Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "evil mode"
-
I'm getting ridiculously pissed off at Intel's Management Engine (etc.), yet again. I'm learning new terrifying things it does, and about more exploits. Anything this nefarious and overreaching and untouchable is evil by its very nature.
(tl;dr at the bottom.)
I also learned that -- as I suspected -- AMD has their own version of the bloody thing. Apparently theirs is a bit less scary than Intel's since you can ostensibly disable it, but i don't believe that because spy agencies exist and people are power-hungry and corrupt as hell when they get it.
For those who don't know what the IME is, it's hardware godmode. It's a black box running obfuscated code on a coprocessor that's built into Intel cpus (all Intell cpus from 2008 on). It runs code continuously, even when the system is in S3 mode or powered off. As long as the psu is supplying current, it's running. It has its own mac and IP address, transmits out-of-band (so the OS can't see its traffic), some chips can even communicate via 3g, and it can accept remote commands, too. It has complete and unfettered access to everything, completely invisible to the OS. It can turn your computer on or off, use all hardware, access and change all data in ram and storage, etc. And all of this is completely transparent: when the IME interrupts, the cpu stores its state, pauses, runs the SMM (system management mode) code, restores the state, and resumes normal operation. Its memory always returns 0xff when read by the os, and all writes fail. So everything about it is completely hidden from the OS, though the OS can trigger the IME/SMM to run various functions through interrupts, too. But this system is also required for the CPU to even function, so killing it bricks your CPU. Which, ofc, you can do via exploits. Or install ring-2 keyloggers. or do fucking anything else you want to.
tl;dr IME is a hardware godmode, and if someone compromises this (and there have been many exploits), their code runs at ring-2 permissions (above kernel (0), above hypervisor (-1)). They can do anything and everything on/to your system, completely invisibly, and can even install persistent malware that lives inside your bloody cpu. And guess who has keys for this? Go on, guess. you're probably right. Are they completely trustworthy? No? You're probably right again.
There is absolutely no reason for this sort of thing to exist, and its existence can only makes things worse. It enables spying of literally all kinds, it enables cpu-resident malware, bricking your physical cpu, reading/modifying anything anywhere, taking control of your hardware, etc. Literal godmode. and some of it cannot be patched, meaning more than a few exploits require replacing your cpu to protect against.
And why does this exist?
Ostensibly to allow sysadmins to remote-manage fleets of computers, which it does. But it allows fucking everything else, too. and keys to it exist. and people are absolutely not trustworthy. especially those in power -- who are most likely to have access to said keys.
The only reason this exists is because fucking power-hungry doucherockets exist.26 -
-I'm gonna learn C for real
-I'm gonna configure Vim
-I'm gonna try November
-Emacs with Evil mode is a better Vim
-I'm gonna learn eLisp
-I'm gonna learn functional programming
-Gonna use clojure for everything now!
-init.el is 400 lines long
int main() {printf("Hello World!");}
Success! 🤦♂️1 -
Emacs! Why?
Org-mode: Best note taking for work/life.
Magit: Git on steroids!
Evil-mode: Because Vim key bindings are far superior imo.
Elisp: The power to extend your editor however you want. -
Yesterday, i had to use neovim for a task on my friend's laptop. There was no WiFi and I couldn't install Emacs. This guy uses Vim a lot. He recently moved to neovim from vim. He had some Ruby codes going. I had to debug some codes(performance issues). I was reluctant to work on it but i had to. After looking at some keybindings and the plugins that guy had written, using vim was pleasure. It was fast. I could shoot up multiple terminals work on that and was instant. I wrote some plugins to indent my code which worked as it's supposed to. I used spacemacs(as it's configured properly) Emacs but there is some load time on spacemacs and there are some issues shooting up multiple spacemacs on terminals. I had just configured and started using prelude which is beautiful Emacs configuration and is fast.
After using neovim that day something hit me that i had blindly had faith in Emacs without using Vim and i use Emacs only for text editing task and terminal. I don't use it for listening music, browser and other task i can always use modern browsers and Spotify for that. Modern browsers and music players are amazing and using those in Emacs there is always a lack of functionality and UI.(modern people don't use those i think and some Emacs users i know use stripped down version of Emacs i.e. microemacs or XEmacs.
I know vi is present by default on every Linux distribution. That keybindings are same as vim and it can be configured so, it is useful for embedded devices and system architecture. I love terminals and love working on tty. That's why i guess i felt instantly tempted to keep on using vim and i loved it's performance. I checked on evil layer before but there are some issues with evil layer in Emacs like it isn't too efficient like vim. I love lisp though and clojure can be edited nicely in Vim.
Is this sin against the church of Emacs? Should i join vi vi vi? I have already dedicated my life on Emacs (check my bio). Am i tempted by the devil?4 -
Wireless printers are evil...
Mom's computer: Page with useless print on, then blank pages, then nothing.
My computer: Nothing
E-mail to printer: Printer says there's no paper. Wrong format?
Print from phone using wifi-direct (after realizing the automatic mode for this does NOTHING): Manual mode gives me confirmation box for connection on printer at least... "connecting..." one minute later connection times out.
