• 3 Posts
  • 1.23K Comments
Joined 1 year ago
cake
Cake day: July 29th, 2023

help-circle



  • ITT: Braindeads defending government censorship of the internet as if Zuckerberg won’t immediately replace the void with his own platform or by buying out TikTok in a bid.

    Banning one platform would not magically get rid of short attention span and brainrot you fools. Every social media company already copied or utilizes the same techniques as TikTok, which is already a massive platform because they don’t spam ban or regulate content as hard as Facebook and YouTube do.

    It is insulting that a Chinese run social media platform provides more freedom of speech online than its US competitors.

    They’re banning it to remove competition, congress does not care about its effects on privacy or health, otherwise they’d have done something about Faceebook, Insta, Twiiter, and YouTube decades ago. They pulled their usual committee shenanigans to pretend to care by calling in CEOs to testify, and then promptly accepting a shitload of lobbying money.



  • Meme mentions CISA and FBI but everyone knows NSA already has a master list of vulns that they juggle deciding if they’re worth disclosing or better off keeping for themselves lol.

    They sat on Eternal Blue for allegedly a decade. Any APT has plenty of time and money to spend attacking America’s public infara when they don’t even bother to cover the bargain basement stuff like the insanity that is Microsoft AD.

    I wonder if China is any better with their hefty surveillance and firewall though. I wouldn’t be completely surpised if some of their public infara is also exposed for the same reasons.


  • mlg@lemmy.worldtomemes@lemmy.worldBanish her again
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    2
    ·
    1 day ago

    I did a fresh install of windows 11 and I opened edge the first time only to crash after a second because it couldn’t handle the fact that I wasn’t signed into a Microsoft account.

    It crashed immediately every successive attempt to open it.

    After the 15th try (mostly for my own amusement) I downloaded Firefox from the windows store so that there’d be a functional browser in the VM I had just set up for someone to use to run essentially the last scamware app he still needs for hopefully not much longer (cough intuit cough)


  • mlg@lemmy.worldtolinuxmemes@lemmy.worldVim go brr
    link
    fedilink
    English
    arrow-up
    16
    ·
    1 day ago

    Unix devs: “Let’s make everything a file in our OS so that it’s easy to use and develop”

    Windows devs (clearly on crack): “Let’s store random critical shit in a crappy database registry thing and retain literally all the drawbacks of DOS on our new NT system”





  • The TPM is not a dedicated cryptographic processor, it’s an external keystore with a few select functions. You’re thinking of an HSM which is used almost exclusively in servers that have to handle thousands of secrets per second.

    CPUs have had dedicated AES hardware for decades which is why LUKS and Bitlocler use it by default.

    The TPM just allows certain keys and secrets to be generated and stored physically separate from the CPU as a security measure.

    Bitlocker and LUKS will store a master key in the TPM so that you don’t have to enter a password every time you boot. They retrieve it from the TPM and then use it to unlock the actual encryption key which is done entirely in the CPU. If the TPM detects foul play such as secure boot alteration, it will refuse to give the key or clear itself.

    Using the TPM for constant encryption like at rest disk encryption would be way too slow.

    It’s so so small that most modern TPMs have been integrated into the CPU or even simulated via the motherboard firmware (fTPM and PTT).


  • I still fail to see how windows 11 was anything but a collusion scam to sell new hardware.

    None of the changes including TPM requirements required a new iteration. Nothing about the underlying NT dropped any of the old and antiquated BS despite Microsoft hiring some morons to advertise the fact on reddit to all the insiders asking questions.

    They even let the media pick up a fake report that Windows 11 was related to the Core OS and a brand new kernel was in the works.

    If Microsoft wanted a marketing strategy, they could have properly started naming feature updates and adverising them similar to Apple.

    8, 10, and 11 have also been a pain on enterprise because Microsoft axed their QA team. I seriously hope any new firms start considering linux desktop as a valid option. All they really need is a vendor to offer a solid distro along with an agreement to rapidly create/deploy any software solution so they don’t get scared looking at the cheap entry windows stuff.







  • And now we sit back and watch everyone in this thread who shat on 3rd party for “wasting votes” throwing around stupid takes like:

    • Erm RCV will prevent this from being viable, we should just try to fix the Democrat party instead
    • Working class people don’t have the time and money to make a grassroots movement. Clearly we need PAC money to win because that worked so well for Kamala and Clinton
    • PAC money is superior to actual constituents and voters
    • 4 years isn’t enough for a new party to work, we need to vote Democrat first to kick the Republicans out before we do anything else
    • 3rd party would only affect the Democrats and split them up

  • The Fedora doc on this is a bit old but it’s still mostly the same:

    Secure boot activates a lock-down mode in the Linux kernel which disables various features kernel functionality:

    • Loading kernel modules that are not signed by a trusted key.
    • Using kexec to load an unsigned kernel image.
    • Hibernation and resume from hibernation.
    • User-space access to physical memory and I/O ports.
    • Module parameters that allow setting memory and I/O port addresses.
    • Writing to MSRs through /dev/cpu/*/msr.
    • Use of custom ACPI methods and tables.

    The implementation of secure boot is still questionable to this day, but it is understandable that it doesn’t always play nice with Linux. I do believe you can use hibernate now as long as you have an encrypted swap (LUKS).

    I can definitely see the pain if you happen to be a kernel dev or use linux on any SBC with IO ports you want to mess with in userspace and not make en entire overkill kernel module for.