Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Monday March 08 2021, @10:36PM   Printer-friendly
from the same-old-M$ dept.

Developer Gavin L Rebeiro has posted[*see note below] a five-part article series at Techrights on how to deal with the ongoing Raspberry Pi fiasco by salvaging existing hardware with a replacement operating system.

He covers the background, the technical principles, some methods for mitigation, proposes using NetBSD in place of the GNU/Linux, Raspberry Pi OS. Finally, he walks through installation of NetBSD.

We don't want to be spied on; what happens when we're faced with an operating system that spies on people? We throw it in the trash where it belongs! I am boycotting the Raspberry Spy myself (you're free to join me in doing so) but I don't want people to waste hardware that they already have. So we're going to walk through an interesting path of installing a different operating system on the Raspberry Spy; I want to show you a few things that will empower you to take greater control over your computing.

We'll gently walk through and explore the following: how to install an operating system on an embedded device (a Raspberry Spy, in this case) over a USB-to-UART bridge (UTUB). This is the main project we've got on our hands. Don't worry if you've never touched embedded systems before; everything here is accessible to people with a modest set of prerequisite knowledge and some basic apparatus.

We'll delve into things with more depth as we move forward with our project; if you don't understand something when you first encounter it, just keep reading.

NetBSD might be a bit of a leap for some, so it should be noted that there are other GNU/Linux distros for the Raspberry Pi which do not include the problems addressed above.

The focus of the series is on individual privacy, but a parallel threat exists for institutions because, after the recent changes, any use of Raspberrry Pi OS will show up at their most hostile competitor, Microsoft. The company has had a do-not-lose-to-Linux-at-any-cost attitude for decades and has various slush funds available to fund attacks. EDGI was one such program which did a lot of damage around the world and has been described in fair detail in the Comes v Microsoft case.

[* Ed's Note (2021-03-12): The author has let us know that his original article is available as a PDF, as techrights' version wasn't faithful. -- FP]

Previously:
(2021) Raspberry Pi Users Mortified as Microsoft Repository that Phones Home is Added to Pi OS


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Informative) by Anonymous Coward on Monday March 08 2021, @11:08PM (26 children)

    by Anonymous Coward on Monday March 08 2021, @11:08PM (#1121540)

    You have to read too much of this post to determine that this is related to the update to Raspberry Pi OS which added the PPA for Visual Studio Code. This title might be appropriate if someone was running the 'Fiasco' micro kernel on a PI, but its just not very specific and way too opinionated. I suggest the title "Guide for migrating to NetBSD in reaction to Raspberry Pi OS adding MS PPA".

    If you want to stick closer to the current title, do with "A response to Raspberry Pi OS adding the a Microsoft PPA".

    We want the title to indicate to reader that this is related to the Microsoft PPA, and Raspberry Pi OS. When I initially read it, I assumed this story was covering some new issue related to the Raspberry Pi hardware. Even now I'm not sure this article is actually about the PPA issue, or something else from the summery here.

    Full disclosure: I'm a Microsoft employee, and a long time desktop Linux user. I have biases on this subject. I do think adding the VS Code PPA via meta-package and not via silent install would have been a better approach, however I think we need a bit of Hanlon’s Razor here. I don't think the Raspberry Pi intended to spy on anyone with this change, and it would be better to work constructively on educating people on better ways to do things than saying "Raspberry Spy", "salvaging existing hardware", "fiasco" etc. While I'm happy to have a guide for setting up NetBSD, could be be more educational and constructive, at least in our titles and summaries here on Soylent news?

    Starting Score:    0  points
    Moderation   +5  
       Insightful=1, Informative=5, Overrated=1, Total=7
    Extra 'Informative' Modifier   0  

    Total Score:   5  
  • (Score: 5, Insightful) by Anonymous Coward on Monday March 08 2021, @11:32PM

    by Anonymous Coward on Monday March 08 2021, @11:32PM (#1121549)

    》 I don't think the Raspberry Pi intended to spy on anyone with this change,

    Correct, it's Microsoft who intended to spy with this change.

  • (Score: 5, Informative) by Anonymous Coward on Monday March 08 2021, @11:32PM (12 children)

    by Anonymous Coward on Monday March 08 2021, @11:32PM (#1121550)

    Not only is the TFS (and presumably TFA as well) unnecessarily inflammatory, I believe it to be incorrect as well.

    "any use of Raspberrry [sic] Pi OS will show up at [...] Microsoft" - no, the specific act of attempting to obtain the list of available updates (via apt update or similar) will show up at Microsoft, unless you first modify the apt sources list. There are plenty of uses of the Raspberrry Pi OS that don't involve checking for updates. The way it's written makes it seem like there are currently rootkits installed, that all mouse movements or keypresses are all sent to Microsoft - which to be fair, with their apt source in there, they could totally push out an OS update containing such a rootkit due to the way that apt sources are trusted. But call a spade a spade, not a lethal weapon - yes you could use a spade to kill someone but the escalation in language isn't conductive to being taken seriously.

