Kevin Karhan :verified:<p>Now people may ask things like: <em>"Why?"</em> and the answer is: For a primitive approach to <a href="https://infosec.space/tags/SecureComputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureComputing</span></a>.</p><ul><li>Because loading the <a href="https://infosec.space/tags/OS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OS</span></a> into <a href="https://infosec.space/tags/RAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RAM</span></a> allows not just for a non-persistent setup like an <a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a>-<a href="https://infosec.space/tags/Terminal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Terminal</span></a> (think <a href="https://infosec.space/tags/VT320" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VT320</span></a> but better!) but being hard-wired as <a href="https://infosec.space/tags/ReadOnly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReadOnly</span></a> means it's <em>tamper proof</em> by design when combined with an intrusion-detection & tamper-proof seals: Physical Access will be detectable and Remote Access cannot cause permanent damages.</li></ul><p>And that may also be useful with other <a href="https://infosec.space/tags/ThinClient" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThinClient</span></a>-like <em>"aplianced"</em> devices.</p><ul><li>Basically for anything where <a href="https://infosec.space/tags/NetworkBoot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetworkBoot</span></a> ain't an option for <em>whatever</em> reasons!</li></ul><p><a href="https://www.youtube.com/watch?v=RuZUPpmXfT0" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/watch?v=RuZUPpmXfT0</span><span class="invisible"></span></a> via <span class="h-card" translate="no"><a href="https://bbs.kawa-kun.com/users/lazygamereviews" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lazygamereviews</span></a></span></p>
toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.
Administered by:
Server stats:
274active users
toad.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#readonly
0 posts · 0 participants · 0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@samirx" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>samirx</span></a></span> Granted AFAIK <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails</span></a></span> / <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tails</span></a> does some <a href="https://infosec.space/tags/signature" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>signature</span></a> and <a href="https://infosec.space/tags/Checksum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Checksum</span></a> checks to enshure it's integrity, as anything but the seperate <a href="https://infosec.space/tags/PersistentStorage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PersistentStorage</span></a> partition is mounted <a href="https://infosec.space/tags/ReadOnly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReadOnly</span></a>...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@dalias" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dalias</span></a></span> <span class="h-card" translate="no"><a href="https://peoplemaking.games/@eniko" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>eniko</span></a></span> Personally, I'll sooner or later have to engange the whole <a href="https://infosec.space/tags/ARMv5" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ARMv5</span></a> / <a href="https://infosec.space/tags/ARM11r7" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ARM11r7</span></a> / <a href="https://infosec.space/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPi</span></a> architecture anyway with OS/1337.</p><ul><li>Tho given it's a minimalist Linux merely booting an initramfs and never doing any writes, there should be no indurance issues.</li></ul><p>But I know a <a href="https://infosec.space/tags/readonly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readonly</span></a> - OS isn't practical and where it is people already use <a href="https://infosec.space/tags/iPXE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iPXE</span></a> & <a href="https://infosec.space/tags/iSCSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iSCSI</span></a> for <a href="https://infosec.space/tags/diskless" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>diskless</span></a> setups!</p><ul><li>THO AFAICT there should be an option to basically partition the system and only keep <code>/boot</code> on an SD card, and the rest could be on any USB mass storage device (i.e. SSD or even HDD)...</li></ul><p>That being said Raspberry Pi do have the key advantage of being by far the best in terms of <a href="https://infosec.space/tags/documentation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>documentation</span></a>.</p><p><a href="https://infosec.space/tags/OS1337" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OS1337</span></a> <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.space/tags/distro" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>distro</span></a> <a href="https://infosec.space/tags/development" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>development</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@HoustonDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>HoustonDog</span></a></span> <span class="h-card" translate="no"><a href="https://layer8.space/@hyakinthos" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>hyakinthos</span></a></span> OFC, and speed isn't even the problem as <span class="h-card" translate="no"><a href="https://infosec.space/@OS1337" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>OS1337</span></a></span> is quite smol, so stocking with the royality-free to implement <a href="https://infosec.space/tags/SPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SPI</span></a>-Interface may be an option.</p><ul><li>Sadly I've not found any <em>"<a href="https://infosec.space/tags/readonly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readonly</span></a>"</em> <a href="https://infosec.space/tags/microSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microSD</span></a> adaptors (regardless if SATA-DOM or M.2 or mSATA form factor <em>yet</em>...