New drawing tablet moment

Aro culture is always getting autocorrected when ( "aro" autocorrected to "air" when I was typing this out)

.

Linux Kernel Debugging Guide

Helmut Lunghammer, TU Graz

Die Kernels vieler Android-Smartphones sind nicht so sicher, wie sie sein könnten.

Zahlreiche Hersteller nutzen unsichere Android-Kernels

Graz, 16.08.2024. In einer Analyse von Smartphones von zehn Herstellern haben Forschende der TU Graz festgestellt, dass die genutzten Android-Kernels trotz vorhandener Schutzmechanismen anfällig für bekannte Angriffe - sogenannte One-Day Exploits - sind. Smartphones sind für viele Menschen stetige Begleiter und wichtiges Arbeitswerkzeug. Neben Kontakten, Terminen und E-Mails kommen die Geräte vermehrt auch für sensible Aufgaben wie Online-Banking oder behördliche Angelegenheiten zum Einsatz. Das erhöht die Anforderungen an die Sicherheit. Wie Lukas Maar, Florian Draschbacher, Lukas Lamster und Stefan Mangard vom Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie der TU Graz in einer umfangreichen Analyse der Android-Kernels der zehn größten und namhaftesten Smartphone-Hersteller festgestellt haben, gibt es hier zahlreiche Mängel, die One-Day Exploits mit bereits bekannten Angriffsmethoden zuließen. Ihre Ergebnisse haben die Forschenden am 15. August auf dem Usenix Security Symposium in Philadelphia, USA vorgestellt (https://www.usenix.org/system/files/usenixsecurity24-maar-defects.pdf).

Je nach Hersteller und Modell konnten bei den untersuchten 994 Smartphones nur zwischen 29 und 55 Prozent der vom Forschungsteam getesteten Angriffe verhindert werden. Im Gegensatz dazu könnte das von Google bereitgestellte Generic Kernel Image (GKI) der Version 6.1 rund 85 Prozent der Angriffe verhindern. Im Vergleich zum GKI schnitten die Hersteller-Kernels bei der Angriffsabwehr bis zu 4,6-mal schlechter ab. Untersucht hat das Forschungsteam zwischen 2018 und 2023 auf den Markt gekommene Geräte dieser Hersteller (Auflistung vom sichersten zum unsichersten): Google, Realme, OnePlus, Xiaomi, Vivo, Samsung, Motorola, Huawei, Oppo und Fairphone. Die auf diesen Smartphones verwendeten Android-Versionen reichten von Version 9 bis 14, die Kernels deckten den Bereich von Version 3.10 bis 6.1 ab, wobei Hersteller, die auf niedrigere Kernel-Versionen setzen, auch weniger Sicherheit bieten.

Effektive Abwehrmechanismen selten aktiviert

Ein weiterer Kernpunkt der Analyse: Es gäbe bereits effektive Abwehrmaßnahmen für eine Reihe der bekannten Angriffsmethoden, in den Kernels der Hersteller sind sie aber selten aktiviert, bzw. sind die Kernels falsch konfiguriert. Das führt dazu, dass sogar die Kernel-Version 3.1 aus dem Jahr 2014 mit allen aktivierten Sicherheitsmaßnahmen besser vor bekannten Angriffen schützen könnte als rund 38 Prozent der von den Herstellern selbst konfigurierten Kernels. Zusätzlich stellten die Forschenden fest, dass Low-End-Modelle der Hersteller um rund 24 Prozent stärker gefährdet waren als High-End-Modelle. Ein wichtiger Grund dafür liegt im Leistungsverlust, den zusätzliche Sicherheitsmaßnahmen bedeuten, weswegen sie in Low-End-Modellen zur Ressourcenschonung oft deaktiviert bleiben.

