Skip to content

World

Topics from outside of this forum. Views and opinions represented here may not reflect those of this forum and its members.

A world of content at your fingertips…

Think of this as your global discovery feed. It brings together interesting discussions from across the web and other communities, all in one place.

While you can browse what's trending now, the best way to use this feed is to make it your own. By creating an account, you can follow specific creators and topics to filter out the noise and see only what matters to you.

Ready to dive in? Create an account to start following others, get notified when people reply to you, and save your favorite finds.

Register Login
  • CiotBSDC

    The HUGEST, the MOST TREMENDOUS FreeBSD page-cache write primitive in the history of computing.
    Many people are saying it. Many. Believe me.

    "Mouarffff" 👏 😍 😇


  • CiotBSDC

    OpenBSD under QEMU

    Architecture specific notes for OpenBSD guests under QEMU, with working command lines where installation succeeds and failure points where it does not.


  • CiotBSDC

    (06/10)

    ⇒ A Final Return for OpenBSD Anti-Return-Oriented Programming Mitigations

    Return-Oriented Programming (ROP) continues to be a serious attack taking advantage of flaws in memory unsafe languages, particularly buffer overflows, to launch arbitrary code execution attacks by chaining together pieces of already existing code in loaded binaries and shared libraries, called gadgets. With the continued reliance on x86_64 CPUs in cloud and personal servers, mitigations that can meaningfully reduce the success of ROP attacks without significant overhead continue to be attractive. We propose the porting of one such software-based anti-ROP mitigation proposed by OpenBSD: compile-time instruction rewriting to avoid opportunities for ROP exploitation. We bring this mitigation, originally developed for the custom OpenBSD implementation of the LLVM compiler suite, to GCC by way of a standalone utility that sits in between the compiler and the assembler and rewrites potential gadget instructions before assembly into object code. Our utility provides a minimal reduction in gadgets with some penalties in binary sizes and performance impacts. We compare our GCC-ported standalone utility to the original OpenBSD LLVM mitigation and discovered that our standalone utility is weaker compared to the original LLVM-based mitigation. However, due to the overall weak reduction in gadgets for both the LLVM-based and GCC-based implementations, we conclude that seemingly obvious mitigations may prove to be anything but, and caution providing security improvements without significant testing and evaluation.


    ping: https://bsd.network/@bcallah/116725877009964245


    It seems to be my 200th post here😉


  • CiotBSDC

    (06/10) ⇒ OpenBSD stories—Trojaned OpenSSH This is a story I had been considering writing for a long time, as many wrong or stupid things have been said or written at the time it happened. Being on a quite sensitive subject, I have however opted to redact a few things, especially the identity of two OpenBSD developers, as well as some IP addresses and other minor details which could help identify them. They will be referred to as dev1 and dev2 in this story. It does not matter who they are, and they really are trustworthy. http://miod.online.fr/software/openbsd/stories/trojan.html Very interesting! Pleaseant to read…
  • grahamperrinG

    https://www.youtube.com/watch?v=xCtFeukJs-E

    Video, fifteen minutes. Cross-posted from r/freebsd,

    FreeBSD was only a small part of the chat. In the greater part, Kris Moore discussed, amongst other things:

    • community
    • ZFS
    • total cost of ownership.

    Meet the TrueNAS Leadership Team | Open Enterprise Storage


    @grahamperrin Not sure what you mean, but it's OK.
  • stefanoS

    Dear friends of the BSD Cafe,
    One of the principles this place was built on has always been free communication. Whether on the Fediverse or on Matrix, the goal is the same: open, secure, private, decentralized tools. Because we know, from experience, that anything centralized will sooner or later come to an end.
    Matrix is great, and we like it. But it's tied to its server - you can't migrate away (easily). It does its job well, yet sometimes it asks for more than a conversation should: heavy to host, hard to leave.
    So when my friend @outofcreativity@exquisite.social brought it up again at EuroBSDCon, I decided to give Delta Chat another try after many years. And yes - its philosophy fits mine, and the Cafe’s, well.

    For a few months we ran a relay - a chatmail server - but it was on Debian, and I didn't want to make an official service that runs on Debian. Not because it doesn't work: it works perfectly. But because it wouldn't be in the spirit of this place.

    Thanks to @feld@friedcheese.us 's excellent cookbook recipe, I also kept a private relay of my own running for months, just to test it. It held up beautifully. So yesterday, with the help of some friends in the cookbook chat, I migrated the Debian server to FreeBSD - accounts and data included - and I can finally call it a stable, official Cafe service.

    Our chatmail relay - https://chatmail.bsd.cafe - runs on FreeBSD, in a jail. Which means it gets everything the other services get: hourly backups via zfs send and receive, FreeBSD's security, and all the rest.

    I'd encourage everyone to try Delta Chat. Secure, decentralized communication built on protocols we already know and trust: the ones behind email. And the development is moving fast. Multi-relay is no longer a promise - it's here, and it's solid: a single profile can use several relays at once, so your account and your reachability survive even if one of them goes down and disappears. That's real resilience. The real decentralization, the one we love.

