Or.... smoking may be indicative of people from poorer backgrounds, where health is generally lower. (cant say for sure, but thats the case where I am from)
That's interesting, I thought the Linux Foundation just existed to give corporations somewhere to put their money without it actually making an effective difference.
And can we have bounties for fixing know CVEs in that abandoned code?
Abandoned Code home should only allow security changes and if someone wants to revive the project, bump the major version and get out of abandoned code home. That is to prevent abuse by introducing new CVEs into software.
While the abandoned code home hosts that piece of software for as long as some corporation wants to keep it alive with low investment.
Found CVE in abandoned code and fixed yourself? Good for you, still eligible for bounty.
there exist at least one or two of those. i can't think of the name unfortunately. i believe it has been discussed on hackernews too.
https://www.commonhaus.org/ seems to be something similar, but that's not what i was thinking of. the one i remember focused on projects that their maintainers wanted to give up right away.
There is a Chinese player that has taken effective control of various internet-related entities in the Seychelles. Various ongoing court-cases currently.
So the seychelles traffic is likely really disguised chinese traffic.
I don't think these are "Chinese players" and is linked to [1], although it may be that the hands changed many times that the IP addresses have been leased or bought by Chinese entities.
They're referring to the fact that Chinese game companies (Tencent, Riot through Tencent, etc.) all have executables of varying levels of suspicion (i.e. anti-cheat modules) running in the background on player computers.
Then they're making the claim that those binaries have botnet functionality.
They can exploit local priviledge escalation flaws without "RCE".
And you are right, kernel anti-cheat are rumored to be weaponized by hackers, and making the previous even worse.
And when the kid is playing his/her game at home, if daddy or mummy is a person of interest, they are already on the home LAN...
Well, you get the picture: nowhere to run, orders of magnitude worse than it was before.
Nowadays, the only level of protection the administrator/root access rights give you, is to mitigate any user mistake which would break his/her system... sad...
Sadly the US military (like a lot of militaries) are in love with custom requirements. And there is very little leeway for negotiating them out.
So unnecessarily custom solutions are the norm.
Because adding in repair stuff requires the supplier to provide documentation, frequently training, a parts manifest, guaranteed 10-20 year availability of spares, and probably about 50 other requirements I don't know about.
All of which add up to a rather large contract cost increase.
Possibly this boondoggle will result in the military putting in more reasonable "right to repair" terms in the contract, rather than insisting on the gold-plated thing I mention above, but more likely it will simply result in more cost overruns.
I have a feeling that they still need to guarantee availability of spares if they fix it themselves, do they not? They still have to create documentation for their engineers, do they not?
If you repair it yourself, you have more flexibility in terms of replacing spares with newer items i.e. replacing a whole module when it a part of that module becomes hard to come by.
Internal documentation ..... hmmmm.... LOL.... Often not, word of mouth is the rule.
If there is internal documentation, it's generally pretty rough. Getting it to the point where you can hand it to external parties is a lot of work.
Or is it because nobody wants to assume responsibility?
Let's say what you really want is to be able to fix simple stuff ( replace easily replaceable parts ), and get the experts in for tricky stuff. However the contractor, who now isn't fully responsible to changes to the system, now insists that you take the full risk of your repairs ( perhaps even saying they will void any warranty if you touch the oven/lift ).
Then faced with that nobody is brave enough to say - heck fine - we will take that responsibility.
And so because the lawyers were prepared to take that risk, the people on the boat are infantilised by contract.
If you have specific performance issues and are able to share the associated documents, please log them at https://bugs.documentfoundation.org/.
Of course, we cannot always help, sometimes the slowdown is due to increased feature or stability or conformance, but often we can improve things greatly.
There is ongoing bugfixing in this area. If you are able to supply the documents associated with broken workflows in this area, it would be helpful to log bugs in our bugtracker at https://bugs.documentfoundation.org/.
Even better would be if your company could sponsor some fixes, of course :-)
