Here’s a riddle

Posted on 2026-01-13 by Oliver

What makes Windows 10, 11, 2025 Server VMs all fail in VirtualBox with numerous weird bug checks (IRQL_NOT_LESS_OR_EQUAL, KERNEL_SECURITY_CHECK_FAILURE, PROCESS1_INITIALIZATION_FAILED)?

For posterity, the directly involved package versions were: virtualbox (7.2.4-1), linux617-virtualbox-host-modules (7.2.4-12), linux617 (6.17.13-1).

Prelude

NB: Skip this section if you don’t care about how I ended up with VirtualBox in the first place! TL;DR at the bottom.

After migrating away from Ubuntu quite some time ago, I took the plunge and tried Manjaro Linux. I’m happy with it still. It feels more stable than what I have seen of Arch, yet more up-to-date than Debian and derivatives. I still run a few machines with Debian, Ubuntu/Kubuntu and Mint, but may main workstation has been on Manjaro for a while now.

Originally I used VMware Workstation for virtualization needs. I had paid and upgraded across several major versions. As readers of this blog will know, I mourned the discontinuation of the Replay Debugging feature. My first VMware version was 2.x for Linux, btw.

Anyway, with Ubuntu this sort of worked. The VMware kernel modules sort of built fine and integrated fine with Ubuntu. However, if you dared upgrading the point releases 1 and updated the kernel to one of the HWE kernels, things would start falling apart.

Obviously Manjaro’s kernel version — at the time I switched — was way ahead of Ubuntu’s. Consequently VMware Workstation was no longer an option. Even Broadcom changing the licensing making VMware Workstation more or less free to use for private and commercial settings makes no difference in this scenario. Because VMware was at the time really bad regarding its kernel modules getting updated 2.

So I ended up migrating to Qemu/KVM first. However, this was merely an interlude, because the user experience was IMO quite shoddy. No matter the UI frontend, none played nicely with a multi-monitor setup. And Remmina as a frontend was also a disappointment … perhaps in this case Wayland was in part to blame.

Either way, I am a private user, so VirtualBox — on account of its licensing — was an option. This is where I ended up. I have to say the user experience is almost on par with that of VMware Workstation for most workflows.

Since I came from Qemu/KVM, the road to VirtualBox had a few bumps. Hardware-assisted hypervisors are like The Highlander: there can be only one. And throughout the kernel versions that I experienced with Manjaro, the behavior of the KVM kernel modules also changed (ticket). However, I never really experienced much friction on account of KVM and VirtualBox kernel modules clashing.

New year starts: … so does the weirdness

Alright, so after new years, I decided to clean up the system a little. I got rid of a few orphaned packages. Initially inspecting what would be the list of orphans with pacman -Qtd then accepting its output with: sudo pacman -Rns $(pacman -Qtdq).

Good riddance, orphaned packages.
Continue reading

  1. the x in 24.04.x[]
  2. yes, there were volunteer efforts, too … but hey …[]
Posted in Administration, EN, Linux, Software | Tagged , | Leave a comment

Amazing … weird … shitty

Posted on 2026-01-08 by Oliver

So apparently while on Linux and trying to download a Chrome for a Windows VM that has no installed Edge, I am unable to do so. Because obviously when I access the download page, I must intend to download for the OS that I am currently using.

That’s so 1990s.

Thanks, Google!

// Oliver

PS: helpfully winget gets the job done.

Posted in EN, Rant | Tagged | Leave a comment

Make Midnight Commander recognize .pk3/.pk4 files

Posted on 2025-12-31 by Oliver

Press F9ce and then add something like:

[doom-quake-idsoft]
Regex=\\.pk[34]_?$
RegexIgnoreCase=true
Open=%cd %p/uzip://
View=%view{ascii} /usr/lib/mc/ext.d/archive.sh view zip

The section name doom-quake-idsoft can be changed to taste. This edits ~/.config/mc/mc.ext.ini, the other relevant file is /etc/mc/mc.ext.ini.

// Oliver

PS: this also recognizes the files if the extension contains a trailing underscore (_), which I use to deactivate individual mods, sometimes.

Posted in /dev/null | Leave a comment

Adenauer SRP+ … aha

Posted on 2025-12-29 by Oliver

Ich mach ja keinen Hehl draus, daß ich kein Fan der AfD bin, allerdings auch keiner der meisten anderen Parteien, die gerade aktiv die Demokratie hintertreiben und Deutschland auf Kriegskurs bringen während sie “nie wieder” proklamieren.

Auf dem 39C3 gab es einen Talk vom Zentrum für Politische Schönheit und dort wurde der “Adenauer SRP+” erwähnt. Hatte ich nie gehört.

Stellt sich raus, es handelt sich um einen Bus der versucht AfD-Wahlkampf zu stören. Aber die Details interessieren mich nicht wirklich und sind irrelevant für diesen Blogbeitrag.

Bizarr nur, daß man gerade Adenauer dermaßen verklärt. Jenen Kanzler, der verhinderte daß Deutschland innerhalb eines Jahrzehnts wieder zusammenwuchs, bevor die endgültige Trennung durch die Mauer im wahrsten Sinne des Wortes zementiert wurde.