</li></ul><p>Which is kinda sad as I'm shure there are many systems like <a href="https://infosec.space/tags/DigitalSignage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalSignage</span></a> that are somewhat tamper-proof and in the interest of lowering maintenance should be setup as read-only, espechally on cheap flash that has very few write cycles if not lacks wear-leveling and garbage collection...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.jp/@landley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>landley</span></a></span> yeah, basically I'm looking for a stage 1 thingy that BIOS can see as bootable device and that allows to do the usual <em>"yeet kernel+initramfs into ram and floor it"</em>.</p><ul><li>Kinda <em>"<a href="https://infosec.space/tags/BootROM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BootROM</span></a>"</em> similar to <a href="https://infosec.space/tags/OptionROM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OptionROM</span></a>|s... </li></ul><p>Worst-case I could just look for some sort of <a href="https://infosec.space/tags/SATA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SATA</span></a>-DOM / -Board that offers a hardware write protection or can do <a href="https://infosec.space/tags/readonly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readonly</span></a> <a href="https://infosec.space/tags/Flash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Flash</span></a> instead...</p>
Kevin Karhan :verified:<p>-- :please_boost: 🔁 :boost_ok: :boost: :boosted:</p><p>Speaking of <a href="https://infosec.space/tags/ROMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ROMs</span></a> for <a href="https://infosec.space/tags/ix86" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ix86</span></a> / <a href="https://infosec.space/tags/amd64" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>amd64</span></a>: Does anyone know a good way to implement something like <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> in <a href="https://infosec.space/tags/ROM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ROM</span></a> like the <a href="https://infosec.space/tags/Tandy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tandy</span></a> <a href="https://infosec.space/tags/1000RL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1000RL</span></a> & <a href="https://infosec.space/tags/1000RLX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1000RLX</span></a> <a href="https://www.youtube.com/watch?v=JIEPqD4luG8&t=166s" rel="nofollow noopener" target="_blank">did</a> with <a href="https://infosec.space/tags/MSDOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSDOS</span></a> & <a href="https://infosec.space/tags/DeskMate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeskMate</span></a> (as <span class="h-card" translate="no"><a href="https://mastodon.social/@vwestlife" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>vwestlife</span></a></span> showed)...</p><ul><li>Or is this something that requires either going down the <a href="https://infosec.space/tags/PCIe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PCIe</span></a> -> <a href="https://infosec.space/tags/PCI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PCI</span></a> -> <a href="https://infosec.space/tags/ISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ISA</span></a> rabbit hole?</li></ul><p>I mean, it would be a way cleaner setup to boot OS/1337 to than booting a <a href="https://infosec.space/tags/CDROM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CDROM</span></a>? </p><ul><li>If noone has an Idea how to make this happen, is there any good way or existing solution to basically make a hardware write-protectable / <a href="https://infosec.space/tags/readonly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readonly</span></a> <a href="https://infosec.space/tags/USB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USB</span></a> flashdrive to boot from? </li></ul><p>Ideally something that can take <a href="https://infosec.space/tags/BIOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BIOS</span></a>-style ROM Chips that one can put on a board without write-enable connected so they're read-only! </p><ul><li>And yes, <span class="h-card" translate="no"><a href="https://mstdn.jp/@landley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>landley</span></a></span> may see similarities to his [deprecated] <a href="https://landley.net/code/aboriginal/" rel="nofollow noopener" target="_blank">Aboriginal Linux</a> nee <a href="https://infosec.space/tags/FirmwareLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FirmwareLinux</span></a> ...</li></ul><p>Still having like a <a href="https://infosec.space/tags/minimalist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>minimalist</span></a> <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> distro in Boot-ROM would be nifty, espechally when it comes to making a <a href="https://infosec.space/tags/SecureComputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureComputing</span></a> <em>"<a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a> <a href="https://infosec.space/tags/Terminal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Terminal</span></a>"</em>...</p><ul><li>Maybe <span class="h-card" translate="no"><a href="https://bitbang.social/@ActionRetro" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ActionRetro</span></a></span>, <span class="h-card" translate="no"><a href="https://studio8502.ca/@mos_8502" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mos_8502</span></a></span> and others can point this question to people who are firm in boot ROMs and potentially even have something at hand.</li></ul><p>(I don't expect something like a PCI(e Mini)Card but I'd not be against it!)</p><p><a href="https://infosec.space/tags/RetroComputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RetroComputing</span></a> <a href="https://infosec.space/tags/Hardware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hardware</span></a> <a href="https://infosec.space/tags/Question" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Question</span></a> <a href="https://infosec.space/tags/ix86" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ix86</span></a> <a href="https://infosec.space/tags/amd64" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>amd64</span></a></p>
