> Electric cars are supposed to be simple. Give me something in a shape of a Civic, with the engine replaced with a motor and a battery good for 150 miles, and sell it for $10-12k new. Don't even need an entertainment cluster, give me a place to put a tablet or a phone and just have a bluetooth speaker.
I think this is more or less the pitch behind Slate (https://www.slate.auto/en), though it's more of a truck/SUV form factor.
I'm still bitter that they never refunded me for my canceled pre-order, despite promising to at the time. It's been years and I never got any money back (or a phone, for that matter). I consider Purism to be an untrustworthy business as a result.
I've actually heard people argue against having lights on signage for this exact reason: people shouldn't be reliant on lights that may or may not work to modulate their behavior when driving. They had been referring mainly to pedestrian crossing signs, but I think it applies here too. I generally treat any school speed limit sign as in effect if it's before nightfall as a rule of thumb.
As a Schrödinger-like property, it may vary by observer and not be publicly documented.. One could start with a commercial product that ships with coreboot, then try to find identical hardware from an upstream ODM. A search for "bootguard" or "coreboot" on servethehome forums, odroid/hardkernel forums, phoronix or even HN, may be helpful.
Headline is a little misleading imo -- the vulnerability isn't in Notepad++ itself as much as its installer. Current users, I imagine, don't have anything to worry about.
Unless the updater also runs the installer, then you just drop your malicious dll in the right place and wait for an update, or find a way to force-trigger an update.
Attackers can also use the notepad installer as a payload execution mechanism. To run your malware, just get older notepad++ installers and drop your dll after the installer is running to run it as SYSTEM.
For a non-admin user to get admin or system, that's a proper CVE. For an admin user behind uac though, uac bypasses aren't considered bypassing of a security boundary so no CVE there.
I did this recently and found out Comcast considers some security feature that runs only on their hardware to be part of the bundle they sold us.
So, bringing your own modem gets rid of the rental fee, but requires moving to a different plan without the security feature bundled. This is of course more expensive, almost entirely negating the savings of bringing your own network equipment (I think our net savings is $5/month, which means its going to be a couple years to pay back the modem cost).
If you're on a cheaper lower speed subscription, you can often find compatible modems at thrift stores for a couple dollars. People upgrade to faster tiers and unload their old perfectly serviceable equipment good for a couple hundred megabits - fine for most needs.
> I am not making things up when I say that the very first question I had about how to use this module, either is not answered, or I couldn't find the answer. That question was "what regular expression syntax is supported?". This is such a fundamental question, yet there is no answer provided.
> I hate things in "if you know then you know" category. This is one of them.
> Documentation? Reading a manual for an unknown thing?
Well. Yes? Maybe I'm assuming too much, but I feel like the target audience here (terminal emulator 'enthusiasts') either know about this already or are totally willing to go over to the manual to read what it is. The very first section upon opening the documentation explains it succinctly: Ghostty is a fast, feature-rich, and cross-platform terminal emulator that uses platform-native UI and GPU acceleration.
I think this is more or less the pitch behind Slate (https://www.slate.auto/en), though it's more of a truck/SUV form factor.