That repository is only for the Boox60, a device from 2009. They haven’t been releasing kernels for modern devices.

They’re not that open because they steal Linux: https://web.archive.org/web/20220109040915/http://bbs.onyx-international.com/t/install-linux-or-alternate-os-and-gpl2-kernel-source/698

But is it good? I’ve purchased two Android Wear watches. They both had to be charged at least daily. Both of the watches I purchased, which were different models from different manufacturers with different charger designs, and a third watch that was shipped to me as a replacement all developed a fault where eventually they could not be charged. Google has removed the “don’t” from “don’t be evil” so even if this watch could go multiple days without charging and could be seen in bright light and didn’t unexpectedly light up in dark rooms and didn’t permanently stop charging after a year or two, I don’t know if I would want to buy one. The only problem I’ve had with my Garmin watch was that the band wore out and I had to replace it.

Some attackers check services that have already cataloged the services you are running, even on uncommon ports. You won’t hear from them unless you are running a potentially vulnerable service.

They’re headphones. Somehow we’ve managed until this point without headphone-based spy devices. How is their translation software different?

If you’re self hosting Headscale you can configure your network such that Headscale is reachable on your network with or without internet access and available from the internet.

How long until one is hijacked?

Don’t expect Gitea to make progress on federation. Forgejo is a fork of Gitea and anybody that cares about federation is probably on the Forgejo side of the fork.

Even if 1 ChatGPT query is only using 3 watt-hours, that is still substantial. People don’t make just 1 normalized ChatGPT query, whatever that means. The overall usage including training is not insignificant.

If you’re running Kubernetes, what is the point of LXC or Proxmox in this setup? Kubernetes will give better scaling and utilization.

It would be illegal to explain how this is relevant, but it would be impossible to prevent Bitcoin double spending without access to the shared ledger.

So if the site is compromised and the attacker already has access to your authenticated session and data, they can try to also obtain your password and a single TOTP code via click jacking? It doesn’t seem all that useful.

Giving a container access to the docker socket allows container escapes, but if you’re doing it on purpose with a service designed for that purpose there is no problem. Either you trust Watchtower to manage the other containers on your system or you don’t. Whether it’s managing the containers through a mounted docker socket or with direct socket access doesn’t make a difference in security.

I don’t know if anybody seriously uses Watchtower, but I wouldn’t be surprised. I know that companies use tools like Argo CD, which has a larger attack surface and a similar level of system access via its Kubernetes service user.

Mounting the docker socket into Watchtower is fine from a security perspective, but automatic updates can definitely cause problems. I used to use Rennovate and it would open a pull request to update the version.

Serious crimes like supporting “terrorism”?

Git does have a server component. When git connects to an ssh remote it executes an ssh command that needs to be present.

You’re missing GitLab. I’d be looking at GitLab or Forgejo.

But you might not need this. When you access a private Git repository, you’re normally connecting over SSH and authenticating using SSH keys. By default, if you have Git installed on a server you can SSH to and you have a Git repository on that server in a location you can access, you can use that server as a Git remote. You only really want one these services if you want the CI pipelines or collaboration tools.

This is a real thing. It turns out more people than you would think are prone to paranoia and schizophrenia and if they spend too much time talking to LLMs they start to believe that the LLM is their friend, and then that the LLM is omniscient, and then from there it can spiral out of control as the LLM makes up a world of delusions for them. It’s hard to know how many people are affected because neither the victim nor the LLM realize there is a problem, and the problem is relatively new.

The issue says at the bottom that SealedSecrets is unaffected.

At least in the past, if you had a fixed amount of work to complete, underclocking would increase overall power consumption.