You are not logged in.
- Topics: Active | Unanswered
#501 Off-topic » Secure Boot? Yes, we've heard of it ... » 2024-07-29 09:56:15
- Altoid
- Replies: 10
Hello:
Great way to start the week:
From this morning's The Register ...
Secure Boot useless on hundreds of PCs from major vendors after key leak
Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don't use MFA, and more
Snippets from the article:
... research published last week by security boffins at firmware security vendor Binarily.
... found hundreds of PCs sold by Dell, Acer, Fujitsu, Gigabyte, HP, Lenovo and Supermicro – and components sold by Intel – using what appears to be a 12-year old test platform key (PK) leaked in 2022 ...
"An attacker with access to the private part of the PK can easily bypass Secure Boot by manipulating the Key Exchange Key database, the Signature Database, and the Forbidden Signature Database," Binarily's boffins wrote.
... not like the manufacturers using the offending PK didn't have reason to know it was untrusted ...
It said so right on the package.
Very interesting how secure the boot ended up being.
Best,
A.
Edit:
Just noticed another previous post here about this problem.
No matter: 50+ years later, Arte Johnson can still make me laugh out loud with his routines.
Much needed these days.
#502 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-28 15:44:08
Hello gl:
Howsyadoin'?
Even I have build a package or two ...
Indeed ...
But then you are a force of nature. 8^)
Give it a try ...
Basically, the problem is that my bucket list long and complicated.
ie: too many things in the air and too little time to tend to them while life happens.
But thanks for the link.
Best,
A.
#503 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-28 14:53:19
Hello:
... have to learn how to rebuild packages.
Yes, given the time and the need to actually do it.
But it is rather over my head and would have a steep learning curve for me.
... cannot learn this, if it is impossible to compile.
Yes, that makes much sense.
... installed android-sdk-platform-23 and rebuilt scrcpy ...
No, I have not.
Like I mentioned earlier on (and thanks to the infomation you provided), I was able to install scrcpy and scrcpy-server in the version available from the Ubuntu repositories ie: scrcpy v1.25.
It seems to work properly for what my needs are so I will not be needing an updated version for the time being.
eg: it works perfectly well with a USB connection, I have no need for wireless.
I suppose that the latest version (2.50) will eventually make it to the Ubuntu repositories, so if the need arises I can always try that.
Once again, than you very much for your input.
Best,
A.
#504 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-28 07:38:46
Hello:
... interesting, android-sdk-platform-23 is also available ...
... these debs are native Debian packages, which were somehow appropriated ...
Don't know if appropriated would be the proper term to use.
After all, Ubuntu is derived from Debian ie: it is a Debian based distribution, composed of free / open-source software.
Which the Debian packages you mention also are.
Why isn't android-sdk-platform-23 available in the Devuan 5 Daedalus repository?
Hmm ...
Could not say, I'm sure there's a reason for that.
That said, let's not forget how under-staffed and over-worked the Devuan crew maintaining this heroic effort acually is.
Thanks for your input.
Best,
A.
#505 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-27 19:09:27
Hello:
... installed them both (see may previous post) ...
Indeed ...
You are (of course) quite right. 8^°
Was so glad to see it that I rushed to get it installed without having read the whole of your post.
So I stand corrected, 2x my previous thanks to you. 8^)
That said, I have confirmed that the application works properly on both of the phones I have been gifted and will be able to use them as an on-screen microscope.
Some sort of an adjustable stand/holder for the things is now in the brewing stage.
Best,
A.
#506 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-27 18:30:42
Hello:
Ubuntu package scrcpy_1.25-1_amd64.deb libavformat59 (>= 7:5.0)
Ahh ...
Tried it but GDebi asks for scrcpy-server_1.25-1_all.deb which I downloaded and installed from the same repository.
Seems to work properly and now I have to see if I can find the right version of the GUI for this application as there it looks like there is more than one.
If I find that it does what I want it to do, I will explore the possibility of building the latest version with the source provided by the author.
Many thanks to all those who pitched in.
Much appreciated.
Best,
A.
#507 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-26 22:47:56
Hello:
... try installing when adding/keeping a chimaera sources.list line (in addition to daedalus)?