    A lot of things should have been better. It should have been opt-in, and it should be clearer for how to disable once added, and the response by Raspberry Pi staff could have been done differently to not fan the flames. But this kind of escalation doesn't seem helpful either.

    • (Score: 2) by aristarchus on Tuesday March 09 2021, @01:38AM (10 children)

      by aristarchus (2645) on Tuesday March 09 2021, @01:38AM (#1121582) Journal

      unnecessarily inflammatory,

      Um, this is Micro$erf we are talking, here. The greatest pre-Google source of evil on the planet! They enslaved billions, hobbled what could have been greatest liberatory technology humankind has even invented! They stole their networking stack. They killed DRDos! And what about Stacker? And even now, an Italian still has to sue to not pay for their defective operating system! And finally they are subverting the Raspberry Pi, after failing with the SCO gambit. How could it possibly be "unnecessarily inflammatory"? If anything, rather understated.

      • (Score: 3, Touché) by Anonymous Coward on Tuesday March 09 2021, @01:47AM (2 children)

        by Anonymous Coward on Tuesday March 09 2021, @01:47AM (#1121586)

        I also saw them kicking puppies.

        • (Score: 0) by Anonymous Coward on Tuesday March 09 2021, @01:58AM (1 child)

          by Anonymous Coward on Tuesday March 09 2021, @01:58AM (#1121589)

          No it was clubbing at the seals club.

          • (Score: 1, Funny) by Anonymous Coward on Tuesday March 09 2021, @02:12AM

            by Anonymous Coward on Tuesday March 09 2021, @02:12AM (#1121594)

            Worse! They standardized letters for disk names and borked file systems, and did not distinguish between upper and lower cases, and limited file names to 8-characters? What sort of evil organization does such things?

      • (Score: 2) by Arik on Tuesday March 09 2021, @02:53AM (5 children)

        by Arik (4543) on Tuesday March 09 2021, @02:53AM (#1121610) Journal
        You're obviously trolling, but I can't find anything untrue or deceptive.
        .
        .
        ..
        ..
        ...
        ...
        ....
        ....
        ....WTF?

        Who are you, and what have you done with arirestardichus?
        --
        If laughter is the best medicine, who are the best doctors?
        • (Score: 0, Insightful) by Anonymous Coward on Tuesday March 09 2021, @03:21AM (4 children)

          by Anonymous Coward on Tuesday March 09 2021, @03:21AM (#1121630)

          Ari does not troll. He does mock in an exaggerated manner that no one over the age of 9 should mistake for anything serious.

          • (Score: 2) by aristarchus on Tuesday March 09 2021, @04:53AM (3 children)

            by aristarchus (2645) on Tuesday March 09 2021, @04:53AM (#1121662) Journal

            But all the mocking is quite true, so it is not mocking from the position of the mocker, only from the position of the mockee. Sucks to be a mockee.

            • (Score: 1) by Arik on Tuesday March 09 2021, @05:17AM (2 children)

              by Arik (4543) on Tuesday March 09 2021, @05:17AM (#1121668) Journal
              But far too many of your recent mockeries.
              Have been like bathwater; faintly smelling of scaly knees
              faintly stänkte; old feces.

              Peeeeeeeeeeew.

              You say it sucks - to be the mockee
              You know in your guts - you ain't no maquis.

              You
              can't
              bring
              me
              down.

              https://youtu.be/BPfkK7bcyfE
              --
              If laughter is the best medicine, who are the best doctors?
              • (Score: 2) by aristarchus on Tuesday March 09 2021, @05:35AM (1 child)

                by aristarchus (2645) on Tuesday March 09 2021, @05:35AM (#1121675) Journal

                Already down you are, Arik, with the monospace. Try to realize the truth, there is no spoon. And then the bathwater will smell of roses. I promise.

                • (Score: 2) by Arik on Tuesday March 09 2021, @06:31AM

                  by Arik (4543) on Tuesday March 09 2021, @06:31AM (#1121703) Journal
                  No.

                  The monospace is the Upfull. The True Fine Love.

                  Just the facts, ma'am. Just the facts, please.
                  --
                  If laughter is the best medicine, who are the best doctors?
      • (Score: 2) by DannyB on Tuesday March 09 2021, @06:09PM

        by DannyB (5839) Subscriber Badge on Tuesday March 09 2021, @06:09PM (#1121904) Journal

        Um, this is Micro$erf we are talking, here. The greatest pre-Google source of evil on the planet! They enslaved billions, hobbled what could have been greatest liberatory technology humankind has even invented! They stole their networking stack. They killed DRDos! And what about Stacker?