Somehow using a wireless printer just never comes without some pain. And always when I have other stuff I should be doing...7 -
When I was an apprentice in a small company, ...
my boss told me that his company would never ship release builds, because the "evil optimization option" is responsible for breaking his code.
My first thought was that it wouldn't make any sense at all. The default option for code optimization is always set to zero.
After investigating his code, I found out that he didn't care to properly initialize his variables. The default compiler option for debug builds did implicitly initialize all variables to zero. After that I've confronted him with the fact that implicit null initialization does not conform to the standard of C and C++. He didn't believe me what I was saying and he was questioning my knowledge about C and C++. He refused to fix his code to this day, so he keeps building his libraries and applications always in debug mode.
Bonus fact: He would never build 64-bit applications, because his serialization functions do get incompatible with exisiting file formats. -
This story happened to everyone, and i am sure that if i search, i will find dozens of similar stories, but the different here is, i tried, i really tried, in a hundred different ways to achieve my goal !
When you are stuck on a problem, let's say, that you have a program, project, website ... and need to achieve something technically weird (or hard) and need some help to save you time on experimentations. The first thing a lot of people do is : Google.com && put search dorks.
But, at a moment, google gets "dirty", you use it so often that he always think to know better then you what you are looking for.
It reminds of "Ted", the movie (for thows who know it) where they asked : "Hey ! Why does google always suggest us to look for black dicks ??"
It is exactly what happened to me, i got results who doesn't have anything to do with what i was looking for !
You can give it a try now : type "semantic web RDF to RDB"
You won't find anything, except results related to : NOSQL DBs, which is totally annoying.
Something else, i once google swift to get some updates, what results did i got ? Taylor Swift ... (musician)
I often get 2 or 3 results from google, which made me thinking that i somewhat reached the end of internet, or that people are so dumb that i will have spend hours trying to figure my solutions, but, before doing that, other solutions had to be tested.
1- TOR : Google tracks his users and uses its algos and bullshits to return results as close as possible to the user's demand (big fail ...) so how about moving to a different country ? DL TOR browser, open, setup, go to US, open google (got us version YAY !) enter my keywords, and, nothing, still nothing, more results for sure, but nothing related to what i was looking for.
2- VM
Pop a VM, launch TOR, use Hidden mode, delet all cookies and stuff (it is a new VM but who knows).
Use keywords (now in UK). Here they are !! my results !!! i finally found some decent results about my keywords !
But, i have the required knowledge to do this kind of stuff, but how about people who rely heavily on google ? they can't change country, clear everything, trick google to think you are a new user, they have almost biased and flawed results. I tried duckduckgo (i love them) but they are not that efficient.
Google says not to anything evil, but they ARE EVIL, miss guiding people, suggesting corrections who have nothing to do with the keywords, or results totally unrelated in any way to the keywords while results exist in other countries ???
Ever since, i don't pay attention to google at all, and started thinking that google's algos are manipulating people, i don't know if it is done on purpose or not, but the result is the same, people have biased results based on their country, on their tag, on their ID, and the recent keywords.
During that period i was cursing google every funcking day, and i am still doing it, too much trackers, too much manipulation, i will end-up enclosing myself in darknet.4 -
I don't live in a vacuum. I need to open an occasional Adobe bs format file (Illustrator, Premiere, After Effects, Photoshop). An occasional MS Office file too (Access, Word, Excel, PowerPoint). And don't tell me LibreOffice supports .docx. It doesn't support edits suggestion mode well enough. I needed AutoCAD for a period of time.
Desktop Linux people, what do you want me to do? Go to devRant and post “windows bad” rant? Go cry on Reddit?
I too think Windows is evil and 11 is essentially malware, but when I suddenly need those things done yesterday, and my livelihood depends on that, I have no choice.
(this is part 2 of this rant: https://devrant.com/rants/10703825/...)15 -
If I could create laws, I would pass a "software usability act" which would eliminate many annoyances we face daily.
For example, the law would mandate range selection in file managers, mandate time-stamped file names in camera and voice recording apps, and require that browsers open a new tab next to the currently open tab instead of at the end, and all user interfaces must have a dark mode to reduce eye strain, and all operating systems must have a blue light filter, text editors must create a temporary copy when saving to avoid corrupting the existing file, camera applications should not corrupt the entire video file when ending unexpectedly (crashing), cancelling file operations must not cause data loss ( https://support.google.com/photos/... ), no mandatory pull-to-refresh ( https://chromestory.com/2019/07/... ), to mention a few examples.
Mobile file managers commonly lack a range selection feature (also known as shift selection or A-to-B selection), where all items between two selected items of a list can be selected immediately. ES File Explorer had this in 2012, yet many fancy new file managers still don't have this. To select many items, each item needs to be tapped individually. This is an unacceptable annoyance.
This is not to be confused with the inferior drag-to-select which requires holding the finger on the screen until all desired items are selected. Drag-to-select is not range selection, only its ugly stepsister.
Ah yes, under the imaginary software usability act, Mozilla would have to say good-bye to its evil add-on signing. "For our protection" my arse.13