Inferencium/website
1
0
Fork 0
Code Issues Activity
website/news.xhtml
inference cc10e25db7
Add news item "GB General Election - 2024-07-04" reference 1 
Title: How austerity (and ideology) broke Britain
2024-05-28 10:34:55 +00:00

155 lines
8.6 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<!-- Inferencium - Website - News -->
<!-- Version: 1.6.0-alpha.6 -->
<!-- Copyright 2024 Jake Winters -->
<!-- SPDX-License-Identifier: BSD-3-Clause -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<link rel="stylesheet" href="main.css"/>
<link rel="icon shortcut" href="asset/img/logo/inferencium-notext.png"/>
<title>Inferencium - News</title>
</head>
<body>
<nav class="navbar">
<div class="logo"><a href="index.xhtml"><img src="asset/img/logo/inferencium-notext.png" alt="Inferencium logo"/></a></div>
<div class="title"><a href="index.xhtml">Inferencium</a></div>
<div><a href="about.xhtml">About</a></div>
<div><a href="news.xhtml">News</a></div>
<div><a href="documentation.xhtml">Documentation</a></div>
<div><a href="source.xhtml">Source</a></div>
<div><a href="changelog.xhtml">Changelog</a></div>
<div><a href="blog.xhtml">Blog</a></div>
<div><a href="contact.xhtml">Contact</a></div>
<div><a href="directory.xhtml">Directory</a></div>
<div><a href="key.xhtml">Key</a></div>
<div class="sitemap"><a href="sitemap.xhtml">Sitemap</a></div>
</nav>
<h1 id="news"><a href="#news">News</a></h1>
<nav id="toc">
<h2><a href="#toc">Table of Contents</a></h2>
<ul>
<li><a href="#2024-05-28">2024-05-28</a></li>
<ul>
<li><a href="#gb_general_election-20240704">GB General Election - 2024-07-04</a></li>
</ul>
<li><a href="#2024-05-27">2024-05-27</a></li>
<ul>
<li><a href="#network_upgrade">Network Upgrade</a></li>
</ul>
<li><a href="#2024-04-01">2024-04-01</a></li>
<ul>
<li><a href="#key-ssh-update-20240401">SSH Key Update</a></li>
</ul>
<li><a href="#2024-02-01">2024-02-01</a></li>
<ul>
<li><a href="#mirror-codeberg">Source Code Mirror - Codeberg</a></li>
</ul>
</ul>
</nav>
<section id="2024-05-28">
<h2><a href="#2024-05-28">2024-05-28</a></h2>
<article id="gb_general_election-20240704">
<h3><a href="#gb_general_election-20240704">GB General Election - 2024-07-04</a></h3>
<p>On 2024-05-22, the prime minister of GB, Rishi Sunak, announced the next general election
will be held on 2024-07-04.</p>
<p>This is the opportunity of a lifetime to remove Conservatives from power and prevent
further gross neglect, torture, and death of disabled people across the country. If you are
a citizen of GB, you have the power to make the most substantial change to the protection of
disabled people of this country.</p>
<p>With <em>14 years</em> of austerity<sup><a href="#gb_general_election-20240704-ref-0">[0]</a><a href="#gb_general_election-20240704-ref-1">[1]</a></sup> and gross harm to disabled people, it is time to end
it. This country has been destroyed in every aspect by the Conservative government, of whom
everyone involved with the decisions to cause blatant harm to disabled people should be
handed life sentences for their heinous crimes.</p>
<p><strong>Conservatives out.</strong></p>
<div class="ref">
<p id="gb_general_election-20240704-ref-0"><sup>[0]</sup><a href="https://www.theguardian.com/politics/article/2024/may/23/tories-14-years-in-power-brexit-cuts-and-chaos">Tories 14 years in power will be remembered for Brexit, cuts and chaos</a></p>
<p id="gb_general_election-20240704-ref-1"><sup>[1]</sup><a href="https://www.theguardian.com/business/2023/sep/10/how-austerity-and-ideology-broke-britain">How austerity (and ideology) broke Britain</a></p>
</div>
</article>
</section>
<section id="2024-05-27">
<h2><a href="#2024-05-27">2024-05-27</a></h2>
<article id="network_upgrade">
<h3><a href="#network_upgrade">Network Upgrade</a></h3>
<p>Inferencium has switched internet service provider from POP Telecom to YouFibre.</p>
<p>This upgrade includes download and upload bandwidth increases from 1000/100 Mb/s to
2000/2000 Mb/s, respectively, resulting in a more responsive experience across