No.
Never thought of doing something like that.
ie: I have mix and match sources as being a Linux no-no
... or does that raise conflict with the "59" package?
No idea.
That said, I would have thought that the "59" package would somehow be compatible with the "58" package.
ie: would cover the same functions but apt is is clear with respect to the unmet dependency.
I'll see about that possibility this week-end.
Thanks for your input.
Best,
A.
#508 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-26 22:40:29
Hello:
... a simple trick.
... may cause troubles ...
Playing with fire comes to mind. 8^D
I strive to be very (very) careful with what I do to my Devuan and try, above all things, to avoid risking havok.
Yes, I do have daily backups but still ...
That said, thanks for the tip.
It may come in handy should I want to experiment with a VM.
Best,
A.
#509 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-26 21:26:04
Hello:
... better try to rebuild. This sort of practical knowledge may liberate from frustration.
Yes, I have often thought about that specific aspect of the Linux 'experience'.
ie: building a package, not frustration (which is also part of it) 8^D .
Thanking you for your confidence in my abilities, I will see if I can get something done this week-end and if so, report back.
Thank you very much for your input.
Best,
A.
#510 Re: Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-26 20:29:40
Hello:
... try to rebuild the package ...
Thank you very much for taking the time to write that up.
Much appreciated.
But I would rather avoid having to do something like that.
... one of several deb versions of libavformat58 at pkgs.org works?
Yes, I had thought of that.
But no.
GDebi will not install any of the three as there are unmet dependencies for all of them.
Seems that dependency hell is at the gates. 8^°
Thank you both for your input.
Best,
A.
#511 Desktop and Multimedia » [SOLVED] Android -> Linux screen mirroring software » 2024-07-26 12:19:40
- Altoid
- Replies: 30
Hello:
Looking for a screen mirroring application to use with an old but working smartphone camera, I came across this one which is available for Debian Bullseye but cannot find in the Devuan repositories.
I downloaded it and passed it through the GDebi package installer and the result was that there was an unmet dependency: libavformat58
This was the only unmet dependency for this package and it seems that it does not require systemd's meddling to work.
When attempting to install libavformat58, apt says it is not available but that it is referred to by another package.
Looking at the Devuan packages page, I found that this library was available for both Beowulf and Chimaera and that there was a newer (?) version, libavformat59 available for Daedalus and is already installed in my system.
I also looked at the banned packages page but scrcpy_* was not listed there.
Any one know of a suitable alternative to this screen mirroring application?
Thanks in advance.
Best,
A.
#512 Re: Other Issues » Crowd Strike's screw-up and Linux » 2024-07-22 10:46:33
Hello:
... anyone encountered this?
... problems on home computers.
This world-wide foobar is related to the use of CrowdStrike Falcon security platform software.
Not something you would find in any home computer.
What has happened clearly illustrates the lack of common sense on behalf of a great many global/critical IT players who (besides using Windows based systems), put all their security/redundancy eggs in the same basket with, as is quite evident, no exit/recovery solution in case of failure.
When (not if) this happens again, it will be much worse.
Best,
A.
#513 Other Issues » Crowd Strike's screw-up and Linux » 2024-07-22 09:08:30
- Altoid
- Replies: 3
Hello:
Found this at The Register this morning:
CrowdStrike's Falcon Sensor also linked to Linux kernel panics and crashes
Rapid restore tool being tested as Microsoft estimates 8.5M machines went down
by Simon Sharwood
CrowdStrike's now-infamous Falcon Sensor software, which last week led to widespread outages of Windows-powered computers, has also caused crashes of Linux machines.
--- snip ---
We've also spotted reports of CrowdStrike being suspected of causing problems in Debian and Rocky Linux.
Best,
A.
#514 Re: Hardware & System Configuration » [SOLVED] Huge upgrade this morning ... » 2024-07-17 10:14:00
Hello:
... started seeing errors about missing nvidia firmware recently ...
A bit late to the party but finally found the key to this.
It seems that the nouveau driver looks for a /lib/firmware/nvidia directory containing 28 directories with firmware for supported Nvidia cards neeeding non-free firmware files to work properly. ie: gaxxx, gkxxx, gmxxx, gpxxx, tegraxxx and tuxxx.