        You should have stopped right there. Added the part about Microsoft's support of SCO. Then you wouldn't sound too over the top. Arguing to not trust Microsoft's ability to later maliciously "update" software with malicious code would sound more reasoned. (even though it is absolutely true.)

        For the record: I haven't trusted Microsoft since about 1982. I can't pinpoint an exact year when it happened, but I don't trust Google. (by "don't trust" I mean suspect of working against my best interest and computing freedom.) There was a time I didn't perceive Microsoft or Google as being against my best interest and freedom. Microsoft was a harmless software vendor who provided BASIC interpreters, development tools, and Adventure ported to micros. Google was an internet search company who didn't own YouTube.

        --
        People today are educated enough to repeat what they are taught but not to question what they are taught.
    • (Score: 5, Insightful) by https on Tuesday March 09 2021, @05:17AM

      by https (5248) on Tuesday March 09 2021, @05:17AM (#1121667) Journal

      There are plenty of uses of the Raspberrry Pi OS that don't involve checking for updates.

      I am sure such uses exist, but it is hardly abnormal to have them connected to the internet. If you're not updating regularly while connected to the internet, then Bao Than is the proud new owner of the pi.

      Microsoft has long ago mastered the art of "this major change should look minor to people who can't study it for several months". If you are not suspicious of them, you are not to be taken seriously. Escalation, as you put it, is a reasonable response to Microsoft sticking their noses into any endeavour.

      So bugger off. I smell MS shill fuckery.

      --
      Offended and laughing about it.
  • (Score: 3, Funny) by Anonymous Coward on Tuesday March 09 2021, @12:23AM (8 children)

    by Anonymous Coward on Tuesday March 09 2021, @12:23AM (#1121563)

    Full disclosure: I'm a Microsoft employee

    I'm so, so sorry. Do you even know what evil you did in your previous life that required you to suffer so much penance in this one?

    • (Score: 2, Interesting) by Anonymous Coward on Tuesday March 09 2021, @02:24AM (7 children)

      by Anonymous Coward on Tuesday March 09 2021, @02:24AM (#1121599)

      I get paid a huge amount of money (over 20x my cost of living) to do work I enjoy, and even get to opensource a lot of it and get great benefits. Working for a large tech company is a huge privilege, not a punishment. I easily make enough money I could take 10 years off to find a new job if I wanted.

      If you want to meme about Microsoft being evil, I suggest implying I'll suffer in my next life rather than implying my choice to work for them is punishment: that would fit the narrative much better.

      • (Score: 4, Interesting) by Arik on Tuesday March 09 2021, @02:50AM (1 child)

        by Arik (4543) on Tuesday March 09 2021, @02:50AM (#1121606) Journal
        "Working for a large tech company is a huge privilege, not a punishment."

        This is where you are mistaken. Because karma.

        "I easily make enough money I could take 10 years off to find a new job if I wanted."

        If that's true and not a lie; if you're a human being and not a cabbage in drag; then do it.

        Take 10 years off to make something that helps humanity, instead of destroying us to put more dollars you will never use in the bank. For your heirs, I suppose.

        Who your heirs be my brother? How much of that loot do they need? If you were really in it for the people all along, then you spread that loot out to the people, capisçe? What do you need? A shirt on your back and a belly full of stew; and a muse. A reason to work, that's all you really need, isn't it?

        So take 5 years off and hire someone to help keep you on track and producing something. Or, you know, use math from there. Fractions. That's still math, even if they quit teaching it.

        "If you want to meme about Microsoft being evil, I suggest implying I'll suffer in my next life rather than implying my choice to work for them is punishment: that would fit the narrative much better."

        The only difference is the presumption that you have a conscience. If you have a conscience, then showing up to work is a punishment as well as a source of income.

        If you're a psycho/sociopath; then yes we must wait for the next life, or else a catastrophic failure from your dice.

        If you have a guilty conscience, if your $opathy wavers... well then you just might wind up confessing.

        Confession /is/ good for the soul.
        --
        If laughter is the best medicine, who are the best doctors?
        • (Score: 1) by The Mighty Buzzard on Wednesday March 10 2021, @01:46AM

          by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Wednesday March 10 2021, @01:46AM (#1122099) Homepage Journal

          No, not because of karma. Because you're working for a big corporation. It wouldn't matter if they saved an endangered species every day and sequestered all the man-made carbon from the atmosphere weekly. The job would still suck compared to deciding your own future.

          --
          My rights don't end where your fear begins.
      • (Score: 3, Funny) by aristarchus on Tuesday March 09 2021, @06:01AM

        by aristarchus (2645) on Tuesday March 09 2021, @06:01AM (#1121689) Journal

        I easily make enough money I could take 10 years off to find a new job if I wanted.