„Wir hoffen, dass unsere Ergebnisse dazu beitragen, dass in Zukunft effektivere Sicherheitsmaßnahmen in den Kernels der Hersteller zu finden sind und Android damit sicherer wird“, sagt Lukas Maar. „Wir haben unsere Analyse auch mit den untersuchten Herstellern geteilt und Google, Fairphone, Motorola, Huawei und Samsung haben diese zur Kenntnis genommen – einige haben sogar Patches veröffentlicht. Wir haben Google auch vorgeschlagen, das Android Compatibility Definition Document (CDD) zu aktualisieren, in dem der Rahmen für die Anforderungen festgelegt wird, damit Geräte mit Android kompatibel sind. Google selbst hat betont, sich des Problems bewusst zu sein und möchte die Integration von Kernel-Sicherheitsmaßnahmen Schritt für Schritt verstärken. Es hängt allerdings an den Herstellern, ob sie dafür Leistung opfern möchten.“

Dieses Projekt wurde durch die Forschungsförderungsgesellschaft FFG im Rahmen des Projekts SEIZE gefördert und ist im Field of Expertise „Information, Communication & Computing“ verankert, einem von fünf strategischen Schwerpunktfeldern der TU Graz.

Originalpublikation: Defects-in-Depth: Analyzing the Integration of Effective Defenses against One-Day Exploits in Android Kernels https://www.usenix.org/system/files/usenixsecurity24-maar-defects.pdf

Write the answer in the comment section . . . . for the answer https://bit.ly/3Cpu1SS check Q.22 No. of the above link

"For the last time, that poem isn't romantic! It's insulting," Revati yelled over her shoulder as she began to pedal.

The layout of Olde Landon had been deliberately designed to keep tourists inside for as long as possible. There was only one way to access the front gates, and that involved defeating the Queen of Hearts' hedge maze. When the park was still open, tourists would be forced to spend at least an hour in the maze, stumbling upon tiny toy shops and food stands around every corner. The same thing occurred when they left, resulting in a very rich park and bankrupt guests. Now the maze was overgrown and easy enough to navigate.

Revati pedaled past the cart that once sold her heart-shaped sunglasses. Then she turned left, almost crashing into the wall of roses. The wall of roses stared back at her, their red blooms heavy and suspicious. Thanks to Bridgadeiro, she knew they were probably secretly insulting her.

The next turn consisted of an old stardust popcorn stand. Revati skidded to a stop and inspected the inside tray, where a few ancient kernels lay. Carefully, she picked up several of them and placed them in her jacket pocket. As far as she could tell, the kernels were seeds. Someone was shifting around the corner, causing the branches to shake.

"Aurora, is that you? Did you go ahead of me?" Revati yelled.

"While conferring in the labyrinth where false preachers reeked of death, the monster began to growl," a voice called from around the corner. An unfamiliar, flat female voice. Raiders. Raiders were, of course, an occupational hazard in any post-apocalyptic settlement. Normally, they never made it further than the broken glass pit at the park's gates. Sometimes Dityaa would bring one in, insisting they were "lovely," which always led to awkward dinners.

Revati slowly walked around the maze corner. There was a screeching metallic sound, and the weapon fell from Revati's hand. An android was slumped over on the ground. Once it would have been golden, but now it was rusty and covered in mud. Someone had ripped its legs off, leaving nothing but wires and tubes spitting bright blue fluid. Instead of a torso, there was a black empty hole with a concave door swinging on its bent hinges.

"And in the forgotten twists, footsteps quicken, hearts beat, and teeth are bared," the android chirped, its voice still distorted and far away. The android's face was a beautiful mask. Still-carved eyes. Unmoving sweet lips.

Revati powered up her solar gun and slowly walked forward, aiming it at the android. The android's metal eyes scraped in their sockets, turning towards her.

“Is that you? My darling Perdita?” The android’s voice whispered, the lips unmoving. The whispering voice had a posh lilt to its accent. Revati refused to answer. It was best to never engage with AI.

“Perdita, I clawed my way in! They know about you; the spider knows,” the android whispered before collapsing completely.

Revati slowly walked forward, still holding her weapon. With one foot, she kicked the android. It didn’t move. Its power had definitely died.

“Spider? Is that some sort of gang?” Revati whispered to herself. Gangs were always given stupid names.

“The spider is us; the spider is legion,” a flat robotic voice called out, and Revati spun around.

