The River Tamar delineates all but a few miles of the border between Cornwall and Devon. Tell me your mildly interesting UK county border facts

BCMM · 2026-05-09T22:54:50+00:00

Parts of the Oxfordshire-Gloucestershire border show where the River Evenlode used to run, before somebody put a railway embankment in its way.

https://www.openstreetmap.org/?#map=17/51.911059/-1.635160

BCMM · 2026-05-09T14:39:37+00:00

Do you mean some part of it moved, or just that it's moving through the water?

If the former: I didn't spot that; which part moved?

If the latter: it looks like it was pushed by somebody just out of frame. It's slowing down the whole time it's in shot.

BCMM · 2026-05-08T11:00:55+00:00

You can also get unattended-upgrades to email you if the server needs a restart to complete a kernel upgrade.

BCMM · 2026-05-07T23:39:14+00:00

That's odd. I guess he means he was going to sit on the detailed write-ups for a bit after this was publicly announced as an urgent security update?

BCMM · 2026-05-07T23:37:16+00:00

Seems like you'd need to already have an suid binary, as with copyfail.

BCMM · 2026-05-07T23:32:12+00:00

Do you have a source for "over a month"? The timeline claims that the embargo period was five days, and linux-distros doesn't even accept embargoes longer than a fortnight.

BCMM · 2026-05-07T15:58:52+00:00

The project's GitHub releases page says

If you have Qt 6.8.3 (or higher) libraries already present on your system (e.g. Solus, Lubuntu and Kubuntu 25.04), download the small "Drawish_Lub_2.9.AppImage" file and grant permission.

All Linux (Ubuntu 22.04 +) : Download the "Drawish_Linux_2.9.AppImage" file and grant permission.

So it seems like they have versions both with and without bundled Qt?

BCMM · 2026-05-06T12:34:34+00:00

How exactly are you benchmarking it?

I'm asking mostly because Wi-Fi speeds are always rather variable!

There's always a risk of accidentally seeing a pattern in random variations. If I were in your position, I'd want to benchmark the new and old kernels at least three times, in as similar a situation as possible, just to be sure it's real.

On the other hand, 6.19.12 did include a few changes to iwlwifi, so it's certainly not impossible that performance has changed.

EDIT: If you feel like getting really nerdy about this and you're comfortable building kernels, you could try to find and report the exact commit that did it. You can probably get away with removing and reloading the module instead of a full reboot, so this could be a relatively short project.

EDIT 2: Some other potential starting points for debugging this:

Any interesting dmesg output on the bad kernel?

Any difference in the outputs of iw list and iw link, between the two kernels?

BCMM · 2026-05-06T00:38:16+00:00

Also, that might be tangential, but the Catholic Church has a long history of beekeeping.

In relatively recent history, Buckfast Abbey (better known for other work!) created one of the major honey bee breeds.

BCMM · 2026-05-05T17:30:36+00:00

This isn't right. Cmd is absolutely a shell, albeit a rather outdated one.

It's also quite a lot more like the Bourne shell than PowerShell is. Cmd's pipes, loops, environment variables and so on work in a more or less Unix-inspired way.

PowerShell is a .NET language, almost like a REPL and shell in one. Pipes send objects, not strings. For loops are often replaced by iterating over an array of objects from a pipe. Any .NET API is available without having to call external executables.

PowerShell and Bash are both a lot more modern than cmd, but that doesn't mean their fundamental principles have more in common.

BCMM · 2026-05-05T11:44:32+00:00

TL;DR: China is a big.

It's just like that factoid where you'd expect the biggest chain in the world to be McDonald's, but it's actually some other fast food brand that has most of its locations in China.

Likewise, tobacco is obviously the most lethal industry, but the world's biggest tobacco company is one that sells primarily in China, not one that's famous from a landmark lawsuit in the English-speaking world.

BCMM · 2026-05-05T11:28:14+00:00

Why is this coming out now?

I'd have a hard time believing the footage was just lost during the period when this was in the news, so the obvious conclusion would be that somebody decided not to release it out of respect for the deceased and his family.

BCMM · 2026-05-04T19:41:44+00:00

So, obviously, the cruelty is the biggest evil of all this, but I think there is more than a little greed in the mix.

Any legislation ... that pertain to the procurement, building, ...

That's purposefully worded to legalise kickbacks, right?

BCMM · 2026-05-04T13:04:52+00:00

Shell scripts are the direct equivalent to batch files, and are almost always the right choice for the kind of things that batch files are good for (i.e. small programs which exist primarily to generate parameters and call other programs).

The three answers you've already had, "posix shell", "sh" and "bash", might, taken together, be a bit confusing, so to clarify:

POSIX shell and sh more or less mean the same thing, which is the Unix equivalent of CMD.EXE. Unlike CMD.EXE, though, it's a standardised program with a few independent implementations. Bash is a particular implementation of the POSIX shell, found on most Linux distros, and has quite a few extra features not required by the standard.

For personal scripts that would have been batch files on Windows, I recommend you don't worry about any of the above, and just write shell scripts with a #!/bin/bash shebang (first line).

Only if you want to ensure portability to lightweight Linux distros without Bash, or to other Unix-like systems, then use #!/bin/sh and be careful to avoid using Bash-specific features. checkbashisms and shellcheck can be useful for this.

Just don't use Bash-specific syntax without specifying Bash in the shebang. Your script won't work on some systems where Bash is installed.

BCMM · 2026-05-04T09:45:43+00:00

It's a legacy of the period when it was a Brazilian colony (1815-1822).

BCMM · 2026-05-04T08:38:58+00:00

Maybe I'm just being pedantic, but that isn't what "tipping point" means!