Er war es, der darauf bestand die “junge BRD” in die NATO zu hieven, obwohl mit der Stalin-Note ein Angebot existierte, welches Deutschlands Trennung zu einem Zeitpunkt aufgehoben hätte als sie noch nicht zementiert war. Der Preis? Neutralität und Auflagen zur Wiederbewaffnung.

Bei Ablehnung der Stalin-Note trugen und tragen vor allem Ostdeutsche die Kosten, insofern mit entsprechendem Zynismus verständlich.

Und wer jetzt argumentiert, daß die Stalin-Note doch nicht ernst gemeint gewesen wäre, vergißt, daß unser Nachbarland Österreich nach dem zweiten Weltkrieg sich genau auf Basis eines solchen Angebots konstituiert hat. Kurzum: der geschichtliche Beweis liegt vor, daß die Stalin-Note nicht nur ein Bluff war.

Ausnahmslos jeder Ostdeutsche darf sich zusätzlich zu den bisher erlebten und weiterhin erlebten Kränkungen explizit beleidigt fühlen, daß jemand wie Adenauer weiterhin im sogenannten “wiedervereinten Deutschland” verehrt wird. Naja, es verwundert nicht, denn alle geschichtlichen Rückblicke beschränken sich entweder direkt auf die BRD oder erwähnen die DDR allenfalls in einem Atemzug mit dem dritten Reich. Da wird schon mal vergessen daß der erste deutsche Astronaut ein Kosmonaut war und Sigmund Jähn hieß oder daß Frauen “im Osten” nicht ihren Göttergatten bzgl. der Frisur um Erlaubnis fragen mußten oder eine Kündigung ihres — ohnehin seltenen — Arbeitsverhältnisses durch diesen befürchten mußten. Aber hey, war ja nicht alles schlecht in der “jungen BRD” …

Ich bin mir sicher aufgrund der AfD-Erfolge in den “neuen” Bundesländern ist der Bus sicherlich dort öfter unterwegs als in den gebrauchten. Vielleicht will man die Ostdeutschen mit Hilfe eines Buses, der nach jenem Kanzler benannt ist der die deutsche Teilung hätte verhindern können, noch einmal darauf stoßen wie wenig man von ihnen hält? So nach dem Motto: egal ob ihr AfD wählt oder nicht, wir haben jede Menge Mittel euch vorzuführen und ihr dürft weiterhin wie “Swallow the pain Harold” zum bösen Spiel lächeln …

Vermutlich soll man sich auch noch für derlei Verächtlichmachung bedanken?

// Oliver

Posted in Gedanken, Ich, der Zyniker, Meinung, Wertewesten | 2 Comments

Die Pathologisierung der Nichtwähler: “Die Stadt blutet finanziell aus”

Posted on 2025-09-22 by Oliver

Das ist der Grund den der Leiter des SWR-Studio Ludwigshafen Hartmut Reitz als hauptverantwortlich sieht für die Politikverdrossenheit.

Immer wieder putzig, wie man mit der Wortwahl — Politikverdrossenheit — gleichzeitig behauptet und pathologisiert. Dabei könnte es sich ja, rein hypothetisch natürlich, um Politikerverdrossenheit handeln. Es soll ja Leute geben die sehr politisch sind, aber nicht mit der Art und Weise d’accord gehen, mit welcher Politiker regelmäßig abheben oder sich abfällig über deren Sorgen und Ängste äußern … oder die mittlerweile eher für andere Länder Politik machen als für das eigene …

Naja, und dann wäre da natürlich noch der Ausschluß eines AfD-Kandidaten von just jener OB-Wahl, welche Herr Reitz kommentiert. Sicher hat er nichts von diesem Ausschluß mitbekommen, weshalb er keine Erwähnung im Kommentar findet. Das konnte er aber auch nicht wissen, weil er vermutlich von diesem obskuren Medienhaus Namens SWR noch nie etwas gehört hatte! Continue reading

Posted in DE, Meinung | Tagged , | 1 Comment

Inaktivität

Posted on 2025-08-24 by Oliver

Einige mögen es bemerkt haben, daß ich nicht mehr so häufig hier schreibe.

Da geht es mir wie einigen anderen aus dem “kleinen Web”. Seit die Anbieter von LLMs — laut deren Vertriebsabteilungen “KIs” 1 milliardenfach Inhalte von uns natürlichen Intelligenzen abschnorcheln, hat sich bei mir eine gewisse Demotivation eingestellt. Offenbar gibt es bei milliardenfacher Urheberrechtsverletzung Massenrabatt.

Warum sollte ich den schönen Schein befördern, daß es sich bei den — teils durchaus praktischen und schnellen — großen Sprachmodellen (LLMs) um mehr als eine bessere Textvervollständigung handelt?

Ich habe das Thema von Beginn an begleitet und auch immer wieder diese angeblichen Intelligenzen befragt und wurde — da ich in vielen Nischenthemen unterwegs bin — ein ums andere Mal enttäuscht. Ja, ein gewisser Nutzen ist nicht abzustreiten, aber wenn Google nicht mittlerweile vollständig der Enshittification anheimgefallen wäre, wäre auch der Mehrnutzen von LLMs deutlich beschränkter. Continue reading

  1. also “künstliche Intelligenzen” oder neudeutsch “AIs”; “artificial intelligences” …[]
Posted in DE, Gedanken, Ich, der Zyniker | Tagged , | 3 Comments

Betreff: Bitte verhindern sie den dystopischen Vorschlag zur Chatkontrolle (CSAM-Regulierung) unter dänischer Ratspräsidentschaft mit Ihrer Stimme dagegen

Posted on 2025-08-17 by Oliver

Liebe Leser: bitte macht mit, teilt die Informationen zu dem Ansinnen und seinen erwartbaren Auswirkungen 1.

