Looks at the entire networking stack

Yup (unfortunately)

THREE WHOLE MEGABYTES

Me in 2024 holding a 4TB NVMe stick: Still not enough (it’s never enough)

Thanks! I’ll save this, tell myself I’m going to strictly follow it this time and forget about it (again) lol

Is there a historical reason?

If you’re asking that in anything Linux related, it’s probably a Yes 99% of the time LMAO

Ah, makes sense now, that is dumb. I can totally see why they would have issues with automated enforcement, but what you described I don’t see why anyone would be against it lol

I’m confused, do you mean like automated enforcement rules/algorithms like big SM has? I.e. if user gets reported for breaking Y rule X amount of times ban user for Z amount of time and forward to admin for further action?

Straw Man Fallacy: A straw man fallacy occurs when someone misrepresents an opponent’s argument to make it easier to attack or refute. Instead of addressing the actual issue, the person creates a distorted version of the argument that is easier to discredit.

This is what you have done in every single reply you made when I have made it quite clear that this is about the migration being an urgent security issue that the cyber security community at large has been calling attention to.

You avoid all the core points I make and distort them into trivial things that you can easily argue, like the fact that you “Don’t code C much and use Rust occasionally”. It’s irrelevant to the actual arguments and you use it to dismiss the real core issues AKA a Straw Man fallacy

You have failed to argue in good faith and are actually a part of the problem. Good job!

Ah I see your default is to sprinkle in a bit of argumentum ad logicam and add a dash of straw man at the end

Your statement comes across as the migration from C/C++ is more of an upgrade for new features and increased “ease of use” rather than an urgent security issue when it definitely is. It’s more than just a case of a couple of experts and some articles, you’ve got multiple governmental and NGOs like The NSA, The Whitehouse, CISA, DARPA all calling for the migration away from C/C++ to memory safe languages

https://devops.com/darpa-turns-to-ai-to-help-turn-c-and-c-code-into-rust/

“DARPA, the Defense Department’s (DOD) R&D agency, will lean on emerging AI capabilities in a new program to deal with the costly and time-consuming challenge of rewriting C and C++ code to Rust in a move designed to meet the push for federal agencies and private organizations to adopt memory-safe programming languages.”

https://www.theregister.com/2023/12/07/memory_correction_five_eyes/

"CISA, in conjunction with the National Security Agency (NSA), FBI, and the cyber security authorities of Australia, Canada, the United Kingdom, and New Zealand, said its call for better memory safety follows from its Secure By Design recommendations – endorsed by all of these cyber authorities.

“With this guidance, the authoring agencies urge senior executives at every software manufacturer to reduce customer risk by prioritizing design and development practices that implement MSLs [memory safe languages],” the report argues."

~

"CISA suggests that developers look to C#, Go, Java, Python, Rust, and Swift for memory safe code.

“The most promising path towards eliminating memory safety vulnerabilities is for software manufacturers to find ways to standardize on memory safe programming languages, and to migrate security critical software components to a memory safe programming language for existing codebases,” the CISA paper concludes."

Not quite, had I done something more broad than sure. But I reference a specific group of people whose job it is to provide security guidance on such matters. The ones who are out there fighting the good fight, RE’ing malware and busting down botnets among many security things

But I’m sure you are similarly credentialed as the SMEs in the cybersecurity field right?

Tl;Dr: Old farts holding us back, as always

Vast majority of the cybersecurity community: “an absolute ton of exploits come from memory safety issues with C/C++, we should move to memory safe languages like Rust to greatly reduce security risk and make everyone safer”

You: “Ehh Rust has a couple features, but it’s totally not worth switching from my precious precious C”

Well it was more like a temporary duct tape, but I “installed” a copy of Ubuntu in RAM from the running Ubuntu system so that I could “boot” (pivot_root) into it without restarting it

All because I didn’t want to wait on a ticket for my dedicated server provider to hook in a KVM LOL

(See my meme post I posted to c/linuxmemes a few weeks back for more info)

Oh but wait! That non-customizable account number user ID that you have to wait for in the mail is definitely top notch security!

“We serve food sanity here, sir”

If the switch supports it, you login with local credentials first, navigate to its config page and configure LDAP under there. You’ll tell it the IP address of the LDAP server as well as give it its client side configuration. You give it a bind account credentials (a dedicated service account with as minimal permissions as needed) that it uses to lookup the users on the server as well as Organization Unit paths and such

When a user goes to login the switch will query the provided credentials against the LDAP server, if it’s valid the LDAP server will respond with a success and the switch will log the user in

Generally there is always a local account fallback in the event that the LDAP server is unavailable for whatever reason

Your confusion is confusing me lol

I don’t see how this would work as it relies upon every single device on the network supporting a particular authentication mechanism.

Wdym? That’s not a thing, you can have some devices on LDAP some with local logins and some with OIDC or any other combination. Authentication is generally an application layer thing and switches operate at layer 2 maybe 3 if it’s doing some routing. As long as your network has a functioning DHCP server the web UI of the switch will be able to communicate with the LDAP server that you configure it to

Lol kinda related, but Uconnect sent me an email a few months ago about the GPS maps in my car (11 years old at this point) being way out of date…they wanted $300 (or something like that) for a flash drive with the map update.

Lmao, like it wasn’t 2024 and Google Maps on my phone does a far better job than their proprietary crap they want 300$/update for

Do you have time to build something partially from scratch? I could see repurposing an old laptop, disassemble it and make the screen face outwards with the board affixed to the back of the screen lid.

Might take some creative routing with the internal display cable, but I’ve taken apart tons of laptops where this would be doable, especially after you’ve discarded the plastic chassis

Though you’ll still need a frame of some kind, unless you like the “raw-tech” look

Nah, not enough “-inator X000” or talk of taking over the tri-state area. Dr. Doofenshmirtz would have a much cooler plan.

one wildly experimental.

I’ll subscribe to the monthly “Wildly experimental batch” subscription please lol