Dang, that’s a really cool phenomenon, thanks for sharing!

There may have been some restriction or legislative reason regarding ipv6 until recently - China has gone from <5% to nearly 30% IPv6 capable since 2019: https://stats.labs.apnic.net/ipv6/CN

The idea behind user mode and kernel mode is that it gives the operating system a framework to establish security permissions etc. some operating systems might take this more seriously than others, but the point is that the modes are a feature of the cpu, provided by the manufacturer.

Also, when you’re talking about “harming” the system, you should consider what’s possible in user land vs kernel mode. Kernel mode is where drivers manipulate hardware - these days, there is an additional layer of safety/abstraction done in the firmware level, so software can’t create physical damage to the hardware (like the classic “hackers can turn your computer into a bomb” advertisement).

However, the kernel can:

• trash a filesystem by writing data directly to the drive
• trash system memory (RAM)
• trash cpu registers

In kernel mode, it’s very easy to cause the OS to crash via these methods. A user mode program will have much higher level access to the system and won’t be able to cause damage so easily. Programs often crash themselves - maybe you’ve seen null pointer exceptions, or out of bounds memory exceptions - these are caused by a userland program doing something it shouldn’t (even unintentionally), and the OS intervening to stop that. However, a userland program shouldn’t be able to crash the whole OS (e.g. cause a BSOD on windows, or a kernel panic on Linux). Usually when you see that, it’s caused by a driver. Drivers run in kernel mode.

As for being able to do bad things with syscalls, you’re exactly right, and that’s why we have permissions around syscalls :)

On Linux there’s systemd.exec, seccomp, the capability framework, and of course selinux. On openbsd they have pledge (which is slightly different, but their threat model is also slightly different to begin with). I’m not sure what windows offers in this regard, from a quick search it seems there isn’t an exact equivalent of the Linux systems, but there are still security frameworks.

There are many frameworks and permissions systems that form an operating system, and each one might cover a different area. OS security is a pretty broad topic but very interesting, I encourage you to keep learning and asking questions!

Also, I just woke up and haven’t had coffee, so please bear with my rambling post.

I recently installed win10 on a 2019 Lenovo thinkpad x1 carbon, and it has similar issues. I don’t use it much, but I’ve wondered how much bloatware is affecting the cpu usage and therefore can speeds. It was running Ubuntu Linux before and while the fan came on sometimes, it was less often and less pronounced.

You could try a live Linux usb to see if you get similar results, that would point to a software issue.

Just wanted to expand a bit on your comment - Dell have a few laptop product lines, and the Latitude line is the business one that should be the most reliable/longest-supported. I’ve had a few Latitude laptops that lasted 3 years each before I changed jobs and left them behind, and was satisfied with them. Worked well with Linux which was a bigger deal back in 2015 than it is now.

Other companies are probably the same - Lenovo thinkpads are good, yoga not so much.

Totally agree about Linux, it’s come a long way in the last 10 years and you can do basically everything there now. Battery life may be affected, I think that’s one of the last areas they need to work on.

Really? I just spent 5 minutes searching for the fourteen words, and found a bunch of openly white supremacist/nazi content, with plenty of likes and retweets. Remember, Musk fired/let go most of his content and safety teams after he took the company over. You can report stuff but it won’t get taken down any more.

(Note, I won’t link the content here in case that’s against rules, but it’s really not hard to find. Look at the “ChiefBarony” and “SindriThule” accounts for example)

If you’re lucky, you can dig around in the directory the phishing page is in, and find the other parts of the phish kit - usually just a php/html page, plus some image and css assets. sometimes it gets uploaded as a zip file which you can download to view the source of the page, which can be useful to see where harvested credentials are sent to. Most of the time they’re emailed off to a burner email, but sometimes they’re saved as a text file or posted to a secondary site.

I built up quite a large collection of phish kits while working at a CERT in the past, was cool to see how simple they were.

Linus is responding to this video from Gamers Nexus: https://youtu.be/FGW3TPytTjc

It’s a long video, but the tl;dr is that LTT are getting sloppy in their reviews, making mistakes, and not fixing them in a clear manner. Additionally, there are some larger issues around a recent review of a gpu heatsink.

I see, thanks! Yeah, surfing the web without Adblock is actually horrible these days.

How do the big CDNs handle Tor traffic? Do you find you get blocked, or is it just a matter of more captchas/challenges?

Related to what you’ve posted, the Wikipedia article on room temperature superconductors has a decent history on other claims, which have all turned out to be false or only usable in very specific circumstances: https://en.m.wikipedia.org/wiki/Room-temperature_superconductor

That’s not why Google is harmful though - they’re harmful because almost all of their revenue comes from advertising - everything else they offer is just a funnel to gain data on the worlds population in order to better target advertising.

As for cloudflare - they showed their true colours last year with kiwifarms. They’ll happily host the worst websites in the world as long as they don’t get bad press.

I mean, you can say the same about nearly all hardware for sale today (coreboot etc being the exception). Being able to control what the OS is doing is enough for most enthusiasts.