Mein offener Brief an die deutschen EU-Parlamentarier und die deutsche Vertretung des Bundestags bei der EU:

Sehr geehrte Damen und Herren,

ich schreibe Ihnen heute, um meine ernsthaften Bedenken zur, unter dänischer Ratspräsidentschaft _abermals_ vorgeschlagenen, Chatkontrolle (CSAM-Regulierung) zum Ausdruck zu bringen.

Folgende Punkte führen zu den meisten Bedenken:

• Die vorgeschlagene Chatkontrolle stellt einen zuvor nie gesehenen Bruch für die Privatsphäre dar. Massenüberwachung privater Kommunikation beißt sich mit Artikel 7 der EU-Grundrechte-Charta 2, wie auch mit dem deutschen Grundgesetz.

• Ende-zu-Ende-Verschlüsselung aufzubrechen oder auf dem Endgerät Nebenkanäle (Hintertüren) zum Ausleiten zu erzwingen stellt EU-Bürger unter Generalverdacht, macht sie verwundbarer für Cyberkriminelle, autoritäre Regime und ausländische Einmischung. Es ist eine Binsenweisheit in der IT-Sicherheitsbranche — in der ich beruflich unterwegs bin —, daß jegliche Hintertürchen am Ende nie nur von jenen genutzt werden, welche die Hintertürchen einbauten oder einbauen ließen. Starke Ende-zu-Endeverschlüsselung ist essentiell für unsere IT-Sicherheit als Bevölkerung und für unsere Wettbewerbsfähigkeit innerhalb der Weltwirtschaft.

• Der Vorschlag wurde in der Vergangenheit mehrfach abgelehnt und verzögert und verfehlte dank des EU-Parlaments und seiner mehrheitlichen Abstimmung _gegen_ Massenüberwachung die Mehrheit. Immer wieder abstimmen lassen, bis das Ergebnis “paßt”, ist keine Demokratie, sondern der Versuch der Umgehung selbiger.

• Sogenannte “KI”-basierte Inhaltsprüfung erzeugt vielfach Fehlalarme, welche dazu führen würden, daß Menschen aufgrund harmlosen aber von der “KI” monierten Inhalten kriminalisiert würden. Die technische Umsetzung ist fundamental fehlerhaft und unzuverlässig.

• Experten und Kinderschutzorganisationen haben bereits dargelegt, daß diese Maßnahmen Kinder nicht wirksam schützen werden, jedoch massive Privatsphäreverletzungen — und damit Grundrechtsverletzungen — nach sich ziehen. Gezielte und nachweisbar wirksame Methoden sollten stattdessen eingesetzt werden.

• Daß die EU-Parlamentarier und EU-Obrigkeit sich selbst von diesen geplanten übergriffigen Menschen- und Grundrechtsverletzungen ausnehmen, setzt der ganzen geplanten Maßnahme noch die Krone auf.

Ich fordere Sie daher auf, BITTE:

• gegen den Vorschlag zu stimmen der die Massenüberwachung von privater Kommunikation einführen würde
• Ende-zu-Ende-Verschlüsselung und die digitalen Freiheitsrechte und Grund-, sowie Menschenrechte, zu schützen
• gezielte, nachweislich wirksame Methoden zum Kindesschutz unterstützen
• nach Ihrem Gewissen und nicht nach einer im Hinterzimmer ausgeküngelten Partei- oder Fraktionslinie abzustimmen — dazu ist das Thema zu kritisch

Der aktuell vorliegende Vorschlag läßt jegliches Augenmaß in der Abwägung zwischen Grundrechten und Kindesschutz vermissen und wäre ein gefährlicher Schritt in Richtung digitaler Überwachungsraum EU.

Ich danke Ihnen für das aufmerksame Lesen meines Briefes und würde mich freuen, demnächst nicht in einer Dystopie aufwachen zu müssen.

Mit freundlichem Gruß aus Frankfurt am Main,

Oliver Schneider

Für alle, die auch etwas tun wollen: bitte hier entlang. Dort kann man — anstatt das dort vorbereitete Schreiben im Formular abzuschicken — auch die Emailadressen der (auszuwählenden) EU-Parlamentarier seines eigenen Landes in die Zwischenablage kopieren um den Text auf Deutsch zu verfassen (s.o.; allerdings mit eigenen Anpassungen) und aus dem eigenen Emailprogramm abzuschicken. Die obigen Formulierungen dürfen von jedermann zwecks Kontaktaufnahme mit EU-Parlamentariern frei kopiert und abgeändert werden.

Weitergehende Informationen gibt es hier vom ehemaligen EU-Abgeordneten Patrick Breyer (übrigens: also in English. Dort finden sich auch Übersetzungen ins Französische, Niederländische und Schwedische.

  1. Übrigens wurde unlängst in Großbritannien ein Gesetz verabschiedet, welches auf dem Etikett den Schutz von Kindern hatte, aber bereits aktiv von der britischen Obrigkeit in Stellung gebracht wird um abweichende Stimmen in der Öffentlichkeit zum Verstummen zu bringen. Dabei ging es zwar nicht um Maßnahmen gegen Kindesmißbrauch, sondern um den Schutz von Kindern vor Pornografie. Am Ende wird es aber zweckfremd eingesetzt. Wobei man durchaus Absicht und einen versteckten Zweck annehmen darf. Auch bei der EU unter der nicht gewählten Komissionspräsidentin Zensursula von der Leyen, ist stark anzunehmen daß es hintergründigeres als den Kindesmißbrauch im digitalen Raum bei diesem Vorschlag gibt. Zu gern, und auch nicht erstmals, wird Kinderschutz als vordergründiges Argument ins Feld geführt — wer könnte schon dagegen sein?! — aber eigentlich geht es um ganz andere Themen, bei denen man eher autoritäte Staaten vermuten würde. StaSi 2.0? … nee, ich glaube die Versionsnummer ist mittlerweile schon mehrfach erhöht worden.[]
  2. Hier hatte ich fälschlich in meiner Email EU-Charta geschrieben.[]
Posted in DE, EDV-Sicherheit, Gedanken, Meinung, Wertewesten | Tagged , , , , | 3 Comments

Hurra, es ist ein Blackrockkanzler

Posted on 2025-05-06 by Oliver

… wer noch nicht weiß was jetzt noch schiefgehen könnte, möge sich in die Lektüre von Werner Rügemer zum Thema Blackrock einlesen und in die Lektüre von Erich Vad zum Thema Taurus-Lieferungen in die Ukraine.

Sollte dieser Mann zu seinen gemachten Äußerungen stehen — wovon angesichts der Erfahrung mit Wahlversprechen von Politikern nicht unbedingt auszugehen ist — empfehle ich die gute Sonnenschutzcreme mit SF ab ca. 2.000.000!

// Oliver

Posted in DE, Ich, der Zyniker, Meinung | Leave a comment

safeboot=DsRepair

Posted on 2025-01-05 by Oliver

So, recently I was asked to help out with an IT problem a friend had. The issue was as follows: Windows Server 2016 ended up booting into safe mode after some botched update … or so …

The details weren’t really clear, because one of the remedies that were tried before I got called in was to restore to the state approximately three months prior (system restore, as far as I understand). The system was configured as DC in a small Active Directory domain. The emergency was due to the fact that the unavailable DC made it impossible to use all the services. This being a doctor’s practice made it “inconvenient” for the staff to work that day to put it euphemistically. The hope was that this would remain the only day during which they’d have to fall back to pen and paper.

Anyway, the point was that something seemed amiss and so the mentioned friend popped over before noon, a Mac in hand, asking my help via a TeamViewer session he established with the server.

Of course I first made sure to run sfc /scannow, which — as usual — yielded some spurious errors, but most importantly triggered certain self-repair mechanisms. After that the usual dism /Online /Cleanup-Image /RestoreHealth was used. In parallel I looked at the event log and tried to ascertain if there were any disk errors1. Worryingly it took probably half an hour for dism to even show the progress bar. Once it did, everything seemed okay, though. The run took ages and the friend left to hit the bed2. A few hours later I was called again and decided to pop over to have a look at the server using screen and keyboard.

I looked once again into the event log, but unsurprisingly the log had huge gaps. It was evident that NTDS3 wasn’t getting started due to safe mode being active. Peeking into the registry and seeing the control sets as well as the selection of the current control set and their parameters suggested that something was happening at boot time already. So time to ask bcdedit. And sure enough it showed safeboot=DsRepair on the {current} boot selection.

Hmm, so what to do? My initial hunch was to copy the {current} boot configuration to one were the following were also set: quietboot=off, sos=on, lastknowngood=on, nocrashautoreboot=on. The idea was to get a more verbose boot output. Alas, it meant waiting more than an hour thanks to the fact that evidently Windows Update or some opaque process was trying to do something during shutdown. We’re still not sure and the event log didn’t exactly help either to shed any light on it.

Either way, so we booted into the copied configuration and thereby got confirmation that there wasn’t any BSOD at boot time which we had missed due to auto-reboot. But we ended up in safe mode once again. But why?

At this time I already had a hunch based on this blog article that I had found earlier. Now, the server was also running Veeam, but no VMs were involved. Was the local Veeam agent to blame having placed the machine into safeboot=DsRepair but not undoing the change, e.g. because Veeam got interrupted? We may never know.

However, the remedy suggested in the aforementioned blog post did work: bcdedit /deletevalue {default} safeboot. In our case I opted to do the change on the {default} entry, since we had booted into the cloned boot configuration. And since we had to reboot either way to get out of safe mode, we did so. This time the reboot was fairly quick and after reboot it was immediately clear that the server was back in service.

Problem solved.

// Oliver

  1. not the case, it turned out[]
  2. after having worked on the issue the previous night[]
  3. AD Domain Services[]
Posted in Administration, EN | Tagged , | Leave a comment

Why it isn’t “useless” to defragment SSDs

Posted on 2025-01-04 by Oliver

Has anyone tried searching for information on how to defragment stuff and run across a snarky remark that defragmenting on an SSD is pointless?