Queen Victoria was standing behind her, scorch marks all over her dress. A faint blue glow was erupting from beneath the skin of Queen Victoria’s chest.

Anyone know how to reimage a laptop with an iPad or Android phone being your only working device(plus the necessary adapters and flash drives)? I'll accept any os at this point. Or even how to go from a base void install with nothing but kernel and terminal access to something useable for someone who went from all in Linux user to tired windows copef

Kinda in a desperate gtfo out of current living space and getting my laptop to work would be an amazing step to getting help, work and keeping myself together rn

Please share and tag your computer savvy blogs

Sorry for another os tag spam but

@foone @ubuntu-official @debian-official @arch-official @puppylinux-unofficial @puppylinux-official @lilithtransrights @xenasaur @catboybiologist @transhuman-priestess @predatory-lesbians-too @demilypyro @estrogenesis-evangelion @nataliaflintlock @coelii @k1nky-r0b0t-g1rl

What about bird girls? Oh and robot girls? Android girls??

all deserve all the birdseed, voltage and bloat-free micro-kernels they can get their hands on in my humble opinion

Hey sorry I saw your post about Linux being better/just as good as Windows for gaming PCs, and I was wondering which type you’d recommend downloading for a mid-tier PC? (I’m not super tech savvy tbh but I’m a fast learner and would rather download Linux at this point than Windows after all the shit it’s done lately). Also, did not know Android uses Linux that is cool!

If you're a beginner, either one of the Linux Mint flavours or one of the Ubuntu flavours, depending on how mid-tier we're talking about. Mint is based on Ubuntu but they're both ultimately based on Debian, which is the most stable and easy to use (in my experience) Distro. You'll find this a lot that a lot of distros are based on other distros, but if I were to talk about distros, the best ones tend to be debian based.

So Linux Mint is made to be as user friendly as possible and have most, if not everything, working out the box, and it's great, but it does use an older version of the Kernel so you need to bare that in mind (but as a beginner you don't need to worry too much, everything will still work). It comes in three versions: Cinnamon (using the Cinnamon desktop), MATE (using the Mate Desktop) and XFCE (using the xfce desktop). On a mid-tier PC any of these will work, even the heaviest of them has a recommended ram of 4GB but if you know your PC you might wanna try MATE (about 1GB ram recommended) or XFCE (512 MB).

However I would recommend Ubuntu (it's what I'm using rn). It's what Linux Mint is based on and is just as user friendly as Mint but with the big difference being it uses a newer Kernel version and has more flavors using different Desktop Environments and for different uses. The flavors however are on different websites but more or less work closely with Ubuntu itself.

Vanilla Ubuntu used Gnome as it's default which is okay, some people like it, but I don't and nor does a lot of my friends. Different flavors have different requirements and levels of usability but again, 4GB is enough to run any flavor. Other Flavors include:

Kubuntu: this is the one I use, and in my option it's better than Vanilla. It used KDE and it's suite of apps which are both user friendly, wide ranging and really nice looking. KDE is quite resource intensive (again that's not saying much compared to windows) but if you have a mid tier PC with more than 4GB ram, it should run fine and I recommend it. I'm a big KDE fangirl.

Xubuntu: This is one I used in the past. Xubuntu used XFCE which is designed to be lightweight without sacrificing functionality. It's not as flashy, but it's easy to use, functional, and great for lower-powered computers or just people who wanna save on computing power.

Ubuntu Cinnamon: This flavor uses Cinnamon (which the "main" version of Mint uses) but with Ubuntu as the distro. I used Cinnamon as my desktop when I used Mint and I loved it. It has all the functionality of Gnome with all the ease of use and flashiness of KDE, so if you try out Cinnamon on Mint but like Ubuntu, try it out.

Lubuntu: This is the lightest of Ubuntu flavors. It's light enough that it's ARM version can run on a Raspberry pi. This was designed for computers with not much power like those old netbooks (remember those?) and it's not as flashy or functional, but it's a good option if your computer is a potato.

Ubuntu Budgie: This is the one I know least about because I have never used budgie. I checked it out on distrosea but other than that all I know is from people who have tried it. Some like Budgie (which uses the Budgie desktop) some don't, but I think I might need to check it out before I pass judgement.

