• 9 Posts
  • 76 Comments
Joined 9 months ago
cake
Cake day: February 10th, 2024

help-circle



  • It’s a bit of a leap to say the “owner” changed. Ryujinx is MIT licensed, allowing anyone to clone the original code locally, build upon it, and publish it to a public host. Looks to me like that’s what happened here: a fork, but without using github’s built-in “fork” feature, perhaps to avoid being included in a mass take-down. There are others on non-github sites, although I don’t know if they have been getting new commits.

    I don’t see any reason to think the original repo was renamed or moved to another user’s account. The top contributor is gdkchan presumably because gdkchan’s commit history was preserved.

    For the record, gdkchan’s last commit to the original repo was on 2024-10-01.

    Edit: The README confirms what I thought:

    This fork is intended to be a QoL uplift for existing Ryujinx users. This is not a Ryujinx revival project.




  • I’m pretty sure they don’t block sdf. That’s where I am, and I’ve had several interactions with Beehaw folks while here. :)

    Fun fact: Beehaw and sdf are among the few well-known instances that don’t hand their users’ traffic (all their activity on Lemmy) over to Cloudflare.








  • as said in computer science it has accepted by most people (for the sake of having categories) that CPU emulation is emulation, and otherwise its not.

    It’s important to keep in mind that things said in computer science for the sake of having categories are usually said within the very narrow implicit context of a particular field of study, like microprocessor design. It makes sense there for the sake of brevity, just as arcane acronyms make sense when everyone in the room understands what they stand for in that context. But the context no longer applies when we’re out in the rest of the world using a word that is not so narrowly defined, as we are now.

    I think we mostly agree, because you pointed this out yourself:

    It’s a “domain specific” language; which means, you have to specify it before in order to make use.

    However, I want to clarify my position in response to this:

    nobody has the right to act like having a clear definition and saying anyone else is wrong.

    I often encounter people on social media chiding or mocking others for referring to Wine as an emulator, which is disheartening for a number of reasons. Importantly, the people reading such comments are being taught that it’s wrong to call Wine an emulator, when in fact it is not wrong at all. Wine’s very purpose is to emulate. This is plainly visible not just in how it is used, but also in how it is developed (many of its behaviors are reverse engineered Windows behaviors, departing from the API docs) and how it functions (it does a heck of a lot more than translating system calls).

    The Wine project’s FAQ acknowledges the misunderstanding, a bit indirectly, by pointing out that it is “more than just an emulator”.

    Unfortunately, since most people in the discussions I mentioned have no visibility into Wine’s internals, they don’t know any better than to accept what they were told by multiple people on the internet. They are misled by a smug few who love to tell others they’re wrong by repeating that officially abandoned slogan that was never really true (at least not in the context that framed it) in the first place. And then some of the misled people adopt it themselves, so we end up with more of the “you’re wrong” attitude, perpetuation of a ridiculously narrow understanding of the word, and people who publish about the topic performing awkward linguistic gymnastics to avoid simply saying “emulator” for fear of rebuke.

    I think all three of those results make the world a little worse, so I’m here to let everyone reading know that it’s perfectly appropriate to call Wine (or Proton) an emulator. Anyone who claims it’s wrong to do so is perhaps a hardware field specialist who has lost sight of the importance of context in language, or (more likely) either honestly mistaken or an internet troll.


  • Hardware is not the only thing that can be emulated. Here’s an example. To claim that things emulating software components are not emulators is simply incorrect, like claiming that squares are not rectangles. It’s always disappointing to see someone spreading that falsehood.

    It’s true that Wine is not a hardware emulator, nor is Proton. But make no mistake: they are both emulators.

    The unfortunate backronym made a kind of sense 20 years ago. At the time, lawsuits were flying hard and fast at projects offering APIs and tools modeled after commercial operating systems (Unix variants), and there was no established case law protecting them. The prospect of Wine contributors getting sued into oblivion by Microsoft was a very plausible threat. Rebranding it as “Wine Is Not an Emulator” helped frame it as something different as it grew and gained attention, and although that phrase is inaccurate, “Wine Is Not a Hardware Emulator” wouldn’t have fit the existing name or distanced it from being seen as a Windows work-alike. Also, most emulators of the time happened to be hardware emulators, so it didn’t seem like a terribly big stretch.

    That time is gone, though. The legal standing for software based on reverse engineering is more clear than it was then. Microsoft has not sent its lawyers after our favorite runtime emulator. The backronym was thankfully abandoned by the project some years ago. Weirdly, there are still people on social media spreading false statements about what the word does and doesn’t mean.




  • That refers to the fact that printer advertisements can contain lies: When you see a familiar printer name appear on a network, it could always be an impostor secretly pointing to the address of a malicious device.

    So my first advice stands: Avoid interaction with untrusted or potentially compromised print servers.

    To be clear, when I say “interaction”, I don’t just mean printing to them. I mean any interaction at all. Even just browsing a network for printers could potentially mean your system contacts the devices at the advertised addresses, and receives data from them. This Qualys report doesn’t make clear whether this kind of interaction is safe, so I have to assume for now that it is not.


  • Exploitation involves sending a malicious UDP packet to port 631 on the target, directing it to an attacker-controlled IPP server.

    Okay, so at least until this is patched, it would be a good idea to shut down any CUPS-related process that’s listening on port 631, and avoid interaction with untrusted or potentially compromised print servers.

    Either of these commands will list such processes:

    $ sudo lsof -i :631
    
    $ sudo fuser -v 631/tcp 631/udp
    

    I don’t want to diminish the urgency of this vulnerability, but it is worth noting that “affecting all GNU/Linux systems” does not mean that every affected system is actually running the vulnerable code. Some installations don’t run print services and don’t ever communicate with printers.

    Also, I suspect that the author’s use of “GNU” in that warning is misleading, potentially giving a false sense of security. (Sadly, a certain unfortunate meme has led many people to think that all Linux systems are GNU systems, and the author appears to be among them.) I don’t see any reason to think musl builds of CUPS are immune, for example, so I don’t assume my Alpine systems are safe just because they are not GNU/Linux.