Well, I have. One time too often, it turns out.

So I am sitting down to type this response: it can be useful and it can be necessary under certain circumstances. Now, I’ll concede that the original purpose of defragmentation — making sure that a spinning hard drive could access contiguous clusters on a cylinder — is not relevant to SSDs. But that doesn’t make it pointless or useless or otherwise an exercise in futility per-se.

I have at least one use case where it is absolutely necessary to defragment a partition to ensure individual files are contiguous: the iODD and Zalman 1 drive enclosures that enable one to emulate optical disk drives based on ISO files in a host-agnostic fashion 2. The reason is simple: the firmware of the enclosure needs to parse the MFT — I exclusively use NTFS-formatted drives as the alternative is FAT32 — and requires that each file be contiguous.

That’s not too much asked, right? Such a firmware is probably subject to plenty of constraints and while it would be brilliant if it could cope with fragmented files if the number of fragments was low enough (say, below ten), this isn’t currently the case.

And lo and behold, the above use case also happens to be a valid use case for NTFS on Linux and the desire to defragment NTFS partitions from Linux. Brilliant.

// Oliver

PS: happy new year.

  1. also technically iODD but rebranded as Zalman[]
  2. i.e. the host needn’t run any code as was the case with the ISOstick or is the case with certain other solutions …[]
Posted in /dev/null, EN, Linux, Rant | Leave a comment

Broken love: letting my IDA maintenance period run out next year

Posted on 2024-09-12 by Oliver

With IDA 9.0 Hex-Rays says they are switching to a subscription only model. This was already threatened to existing customers before 1 — roughly two or three years ago — and of course it is being sold with totally great benefits that this comes with.

Benefits like being able to access all supported platform versions instead of having to pick one.

Those who have been in the game a little longer will remember that this used to be the status quo for IDA. If you had a license, you could get all versions. I think they switched to single-OS license when they moved to Qt. So probably between IDA 5 and 6 or maybe even 4 and 5. Can’t be bothered to look it up in my archive.

Back when they announced the subscription model I asked when that would take effect and what about the perpetuity of access to the product under such a model. Quoting myself from 2022-01-06 (excerpt):

my maintenance renewal is due later this month. I already generated a
quote. However, now I found the blog entry from December and it worries
me: https://hex-rays.com/blog/hex-rays-is-moving-to-a-subscription-model/

In particular it makes me wonder about perpetual access to the software.
After all the existing maintenance model is already more or less a
subscription (annual), except if I slip up (intentionally or not) I can
keep using the latest version released at that time perpetually. Now,
given you are calling it a move to a subscription model, I suppose
there’s a catch there – or let’s say a difference to the existing
“annual subscription model” with perpetual access after expiry.

Unfortunately the blog post doesn’t mention details beyond the
superficial, let alone a price tag or length of the subscription period(s).

Could you please explain how this is planned as this will guide my
decision whether or not to renew once again.

The answer was as follows (relevant excerpt):

We decided to postpone the launch of the subscription model. We do not have the new date yet.

With the perpetual license, you will be able to use the software forever. You can decide to move to the subscription model or not, this will not have an impact on the access to the software, only on the next updates. Same as now if you decide no to renew your license.

We will inform you as soon as we have all the details and a new launch date.

All existing prices and conditions remain applicable.

Next year when my maintenance would be due, I will not renew. There won’t be IDA 9.0 for me under the outlined conditions. And yes, of course the statement from back in 2022 is still true: “You can decide to move to the subscription model or not, this will not have an impact on the access to the software, only on the next updates.” … just that they won’t even sell IDA 9.0 without the subscription model.

It’s a pity and it means I’ll have to re-learn a lot with other tools. On the other hand several candidate tools are open source and I can contribute to them directly instead of merely improving the ecosystem some vendor creates with my IDAPython scripts or plugins or by contributing to others who created such.

I’m sure there are a lot of people, especially companies who invested in people and getting people trained on IDA who will have a much harder time to switch. And obviously it’s a bitter pill to swallow for me as well. Muscle memory dies hard and at work I had access to the x64 decompiler which certainly is the best decompiler of all those I was able to try out. But, I don’t think I am too old to re-learn these things and look forward to it.

I wish them well and perhaps they change their minds about software that one can’t own; or I do — either way I wish them the very best. Their product has been a companion for many years and the largest part of my career up to now. There are no hard feelings from my side. I just don’t like software or other digital goods that I can’t own 2.

Farewell, IDA!

// Oliver

  1. I’ve been a customer of theirs of over twenty years; started out on a student’s license and then switched to the professional one[]
  2. It’s not like Lumina isn’t already tying me to Hex-Rays or the terms of how you needed to refresh your maintenance period. But taking away perpetual access to the software is the red line I won’t cross. I told them that in 2022 and nothing has changed from my side. But a lot has changed from the competition. There are plenty of alternatives, even if not all of them “are there yet”.[]
Posted in EN, Reversing, Software | Tagged , | 4 Comments

Das Aus für MetaGer … zumindest so wie’s mal war

Posted on 2024-09-12 by Oliver

MetaGer, die datenschutzfokussierte Suchmaschine des gemeinnützigen Vereins SUMA-EV, wird es ab sofort nicht mehr in der bekannten Form geben. Zwar wird es weiterhin möglich sein, den Service tokenfinanziert zu nutzen. Für die Mitglieder und Nutzer, die mit einem Schlüssel MetaGer nutzen, ändert sich nichts. Es ist aber die werbefinanzierte Suche, die den Hauptteil der Einnahmen und damit den Betrieb und die Weiterentwicklung sichergestellt hat. Diese „normale“ Suche ist ab heute leider nicht mehr möglich. Das ist genauso dramatisch, wie es sich anhört: Dem SUMA-EV ist es nicht mehr möglich, weiterhin Mitarbeiter zu beschäftigen. Alle Mitarbeiter werden gekündigt, ebenso die Büroräume.

(Quelle)

Posted in DE | Leave a comment

Tomorrow it will be decided if I agree with Victoria Nuland

Posted on 2024-06-19 by Oliver

… and her infamous line “Fuck the EU”. Why? Because tomorrow the decision will be made whether the EU introduces surveillance for what’s meant to be private communication.

Originally the voting was supposed to be done today (2024-06-19).

More information on the website of Patrick Breyer (deutsche Version).

We should not be surprised that this initiative happens during the tenure of Ursula von der Leyen who — in Germany — is also known by the moniker Zensursula, a portmanteau of Zensur (German for censorship) and her first name, thanks to her initiatives to push for surveillance. What’s similar is the pretext, which is to fight CSAM.

Who could possibly be against that? And why are you against that, Oliver?

I am not against fighting CSAM. Heck, there’s little that would be worse to think of for loving parents than their children falling prey to those criminals. However, in this case the proposed measures are quite intrusive, undermine the purpose of end-to-end encryption and — worst — they will do exactly nothing against the creation and spreading of CSAM. See, that’s the issue with these sorts of measures. They may be well-meaning, but none of them will prevent the perpetrators of child sexual abuse from “documenting” their abuse and spreading the resulting CSAM. Generally criminals rarely give a flying fuck about laws and are masterful in avoiding and evading measures meant to prevent their actions. So what this will achieve is this: it will criminalize people who have nothing to do with CSAM, or make it impossible or impossibly inconvenient for them to communicate by modern means.

And at this point we haven’t even talked about who would get to see the video clips or photos uploaded before the end-to-end encryption takes place. Why is this important? Well for starters we live in a day and age where such data is being used to train machine learning models 1. This means that data such as photos which you entrust to software like Signal or WhatsApp — and which you hope to be end-to-end encrypted — may indeed end up somewhere else entirely as well than merely on the recipients’ devices and may be trained to hone biometric recognition technology which will be used to push for even more surveillance down the road.

Ironically the push for these measures is done by the same entity that has been praised for the GDPR in the past. And no less ironically the data will in all likelihood end up in the data centers of huge US corporations. And before anyone claims that this means it’s harmless as long as the data centers are situated within the jurisdiction of the EU, think again!

  1. some call it AI, I prefer to call them LLMs or sometimes multi-modal LLMs[]
Posted in EN, Human Rights, IT Security, Opinion, Privacy | Tagged , | Leave a comment

Reminder to myself

Posted on 2024-05-05 by Oliver

env GIT_CONFIG_NOSYSTEM=true GIT_CONFIG_COUNT=0 GIT_CONFIG_GLOBAL=/dev/null git ... can be used to suppress reading the configuration file. Useful with this error:

BUG: refs.c:2083: reference backend is unknown
error: git-remote-https died of signal 6

… which is caused by a particular configuration option.

Posted in EN, VCS | Tagged | Leave a comment

The end of international law?

Posted on 2024-04-15 by Oliver

Well, I guess the inaction of the UNSC in the case of the Israeli bombing of the Iranian embassy in Damascus emboldened Ecuador to raid the Mexican embassy.

I wonder if future historians — provided there will be any — will see this as the beginnings of World War Three. Personally I think that the causes have much deeper roots, but it’s hard to tell if this is already the spark.

// Oliver

Posted in EN, Opinion, Peace | Leave a comment

Why?

Posted on 2024-04-12 by Oliver

I have written about Microsoft Teams before (in German), how horrible a user experience it is and so on. Let me tell you, it hasn’t gotten any better. Only “newer”.

Remember, Microsoft loves Linux now. Right? Or so people, including apparently MS itself, keep bullshitting around all the time all the while WSL is a horrendous trap — albeit a technically interesting one (especially v1) — to ensnare Linux-curious devs on Windows. They love Linux so much that less than 18 months (2022-11-07) ago they announced that they were going to throw out the — by that time already utterly outdated 1 — Linux Teams app and pushed Linux users to the so-called PWA 2. 🤮

And now we’re plagued with the “New Teams” (Microsoft’s PR-lingo) on Windows and literally no option left on Linux. Great, Microsoft loves Linux, right?! 🤦

What the flying F, Microsoft? Really? Why? 🖕

Microsoft makes it deliberately nigh-impossible to continue using the PWA which they — no 18 months ago — shoved down the throats of everyone who wasn’t using Windows.

