timtzm's comments

timtzm · 2024-04-30T02:06:42.000000Z

I still want dynamic linking, but only a few trusted library files would be allowed to make system calls. Like libc. Sorry but golang would have to change to use libc.

This breaks the ABI, but it breaks it for naughty programs the most.

saagarjha · 2024-04-30T02:48:37.000000Z

OpenBSD does this; it’s not very useful unless you have strong CFI to prevent people from doing a return-oriented attack into those libraries that are in your address space. And also note that there is a lot that you can without system calls to mess with stuff :)

jdsalaro · 2024-04-30T06:58:12.000000Z

> CFI

They're referring to Control Flow Integrity [1]

[1] https://en.m.wikipedia.org/wiki/Control-flow_integrity

jiveturkey · 2024-04-30T02:12:14.000000Z

I'm not sure how it's relevant exactly to TFA. The mechanism of propagation is an existing feature of libdl that uses an environment variable. With this worm, the loader still runs exactly as before, from libc and libdl.

As to restricting syscalls from certain calling libraries, macOS has this via entitlements, and I believe OpenBSD and/or NetBSD has this in some form as well.

saagarjha · 2024-04-30T02:49:15.000000Z

Entitlements cannot protect against things in your own process. They are always used to gate clients either across a kernel-user or XPC boundary.

jiveturkey · 2024-04-30T17:05:40.000000Z

isn't that exactly what the parent was asking for? limiting syscalls.

EDIT: oh. but not limited to the caller from a specific system library.

rfoo · 2024-04-30T08:44:25.000000Z

> but only a few trusted library files would be allowed to make system calls. Like libc

This is impossible (without having to do libc.so.7) on Linux, as:

    $ nm -D /lib/x86_64-linux-gnu/libc.so.6 | grep syscall
    000000000011b520 T syscall

https://elixir.bootlin.com/glibc/glibc-2.39/source/sysdeps/u...

timtzm · 2024-03-01T20:23:36.000000Z

An open source Ipod Nano is a great idea. It could be useful for many years, much longer than a phone. I’m interested in the idea of making one that is modular too - made from little interconnected open source PCBs that you can get from say Lilygo, Seeed, DFRobot, Adafruit, Sparkfun.

I think open source and modular hardware could be a way to make electronics repairable and user-upgradeable, and also prevent future e-waste. Modularity = repair & reuse. [1] And this means you don’t have to be good at PCB design to get started.

For example I think you can make an MVP Ipod entirely out of existing adafruit modules. And sell the MVP for 2-3x BOM / distribute the design as a production model, not just a prototype.

If you get any traction, you can make a better product by designing better modules, and make them high quality, open source, and documented, so that manufacturers will pick them up and start supplying them to the community. If the modules aren't picked up by a manufacturer (with no money exchanging hands) that means the module isn't general purpose enough and would lead to future e-waste.

1. https://www.hackster.io/buildingpulse/modular-lorawan-end-no...

timtzm · on May 13, 2023

I’m experimenting with flux.ai. Browser based pcb design. It has promise and a good team.

timtzm · on March 12, 2023

I like the New Philosopher magazine.

https://www.newphilosopher.com/

timtzm · on Aug 27, 2022

Have a look at zolaelectric.com. They sell small modular solar pv + battery power units. These units are meant to be purchased by businesses (micro-generators) who then sell the power generated to their subscribers.

timtzm · on Aug 27, 2022

Hey cool I'm working on power metering for industrial chillers and hope to learn how to notice this too.