Not currently supported, as far as I’m aware. The closest you can get is to pass through a whole USB host adapter PCI device to the guest, then all devices connected to its ports will end up in the (same) VM. Proper USB passthrough isn’t ridiculously difficult to implement by any stretch, but I guess nobody’s got around to it yet.
The Bhyve FreeBSD hypervisor (called/spelled ‘beehive’ usually) was created almost 10 years ago. Right now it offers speed and features that other similar solutions provide – such…
This battle was lost a long time ago. There is no going back to sane defaults. Data collection is now the primary goal of paid and free products. You don’t own anything, and you will be happy. Of course, you can still use privacy-enabled products at home, but those options are limited, and not all your apps will be available. bsky.app/profile/ahhmandah.bsk…
've seen so many hearing aids on kids this week, often low profile, some very large, all taking wild abuse, like a child spraying his repeatedly with a water jet in a splash park
and - I feel so good about this - this is the core of accessibility - you didn't see a lot of deaf kids before because they were isolated! and now they're not!
Phillips Hue keeps threatening me they're going to shut down everything. I put their app on a side device that wont download things and I don't update it, and I put their bridge on a no-internet-access VLAN - but I'd like to just not deal with their shit.
Is there a bulb that doesn't deal with their shit?
I want to say that the last time I was over at the facilities at 525 Belmont W, the pharmacy had some on display, though I didn't pick any up at that point. It's hard to say, though, and I know that, for example, the Shoppers either uptown or downtown are often short.
Food Basics grocery stores still give away free COVID tests, but individual stores may have run out. They'll get more when the government supplies them. Call the store, or the pharmacy in the store, to see if any are available.
the Humble Bundle copy of Gratuitous Space Battles I bought years ago is causing OpenAL issues every time it makes a sound and seems to have no mute option.
Last night I had a dream that I was (kinda accidentally) elected UK Prime Minister, and I was confused as hell because I was a tourist and didn't know any of the ritual.
And I think that it's telling about the UK that my brain can find no holes in the theory that this is plausible
They also tell me to use the IP address on eth1 and the server *is FreeBSD*.
It's 11.4 so it's not dire - but it looks like they haven't updated it ever. I tried a poke at pkg and they don't have their own repo so the repo is just gone. And yes, the SSH is 8.4 from 2022.
Talking to coworkers "Remember, your laptop is 4-10x as powerful as one of the servers, your laptop has to run Slack and none of the servers take that kind of abuse"
The company I work for is really great, but the CEO is toxic as hell
Just completely and impossibly.
We had an outage and he joined the technical call, and started throwing out ideas and forced the response team to *stop* discussing the issue and *instead* explain why he was wrong.
is there any chance we entice these women into prostitution? I feel it's a more honest profession and they're less likely to regret their life choices.
Come watch some of the biggest names in Bitcoin and beyond! Join our livestream to bounce from select stage presentations, to a livedesk with rotating special guests, to your roving hosts that will be
@float13 I'm joking that half the people I know are named Peter. ... And there was a period in primary school where pretty much half of people in the class were either Martin or Kate
Thanks! Sounds like it's at least more women than any specific male name (a bar I've seen some other events and groups fail to clear) but still pretty skewed.
Is this the same conference that has more male speakers accused of sexual assault than they have female speakers? (Admittedly, I'm not sure that criteria necessarily narrows down the list of conferences)
@Hypolite Petovan I am a ginger lover, it's not popular, but it's mine
Seamus (my son) will eat candied ginger because it has the word candy in it (and I love it) then put on a giant fake smile, say "I love it", while spitting it out
@þēodrīċ I mean, probably do a very strong tea, as strong as I can get it, and then add a sugar, the problem is finding a good sugar for the yeasts to not sour, while also leaving the flavour dry
The problem with my current employer isn't the lack of technical sophistication, it's that everyone outside of the dev org thinks my skillset is fungible with every other person inside the dev org.
Despite me being hired explicitly outside the dev org's purview because it *isn't*
@Alex P. 👹 I was hired by someone who knew what they were doing and given Infrastructure and Security as purview, and now everyone says "this person does DevOps" which... hurts every time
@Alex P. 👹 the real problem is when people 1) tell the dev lead about like, DNS changes or whatever, and then they don't tell me "but it's all engineering" 2) asking me to deal with frontend JS or python code that just... I don't know
Resist the urge to be the smartest guy in the room; JD Vance fucked a couch and we just need *one* reporter to ask him about it on camera, one time - bonus points if he actually tries to respond.
ooh, ooh. someone from, like, the BBC or some fancy shmancy European news agency. that way they won't get blocked or pre-screened cuz they're not american media.
I don't have the time right now, but an ingenious mind could conceivably design and distribute among the Democratic base a new poster with JD Vance's likeness rendered in the famous style of Shepard Fairey's "HOPE" but with the word "SOFA" underneath.
we try to be charitable in our assumptions - maybe people just aren't in the habit of thinking about that - but anyway yeah, this one really ought to be obvious
Some of them I just don't get because I never heard of, such as that "stand back" one.
"X again", I don't know, "native again" would be an interesting one. Land back thing.
As for "lock him up", I do have to wonder /why/ USA presidents seem to always get away with absurd atrocities without any consequences. There are a lot of other countries where they /wouldn't/ be an exception to the law.
If they didn't want those laws to remain an issue, maybe they should've endeavored removed them while they could?
there's this thing where many USians treat politics as a spectator sport, or perhaps a Hollywood movie, rather than as something that has real consequences for people's lives. the hyper-real simulacrum of governance rather than the real thing.
@lispi314 @ireneista It's definitely egged on by horse-race style reporting, where the polls are the news and not candidates' policies or character. I mean, folks are still talking about Biden's disastrous debate performance, but I haven't heard a single word from the mainstream about how Trump spent the entire debate spouting heinous slurs about immigrants.
@lispi314 @ireneista in one of the 2020 debates Trump was asked to denounce white supremacists and specifically the Proud Boys, and he said “Proud Boys, stand back and stand by” then changed the subject to antifa
there were reports, which we have not personally confirmed, that that group immediately responded by printing up tee-shirts for themselves with the quote on it. in its practical effect, the remark was an endorsement of political violence such as Jan 6.
@ireneista @lispi314 yeah, I’d forgotten about that - I saw reports that included pictures. Publicly telling them to wait for instructions certainly isn’t denouncing them, and IIRC was near-universally seen as an endorsement
@ShadSterling @ireneista @lispi314 I can confirm that at least some shops still sell a shirt with that phrase and the initials PB, but I have no evidence that the design traces back to the Proud Boys directly.
After the giant DDoS on DynDNS I started multi-hosting my domains and almost everything else. But no one will pay for multi-cloud. And I don't get why we never learned this lesson?
So, I teach info security and IT governance certification courses.
And I have endured many years, it feels like many lifetimes, of “certifications don’t matter. Just make a home lab!” And “compliance doesn’t equal security!” From people who get paid a shit ton more than I do.
And I just want to say, accountability for this in every organization that is affected lies with the board of directors. Period. You cannot outsource accountability. There will be lawsuits. And downstream impacts.
So, you’re right. Certifications and compliance don’t equal security. But today it sure as hell seems like having a management team and BoD that can’t just say, “I had no idea automation was so risky and we needed security staff to evaluate releases” is a better option than “Fire the security staff, automate the hell out of everything, and don’t bother me until I’m back from my golf vacation.” Followed by the exhausted techs shrugging their shoulders, saluting the boss, screaming “YOLO” and hitting enter.
What a Week, Huh? refers to a panel from The Adventures of Tintin comics depicting characters Tintin and Captain Haddock that was recaptioned with a humorous exchange from a 2009 episode of the sitcom 30 Rock.
Banks are screwing my wife around. Her mom put some money in an account years ago for her, and she's pulling it out to put it somewhere more reliable, but the cheque was listed in both names, and so banks are refusing to deposit it because it's in the name of two people. So she tried to go into the bank with both of them and endorse the cheque in front of bank employees, which even then they are being a pain in the ass about. This is stupid.