Screenshot of modal dialog preventing any action in the Teams PWA

Never mind that Teams has gotten progressively 3 crappier over the years. Microsoft hadn’t even managed to get it to work the same in the — non-Microsoft — browser as in the “old” app 4 the same way. Heck, they didn’t even manage that the desktop app and the PWA in Edge, Chrome and Firefox worked consistently compared to each other. A feature working or not was was good as the lottery, just felt like even fewer winning tickets.

And now that the “New Teams” is being shoved down the throats of millions of involuntary 5 users, based on the Edge WebView2 which — surprise surprise — is nothing other than yet another Chromium-based “foundation” 6, just like Electron was in “old” Teams.

Once you install the Teams desktop application, it appears, approximately 70% of your CPU resources and at least several GiB of RAM are being reserved for it. It’s an incredible resource hog indeed. It’s either running a build or attending that video call. Pick either one.

I sincerely hope that the anti-trust authorities step in as soon as possible to put an end to this. Although arguably it is probably too late by now. Alternative solutions 7 have been all but pushed out of the market by Teams. The fact that many companies struggled to accommodate the home office workers starting in 2022, helped Teams as the apparent “gratis” solution to become the de facto standard. Competitors have been hampered by the loss of of income from the potential customers that ended up using “gratis” Teams. But even the push for “Teams Premium” starting last years doesn’t seem to have hampered Teams’ conquest.

// Oliver

PS: use the following filters from the “My Filters” tab in uBlock₀ on a browser that allows uBlock₀ to work to its full potential:

teams.microsoft.com##div#ngdialog1
teams.microsoft.com##.app-switcher
teams.microsoft.com##.ngdialog-overlay
teams.microsoft.com##.app-switcher-install-by-policy-dialog.ts-modal-dialog.ngdialog
teams.microsoft.com##.app-switcher-warning.link-banner.dark-banner.warning-error-banner.banner-show.app-notification-banner
  1. to the best of my knowledge it had never even left beta status … mind you, this was the same code base with Electron and the rest on the server side![]
  2. progressive web app, aka teams.microsoft.com[]
  3. ah, there we go with the progressive in PWA![]
  4. which is just an embellished browser engine anyway …[]
  5. because the crap is mandated by their respective employers[]
  6. arguably in the spirit of what IE used to be with the IE web view being available to third-party applications[]
  7. and in many aspects better ones[]
Posted in Linux, Software | Tagged , | Leave a comment

Migrating data from 2 TB SSD to 4 TB SSD with iODD ST400 drive enclosure

Posted on 2023-12-18 by Oliver

Linux is my main system, but I prefer using NTFS for various use cases and in fact some use cases require something like NTFS.

The ST400 is the successor of several Zalman-rebranded iODD devices which bring a similar feature set. The main selling point: store your ISO files, VHDs and what not on an NTFS, FAT32 or exFAT drive and mount them in a way that makes the drive enclosure pose as an optical drive (CD/DVD …).

I had so far used the older Zalman-branded and iODD-branded drive enclosures with up to 2 TB hard drives and SSDs. I also have an iODD mini with 512 GB and now wanted to upgrade the ST400 from a 2 TB SSD to 4 TB.

So the first thing I did was generate the two partitions I wanted on the drive, then copy the data over from the old one using rsync. Nothing spectacular here.

Then, after moving the new bigger SSD into the ST400 enclosure, the enclosure would report “No supported partition” with the 2.74.4 firmware. Dang.

Well, so I thought this could be remedied by converting to GPT from MBR. After all the size is known to create boot problems, because of start sectors being beyond the addressable range. Alas, I don’t want to boot from the drive itself (in its function as HDD/SSD). Anyway, gdisk /dev/sdX will basically do the whole job swiftly, if you write (w) the converted GPT it automatically creates from the MBR partition table. I did a backup of the first 2 MiB of the disk using dd in order to recover from a possible botched conversion 1. But all went well. A quick partprobe /dev/sdX as superuser made the changes available.

I also had to do some shuffling of the partition sizes, since the iODD ST400 manual states:

At the first time, automatically finds mountable files on the largest partition (GPT / MBR, NTFS / exFAT / FAT32)

… and I needed to accommodate that. The outcome was this:

Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048      4294967295   2.0 TiB     8300  Linux filesystem
   2      4294967296      8001509375   1.7 TiB     8300  Linux filesystem

Notice something? For starters of course the device kept complaining about “No supported partition”, but also it says Linux filesystem. What the heck? Well 8300 is Linux, I get that. But why did it pick that in the first place?

Turns out gdisk does that independent of the file system on the actual partition, so I neede gdisk again to switch to type 0700 (Microsoft basic data). And lo and behold that did the trick. After syncing, disconnecting and reconnecting the firmware on the ST400 was able to recognize the larger partition and is able to list the files and folders on it as it did with the 2 TB drive.

So success.

