this day in 1990 this guy got charged

what for?
1) possessing 'burglary tools' (ie a computer program that listed every word in the dictionary in such a way that it could be used for guessing passwords for a login script). ie something like

for x in 'cat ./dict'; do echo $username; echo $x; sleep 1; done

(surely possessing a dictionary file ./dict wasn't illegal?)

2) including 20 odd lines from UNIX's login.c (which was published as part of the SystemV anyway)

people sometimes ask 'why GNU? Why free software?'

because it was only 29 years ago that people could be thrown in jail for most of their life for sharing the source code to the operating system they used, for what was basically an academic discussion of how it functioned. It would be another ~1-3 years before GNU/free versions of BSD(eg FreeBSD) were available/free and worked at all. That was what life in a proprietary world was like. That is what Microsoft would bring us back to.

Show thread

@jeffcliff Even in more contemporary times, GNU has relevance. Some years ago, my UEFI-equipped motherboard bricked itself after it *thought* I was attempting to compromise it. $1500 down the drain. Even though UEFI was "open source" (source published on Github), proprietary, vendor-specific addons are encouraged. And in this case, this proprietary add-on decided to brick my $1500 investment.

I will never trust UEFI again. To me, it is forever malware by design.

@vertigo @jeffcliff For that much, I’d expect that the board had a failsafe backup firmware. Most do, so that when something goes wrong the “live” firmware can be reflashed to factory, e.g., after a failed update due to any reason. And even if not, there is always the firmware data reset short circuit jumper.

Failures in an implementation are not failures of the system itself, merely the implementation. BIOS systems have long been proprietary and brickable...

Proprietary? Yes. Brickable? Only when reflashing. I grew up with PCs from the first Compaqs to today. After a successful flash, if it booted once, it'd always boot. No muss, no fuss.

With UEFI, whole new classes of user hostilities aren't just enabled, but actively encouraged. I am well aware of what UEFI bills itself to be. I'm equally aware of what it's become in practice.


@SuperFloppies @jeffcliff
Coreboot wouldn't have bricked my box for trying to boot Ubuntu. UEFI actually *did*. Actions speak louder than words on a whitepaper somewhere.


@vertigo @jeffcliff Please explain? I am not even sure how that is possible. UEFI is just firmware. I don’t know what you mean by “bricked”, here.

UEFI may fail to boot if the TPM is damaged and secure boot is enabled. Or if the configuration data is corrupted by a program that does not honor the conventions. Or if the keystore loses power during keyload, but since Ubuntu has a loader signed with the same key as Microsoft Windows, that last thing would be unlikely.

@vertigo @jeffcliff In any event, I’d like to hear more about what happened, as I’ve never run into it. Whitepapers are nice to refer to, but I’ve been using Arch, Fedora, and Ubuntu on Secure Boot enabled UEFI systems for several years now, and the only problems I’ve ever had, were of my own creation.

@vertigo @jeffcliff (And yes, I’m asking out of genuine interest—how did it happen, and how did you determine the root cause?)

@SuperFloppies @jeffcliff I was running Linux Mint on an old PC, and I needed to update to a newer OS. I decided to move to Ubuntu. So, I opened a partition on my drive to install Ubuntu on, which went swimmingly well.

After installing Ubuntu onto the partition, I rebooted, and asked the firmware to boot from the new partition. It failed, and booted instead from Mint.

After exactly 10 attempts of this tweak-settings-then-rebooting-then-failing cycle, the motherboard failed to boot anymore.

@SuperFloppies @jeffcliff The CPU fans stopped, power supply appeared dead, and only a single "FAULT" LED was lit on the motherboard. Reading the motherboard manual about this LED, it said I needed to call ASUS. So, I did, and they only recommended that I send them the motherboard for "factory reset" along with a $350 additional charge on top of what I'd already paid for the system.

@SuperFloppies @jeffcliff This happened despite me having configured UEFI to turn off all security features, including intrusion detection and mitigation.

Just to cover my bases, I went back to the computer shop, and had them re-test the RAM sticks, and all of them were good. Pulling the video card out also did not improve matters. The motherboard was deader than a door-nail.

I decided at that time to eat my losses and move on with a System76 laptop instead. Which still works.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!