homura1650
@homura1650@lemm.ee
- Comment on So is Israel just going to finish Palestine off? 6 days ago:
If that were the case then they would have written that into their constitution 70 years ago. And they wouldn’t have assasinated their own prime minister 30 years ago.
Heck, the current minisyet of national security Ben-Gvir was rejecting from mandatory constriction by the IDF, and convicted in an Israeli court of supporting (Jewish) terrorism after being indigted by an Israeli prosecutor.
These are not things that happen in a country that is unified in its goals.
- Comment on So is Israel just going to finish Palestine off? 6 days ago:
The Israeli government has no idea what it is doing. Literally. The current government was a barely held together coalition prior to October 7. In the direct aftermath, they formed a unity government and war cabinet that collapsed last week.
Their prime minister has been indicated on corruption and bribertmy charges, which are currently on hold for obvious reasons. By most indications his primary motivation in this matter is to stay in power himself, with Israel’s national interests being secondary.
Individual members of IDF leadership have called Israel’s stated objectives “unachievable”.
Israel simultaneously wants to live in peace as a liberal Jewish state without commiting any form of ethnic clensing; and achieve its manifest destiny of establishing a Jewish theocracy across Judea and Samaria.
These are deep questions that get to the core of what Israel is and stands for. Questions that are to be answered by the Israeli constitution in the 50s. That never happened because Israel was never able to agree on a constitution [0].
Right now, Israel is just reacting, without any long term strategic vision. Various factions are trying to use that chaos to advance their own long term vision.
[0] Which led to the big judicial reform constitutional crisis that was a giant political crisis before October.
- Comment on Tough Trolly Choices 1 week ago:
en.m.wikipedia.org/wiki/Axiom_of_choice
The axiom of choice asserts that it is possible to pick an arbitrary element from every set. Most of mathametics accepts this. However constructivist math does not.
- Comment on Do We Need Language to Think? A group of neuroscientists argue that our words are primarily for communicating, not for reasoning. 1 week ago:
The more serious formulation of the hypothesis is that communication is superimposed on a “language” capacity that evolved for cognition.
To take a completly non controversial example of how that could work, consider the more mechanical side of how language works. Our respiratory system evolved to exchange co2 and o2 with the atmosphere. Our mouth evolved to be the first stage of our digestive system. Our ears evolved for general sensory input. None of those systems evolved for communication, but are central to the mechanics of how we communicate.
In the same way, the idea was that we developed a set of genetal purpose cognitive tools, and the only thing specific to communication was the ability to serialize de-serialize those thoughts into soundwaves.
- Comment on How does the xz incident impacts the average user ? #xz 2 months ago:
I’m one of those security specialists (although not on mastodon). To be clear, if a vulnerable version of libxz were included in a distribution that we actually use; this would be an all hands on deck, drop everything until it is fixed emergency.
Having said that, for an average user, it probably doesn’t matter. First, many users just don’t have the vulnerable version installed. All things considered, it was found very quickly; so only rolling release distros would have it. Additionally, it appears that only .deb or .rpm based distributions would have it. Not because they are particularly vulnerable, the attack explicitly tests for it.
However, lets set all of this asside and assume a typical use is running a vulnerable system. In my assessment, the risk to them is still quite low. With most vulnerabilities, the hard part is discovering it. Once that happens, the barrier to exploiting it is relatively low, so you get a bunch of unrelated hackers trying to exploit any system they can find. This case is different; exploiting it requires the attackers private key. Even though the attack is now widely known, there is still only 1 organization capable of using it.
Further, this attack was sophisticated. I’m not going to go as far as others in saying that only a state actor could do it. However, it is hard to think of anyone other than a state actor who would do it. Maybe a group of college kids doing it for the
lolzresearch? But, if the motivation us lolz, I don’t see them pivoting to do anything damaging with it. And even if they wanted to, there would still only be a handful of them. In short, this is one of those cases where obscurity works. Whoever did this attack does not know or care about Joe the Linux user; and they were probably never going to risk burning it by exploiting it on a large scale.However, setting all of that asside, suppose you were using vulnerable software, and someone with the private key is interested in your home system. First, you would need to be running OpenSSH on a remotely accessible interface. [0]. Second, you would need your firewall to allow remote SSH traffic. Third, you would need your router to have port forwarding enabled; and explicitly configured to forward traffic to your OpenSSH server [1].
If all of that happens; then yes, you would be at risk.
[0] Even though the attack itself is in the libxz library, it appears to specifically target OpenSSH.
[1] Or, the attacker would need some other mechanism to get on the same network as you.
- Comment on Physics 3 months ago:
The difference between physics and magic is that physics works by describing the forces acting on a system. To predict an outcome, you just progressivly apply those forces over time.
With magic, you just specify the outcome, but not how you get there.
This is how we know that thermodynamics is magic. Conservation laws and Lagrangeans too.
- Comment on Chart to determine risk of bear attack 3 months ago:
You joke, but after cosmonaut Alexi Leonov complained about the possibility of a bear attack, the TP-82 ahotgun was standard issue on Russian spacecraft for decades.