StarDreamer

An alternative definition: a real-time system is a system where the correctness of the computation depends on a deadline. For example, if I have a drone checking “with my current location + velocity will I crash into the wall in 5 seconds?”, the answer will be worthless if the system responds 10 seconds later.

A real-time kernel is an operating system that makes it easier to build such systems. The main difference is that they offer lower latency than a usual OS for your one critical program. The OS will try to give that program as much priority as it wants (to the detriment of everything else) and immediately handle all signals ASAP (instead of coalescing/combining them to reduce overhead)

Linux has real-time priority scheduling as an optional feature. Lowering latency does not always result in reduced overhead or higher throughout. This allows system builders to design RT systems (such as audio processing systems, robots, drones, etc) to utilize these features without annoying the hell out of everyone else.

iirc the bad UA filter is bundled with either base-http-scenarios or nginx. That might help assuming they aren’t trying to mask that UA.

Pretty sure expiry is handled by the local crowdsec daemon, so it should automatically revoke rules once a set time is reached.

At least that’s the case with the iptables and nginx bouncers (4 hour ban for probing). I would assume that it’s the same for the cloudflare one.

Alternatively, maybe look into running two bouncers (1 local, 1 CF)? The CF one filters out most bot traffic, and if some still get through then you block them locally?

I’ve recently moved from fail2ban to crowdsec. It’s nice and modular and seems to fit your use case: set up a http 404/rate-limit filter and a cloudflare bouncer to ban the IP address at the cloudflare level (instead of IPtables). Though I’m not sure if the cloudflare tunnel would complicate things.

Another good thing about it is it has a crowd sourced IP reputation list. Too many blocks from other users = preemptive ban.

According to this post, the person involved exposed a different name at one point.

https://boehs.org/node/everything-i-know-about-the-xz-backdoor

Cheong is not a Pingyin name. It uses Romanization instead. Assuming that this isn’t a false trail (unlikely, why would you expose a fake name once instead of using it all the time?) that cuts out China (Mainland) and Singapore which use the Pingyin system. Or somebody has a time machine and grabbed this guy before 1956.

Likely sources of the name would be a country/Chinese administrative zone that uses Chinese and Romanization. Which gives us Taiwan, Macau, or Hong Kong, all of which are in GMT+8. Note that two of these are technically under PRC control.

Realistically I feel this is just a rogue attacker instead of a nation state. The probability of China 1. Hiring someone from these specific regions 2. Exposing a non-pinying full name once on purpose is extremely low. Why bother with this when you have plenty of graduates from Tsinghua in Beijing? Especially after so many people desperate for jobs after COVID.

Both Bluetooth and BLE are perfectly fine protocols. You won’t be able to design much for short distance with that much power savings otherwise. The main issue is that for any protocols like this you would most likely need to put it in the 2.4ghz unlicensed band. And that’s predominantly used by wifi these days.

My suggestion would be to try compiling the kernel locally.its highly likely the one packaged in your distro contains extensions that you don’t have. Doing a local native compile should rule that out pretty quickly without having to disable any additional features.

Look at the line with the asm_exc_invalid_op. That seems like a hardware fault caused by an invalid asm instruction to me. Either something wrong is being interpreted as an opcode (unlikely) or maybe the driver was compiled with extensions not available on the current machine.

OP, how old is your CPU? And how old is the nic you are using?

Edit: did you use a custom driver for the NIC? I’m looking at the Linux src and rt_mutex_schedule does not exist. Nevermind. Was checking 4.18 instead of 6.7. found it now. The bug is most likely inside a macro called preempt_disable(). Unfortunately most of the functions are pretty heavily inlined and architecture dependent so you won’t get much out of it. But it is likely any changes you made in terms of premption might also be causing the bug.

deleted by creator

Here you dropped this:

#define ifnt(x) if (!(x))

I think we may be looking at these wrong. Yes there’s a visible throughput/latency improvement here but what about other factors? Power savings? Cache efficiency? CPU cycles saved for other co-running processes?

These are going to be pretty hard to measure without an x86_64 simulator. So I don’t fault them for not including such benches. But there might be more to the story here.

Out of curiosity, what’s preventing someone from making a regulatory db similar to tzdb other than the lack of maintainers?

This seems like the perfect use case for something like this: ship with a reasonable default, then load a specific profile after init to further tweak PM. If regulations change you can just update a package instead of having to update the entire kernel.

HDR

I would argue that this is something that should be taught in every undergraduate Operating Systems course. But if someone posting it here benefits teens, self-taught hobbyists, and old-timers getting back into the field so be it.

Some people play games to turn their brains off. Other people play them to solve a different type of problem than they do at work. I personally love optimizing, automating, and min-maxing numbers while doing the least amount of work possible. It’s relatively low-complexity (compared to the bs I put up with daily), low-stakes, and much easier to show someone else.

Also shout-out to CDDA and FFT for having some of the worst learning curves out there along with DF. Paradox games get an honorable mention for their wiki.

So let me get this straight, you want other people to work on a project that you yourself think is a hassle to maintain for free while also expecting the same level of professionalism of a 9to5 job?

I don’t think either of us is the target audience here. I can see a “cheaper” (questionable) Pro laptop being useful for students going into college with a limited budget. An undergrad CS/graphic design degree shouldn’t tax an 8gb machine too much, assuming students shut down everything else when doing their once-a-semester major rendering/compiling/model training. If people just want Macbook pro software with more ports, a “cheaper” machine is better than none. Personally, I would still get a used/refurbished machine though.

That being said, my current laptop workload tends to be emacs, qpdfview, Firefox, and tmux on EL9. For the remaining stuff, I usually just spin up a VM then ssh/xrdp into it. As for slack, teams, jabber, etc, I’m happy to report I’ve been out of industry/IT for 1+ years and don’t plan on going back anytime soon. For all I care, Apple can call their models unicorn edition. As long as it sells it’s not stupid.

8gb RAM and 256 gb storage is perfectly fine for a pro-ish machine in 2023. What’s not fine is the price point they are offering it (but if idiots still buy that, that’s on them and not apple). I’ve been using a 8gb ram 256 gb storage Thinkpad for lecturing, small code demos, and light video editing (e.g. zoom recordings) this past year, it works perfectly fine. But as soon as I have to run my own research code, back to the 2022 Xeon I go.

Is it Apple’s fault people treat browser tabs as a bookmarking mechanism? No. Is it unethical for Apple to say that their 8GB model fits this weirdly common use case? Definitely.

Because anyone who works at the assembly level tends to think that the x86_64 ISA is garbage.

To be fair, aarch64 is also garbage. But it’s less smelly garbage.

That being said, I’m not expecting any of these CPUs to be hanging in the Sistine Chapel. So whatever works, I guess.

Last time I checked, K-9 didn’t have OAUTH integration.

Granted, it’s been a few years, so that may have changed since then.

As much as I don’t like Gmail, I need it for work so it’s kinda important for productivity software to support that.

Edit: Nvm. Looks like they finally added OAUTH last year. Better late than never.