Readit News logoReadit News
65a commented on I Ported Coreboot to the ThinkPad X270   dork.dev/posts/2026-02-20... · Posted by u/todsacerdoti
BobbyTables2 · 20 days ago
How did OP debug this without a serial port?

I’ve messed around with porting coreboot on two desktop platforms but always had the benefit of a HW serial port…

65a · 20 days ago
You can sometimes find the serial lines if you are careful. Otherwise you can use the flashrom to store the output, and read it back out after each failure. It is much easier to just poke around and find the serial if you can, either from schematics (it seems the author has these) or by hand with a lot of patience or board scrying.
65a commented on I Ported Coreboot to the ThinkPad X270   dork.dev/posts/2026-02-20... · Posted by u/todsacerdoti
amiga-workbench · 20 days ago
I wonder if this can help with the extremely irritating bug (intentional?) on the X270 where if you give it a third party 9-cell battery, it will raise CPU_PROCHOT all the damn time, and my processor would drop to below 1Ghz clock speeds.

Back when I used to have an X270 I had a shell script that ran on boot which poked a register to disable thermal throttling handling. Not at all ideal, but it made the machine usable in the absence of official Lenovo batteries which they stopped manufacturing pretty damn quickly.

65a · 20 days ago
Possibly. Usually this is handled by the embedded controller, and not sure if that was reversed or not. You may be able to tristate the GPIO line that tells the CPU that a pin means PROCHOT, which would allow you to ignore the ECs attempts to do this.
65a commented on Gpg.fail   gpg.fail... · Posted by u/todsacerdoti
kaoD · 3 months ago
This is not the first time I see "secure key distribution" mentioned in HN+(GPG alternatives) context and I'm a bit puzzled.

What do you mean? Web of Trust? Keyservers? A combination of both? Under what use case?

65a · 3 months ago
In a signature context, you probably want someone else to know that "you" signed it (I can think of other cases, but that's the usual one). The way to do that requires them to know that the key which signed the data belongs to you. My only point is that this is actually the hard part, which any "replacement" crypto system needs to solve for, and that solving that is hard (none of the methods are particularly good).
65a commented on Gpg.fail   gpg.fail... · Posted by u/todsacerdoti
akerl_ · 3 months ago
It's not like GPG solves for secure key distribution. GPG keyservers are a mess, and you can't trust their contents anyways unless you have an out of band way to validate the public key. Basically nobody is using web-of-trust for this in the way that GPG envisioned.

This is why basically every modern usage of GPG either doesn't rely on key distribution (because you already know what key you want to trust via a pre-established channel) or devolves to the other party serving up their pubkey over HTTPS on their website.

65a · 3 months ago
Yes, not saying that web of trust ever worked. "Pre-established channel" are the other mechanisms I mentioned, like a central authority (https) or TOFU (just trust the first key you get). All of these have some issues, that any alternative must also solve for.
65a commented on Gpg.fail   gpg.fail... · Posted by u/todsacerdoti
oefrha · 3 months ago
Okay, since there’s so much stuff to digest here and apparently there are issues designated as wontfix by GnuPG maintainers, can someone more in the loop tell us whether using gpg signatures on git commits/tags is vulnerable? And is there any better alternative going forward? Like is signing with SSH keys considered more secure now? I certainly want to get rid of gpg from my life if I can, but I also need to make sure commits/tags bearing my name actually come from me.
65a · 3 months ago
> I certainly want to get rid of gpg from my life if I can

I see this sentiment a lot, but you later hint at the problem. Any "replacement" needs to solve for secure key distribution. Signing isn't hard, you can use a lot of different things other than gpg to sign something with a key securely. If that part of gpg is broken, it's a bug, it can/should be fixed.

The real challenge is distributing the key so someone else can verify the signature, and almost every way to do that is fundamentally flawed, introduces a risk of operational errors or is annoying (web of trust, trust on first use, central authority, in-person, etc). I'm not convinced the right answer here is "invent a new one and the ecosystem around it".

Deleted Comment

65a commented on Sam Altman’s DRAM Deal   mooreslawisdead.com/post/... · Posted by u/pabs3
embedding-shape · 3 months ago
I have a nice little house in Spain, I'm willing to trade it for 128GB of RDIMM DDR5.
65a · 3 months ago
4800MHz single rank ok?
65a commented on System 7 natively boots on the Mac mini G4   macos9lives.com/smforum/i... · Posted by u/ibobev
fredoralive · 4 months ago
AFAIK most StarMax systems that were released (a prototype exists of a CHRP StarMax model) are based on the Tanzania / LPX-40 design, which is mostly a traditional PCI PowerMac[1], albeit with oddities like support for PC style floppy drives. PS/2 is handled by the CudaLite microcontroller which presents it to the OS as ADB devices for example. I've not heard of a version with ISA slots, although I assume you could just have a PCI to ISA bridge chip, even if MacOS presumably wouldn't do anything with it.

[1] https://cdn.preterhuman.net/texts/computing/apple_hardware_d...

65a · 4 months ago
Right, I think those were the closest we got to the CHRP standard, as they moved the platform toward PC-style floppies, PS/2, ATX PSU and even more generic "platform" stuff than most clones. I'm fairly sure I had an ISA slot, I do remember trying to get a bargain bin NE2K card working in mine under linux (it didn't work). Definitely did nothing under OS 8/9.

The powercity models were interesting, because they came out after Apple revoked Motorola's clone license. A German company, ComJet, bought up the boards and sold unlicensed clones cheap. Case was slightly different, but otherwise they corresponded to StarMax models (fairly certain they were identical but may have been last revision boards).

65a commented on Airbus A320 – intense solar radiation may corrupt data critical for flight   airbus.com/en/newsroom/pr... · Posted by u/pyrophoenix
65a · 4 months ago
There's a great postmortem here about what might have been a similar SEU (single event upset--bitflip) here: https://www.atsb.gov.au/sites/default/files/media/3532398/ao...
65a commented on System 7 natively boots on the Mac mini G4   macos9lives.com/smforum/i... · Posted by u/ibobev
65a · 4 months ago
StarMax series (and the 4400) seemed to be about as close to CHRP as we got. My off-brand StarMax clone (PowerCity) had a PS/2 and an ISA port. Ran BeOS well, and had a quirk that I could hear a tight loop on the speaker.
6

u/65a

KarmaCake day377January 3, 2013View Original