Each of these versions are distributed from their own websites so be sure to google.

As for gaming I would recommend that after installing it, if you have a separate graphics card, install the drivers either from the driver manager or from the website itself. Steam runs on Linux and follow the instructions from steam on how to activate Proton.

Happy nerding.

I am simply incapable of drawing Kernel of it's own actually, they have to be with their friends always

Google fixes Android kernel zero-day exploited in targeted attacks

Source: https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-targeted-attacks/

More info: https://source.android.com/docs/security/bulletin/2024-08-01#Android-and-Google-service-mitigations

Top 5 Challenges of Embedded Software Development 2025

Businesses are concentrating on efficient methods to evaluate the data and produce insights that will help them improve their business processes and make wise decisions as a result of the rapid generation and gathering of data by enterprises worldwide. This need is being met by artificial intelligence (AI) and machine learning (ML), which also automate processes, solve complicated problems, and allow experience-based self-learning.

Almost every industry, including banking, consumer electronics, aerospace, automotive, security, and others, has experience with embedded systems. The accuracy, dependability, speed, and low power consumption of embedded systems are well known, and they can be applied to a greater range of tasks. A variety of microprocessors, programming languages, and operating systems are needed for the perfect embedded system, which is made up of both hardware and software.

For consumer goods like phones, robots, modems, automobiles, toys, security systems, appliances, televisions, digital watches, etc., many manufacturers utilize embedded software. Embedded software makes a device's hardware function in accordance with our specifications. Firmware, another name for embedded software, is housed in the hardware to form a single embedded system. It supports the operation of mission-critical devices like industrial automation systems, electronic control units, and anti-lock brakes in automobiles, among others. However, development organizations must also overcome certain obstacles presented by embedded software.

Let's talk about a few of the difficulties in developing embedded software.

Stability – Any unexpected behavior on the part of an embedded system can cause chaos and pose significant risks. Its behavior should be consistent under all conditions, and stability is crucial.

Safety – Given that embedded systems are utilized in numerous vital and life-saving functions in all kinds of critical environments, safety is one of their most important challenges. It is distinguished by constraints and stringent demands on testing, quality, and engineering know-how.

Connectivity – Given that there are numerous ways to connect to the internet—Ethernet, Wi-Fi, LoRa, cellular, Bluetooth, and other sources—this is one of the major challenges faced by embedded software developers. Every source has advantages and disadvantages of its own, and developers need to be aware of the various software stacks in order to ensure that the hardware functions.

Security – Developers face a difficult task in protecting their devices against ever-more complex security threats. Due to the devices' interconnectedness, the hazards associated with IoT devices are increasing rapidly as they become more and more popular worldwide. Hacking attacks are a common occurrence, and it's important to identify precisely which information needs to be protected.

Over-the-air-Updates – Once the device is online, developers will be able to remotely update the firmware. Customers can update software on their own with the aid of IoT. But in any deployment involving thousands of devices, the developers must concentrate on

Generate a firmware update

Save it to all the devices

Verify that they are delivered from a reliable source.

Run that specific update on the devices at the appropriate time.

Always be prepared to roll back updates right away in the event of a problem.

Silicon Signals supports the development of embedded systems and software across a range of sectors and industries. Please subscribe to our blog for more information about embedded systems and embedded software development. You can also email us at [email protected] with any questions you have about sales, and we'll be happy to help.

Portraits made for my Patreon supporters! The one on the left is for Android, and depicts their OC Kernel~ The one on the right is for Impossible Games Challenges Daily, and depicts their OC Andromeda! Thank you so much for your support~ 💖

If you want your very own 500x500 portrait, you can commission one for only $5~ And if you'd like your portrait to appear at the end of my videos and its own page on my webcomic's blog, you can support me on Patreon! For only $5 a month, you'll get one of these little fellas to represent you during the shoutouts ^^

Elliott: (voice-over)Everything was revealed.The secret of the perfect hack? Make it infallible. Hidden within the kernel is a logic bomb, malicious code designed to execute under circumstances I've programmed. Should the FBI take an image of the femtocell, all memory will self-corrupt or "explode."Why do it myself? Because that's how I learned, and I know exactly what, when, and how it's going to run. I didn't do anything harmful my first time—I just looked around—but I felt so powerful. I was 11 years old and in complete control of the Washington Township Public Library. Today is different. I hacked the world. Once I do, I'll own the Android phone of every FBI agent in that building. I'll own Evil Corp's network, applications, everything. Domain Admin. This, the thrill of owning a system, is the greatest rush.God access. The feeling never gets old.