// Oliver

PS: the only issue I had was gparted erroring out on me with a mysterious error. Given the whole resizing process ran for 12 hours or so and I didn’t attend it throughout, it was quite annoying to see an error and no indication of where it failed. Fortunately going by the timestamp the relevant resizing should have been done and looking at the disk confirmed it. After checking the integrity of the partitions, I resized the remaining one and was finally done. Error was:

$ sudo gparted /dev/sdh
GParted 1.4.0
configuration --enable-libparted-dmraid --enable-online-resize
libparted 3.3


(gpartedbin:55435): glibmm-ERROR **: 20:22:47.643:
unhandled exception (type std::exception) in signal handler:
what: basic_string::_M_replace_aux

Trace/breakpoint trap
  1. Side-note: this isn’t about backups, this is about speed. Copying huge amounts of data back and forth takes vast amounts of time and wears down the SSD, albeit slowly.[]
Posted in Administration, EN, Linux | Tagged , | 7 Comments

Two more useful flags for cl.exe

Posted on 2023-11-07 by Oliver

/Be appears to spit out a make file 1 snippet that contains the recipe to reproduce a given run of cl.exe. It takes into account variables.

Check it out:

all:
        @cd D:\17.7.5\x64
        @set INCLUDE=
        @set LIB=
        @set LIBPATH=
        @set CL=/nologo /utf-8
        @set _CL_=-permissive -nologo
        @set LINK=
        D:\17.7.5\x64\cl.exe /nologo /BE /Be /?

As you can see it takes care of changing into the directory, setting the various recognized environment variables and copying stuff from those that were set (CL and _CL_ in my case) and then invoking the same command line that I invoked.

Another useful switch appears to be /Bv which shows the versions of the binaries involved like so:

cl.exe /nologo /Bv
Compiler Passes:
 D:\17.7.5\x64\cl.exe:        Version 19.37.32825.0
 D:\17.7.5\x64\c1.dll:        Version 19.37.32825.0
 D:\17.7.5\x64\c1xx.dll:      Version 19.37.32825.0
 D:\17.7.5\x64\c2.dll:        Version 19.37.32825.0
 D:\17.7.5\x64\c1xx.dll:      Version 19.37.32825.0
 D:\17.7.5\x64\link.exe:      Version 14.37.32825.0
 D:\17.7.5\x64\mspdb140.dll:  Version 14.37.32825.0
 D:\17.7.5\x64\1033\clui.dll: Version 19.37.32825.0

cl : Command line error D8003 : missing source filename

// Oliver

  1. arguably NMake flavored[]
Posted in C/C++, Reversing, Software | Tagged | Leave a comment

(New) shittiest software from Microsoft in my book

Posted on 2023-10-27 by Oliver

Previously the so-called Office and especially Teams were ranking quite high among the shittiest software from Microsoft in my book. In fact Teams in all its incarnations is probably going to take up the four rear slots in my top five shittiest software list for as long as I have to use this crap.

Well, right now robocopy took this the first place, however. It just wiped a whole folder of ISO files clean when I told it — or rather that’s what I thought I had told it — to mirror folder A to location B\.

This shit piece of software wiped the whole of B and it did so prior to commencing the copying of the new content. What the flying eff? …

Common sense tells me copycommand A B\ means put A into B. However, robocopy knows that I meant to delete everything up front and then copy some stuff there, but not into it but instead the contents of A into B\.

Intuitive. Big time!

// Oliver

PS: I have backups and several GiB of the ISOs were only downloaded yesterday from my.visualstudio.com. So the annoying part is that this costs extra time and bandwidth now …

Posted in /dev/null, Software | Tagged | Leave a comment

NATO’s open door policy

Posted on 2023-07-10 by Oliver

Now, while any small town club is able to reject applications for membership and scholarships are tied to preconditions — and ignoring for a minute that NATO even refused to talk about Russia’s security interests, including its unwillingness to accept NATO right on its borders 1, in November/December 2021 — NATO has maintained that its open door policy essentially keeps it from outright rejecting Ukraine’s attempts at joining the “alliance”.

Curiously though, NATO’s open door policy either wasn’t a thing back in the early nineteen-fifties, shortly after it was founded 2, or the door isn’t quite as open as NATO strategic communications — a neologism for propaganda — would make us believe.

Not only did the USSR — aka Soviet Union — of which Russia eventually became the sole successor in terms of international law 3 apply to NATO in 1954, one year after Stalin’s death; nope, Russia did again according to the account of George Robertson. Although perhaps the term “apply” is a stretch here, given the form it is alleged to have had. That is, Putin allegedly said he didn’t want Russia to wait in line with “countries that don’t matter”.

Still, it turns out that, in fact, NATO doesn’t have an open door policy.

Just like Putin reached out to Germany, to the West, exactly two weeks after 9/11 and tried again, but slowly realizing that Russians were not welcome by “the West”.

Well, one should not be surprised, since in the words of NATO’s first secretary general the purpose NATO’s creation always has been to “keep the Soviet Union out, the Americans in, and the Germans down.” 4

The supposed open door policy seems more like a ruse to get Ukraine to fight for NATO’s interests to the last Ukrainian. After all, let’s not forget that Saakashvili, mistaking the outcome of the NATO summit in 2008 for something it wasn’t, attacked South Ossetia and got rebuffed by Russia. A fact that is these days often distorted into “Russia attacked Georgia”, despite the findings of a EU-sponsored study which found the opposite: i.e. Georgia attacked Russia.

// Oliver

  1. Imagine the scenario with tables turned![]
  2. and before the Warsaw Pact got founded![]
  3. including taking over debt service![]
  4. Anyone wondering why Germany is in NATO at all?[]
Posted in EN, Opinion, Thoughts | Tagged , | Leave a comment