I was caught in the middle of an OS update (Windows) I looked 'round and I knew there was no turning back (Windows) My mind raced and I thought, what could I do? (Windows) And I knew there was no help, no help from you (Windows) Sound of the drums beating in my heart The thunder of BSOD tore me apart
Ug, I should have paid @404 Media long ago, they are the best reporting I've seen.
But at least I paid them Wednesday and I assume that my subscription will be spent on the spirits needed to get through their next few calls to CrowdStrike.
There is something to be said about security through diversity that I am just not caffeinated enough to express right now, but really, consider maybe not making all computing infrastructure look the same if you're interested in resilience and dependability.
@winterschon hey real quick i just gotta know. if someone asks you what time you woke up do you freak out and tell them "the word you're looking for is 'arose from sleep' because i'm never woke"
@winterschon Excuse, I believe the term is in fact heterogenious betriebsumgebung, as "operating environment" implies it is part of the #environment when in fact it is part of #infrastructure instead. No need to thankme I know you are the gratitude but of course I think it is a small #correction you did not #fuckup badly too badly I would say I am glad this helps
@winterschon israel flag in bio + german flag in bio + american flag in bio + ukraine flag in bio
i have to assume you're just a genocide enthusiast at this point and i can respect being pro genocide for love of the game rather than ethnic hatred. people get too into rooting for their own teams these days and don't have good sportsmanship about genocide anymore.
Let's cut the bullshit and spell out a few things. The IT security industry is about as trustworthy as the food supplement and vitamin industry, but somehow they escaped the same reputation. Their products are overwhelmingly based on flawed ideas, and the quality of their software is exceptionally bad. And while not everyone will agree with the harshness of my words, I'll say this: Essentially everyone in IT security who knows anything in principle knows this.
Their products are flawed not just because they're badly implemented - which they are - but because they are based on a stupid idea. The idea that you improve your IT security by adding more complexity. Doing the opposite is the right approach. But you can't sell that as a product. (You can still sell it, but it's not something you just plug into your network and get security magically.)
Honestly, if we could get that one basic message out, that if their IT security is based on more complexity, not less, that they're doing it wrong, maybe we could start putting crap companies like crowdstrike or citrix out of business.
I'm mentioning citrix specifically because it really boggles my mind how they can be still in business. In case you don't remember, there were countless gov entities, hospitals, and what not, hacked in 2020, due to a really epic fuckup by citrix. It was a flaw they knew about, and hadn't provided a fix, only an unreliable workaround that sometimes didn't work.
Actually, the value of Citrix rose after that: marketscreener.com/quote/stock… These things have no consequences for these companies, it's a completely broken market. I'm reading news that crowdstrike's value dropped, I have doubts that this will be permanent.
Citrix Systems, Inc. is the world leader in software programs for access infrastructure. Net sales break down by activity as follows:
- sale of subsc...
Having worked in tech for 30 years and for multiple security companies, I 100% agree. Google is the only one I've worked for that comes close to being the exception, and I think it's just because their security expertise is hard won in keeping *themselves* secure.
Let’s not forget the other bullshiters out there like SentinelOne which is the same crap and fireye from Mandian (which I think are owned by SentinelOne). It’s just a huge bullshit nice web panels money printing machine to make C level feel good
my first ever CVEs as a security professional were in Citrix gear, and it was absolute amateur hour stuff like simple xor crypto in management comms (despite going to the effort of implementing DH to exchange the key, but then generating the params with Java's default LCG RNG and then doing ADH so it's useless against interception too). it appears they have only gotten marginally better at this a decade later.
I‘m torn on this one: If you wanna build secure systems from first principles – definitely true. In a real-world IT landscape with all its existing complexities and the everday, unsophisticated threats – I can see a case for solutions such as endpoint antivirus. Which leaves us with their subpar implementation quality.