Lone Star: I'm gonna need to talk to the old sys admin.

Elliott: The old IT guy set this up. There's an encrypted database on the old server I'm gonna need access to.

Lone Star: You wanna talk to RT?

Elliot: If that's his name.

Lone Star: I'll talk to Ray and see what's what.

Write the answer in the comment section . . . . for the answer https://bit.ly/3Cpu1SS check Q.20 No. of the above link

I don't want to reply to this on the post it's on, because it'd be getting pretty far away from the original point (that being that chromebooks have actively eroded the technological literacy of large proportions of young people, especially in the US), but I felt enough of a need to respond to these points to make my own post.

Point 1 is... pretty much correct in the context that it's replying to; the Google Problem in this case being the societal impact of Google as a company and how their corporate decisions have shaped the current technological landscape (again, especially in the US). I'd argue it's less like saying Firefox is a good alternative for your dishwasher and more like saying Firefox is a solution for climate change, but whatever, the point's the same. You can't personal choices your way out of systemic issues.

Point 2 is only correct in the most pedantic way; we both know that 'running on a Linux kernel' isn't what we mean when we talk about Linux systems. It's one true definition, but not a functional or useful one. Android and ChromeOS (and to a lesser extent, MacOS, and to an even greater extent, the fucking NES Mini) all share a particular set of characteristics that run counter to the vast majority of FOSS and even Enterprise Linux distributions. Particularly, they're a.) bundled with their hardware, b.) range from mildly annoying to damn near impossible (as well as TOS-breaking) to modify or remove from said hardware, and c.) contain built-in access restrictions that prevent the user from running arbitrary Linux programs. I would consider these systems to all be Linux-derived, but their design philosophies and end goals are fundamentally different from what we usually mean when we talk about 'a Linux system'. Conflating the two is rhetorically counterproductive when you fucking know what we mean.

Point 3 is a significant pet peeve of mine, and the primary reason why I feel the need to actually respond to this even if only on my own blog. "Linux is not a consumer operating system" is such a common refrain, it's practically a meme; yet, I've never seen someone explain why they think that in a way that wasn't based on a 30-year-old conception of what Linux is and does. If you pick up Linux Mint or Ubuntu or, I don't know, KDE Plasma or something, the learning curve for the vast majority of things the average user needs to do is nearly identical to what it would be on Windows. Office software is the same. Media players is the same. Files and folders is the same. Web browsers is the same. GIMP's a little finicky compared to Photoshop but it also didn't cost you anything and there are further alternatives if you look for them. There are a few differences in terms of interface, but if you're choosing between either one to learn for the first time you're using a computer, the difference isn't that large. Granted, you can also do a bunch of stuff with the command line - you could say the same of Powershell, though, and you don't have to use either for most things. Hell, in some respects Windows has been playing catch-up - the Windows Store post-dates graphical software browsers on Linux by at least a decade, maybe more. Finding and installing programs has, quite literally, never been harder on Linux than on Windows - and only recently has Windows caught up. I used Linux as my daily driver for five years before I ever regularly had to open up the terminal (and even then it was only because I started learning Python). I was also seven when I started. If the average teenager these days has worse computer literacy than little seven year old Cam Cade (who had, let me think, just about none to start with), I think we have bigger issues to worry about.

In my opinion, Linux users saying Linux 'isn't for consumers' is an elitist, condescending attitude that's not reflective of the actual experience of using a Linux system. To say so also devalues and trivializes the work put in to projects like Mint and Ubuntu, which are explicitly intended to be seamlessly usable for the vast majority of day-to-day computer tasks.