Jarkko Sakkinen
Posts
4943Following
327Followers
492OpenPGP: 3AB05486C7752FE1
@mupuf,
Ya, looks great!
I've started to use this package for Typst called 'pitorita', which allows to do diagrams embedded to the document you should check this out:
https://typst.app/universe/package/pintorita/
IMHO, it's also investment to decks with typst because you get from every presentation bunch of re-usable slides and diagrams :-)
Ya, looks great!
I've started to use this package for Typst called 'pitorita', which allows to do diagrams embedded to the document you should check this out:
https://typst.app/universe/package/pintorita/
IMHO, it's also investment to decks with typst because you get from every presentation bunch of re-usable slides and diagrams :-)
0
0
1
Jarkko Sakkinen
jarkko
the next piece sliced from tpm2sh: https://crates.io/crates/tpm2-vtpm
Still in very early phases. Now my micro ecosystem has:
1. tpm2-protocol
2. tpm2-crypto (software crypto for doing TPM2 related operations like generating encrypted seeds).
3. tpm2-policy-language
4. tpm2-tpmkey
5. tpm2-vtpm
I think what I get right vs. TSS2 etc. that I'm not building a "big SDK" but instead of common sense re-usable components not enforcing architecture or policy.
#linux #rustlang #tpm
Still in very early phases. Now my micro ecosystem has:
1. tpm2-protocol
2. tpm2-crypto (software crypto for doing TPM2 related operations like generating encrypted seeds).
3. tpm2-policy-language
4. tpm2-tpmkey
5. tpm2-vtpm
I think what I get right vs. TSS2 etc. that I'm not building a "big SDK" but instead of common sense re-usable components not enforcing architecture or policy.
#linux #rustlang #tpm
3
1
4
Jarkko Sakkinen
jarkko
typst is superb, have been using it for two years now for all documentation. especially for presentations polylux is a viable alternative for beamer.
1
1
2
Jarkko Sakkinen
jarkko
tdf is super nice previewer when doing presentations, have "typst watch" refreshing it :-)
BTW, diagram is also made with Typst.
BTW, diagram is also made with Typst.
0
0
0
Jarkko Sakkinen
repeated
repeated
Greenpeace International
greenpeace@mastodon.social57 companies are responsible for 80% of the global greenhouse gas emissions since 2016.
Unless you run those companies, why are you being forced to pay for climate change damage?
1
5
0
Jarkko Sakkinen
jarkko
I've uplifted tpm2-tpmkey [1] to address quirks of the TPM policy command encoding in the ASN.1 [2] spec.
It has quite short errata now: TPM2_PolicyAuthorize returns InvalidPolicy (which will be addressed some day). Other than that it addresses empty policies, special handling for TPM2_PolicySecret and other weirdness.
Plus, has 'parentPublic" extension, which enables implict and automatic parent key discovery.
Other than this crate is decoupled from all crypto libraries, other than pem crate and implementing encoder and decoder with rasn. I
Lot's of stuff have been piled, so it needs boil for a while after all these changes but now it is at least in the ballpark.
[1] https://docs.rs/tpm2-tpmkey/latest/tpm2_tpmkey/
[2] https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.txt
It has quite short errata now: TPM2_PolicyAuthorize returns InvalidPolicy (which will be addressed some day). Other than that it addresses empty policies, special handling for TPM2_PolicySecret and other weirdness.
Plus, has 'parentPublic" extension, which enables implict and automatic parent key discovery.
Other than this crate is decoupled from all crypto libraries, other than pem crate and implementing encoder and decoder with rasn. I
Lot's of stuff have been piled, so it needs boil for a while after all these changes but now it is at least in the ballpark.
[1] https://docs.rs/tpm2-tpmkey/latest/tpm2_tpmkey/
[2] https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.txt
0
0
0
Jarkko Sakkinen
repeated
repeated
Phoronix
phoronix@masto.aisudo-rs Affected By Multiple Security Vulnerabilities - Impacting Ubuntu 25.10
The Ubuntu 25.10 transition to using some Rust system utilities continues proving quite rocky. Beyond some early performance issues with Rust Coreutils, breakage for some executables, and broken unattended upgrades due to a Rust Coreutils bug, it's also sudo-rs now causing Ubuntu developers some headaches. There are two moderate security issues affecting su…
https://www.phoronix.com/news/sudo-rs-security-ubuntu-25.10
0
2
0
Jarkko Sakkinen
jarkko
@jwildeboer and we should enforce apple to unlock the bootloader, at bare minimum when they stop supplying operating system updates :-)
1
0
2
Jarkko Sakkinen
repeated
repeated
Jan Wildeboer 😷
jwildeboer@social.wildeboer.net
Edited 8 days ago
In my personal opinion: Instead of banning, say, Chinese companies from delivering infrastructure components like the EU is pondering with Huawei and mobile networks, the ultimate goal should be to demand open source software/firmware for these components and reproducible builds of all software components so #DigitalSovereignty becomes default.
8
15
0
@tshepang and not saying this is the exact pattern what should be followed. Just one way to look at the problem. Being ubiquitos and maximizing deployabiltiy and being "at the bleeding edge" tend to be two contradicting goals that exist in any possible language and tool ecosystem, and thus they need to be balanced out.
1
0
0
@tshepang OK thanks, that is fair question :-) I just answer always based on context.
For a project like Gix I'd probably ollow Debian stable's rustc if possible (by realistic measures).
And if rustc in stable is getting old lookup:
1. If backports has a newer version consider that.
2. If testing branch of Debian has been freezed that might also be good choice.
I picked Debian because it has the most concervative baselines overall. If you can maintain your project within those constraints your Linux distribution converage is literally all the major Linux operating systems in existence.
And yeah sorry, of course I will retry Gitoxide one day again when I get out of recent frustrations with it. You just have to say one nasty childish thing to get over it :-) Sorry about that.
For a project like Gix I'd probably ollow Debian stable's rustc if possible (by realistic measures).
And if rustc in stable is getting old lookup:
1. If backports has a newer version consider that.
2. If testing branch of Debian has been freezed that might also be good choice.
I picked Debian because it has the most concervative baselines overall. If you can maintain your project within those constraints your Linux distribution converage is literally all the major Linux operating systems in existence.
And yeah sorry, of course I will retry Gitoxide one day again when I get out of recent frustrations with it. You just have to say one nasty childish thing to get over it :-) Sorry about that.
2
0
1
Jarkko Sakkinen
jarkko
I wrote my views about AI policy proposal:
https://lore.kernel.org/all/aRKeLRx2NeozFUrc@kernel.org/
#linux #kernel #ai
https://lore.kernel.org/all/aRKeLRx2NeozFUrc@kernel.org/
#linux #kernel #ai
0
0
1
@ljs personally, when i see patch think "why that person needs this" or 'why company X needs this" and stuff like that. Bots don't need any of the changes they supply, which is a problem (at least for me). I don't want to serve the needs of those who don't have needs because well, it's fucking crazy for instance :-)
0
0
0