• 0 Posts
  • 17 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle

  • I bought dragon’s dogma: dark arisen for the switch a year or two ago. It’s pretty fun and the pawn system is a good innovation over npc party members in other games. I liked the voice lines they’d rattle off every so often… “goblins ill like fire!”

    I’m currently working my way through Elden ring on PC, which is a lot more punishing combat-wise, but definitely has superior level design. I’ll come back to DD to finish the story at some point.






  • Impossible Creatures - an RTS where you slurp up DNA from local wildlife and use that to create weird hybrids of multiple animals, then produce those as units that you control to complete missions. Great concept but I think it ended up being a bit unbalanced.

    Papers Please - pretty unique gameplay in that you had to literally read through paperwork and approve/reject people at a border crossing. Good social commentary.



  • The idea behind user mode and kernel mode is that it gives the operating system a framework to establish security permissions etc. some operating systems might take this more seriously than others, but the point is that the modes are a feature of the cpu, provided by the manufacturer.

    Also, when you’re talking about “harming” the system, you should consider what’s possible in user land vs kernel mode. Kernel mode is where drivers manipulate hardware - these days, there is an additional layer of safety/abstraction done in the firmware level, so software can’t create physical damage to the hardware (like the classic “hackers can turn your computer into a bomb” advertisement).

    However, the kernel can:

    • trash a filesystem by writing data directly to the drive
    • trash system memory (RAM)
    • trash cpu registers

    In kernel mode, it’s very easy to cause the OS to crash via these methods. A user mode program will have much higher level access to the system and won’t be able to cause damage so easily. Programs often crash themselves - maybe you’ve seen null pointer exceptions, or out of bounds memory exceptions - these are caused by a userland program doing something it shouldn’t (even unintentionally), and the OS intervening to stop that. However, a userland program shouldn’t be able to crash the whole OS (e.g. cause a BSOD on windows, or a kernel panic on Linux). Usually when you see that, it’s caused by a driver. Drivers run in kernel mode.

    As for being able to do bad things with syscalls, you’re exactly right, and that’s why we have permissions around syscalls :)

    On Linux there’s systemd.exec, seccomp, the capability framework, and of course selinux. On openbsd they have pledge (which is slightly different, but their threat model is also slightly different to begin with). I’m not sure what windows offers in this regard, from a quick search it seems there isn’t an exact equivalent of the Linux systems, but there are still security frameworks.

    There are many frameworks and permissions systems that form an operating system, and each one might cover a different area. OS security is a pretty broad topic but very interesting, I encourage you to keep learning and asking questions!

    Also, I just woke up and haven’t had coffee, so please bear with my rambling post.


  • I recently installed win10 on a 2019 Lenovo thinkpad x1 carbon, and it has similar issues. I don’t use it much, but I’ve wondered how much bloatware is affecting the cpu usage and therefore can speeds. It was running Ubuntu Linux before and while the fan came on sometimes, it was less often and less pronounced.

    You could try a live Linux usb to see if you get similar results, that would point to a software issue.


  • Just wanted to expand a bit on your comment - Dell have a few laptop product lines, and the Latitude line is the business one that should be the most reliable/longest-supported. I’ve had a few Latitude laptops that lasted 3 years each before I changed jobs and left them behind, and was satisfied with them. Worked well with Linux which was a bigger deal back in 2015 than it is now.

    Other companies are probably the same - Lenovo thinkpads are good, yoga not so much.

    Totally agree about Linux, it’s come a long way in the last 10 years and you can do basically everything there now. Battery life may be affected, I think that’s one of the last areas they need to work on.




  • If you’re lucky, you can dig around in the directory the phishing page is in, and find the other parts of the phish kit - usually just a php/html page, plus some image and css assets. sometimes it gets uploaded as a zip file which you can download to view the source of the page, which can be useful to see where harvested credentials are sent to. Most of the time they’re emailed off to a burner email, but sometimes they’re saved as a text file or posted to a secondary site.

    I built up quite a large collection of phish kits while working at a CERT in the past, was cool to see how simple they were.




  • I bought a miyoo mini plus a few weeks ago. It’s been good, I used to play snes/gba games on my phone when I used android, but now that I’ve moved to iPhone that’s much less possible (I know it’s possible - no need to tell me).

    The miyoo hardware is good, buttons are clicky, screen is excellent, cpu could be faster but it can run the one psx game I had lying around (THPS1), so I’m fairly impressed.

    The software was fine but installing OnionOS added some extra features which was nice - full english menus, OTA updates, the gameswitcher, etc.

    Even though it’s another screen to stare at, I think it’s better than looking at my phone. I’ve uninstalled a bunch of games from the phone as well, after realising how frustrating and predatory modern mobile games are. I’m happy to not internet games on my phone and work my way through the massive library of games from the golden age of gaming. Not interested in grinding for drops or lootboxes in genshin, arknights or the other big mobage.