I have a Redmi 3

because of the bootloader or what?

of course but some old series were good even they officially supported by Omnirom and CM

even with it's Official tools? i'm not yet having any issue when trying to unlock their bootloader

I think it depends on the model....

Xiaomi phones come backdoored and loaded with spyware and Chinese software. I'm not sure it's even safe to use after reflashing.

I have a Redmi 3

ido or land?

ihave the C1905 (XM) as my first one, and some of the Z series

of course but some old series were good even they officially supported by Omnirom and CM

I had a Xperia P many many years ago and it unlocked just fine, sad to hear that changed

ido or land?

Ido

I think it depends on the model....

thats might be the case

Xiaomi phones come backdoored and loaded with spyware and Chinese software. I'm not sure it's even safe to use after reflashing.

Should be safe, just install something else if it has Qualcomm

Xiaomi phones come backdoored and loaded with spyware and Chinese software. I'm not sure it's even safe to use after reflashing.

This is an interesting question. If you install, let's say Cyanogen, all these backdoors and bad stuff remain somewhere anyway? Or is it gone with the system?

Xiaomi phones come backdoored and loaded with spyware and Chinese software. I'm not sure it's even safe to use after reflashing.

flash custom kernel and use CM13 or RR and then, of course, Go @NoGApps :))

This is an interesting question. If you install, let's say Cyanogen, all these backdoors and bad stuff remain somewhere anyway? Or is it gone with the system?

They are gone if the memory is reflashed

The only way for them to stay would be to be hardware-tampered

They are gone if the memory is reflashed

Nah.

Depends on what level they are installed on.

If they are installed at the ROM level, sure.

Ido

same

I flash using sp flash tool, it rewrites the entire system

If they are at the baseband level, tough luck.

And there's no way to tell if the malware is at the badeband level.

I consider spyware infected phones unsafe, even after a million reflashes.

If they are installed at the ROM level, sure.

yes, but if in the kernel level...

Nothing guarantees their malware lives deep within the phone.

For example: Storage bus level.

NSA knows how to permanently infect HDDs so not even a format wipes their malware.

You can't be sure Xiaomi also doesn't do that.

yes, but if in the kernel level...

Kernel is also changed with rom change, of course provided that all kernel modules are open source and rebuilt

NSA knows how to permanently infect HDDs so not even a format wipes their malware.

A full overwrite with 0-s of empty space should work I guess?

A full overwrite with 0-s of empty space should work I guess?

It doesn't work like that.

NSA flashes the HDD's microcontrollers

Kernel is also changed with rom change, of course provided that all kernel modules are open source and rebuilt

but still not guaranteed it was "safe" that way

And it's game over.

but still not guaranteed it was "safe" that way

Thanks xD

This is why I don't buy Lenovo, for example.

A full overwrite with 0-s of empty space should work I guess?

Is this possible in a mobile device?

Sure, Superfish won't work on Linux, but...

What guarantees you they don't do other shady stuff?

In general, having a smartphone means you've lost already

Unless you're a computer engineer and can reverse engineer a chip, you can't be ever sure.

And it's game over.

If we are paranoid about everything, let's quit the internet and electronics then xD

If we are paranoid about everything, let's quit the internet and electronics then xD

Why?

Also paranoia is a medical condition.

What I'm presenting are solid facts.

If we are paranoid about everything, let's quit the internet and electronics then xD

Indeed. An old systems professor told us the only computer completely safe is the one that is not connected to internet, never.

even with it's Official tools? i'm not yet having any issue when trying to unlock their bootloader

No I just very very free-tards-dom So I never thought using their so called "official Sony flasher tools" or something like that. Anyway, I'm using Linux no Windows So "official Sony" can't run on mine

Indeed. An old systems professor told us the only computer completely safe is the one that is not connected to internet, never.

not even that gives you any guarantees ;)

i'm just curious how they access / hijack our device without internet connection enabled, is it possible?

It is

https://en.wikipedia.org/wiki/Air_gap_malware

i'm just curious how they access / hijack our device without internet connection enabled, is it possible?

https://en.m.wikipedia.org/wiki/BadBIOS

https://en.m.wikipedia.org/wiki/BadBIOS

i'll take a look, i'm really curious about this topic ?

Using just a modified USB, you can access a device meters away from you and steal information

And let's not forget the more rudimentary but not any less effective well known methods such as USB drops

Full with autorun and such

And let's not forget the more rudimentary but not any less effective well known methods such as USB drops

And this also affects Linux machines through firmware reflashes. After all, USB is just another system bus.

There was also a PoC based on thermal dissipation for airgapped machines

This one was less effective

There are also exploits that steal your encryption password by "listening", to the noises your CPU makes when consuming electricity.

This is not paranoia. These are effective, fully researched attack methods.

There are also exploits that steal your encryption password by "listening", to the noises your CPU makes when consuming electricity.

There is always a way, for everything

Indeed.

wow, this group's topic is went a bit from its main topic but yes, fedora is a piece of freedom apart from its kernel further about privacy and freedom. we can discuss in this growing group @librecomputing :)

Nice breads bro ;)

Nice breads bro ;)

we are talking about eoma68 and libreboot things :)

Okay I'll join

ERROR: S client not available

XD

So, that looks better, as for me.

sexy

That mount is neat.

That mount is neat.

but that spying camera is.... suspicious..

It's not spying if it's unplugged ;) but that reminds me that I need to tape over the camera on my laptop...

Love that Mouse-Pad everytime i see your setup

x3

$8 from Ali Express. New Year gift to myself.

I am intrigued by the floppies. When I told my friends that in Russia you need to fill your taxes and give them out on floppies nobody believed me

I am intrigued by the floppies. When I told my friends that in Russia you need to fill your taxes and give them out on floppies nobody believed me

That is because common people in Russia don't have to do that. Mostly, that is done by organisations.

Or if you are selfemployed.

Common people don't care about reporting income taxes, everything is done by their employer

That is because common people in Russia don't have to do that. Mostly, that is done by organisations.

Still, I don't think it is easy to find a floppy drive or new floppies around, also many people in my environment are self-employed (b2b), so they need to fill these taxes as well (in practice practically everyone uses a separate companies to do these taxes, but still)

Still, I don't think it is easy to find a floppy drive or new floppies around, also many people in my environment are self-employed (b2b), so they need to fill these taxes as well (in practice practically everyone uses a separate companies to do these taxes, but still)

You'd be surprised. I have 4 or 5 working FDDs here, you can also easily find an external FDD here in any parts shop.

here you can order them online, but regular computer shops don't have them available

I stand corrected: https://proline.pl/?kat=Nap%C4%99dy+FDD

I think, if you would get a simplified taxation form, you would be OK with just sending reports online.

But don't quote me on that.

Welcome aboard.

GNUCash is easy to manage your finances with. Easy export to stuff like DATEV too

what is the relationship among rhel，centos and fedora

Redhat is the main sponsor of the fedora proyect

Provides human resources infraestructura and budget forma events

RHEL is a distribution based in fedora

Yes, rhel is a fedora derivate

Centos is a rebuild from sources of rhel

https://youtu.be/qJ3CozFrEvg

This work better than it sound

The servers, network and storage than a large project like fedora needs are expensive and redhat provides support for it

Many core packages like the kernel python gnome httpd mariadb etc are maintained un fedora by redhat employes, they both work un rhel packages and many are some of the majors contributors to theirs respective projects upstream