        But, of course, you will not. You will never have another job. Do you imagine that any tech employer, seeing the Mark of Cain, and the NDA upon you, will even give a second interview? Not going to happen. Instead, you will have take your ill-gotten gains and apply them to your own interests, like transfusions of blood from Younglings (Thiel) or pretending to be a philanthropist (Gates), or hosting Parler after they get booted from polite society and taking pictures of snowflakes, like Nathan Myhrvold, the Bane of Aasgard. Karma, it comes around. No amount of money can save you from it.

      • (Score: 0) by Anonymous Coward on Tuesday March 09 2021, @09:47PM (2 children)

        by Anonymous Coward on Tuesday March 09 2021, @09:47PM (#1122019)

        20x your cost of living? I gotta ask, what do you make and/or where do you live? I hate Microsoft as much as the typical Linux fanatic, but my monthly mortgage + property taxes + utilities + groceries is ~$3k, so 20x that is $720k on an annual. I'd sell my soul to the demons in Redmond for that kind of money, I could pay my kids' college costs and retire in well under ten years.

        • (Score: 1) by The Mighty Buzzard on Wednesday March 10 2021, @01:58AM (1 child)

          by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Wednesday March 10 2021, @01:58AM (#1122101) Homepage Journal

          Mine's about $700-750 with a roommate, so I make somewhere between 4-5x cost of living over a year. I try and plan it out ahead of time and then turn down any work that's likely to push me up over 5x. Time's worth way, way more than money beyond enough to fund necessities and sufficient entertainment+hobbies.

          --
          My rights don't end where your fear begins.
          • (Score: 0) by Anonymous Coward on Wednesday March 10 2021, @11:30AM

            by Anonymous Coward on Wednesday March 10 2021, @11:30AM (#1122221)

            That's smart. I've got four kids. I've already started telling them they should only go to college or trade school if they have a specific career plan, and unless they get great scholarships they should use state colleges. And of course, I need a house or apartment for six people and a lot of groceries, and we use a lot of power just for showers, dishes, and laundry. Plus we're in a pretty good school district for my kids' sake, and as you know in the US that means housing is expensive here.

            If I was single, I'd be trying to live a lifestyle as efficient as yours too.

      • (Score: 0) by Anonymous Coward on Thursday March 11 2021, @12:29AM

        by Anonymous Coward on Thursday March 11 2021, @12:29AM (#1122512)

        God willing, you'll be the first against the wall when the revolution comes.

  • (Score: 4, Insightful) by Arik on Tuesday March 09 2021, @01:02AM

    by Arik (4543) on Tuesday March 09 2021, @01:02AM (#1121572) Journal
    Your first three paragraphs were very well written. Helpful. I would encourage you to volunteer.

    "Full disclosure: I'm a Microsoft employee, and a long time desktop Linux user."

    I, too, am truly sorry for you. And everyone that has to share a universe with you.

    "I don't think the Raspberry Pi intended to spy on anyone with this change"

    Intention really doesn't matter in this sort of thing though. Whatever the motivation, the effect is irrevocable. The damage cannot be undone. If there was no intent, there was at the very least gross misconduct. Gross negligence. And a complete and utter breach of trust.

    "it would be better to work constructively on educating people on better ways to do things than saying "Raspberry Spy""

    If the hobnailed boot fits, wear it.

    --
    If laughter is the best medicine, who are the best doctors?
  • (Score: 3, Informative) by Anonymous Coward on Tuesday March 09 2021, @01:48AM

    by Anonymous Coward on Tuesday March 09 2021, @01:48AM (#1121587)

    I don't think the Raspberry Pi intended to spy on anyone with this change

    No, the PI is not. But Microsoft is not to be trusted, ever, and this gives Microsoft a way to inject spyware at a later time whenever they want to.

    So the reaction is valid. This should never have gone into the PI OS, ever. And it should be removed just as fast as it was added.

  • (Score: 2, Informative) by Anonymous Coward on Tuesday March 09 2021, @02:58AM

    by Anonymous Coward on Tuesday March 09 2021, @02:58AM (#1121615)

    ...could be be more educational and constructive, at least in our titles and summaries here on Soylent news?

    The mere existence of Windows 10 and its associated spyware, compulsory upgrades, and deceptive conduct during the "free updates", combined with the merciless execution of Windows 7 (the version most people actually wanted) is enough that Microsoft's actions should be considered malicious by default. The Pi Foundation's conduct in the wake of this is telling as well.

    So, yes, it's a fiasco, both in terms of Microsoft's involvement, as well as the Pi Foundation's exceedingly poor and suspicious conduct surrounding the subject.