Lowyat.NET<p>Wayback Machine Back Online After Last Week’s Cyberattacks <a href="https://mastodon.social/tags/internet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>internet</span></a> <a href="https://mastodon.social/tags/internetarchive" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>internetarchive</span></a> <a href="https://mastodon.social/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a> <a href="https://mastodon.social/tags/online" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>online</span></a> <a href="https://mastodon.social/tags/readonly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readonly</span></a> <a href="https://mastodon.social/tags/waybackmachine" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>waybackmachine</span></a></p><p><a href="https://www.lowyat.net/2024/335016/wayback-machine-back-online-oct-2024/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">lowyat.net/2024/335016/wayback</span><span class="invisible">-machine-back-online-oct-2024/</span></a></p>
Kevin Karhan :verified:<p>In fact I'd love to see someone actually implement <span class="h-card" translate="no"><a href="https://infosec.space/@OS1337" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>OS1337</span></a></span> as a <a href="https://infosec.space/tags/BootROM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BootROM</span></a> [or like a <a href="https://infosec.space/tags/readonly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readonly</span></a> - <a href="https://infosec.space/tags/eMMC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eMMC</span></a> for <a href="https://infosec.space/tags/ThinClient" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThinClient</span></a> if not <a href="https://infosec.space/tags/EEPROM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EEPROM</span></a>] so it can be <a href="https://www.youtube.com/watch?v=JIEPqD4luG8" rel="nofollow noopener" target="_blank">the fastest booting</a> <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> machine...</p>
Stefano Marinelli<p>One of the most fundamental yet little-known features of FreeBSD is its ability to be used in read-only mode very easily. By installing the system on a UFS file system, you just need to modify the fstab file, change "rw" to "ro," and reboot. On the next boot, the system will automatically create mount points in RAM for the main directories (/tmp, log, etc.), and it will run perfectly.</p><p>This was the main reason why, many years ago, I chose FreeBSD for almost all my embedded systems. Even today, on my Raspberry Pies, I keep the SD cards in read-only mode and use external storage in read-write mode. This ensures that, in case of an unexpected poweroff, the system will come back up, and there will be no wear on the memory card.</p><p><a href="https://mastodon.bsd.cafe/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeBSD</span></a> <a href="https://mastodon.bsd.cafe/tags/EmbeddedSystems" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EmbeddedSystems</span></a> <a href="https://mastodon.bsd.cafe/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPi</span></a> <a href="https://mastodon.bsd.cafe/tags/ReadOnly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReadOnly</span></a> <a href="https://mastodon.bsd.cafe/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SysAdmin</span></a> <a href="https://mastodon.bsd.cafe/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://mastodon.bsd.cafe/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></p>
mikwee 🎗️<p><span>My </span><a href="https://calckey.world/tags/Linux" rel="nofollow noopener" target="_blank">#Linux</a><span> </span><a href="https://calckey.world/tags/partition" rel="nofollow noopener" target="_blank">#partition</a><span> somehow became </span><a href="https://calckey.world/tags/read-only" rel="nofollow noopener" target="_blank">#read-only</a><span>. Now I have to fix this… somehow<br><br></span><a href="https://calckey.world/tags/Fedora" rel="nofollow noopener" target="_blank">#Fedora</a><span> </span><a href="https://calckey.world/tags/Help" rel="nofollow noopener" target="_blank">#Help</a><span> </span><a href="https://calckey.world/tags/KDE" rel="nofollow noopener" target="_blank">#KDE</a></p>
Simon Worthington<p><span class="h-card" translate="no"><a href="https://mastodon.social/@kuf" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kuf</span></a></span> so much important climate science needs <a href="https://openbiblio.social/tags/semantifying" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>semantifying</span></a> - making it so you can ask questions of the content as to being <a href="https://openbiblio.social/tags/readonly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readonly</span></a> - here is a recent example US Plan for Energy Decarbonisation - guess what - just one big PDF Blob - <a href="https://openbiblio.social/tags/nomorepdfblobs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nomorepdfblobs</span></a> heh? <a href="https://mastodon.social/@Snoro/111251795055220455" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@Snoro/1112517</span><span class="invisible">95055220455</span></a></p>
Dr. Tim Schatto-Eckrodt<p>As my <a href="https://social.tchncs.de/tags/weekendCodeProjects" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>weekendCodeProjects</span></a> often are web-based, I have to debug <a href="https://social.tchncs.de/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JavaScript</span></a> code that was written by an amateur (me) on a regular basis. </p><p>My N=1 sample indicates that Javascript’s variable-scoping is responsible for ~80% of issues with the code. The rest is weird type-scoping bugs and the author (again, me) trying/failing to be clever.</p><p><a href="https://social.tchncs.de/tags/NaN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NaN</span></a> <a href="https://social.tchncs.de/tags/readOnly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>readOnly</span></a> <a href="https://social.tchncs.de/tags/watMan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>watMan</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload