@jaseg@chaos.social cover
@jaseg@chaos.social avatar

jaseg

@jaseg@chaos.social

I am doing #electronics, #embedded programming, #python scripting, hardware security and recently some sewing. Pronouns: er/they

This profile is from a federated server and may be incomplete. For a complete list of posts, browse on the original instance.

ElleGray , to random
@ElleGray@mstdn.social avatar

some of you are taking the weighted blanket thing too far

jaseg ,
@jaseg@chaos.social avatar

@ElleGray looks neat but has a certain "fuck people who are vision-impaired" vibe to it with the raised section of the floor blending in perfectly and no markings in sight 🤔

earthshine , to random
@earthshine@hackers.town avatar

I hate the internet.

Trying to look up safe exposure limits for various wavelengths of near-UV light and 90% of the results are AI-generated garbage with top of the page statements like "UV light in the 400-550nm range is especially dangerous" like BRUH... 400 is visible spectrum. 550 is YELLOW. or shit suggesting staring directly into 405nm lasers is a-ok.

You cannot trust ANY information on the internet anymore. It's not just all lies--it's all dangerous lies.

jaseg ,
@jaseg@chaos.social avatar

@earthshine In case you're still looking for those limits since I looked into this stuff yesterday: The European workplace safety standards on this are available for free and contain formulas, tables and graphs that can be used to calculate safe doses depending on wavelength, exposed body part, CW or pulse duration and if it's laser or incoherent light.

jaseg ,
@jaseg@chaos.social avatar

@cholling A decent starting point is this overview page: https://osha.europa.eu/en/legislation/directives/directive-2006-25-ec-of-the-european-parliament-and-of-the-council-of-5-april-2006

With adblock (uBo) on, that's the first hit duckduckgo produces for me when querying "european workplace safety optical radiation".

jaseg , to random
@jaseg@chaos.social avatar

So my just catastrophically self-destructed. I was using arch with the yubikey full-disk encryption package, when the machine hung and crashed during a system update. The machine crashed exactly after the old initramfs files were cleaned up, and before the new ones were written to disk. Since the yubkikey fde thing stores the seed ("challenge") for the luks key in the initramfs, all copies of the seed are gone now, and the data on that disk is unrecoverable.

jaseg OP ,
@jaseg@chaos.social avatar

Quite the failure mode if you ask me. I guess I will be scraping that yubikey fde thing from all of my machines now, and go back to plain passphrases. Deleting the old seed files before the new ones have been written and flushed to disk is a pretty bad design error.

jaseg OP ,
@jaseg@chaos.social avatar

Update: The backup has worked and I have restored the system to working order with minimal data loss.

jaseg OP ,
@jaseg@chaos.social avatar

Update to the update: The creators of the yubikey full disk encryption thing have responded to my bug report with what is essentially a shrug emoji and the line "I hope you had [a backup]".

I don't think that's an appropriate reponse from the maintainers of a critical piece of software like this. I think if you choose to release software like this, you have a responsibility to either make it good or to at the very least warn users that it's bad.

jaseg , to random
@jaseg@chaos.social avatar

I just found an interesting genre of weird but potentially useful chip: System support PMICs for large SoCs such as BD71805 (2$, i.MX SoCs), RK809 (2$, Rockchip SoCs) or WL2868 (50ct, Omnivison SoCs). These chips provide between 7 and around a dozen DC/DC or LDO channels with digitally configurable voltage(!) through I2C, battery charge measurement, and configurable power-on sequencing. Some even have fun bonus features such as an RTC, or a built-in audio codec(?!).

jaseg OP ,
@jaseg@chaos.social avatar

All of them seem to be reasonably well-documented, so when you need like, half a dozen power rails for something, they look like a good option even stand-alone, with just a small micro instead of a full SoC next to them. I guess there's probably also Linux kernel drivers floating around for these that could be useful as a reference.

jaseg OP ,
@jaseg@chaos.social avatar

In particular the WL2868 seems fun: It has 7 LDOs with I2C-configurable output voltages at decent currents, and costs about the same as any other single LDO. It does come in a pain in the ass WLCSP with .35mm ball pitch though, so filled and capped vias are a must for that one.

jaseg , to random
@jaseg@chaos.social avatar

RF transistor manufacturer CEL tells you in their datasheets not to lick their transistors.

https://www.cel.com/documents/datasheets/CE3512K2.pdf

Screenshot of a product safety note in a datasheet containing the following text: CAUTION This product uses gallium arsenide (GaAs) of the toxic substance appointed in laws and ordinances. GaAs vapor and powder are hazardous to human health if inhaled or ingested. - Do not dispose in fire or break up this product. - Do not chemically make gas or powder with this product. - When discarding this product, please obey the laws of your country. - Do not lick the product or in any way allow it to enter the mouth.
ALT
  • Reply
    • + claudius
    filippo , to random
    @filippo@abyssdomain.expert avatar

    I'm watching some folks reverse engineer the xz backdoor, sharing some preliminary analysis with permission.

    The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().

    It's RCE, not auth bypass, and gated/unreplayable.

    More details in this thread: https://bsky.app/profile/did:plc:x2nsupeeo52oznrmplwapppl/post/3kowjkx2njy2b

    jaseg ,
    @jaseg@chaos.social avatar

    @Npars01 please, no whining in peoples' mentions

    Daojoan , to random
    @Daojoan@mastodon.social avatar

    I love that “you sound scared” has become a way to shut down critics of AI.

    …yes.

    yes, I absolutely am scared of it.

    No, I’m not ashamed of that.

    I don’t hate AI. I don't believe it’s going to destroy us terminator style.

    But I’m scared half to hell of the misinformation, political divisions, unemployment, manipulation, spam and deepfake porn and what it’s going to do to our world.

    Like it or dislike it, everyone should have a healthy level of fear about what this technology can do.

    jaseg ,
    @jaseg@chaos.social avatar

    @Daojoan "scared of AI" as in "scared of mold". Like mold, it's not going to become sentient and eat us all. But also like mold, it has a tendency to spoil previously good things, and my preferred amount of it in my (information) diet is zero with very few, carefully selected exceptions. Those exceptions, or the bries among the internet mold that is AI, are things like automatic transcription or translation.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • test
  • worldmews
  • mews
  • All magazines
    •