Not finding the directory, it prints out the warning.
Makes sense but should this not be part of the installation/ upgrade process?
If your Nvidia hardware is not on that list, you obviously do not need those firmware files in your system (~4.5MiB on disk).
So you either learn to live with the warning (shows up with every kernel and initramfs upgrade) or install the firmware-misc-nonfree package.
No idea why the nouveau driver looks for firmware it clearly does not need.
Is it not aware of the installed hardware to check against the supported cards that need firmware?
eg:
:~$ lspci
--- snip ---
01:00.0 VGA compatible controller: NVIDIA Corporation G96CGL [Quadro FX 580] (rev a1)
02:00.0 VGA compatible controller: NVIDIA Corporation G96CGL [Quadro FX 580] (rev a1)
--- snip ---
:~$Best,
A.
#515 Re: Hardware & System Configuration » [SOLVED] Connman panel icon not there ... » 2024-07-16 16:36:11
Hello:
... Sessions and Startup - Application Autostart list.
... add Connman to that list.
Yes, that worked.
Thanks. 8^)
Apparently no ill effects.
But if I then it try to start it via Applications -> Settings -> Connman Settings, I get a second instance of Connman on the panel.
I don't think (?) it should work like that.
ie: it should not be possible to load a second instance.
That said, I found the Settings menu entry connman-gtk.desktop in /usr/share/applications/:
:~$ cat /usr/share/applications/connman-gtk.desktop
[Desktop Entry]
Type=Application
Exec=connman-gtk
Name=Connman Settings
Categories=GTK;GNOME;Settings;X-GNOME-Settings-Panel;X-Unity-Settings-Panel;HardwareSettings
Keywords=connman;network;settings;wired;wifi;wi-fi;bluetooth;vpn;tethering
X-GNOME-Settings-Panel=connman-gtk
X-Unity-Settings-Panel=connman-gtk
Icon=preferences-system-network
:~$ Thanks for your input.
Best,
A.
#516 Hardware & System Configuration » [SOLVED] Connman panel icon not there ... » 2024-07-16 15:17:39
- Altoid
- Replies: 2
Hello:
After upgrading to Daedalus I am slowly finding bits and pieces which are not where they should be.
ie: where I expect them to be, which is not the same thing.
In Beowulf, with the now abandoned WiCD, I had the application's icon sitting on the xfce4-panel.
One click away from switching to and from my available WiFi / wired connections.
Quite handy when one of them has a problem ...
Now, in Daedalus and with Connman, this should also be happening as it I have configured it to work that way.
ie: Applications -> Settings -> Connman Settings -> Settings = Use status icon [x] and Launch to tray by default [x]
Not the case.
The icon only shows up if I start Connman from the menu and stays there till I either close it (right click -> Exit), restart the desktop or reboot the system.
Looking around, I found mention of this in a GitHub thread thread from 05/2019.
It would seem that what is needed is for Connman to install to autostart and not to the Applications -> Settings menu or maybe to both (?) and it looks like there was a patch/commit issues but ...
Would the solution be adding Connman to ~/.config?
Would it coexist peacefully with Connman Settings ?
Please advise.
Thanks in advance.
Best,
A.
#517 Re: Desktop and Multimedia » Firefox broken? » 2024-07-09 11:54:06
Hello:
... receives an SMS ...
Yes, same here.
But only to change any of the entries in previously used/verified transfer destinations or to add a new one.
Those are mostly public service accounts, municipal taxes, appartment building maintenance fees or other such payments.
... charge a fee ...
Not at the moment.
... don’t know what will ...
Eventually, we will all get screwed over.
Repeatedly and on a daily basis.
... provides 4G without recharging ...
I don't need to use my cell phone for anything but making/receiving phone calls or receiving the ocassional text message.
If I need to take photos, I have a relatively decent camera for that.
And when that is not enough, I have a pair of old smartphones which I received as gifts (no SIM installed) which have very nice screens and cameras.
I have no use for (4G) access to the web with a smartphone, never considered it to be convenient in any way.
Best,
A.
#518 Re: Desktop and Multimedia » Firefox broken? » 2024-07-09 09:53:18
Hello:
... banking sites that used to work in Firefox ...
Same here but in only one bank out of two I use.
But then that second bank decided that I can only do home banking by doing 2FA with a smartphone and only with a smartphone (!)
I have no with 2FA, it is necessary/essential but only with a smartphone? -> Just a metadata harvesting scheme.
I was unable get them to do it via text msg to my cellphone (much safer/secure), like other banks (still) do.
Or to understand that not every one has/needs or wants a smartphone.
So I told them to FO.
Won't catch me doing any banking authentications with a smartphone.
My cell phone is a very nicely working 3G Blackberry 9320, thank you very much.
Once a month I walk to an ATM and transfer the whole of my pension to the other bank.
Curiously enough, I was able to work around the problem with this other bank last using a LibreWolf.x86_64.AppImage v.123.0.1-1, with uBlock Origin 1.58.0 and Pihole 5.18.3+Unbound 1.13.1 running in a Chimaera VM inside my Daedalus box, all behind a FO router and a passive Gigabit switch.
All this while the latest PaleMoon (33.2.0) and Firefox (115.12.0esr) will not work.
No, I have not tried and will not try with Chrome ...
Best,
A.
#519 Re: Hardware & System Configuration » hddtemp not available in Daedalus » 2024-07-07 21:13:41
Hello:
... 0.3-beta15-54 is the Chimaera version. When you upgrade ...
I see ...
I had it in Beowulf and upgraded sequencially (ie: via Chimaera) to Daedalus.
@Micronaut
You could try downloading the *deb package from the Chimaera repository and then install it with the Gdebi package installer, apt or dpkg.
See here for the hows and whys.
Best,
A.
#520 Re: Hardware & System Configuration » hddtemp not available in Daedalus » 2024-07-07 18:00:44
Hello:
I'll add my bit.
What do you get ...
~$ apt-cache policy hddtemp
hddtemp:
Installed: 0.3-beta15-54
Candidate: 0.3-beta15-54
Version table:
*** 0.3-beta15-54 100
100 /var/lib/dpkg/status
~$ Just to round it out:
~$ uname -a
Linux devuan 6.1.0-22-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.94-1 (2024-06-21) x86_64 GNU/Linux
~$ ~$ apt list | grep installed | grep hddtemp
--- snip ---
hddtemp/now 0.3-beta15-54 amd64 [installed,local]
~$ If you're lucky ...
Yep ...
~$ hddtemp /dev/sdc
/dev/sdc: HITACHI HUS153030VLS300: 36 C
~$ Edit:
hddtemp is what provides conky the data for its screen printout in my desktop.
eg:
SATA0: +${execi 60 hddtemp /dev/disk/by-uuid/xxxxxxx-exxb-xcxx-xcxx-xaxcxbafexdx | cut -c 81-86}Best,
A.
#521 Re: Hardware & System Configuration » Blacklisting unused driver modules » 2024-07-03 12:09:00
Hello:
... apologize for the offtopic.
Not needed, it is related.
... recompile the kernel ...
I have thought about it more than once and will probably end up doing it down the road.
But not before I really need to do it to keep my box working properly.*
The main reason being that I have no plans to do any hardware upgrades in the foreseable future.
Save for maybe faster SAS HDDs along with a new SAS controller.
Or maybe replacing old monitors or needing a new PS with more than the stingy 540W this Sun Microsystems one puts out.
But that would be about it.
Thanks for your input.
Best,
A.
* seeing how things are going these days, before may well arrive sooner than later.
#522 Re: Hardware & System Configuration » Blacklisting unused driver modules » 2024-07-03 11:45:27
Hello:
blacklist modules in /etc/modules.d/...
Yes, so do I.
I have a number of blacklisted modules, among them the infamous mei and mei_me (a separate one for each just in case) with these stanzas ...
install mei /bin/false
and
install mei_me /bin/false
... to prevent loading if another non-blacklisted module requests it.
ie: blacklists the module and any other that depends on it.