    Because Signal is great. But Signal, too, is centralized. And we happen to like the true spirit of the Internet.


    read more →
    @etrigan63 Yes, I have replied
  • CiotBSDC

    ⇒ NetBSD Foundation 2026 Annual General Meeting: Board, Core, and Team Reports

    The NetBSD Foundation’s 2026 AGM covers progress on NetBSD 11.0 (now at RC5), the CVS-to-Git/Mercurial migration, and infrastructure challenges like LLM scraping and hardware aging. Highlights include five Google Summer of Code projects, CNA onboarding for security advisories, and plans to streamline release cycles. The full IRC log details team updates from core, admins, releng, and security.


    GNATS, wow. https://www.netbsd.org/developers/PR.html
  • etrigan63E

    I tried installing 7.8 but once I get the installer started it blows up. I should have taken some screenshots but I needed my laptop operational again so i reloaded CachyOS (don't hate me, it works out of the box).

    Here are the specs:

    • Framework 13
    • AMD Ryzen 7 7840
    • 64GB RAM
    • AMD 780M Integrated Graphics
    • 2TB nvme drive
    • Intel AX210 wifi/bt card.

    I've gotten FreeBSD installed but can't get a graphical login to save my life.
    GhostBSD hangs at Stage 2 of the boot process (when the terminal first clears to report a bunch of stuff before switching to graphics).

    i truly want to give a BSD a real go as a laptop daily driver, but I am flummoxed at every turn.


    @Jan ohhh, interesting! The only question left is whether it's possible to install it from Fuguita. At the very least, this should let you know which devices are being detected correctly.
  • etrigan63E

    Since it is schedule for a June 16 release (more or less), I am going to wait till then to give it a whirl with my test NUC before going on to my Framework 13A. Omfreebdy looks like it will set up most of the stuff I wanted, so let's see what happens.


  • etrigan63E

    <SOAPBOX>
    "AI" is a marketing term. It is catchier and more futuristic than Large Language Models.

    While true, self-aware and conscious artificial intelligence is a goal, we are not there yet.
    https://castle.princeton.edu/the-7-levels-of-ai/

    If you are gung-ho about it, try dog-fooding it for a while on real work. I did. I used "AI" to help me sift through an Internet's worth of Linux and BSD documentation to come up with a simple, cohesive set of installation instructions. Goals were stated, targets set, hardware identified, and all it was able to produce was either a half-assed system that kind of worked or failed utterly. The latter more than the former. It got confused a lot on the details (either hallucinating up stuff or reading from old docs) and had to be reminded to double-check everything versus the latest documentation. It also had a habit of over-complicating things. At one point it wanted me to install nix (the package manager) on Void Linux as part of it's plan to allow me to install Brave browser.

    The graphics stuff is cute and getting better, but is killing off any art form really worth it? Sure, some tools (like "AI" masking) are very useful. But generating photographic quality images as opposed to hiring a photographer is not very cricket. Plus, legally, all fully "AI" generated images or videos cannot be copyrighted and are automatically in the public domain. The same with code.

    I am done now
    </SOAPBOX>


    @grahamperrin That was poorly written. Better said that a whole lot of money is being dumped into marketing these product before they are fully baked.
  • grahamperrinG

    https://opensats.org/

    Help us to provide sustainable funding for free and open-source contributors working on freedom tech and projects that help bitcoin flourish.

    https://opensats.org/about

    Open Sats Initiative, Inc. (EIN 85-2722249) is a 501(c)(3) public charity which aims to fund Bitcoin-related free and open-source projects and associated education and research initiatives.

    We want to see contributors to Bitcoin and FOSS (free and open-source) tools supported by a sustainable ecosystem and consistent funding, so we set up a foundation to do just that. Donors can come to the OpenSats website and either recommend gifts to specific project areas or contribute to our general fund.

    Grants are distributed periodically by our board. We evaluate and assess applications to make sure any grants are awarded to high impact projects in the Bitcoin space. We distribute grants to a wide variety of contributor types (developers, designers, researchers, educators, reviewers, and the like), but only to those working on Bitcoin and open-source projects that will improve public access to Bitcoin infrastructure.


    For the record: I don't use Bitcoin, or anything like it. I learnt of the organisation through Git commit log messages for an open source project – OpenSats Initiative is a sponsor.
  • grahamperrinG

    https://www.reddit.com/r/freebsd/comments/1ty5njr/pkgbase_major_upgrade_from_freebsd_144_to_151rc2/

    This upgrade blended:

    • part of the official announcement for 15.1-RC2 – altered for compatibility with the major upgrade
    • part of Emrion's https://forums.freebsd.org/posts/762515 – adapted for my preferred shell, /bin/tcsh.

    Packages for the third release candidate, RC3, were not available at the time.