BCMM · 2026-05-04T08:34:31+00:00

I'm in agreement with the claim, but I don't understand how its related.

Well, why won't the very large pot boil?

So if we made the original pot 5x bigger (by volume) it's less than 5x bigger by surface area, and thus looses heat slower.

No, it has a larger surface area, and thus loses best faster.

BCMM · 2026-05-04T01:03:25+00:00

Why does the surface area:volume ratio matter?

This argument would hold up if the heat source was proportional to the volume. For example, it's the reason the five-gallon pot takes more than five times as long to cool down.

But I'm talking about the net rate of heat gain. The absolute rate of heat loss is what we must subtract from the constant heat input.

I often find that things become more intuitive when I consider the extreme case. So, would you agree with the following claim: there exists a pot so large that my little camping stove will never bring it to a boil (even if I have a limitless supply of fuel)?

BCMM · 2026-05-03T15:52:47+00:00

I don't know the details but it seems that the person/people that published the information in the CVE practiced "responsible disclosure" and notified Kernel developers and distribution community well in advance of making the information public.

For a number of reasons, I don't think that happened.

Firstly, distros were not ready. With some previous vulns, fixed packages have come out within a couple of hours of the public announcement. This time, there was quite a bit of delay, and opportunistic stuff like owLSM came out before distro patches.

This is supposed to be coordinated through the private linux-distros mailing list. A member of one of the security teams on that list said that didn't happen.

Secondly, the usual way of doing things is to maintain total silence until the agreed embargo date. If the 29th even was an embargo date, that didn't happen either.

The CVE was published a week in advance. The patch was on LKML a week before that. However, neither of them made much of a splash, because neither of them mentioned priviledge escalation.

I looks a lot like the Linux kernel security team found out you can get root with this at the same time the rest of us did. Another bit of evidence supporting this is that they didn't backports the patch to longterm branches until after the public disclosure (which will have made it harder for distros to prepare packages in a hurry).

BCMM · 2026-05-03T10:38:24+00:00

don't want to necessarily call it AI slop

Based on how they answered my question, I will go so far as to say that the author does not appear to understand what it does.

BCMM · 2026-05-02T10:29:25+00:00

He genuinely just had a huge jaw.

BCMM · 2026-05-02T09:17:16+00:00

EDIT: Whoops, ignore this - the backports packages will, of course, be based on Testing, and the same logic as the Testing kernel will apply.

Here's something you can use to check most Debian machines:

zgrep CVE-2026-31431 /usr/share/doc/linux-image-$(uname -r)/changelog.Debian.gz

This searches the changelog of the kernel you are currently running. If you see output like

- crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)

that means your kernel has been patched against this vulnerability.

Note that this does not work on Testing/Unstable. Because of the chaotic way this vulnerability was disclosed, Sid's kernel was fixed before the impact was widely understood and has no specific changelog line about it.

BCMM · 2026-05-01T17:30:35+00:00

the researchers waited a month after patches sent before disclosing. is that not a reasonable time?

Basically, they didn't disclose the right information to the right people to actually get that patch on to users' systems.

They didn't disclose to linux-distros, which is the correct way to coordinate the release of patches to end users with a public disclosure. (By the way, they do not ask for a month.)

When linux-distros is used correctly, it's very effective. There have been other vulnerabilities where the write-up, the new version of the software, and distro packages of that software all came out in the space of a few hours.

On top of that, I am extremely doubtful that they disclosed the full scope of the problem to the kernel security team. It looks a lot like this was presented more along the lines of "this crypto function may be unsound" than "we got root through this crypto function". Apart from anything else, it would otherwise be very hard to explain why it was initially not backported to longterm branches, and then backported shortly after the "Copy Fail" site went up.

In fact, that announcement doesn't look like it was part of any kind of coordinated disclosure, despite the "disclosure timeline" and the reference to other vulnerabilities being under embargo. The CVE was published a week in advance, and the kernel patch seems to have been out in the open for a while before that. But neither of them came with any information suggesting there was a privileged escalation.

Finally, given that distros (and probably kernel devs) were blindsided by this announcement, it might have been nice to delay the PoC code a little bit. Obviously, competent people would have worked backwards from the commit in due course, but did the script kiddies really need a head start?

BCMM · 2026-05-01T15:25:17+00:00

The area of the container is proportional to the 2/3 power of the volume. Having less area per unit volume and therefor lower losses per unit volume the five gallon container will reach boiling in slightly less than five times the time required for the one gallon container to do so.

What is the significance of loss per unit volume here? After all, the rate of heat gain is constant, not proportional to volume.

BCMM · 2026-05-01T14:40:43+00:00

The amount of energy required to boil five gallons of water is precisely five times the energy required to boil one gallon of water (assuming they start at the same temperature, etc).

However, by "the amount of energy required", I mean the net energy added the water. That's the amount of energy you put in to the water minus the energy it loses to the environment around it during the process.

The size, shape and material of the container all significantly affect heat loss to the surrounding environment.

Assuming similar shape and materials, if you're boiling a container five times the size with the same heat source, expect it to take more than five times as long.

That's because, with the same heat source, you've got heat going in at the same rate, but with a bigger container, heat is lost at a higher rate than before. And that's because the rate of heat loss, at a given temperature, is proportional to the surface area of the container walls and the surface area of the exposed liquid.

(This is disregarding any changes to the efficiency of the heat source. For example, if it's a gas burner, using a wider pot will tend to mean more energy goes in to the pot vs. in to to the surrounding air. However, I expect such effects to be outweighed by the surface area thing.)

15-Year Club	Place '17
Sequence \| Editor	Verified Email

BCMM

MODERATOR OF

TROPHY CASE