The result is this:
~$ sudo dmesg | grep -i error
--- snip ---
[ 24.221918] udevd[427]: Error running install command '/bin/false' for module mei: retcode 1
--- snip ---
~$I have also blacklisted appletalk, ax25, firewire_ohci, gpio_ich, i8042, lpc_ich, psmouse, tpm, watchdog and intel-microcode.
I'll have to look at your list in detail, thanks for the heads-up.
As usual, I've wandered off track.
Back to the OP modules.
Seeing that blacklisting was not working I went looking for the reason while wondering if they were not baked into the kernel.
And then I found this tidbit:
~$ cat /etc/modules-load.d/cups-filters.conf
# Parallel printer driver modules loading for cups
# LOAD_LP_MODULE was 'yes' in /etc/default/cups
lp
ppdev
parport_pc
~$ I remmed all entries and rebooted and as a result, CUPS would show the job as "Processing page 1..." and stay there, with the printer not printing anything, so I undid the editing in the cups-filters.conf, issued a reprint of the same job and things were back to normal again.
My printer is local so no network printing here, at least for now.
But I'll have to poke around and try to find out which of the modules loaded can be eliminated, if any at all.
Will post back when I find out.
Thanks for your input.
Best,
A.
#523 Hardware & System Configuration » Blacklisting unused driver modules » 2024-07-02 12:35:47
- Altoid
- Replies: 5
Hello:
My newly upgraded Daedalus installation loads a couple of modules I don't need:
~$ sudo dmesg
--- snip ---
[ 26.714355] lp: driver loaded but no devices found
[ 26.722412] ppdev: user-space parallel port driver
--- snip ---~$ lsmod | grep "lp\|parport\|pdev"
parport_pc 40960 0
ppdev 24576 0
lp 20480 0
parport 73728 3 parport_pc,lp,ppdev
--- snip ---My Samsung M2020W printer is USB and uses the usbcore module:
~$ sudo dmesg
--- snip ---
[ 24.245461] usblp 6-5:1.0: usblp1: USB Bidirectional printer dev 4 if 0 alt 0 proto 2 vid 0x04E8 pid 0x3321
[ 24.245834] usbcore: registered new interface driver usblp
~$
--- snip ---Although I do have an onboard serial 8250/16550 port in my box (which I use every so often), there is no on-board parallel port in the mb.
So it seems a good idea to avoid loading it at boot time.
It seems there are two posible ways to do this:
One would be the parport=0 kernel command line, which I expect nip the whole process in-the-bud or alternatively, blacklisting the module.
Am I correct in assuming that the kernel command line option is the most efficient way?
Thanks in advance.
Best,
A.
#524 Re: Hardware & System Configuration » [SOLVED] Progressively upgraded Daedalus / dead/dangling links » 2024-07-02 11:57:32
Hello:
@GlennW
... may find a manual (diy) approach more reliable,
It sometimes is.
ie: you can see what is being done because you are doing it.
But I agree, symlinks seems to be reliable enough.
@aluma
... garbage from your previous installations.
Yes, the Beowulf -> Chimaera -> Daedalus was not exactly seamless but everything has been falling in place.
So no complaints, just a few loose ends that turn up as I go along.
~$ sudo symlinks -csrv / | grep dangling
~$ No more dangling links.
Thanks to both for your input.
Best,
A.
#525 Re: Off-topic » CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems » 2024-07-01 16:40:05
Hello:
Got the upgrade from Devuan early this morning:
Start-Date: 2024-07-01 07:09:32
Commandline: apt upgrade
Requested-By: groucho (1000)
Upgrade: openssh-client:amd64 (1:9.2p1-2+deb12u2, 1:9.2p1-2+deb12u3)
End-Date: 2024-07-01 07:09:34Log started: 2024-07-01 07:09:32
Preparing to unpack .../openssh-client_1%3a9.2p1-2+deb12u3_amd64.deb ...
Unpacking openssh-client (1:9.2p1-2+deb12u3) over (1:9.2p1-2+deb12u2) ...
Setting up openssh-client (1:9.2p1-2+deb12u3) ...
Processing triggers for man-db (2.11.2-2) ...
Log ended: 2024-07-01 07:09:34Best,
A.
Board footer