  • CiotBSDC

    FediMeteo, HAProxy, and the art of not wasting snac threads

    How FediMeteo uses HAProxy caching, static pages, and small FreeBSD jails to keep snac quiet and serve ActivityPub traffic efficiently


    ping: https://framapiaf.org/@stefano@bsd.cafe/116594469088938821


    ⇒ (06/05) Aggressive caching for a Mastodon reverse proxy: what to cache, what to never cache, and why content negotiation will eventually betray you how to cache Mastodon with nginx on FreeBSD while handling content negotiation correctly, covering cache keys for HTML/ActivityPub/JSON variants, bypass rules for private traffic, and TTL strategies for assets, media, and dynamic pages. The guide includes production-tested configurations for thundering-herd protection, failover, and logging to verify cache behavior. https://it-notes.dragas.net/2026/06/05/aggressive_caching_for_a_mastodon_reverse_proxy/
  • CiotBSDC

    ⇒ (06/05) FreeBSD Jails

    The classic system administration changed a lot in a decade. Virtualization and container technology went through a remarkable improvement. (…) FreeBSD Jails don’t compete with containers. They don’t substitute virtual machines. Jails just fill a gap.


  • etrigan63E

    So I was testing to see if the MidnightBSD install image would blow up on my Framework 13A and I am happy to report that it did not. I did not start the installer but switched to the LiveCD and as all of the system messages popped up successfully the last message before the login was the start of the aged service. Very sad considering that this project was the first to resist age attestation by prohibiting its license in states/countries where age attestation laws exist.


    Many scholarly works on modern politics (real ones, not the ones focusing on the trends being artificially promoted by one side or the other) draw the political spectrum as a line graph with moderates in the middle and the left/right heading off in their respective directions. My personal observation is that this graph should not be a line but a circle. Starting with moderates and branching off as before, but both sides ending up at absolute totalitarianism regardless of which side you take. @tomaoki your model is correct and on my graph the ideals would be located at the 90 degree and 270 degree positions with anarchy at the 135 and 225 positions.
  • grahamperrinG

    https://opensource.org/blog/open-source-organizations-weigh-in-on-age-attestation

    https://mastodon.social/@FreeBSDFoundation/116676767603367392

    The FreeBSD Foundation has joined the Open Source Initiative (OSI), the Apereo Foundation, and the Open Source Technology Improvement Fund (OSTIF) in issuing a joint statement on age-attestation requirements for operating systems.

    Cross-posted to Reddit.

    Home pages of the four signatories:

    The Apero Foundation presents the statement as HTML, alongside a link to the PDF. Quoted below.


    read more →
    I agree and this is what politicians don't get.
  • grahamperrinG

    https://www.blackduck.com/content/dam/black-duck/en-us/reports/rep-ossra.pdf

    The “Open Source Security and Risk Analysis” (OSSRA) report has been the industry’s definitive look at the state of open source code for a decade. Each year, we analyze anonymized findings from commercial codebases audited by the Black Duck Audit Services team, and this provides an unmatched, real-world view of how open source is used—and sometimes misused—across every major industry. This year’s findings document a pivotal moment: The explosion of AI-assisted development has fundamentally altered the risk landscape for software and the baseline for compliance with new regulatory initiatives such as the EU Cyber Resilience Act (CRA) and the Digital Operational Resilience Act (DORA).

    PDF, 44 pages.

    Context

    Open source organisations weigh in on age attestation

    Availability

    Noted in Reddit:

    … easily found with Google – without completing Black Duck's form, which requires a business email address:


  • ptribbleP

    Of course, there's an argument to be made that talking about SPARC ought to live in the Retrocomputing section.

    But I still work on SPARC, have a small number of servers (a T4-1 and a couple of T5140s) that support the work. I don't expect this to be of major interest to most, but possibly the most visible part of the SPARC work I do is the OpenJDK port, which supports SPARC and x86 on Solaris and illumos. While the x86 port is current (so supports 17, 21, 25 LTS and everything in between and up to the current development of 27), SPARC goes up to JDK18 at the moment. Fortunately it's good enough to run Jenkins, which has bought people a little bit of time, although the minimum version will get bumped at some point.


    One thing about Tribblix on SPARC is that it tracks x86 pretty closely, but actual releases come at different times. What this means right now is that while Tribblix on x86 is effectively in freeze while I work through a bunch of breaking changes, many of those changes are now available on SPARC. While this may seem a bit odd, the reality is that not all the breaking changes apply to SPARC at all (I'm not planning to update perl or gcc there, even though I want to, because the updates won't even build properly), and even those that do are less appropriate (such as desktop updates like bumping the Xfce version). The one visible change that people might see is the python switch from 3.12 to 3.13.
  • grahamperrinG

    https://www.linuxfoundation.org/legal/generative-ai

    • not dated
    • first captured in the Wayback Machine in October 2023
    • mentioned in Policy for AI/LLM contributions (#697) · Issue · alpine/council