@F30 It's still wrong. It's being used because admins don't understand how to use filesystem permissions and group policy to prevent users from running virus infested shit.
This is the reason why a lot of people in IT call these „security“ products and practices „snake oil“ - because they are as esoteric, useless and expensive as snake oil that was sold by charlatans in the Middle Ages.
@sng perhaps printing alone is enough to explain the whole madness of IT. That you cannot perform an action which was inaugurated by Gutenberg several centuries ago as reliably as a purely mechanical system is astounding. @hanno
I'd argue that the problem is even more fundamental: you can't ADD security to an existing system. You design it to be secure, or at least predictable. You can't possibly "add" it, especially not as a third party add-on.
Sadly, that is a pretty theoretical approach. How do you handle the ever-increasing complexity brought by the business side of your company and their requirements, in a landscape of an operating system and cloud services that also increase in complexity, and that the vendor that has you by the balls forces upon you? It is a overarching IT architecture issue...
And yet organisations outsource core Availability Management drivers without regards to Change Management and Contingency Planning. Perhaps if executive bonuses were linked to service availability and performance things would improve.
It's sort of the health care industry approach. You can't sell more medications if you cure diseases, right? So why would anyone work on a pill that you taken once and cures something?
Except it's worse, because biology is inherently messy and complex, but in this case we COULD* in principle, decide, as a society, to build vastly more robust, simple and reliable systems!
yup, I think a lot of the security industry cares more about the perception of security than actual security, leading to tons of snake-oil and homeopathy being used.
Honest question, have you ever seen what CrowdStrike and similar products are capable of or have you ever worked with a company using it? My guess is no.
I don't even remember when Bruce Schneier first uttered or wrote: "Security is a process, not a product."
It was decades ago, at least.
However, I'm reminded of introducing a friend (college degree in mathematics who was beginning to work as a sysadmin after a previous career as an actuary) to someone of some renown in the infosec field whom I knew (not name dropping, to protect the guilty) at a bar during RSAConf circa 2008 who told my fledgling friend something like the following:
"We make half assed solutions to intractable problems and some people pay us a LOT of money for it."
I guess I never jumped on that bandwagon, and my life of poverty seems to reflect that.
But hey, none of my computers are having issues at the moment! ;)
Meanwhile even over lunch I couldn't help but overhear some a table over talking about how their Micro$oft Teams at their work wasn't letting them reply to messages.
@bagder Companies don’t buy Crowdstrike because they want security, they buy it because they need compliance. It's never about actual security, it's checking a box.
An open source threat and mitigations management tool would be nice. With version control and what not you need for traceability towards regulators. Instead I'm writing this shit in Confluence now ...
the whole country's gonna get soooo many lectures about "political violence" from the people who think all of society will crumble if the cops don't beat the shit out of black teens and homeless people every day of the week
Years of screeching about how depraved christofascist Republicans are going to unleash the next Hitler and a real-life Handmaid's Tale age of nightmares...
But if we wish any harm upon their hatemongering, eugenics-advocating, genocidal, rapist leaders that are getting poised to destroy the world, that's... rude?
It is also shaping up to be one of those times where people in the US who "know a few things about guns" step up to their self-appointed podium to deliver their thoughts. :/
Phil Dennis-Jordan 😷
in reply to silverwizard • • •Proper USB passthrough isn’t ridiculously difficult to implement by any stretch, but I guess nobody’s got around to it yet.
silverwizard
in reply to Phil Dennis-Jordan 😷 • •@Phil Dennis-Jordan 😷 "Not missing something" is a good answer! Thanks!
I gotta figure out if I have a host I can give my homeassistant server. But thanks!
Phil Dennis-Jordan 😷 likes this.
vermaden
in reply to silverwizard • • •You can pass entire USB controller (PCI passthru) into Bhyve VM but not a USB port or USB device.
Here instructions how to do it:
vermaden.wordpress.com/2023/08…
FreeBSD Bhyve Virtualization
𝚟𝚎𝚛𝚖𝚊𝚍𝚎𝚗silverwizard likes this.