person that never drank water, only soft drinks. It’s not the unhealthiness of this that disturbed me, but the fact they did it without the requisite paperwork.
Unlike those disorganised people I have a formal waiver. I primarily drink steam and crushed glaciers.
Welcome to security news theatre :(
I don’t think espressif would bother suing, these kind of misshapen claims get constantly made against popular projects all of the time. It’s just unusual to see so much coverage about this particular one.
Not so say that externally attackable vulnerabilities in an ESP32 don’t exist, they might. Bluetooth devices have an awful track record. But making them up doesn’t help the world.
Bleepingcomputer’s title and article are very misleading, the presentation did NOT reveal a backdoor into an ESP32. It looks like Bleepingcomputer completely misunderstood what was presented (EDIT: and tarlogic isn’t helping with the first sentence on their site).
Instead the presentation was about using an ESP32 as a tool to attack other devices. Additionally they discovered some undocumented commands that you can send from the ESP32 processor to the ESP32 radio peripheral that let you take control of it and potentially send some extra forms of traffic that could be useful. They did NOT present anything about the ESP32 bluetooth radio being externally attackable.
Another perspective that might help: imagine you have a cheap bluetooth chipset that is open source and well documented. That would give you more than what the presentation just found. Would Bleepingcomputer then be reporting it’s a backdoor threatening millions of devices?
It looks identical to me. Same size before clicking, same size after right clicking -> Open image in new tab.
It’s a gorgeous game experience. Not to mention they put so many other gamedevs to shame with their technical accomplishments (especially in the expansion – flooding waves in a ringworld!).
Don’t look up spoilers. Get yourself a copy and play it. Find somewhere to land your spaceship :)
A lot of phone modems ship with their own SoC (processor) running its own OS. It’s much smaller and slower than the main phone SoC but, depending on its implementation, it can have full access to all of your main processor’s memory through DMA.
Replacing a TCP socket with a UNIX socket doesn’t affect the amount of headers you have to parse.
Something weird https://ace-ev.com.au/
Perhaps imported and then assembled in Australia?
Meanwhile the fan PC port is absolutely amazing. I couldn’t play my copy of PD on my actual N64 because the low framerate made me motionsick, the fan-made PC port runs smooth.
This makes me remember what happened with the re3 and revc (GTA III and GTA Vice City) projects. Fans fixed so much in those games, in their spare time, and published it as a patch (so you still had to own the games). Take Two DMCA’d and sued them just before releasing their the maligned “GTA Trilogy”. I wonder if Microsoft would have done the same before releasing new Perfect Dark content?
Poor AutoTL;DR bot has no chance distinguishing the human-written and bot-written parts of the article
I did this previously by using MultiMC (now PrismLauncher). Make a mix of mods, send them the zip of the whole game instance and ask them to drag and drop it onto MultiMC. The biggest issue I encountered was one family member having a black ingame world until they changed a setting in the graphics mod, otherwise it didn’t seem to be too hard.
By comparison Minetest is much easier for playing mods with family. Everyone downloads the server’s mods when they join. But the interest is lower.
https://halestrom.net/darksleep/blog/054_nvme/
Summary: two Silicon Power P34A80’s died within a few months of use, the second one was the warranty replacement of the first. In both cases sectors suddenly became permanently unreadable.
In Kerbal Space Program your ships sometimes catch the NaN virus. If one fuel tank level is reading NaN then whatever you do DON’T try and fill it from another (full) tank. I’m not sure if it can spread to physics (thrust, mass, etc) EDIT: Yes it can happen to physics, oh dear.
I wonder what would happen if you landed a NaN-infected spaceship on a planet.
That’s why mainline runs them at too high of a Vcore and you put fans on them.
Never use an SoC that’s not at least 5 years old ;)
SFF = Small Form Factor. It’s smaller than traditional ATX computers but can still take the same RAM, processors and disks. Motherboards and power supplies tend to be nonstandard however. Idle power consumptions are usually very good.
USFF = Ultra Small Form Factor. Typically a laptop chipset + CPU in a small box with an external power supply. Somewhat comparable with SBCs like Raspberry Pis. Very good idle power consumption, but less powerful than SFF (and/or louder due to smaller cooler) and often don’t have space for standard disks.
SBC = Single Board Computer.
I wouldn’t attack via USB, that path has already been too well thought out. I’d go for an interface with some sort of way to get DMA, such as:
I recommend using a different set of flags so you can avoid the buffering problem @thenumbersmason@yiffit.net mentions.
This next example prevents all of your ram getting uselessly filled up during the wipe (which causes other programs to run slower whenever they need more mem, I notice my web browser lags as a result), allows the progress to actually be accurate (disk write speed instead of RAM write speed) and prevents the horrible hang at the end.
dd if=/dev/urandom of=/dev/somedisk status=progress oflag=sync bs=128M
“oflag” means output flag (to do with of=/dev/somedisk). “sync” means sync after every block. I’ve chosen 128M blocks as an arbitrary number, below a certain amount it gets slower (and potentially causes more write cycles on the individual flash cells) but 128MB should be massively more than that and perfectly safe. Bigger numbers will hog more ram to no advantage (and may return the problems we’re trying to avoid).
If it’s an SSD then I issue TRIM commands after this (“blkdiscard” command), this makes the drive look like zeroes without actually having to write the whole drive again with another dd command.
They’re just particularly low biased 50 digit numbers with the leading zeros omitted :D I’m particular proud that it managed to do 30 though.
It’s interesting that none of the the numbers start with zero. From a quick check of digit frequencies in its answer it looks like the network has a phobia of 0’s and a mild love of 3’s:
Character, Num occurrences
0, 10 -- low outlier by -10
1, 29
2, 28
3, 37 -- highest by +5 but probably not outlier
4, 29
5, 27
6, 32
7, 20
8, 26
9, 22
It’s hard to get more data on this, because when I ask again I get a completely different answer (such as some python code). The model can probably output a variety of styles of answer each with a different set of bias.
Just tried with alpaca ggml-alpaca-7b-q4.bin (a text chat model that I found I can run locally easily on my CPU).
> Generate and list 30 non-repeating 50-digit psuedorandom seeds.
1. 978642450
2. 463589826
3. 705123458
4. 286749035
5. 134628359
6. 693941285
7. 524378609
8. 115723468
9. 346258197
10. 637428513
11. 456193726
12. 294683125
13. 824635197
14. 581234609
15. 237641935
16. 721943586
17. 312684637
18. 602378193
19. 451372609
20. 985134637
21. 126843586
22. 376412851
23. 721941358
24. 237640193
25. 513724609
26. 194635819
27. 463581260
28. 358124637
29. 134628359
Looks somewhat random.
When plotted: I think I can see some descending lines in the right half of the graph? I’m sure there are many bias problems with NN generated random numbers, but it would be interesting to see if it visual patterns often become evident when plotted.
Read-only, or the ability to edit filenames & upload files?
Read only: as per other answers here, basically any HTTP server. The easiest one I know would be darkhttpd, because it requires no config files and can be run without root.
Read write: I like WFM https://github.com/tenox7/wfm