Inferencium services, faster download and upload speeds, and allowing more simultaneous
connections.</p>
<p>As a result of this change, Inferencium's public IP address has changed from
<code>92.27.157.206</code> to <code>185.154.146.5</code>.</p>
</article>
</section>
<section id="2024-04-01">
<h2><a href="#2024-04-01">2024-04-01</a></h2>
<article id="key-ssh-update-20240401">
<h3><a href="#key-ssh-update-20240401">SSH Key Update</a></h3>
<p>On 2024-03-29, a
<a href="https://www.openwall.com/lists/oss-security/2024/03/29/4">backdoor was publicly disclosed</a>
in the
<a href="https://git.tukaani.org/?p=xz.git">XZ Utils</a>
software. Inferencium systems <strong><em>did</em></strong> have the affected versions of
this software installed, and the tools were used. The software has since been downgraded to
the last-known safe version.</p>
<p>After
<a href="https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27">extensive research</a>,
it has been discovered that
<a href="https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27#design">specific criteria</a>
must be met for the backdoor to be effective. Based on
<strong><em>what is known</em></strong>, Inferencium systems are unaffected by this attack
for the following reasons:</p>
<ul>
<li>Inferencium systems run Gentoo Linux, which does not include Debian and Red Hat
OpenSSH patches.</li>
<li>Inferencium systems use musl libc, not glibc. As musl does not support glibc's
non-standard <code>IFUNC</code> functionality, the backdoor cannot run.</li>
<li>Inferencium systems use Clang as the system compiler, and lld as the system
linker, not GCC and ld.</li>
<li>Inferencium systems use OpenRC as the init system, not systemd. libsystemd and
systemd-notify do not work with OpenRC.</li>
</ul>
<p>The <em>only</em> criteria met by Inferencium systems is amd64 as the system
architecture; this is not enough for the backdoor to be effective. Even if all criteria
other than running glibc were met, Inferencium systems would still be unaffected by this
attack due to musl not supporting the required <code>IFUNC</code> functionality which
the backdoor seems heavily dependent on.</p>
<p><strong>Despite the evidence, it is unknown exactly what this malicious code does and is
capable of in entirety. As a precautionary measure, I have generated a new SSH key and
classified the previous key as compromised. You can find my new key on the
<a href="key.xhtml#ssh-current-2">Key webpage</a>.</strong></p>
<p>There is no evidence that my previous key was compromised, so this is entirely a
precautionary measure. All files and Git commits, tags, and releases signed with the
previous key, even after discovery of the backdoor, up to 2024-04-01, are secure and validly
signed by me; the key should not be trusted after this date.</p>
<p>I completely support Lasse Collin during this time. Support should be provided to him for
what occurred to his project and how it was sabotaged. He clearly had good intentions and
was burnt out from the commitment to his project, which led to Jia Tan taking advantage of
him. He has posted
<a href="https://tukaani.org/xz-backdoor/">his own, official statement</a>
on behalf of the XZ Utils project and how it intends to move forward. Assistance should be
provided to support both him and the community.</p>
</article>
</section>
<section id="2024-02-01">
<h2><a href="#2024-02-01">2024-02-01</a></h2>
<article id="mirror-codeberg">
<h3><a href="#mirror-codeberg">Source Code Mirror - Codeberg</a></h3>
<p><a href="https://src.inferencium.net/Inferencium">Inferencium source code repositories</a>
are now mirrored at
<a href="https://codeberg.org/Inferencium">Codeberg</a>.
In case of service disruption of the main Inferencium source code repositories, the mirrors
can be used to access the source code.</p>
<p>Due to terms of service restrictions, proprietary code and related repositories, such as
firmware, are unable to be mirrored to Codeberg.</p>
</article>
</section>
<div class="sitemap-small"><a href="sitemap.xhtml">Sitemap</a></div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink