477·
13 小时前Only the US is allowed to backdoor every company globally! /s
- 80 Posts
- 1.09K Comments
Joined 2 年前
Cake day: 2023年9月29日
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Thing is, there are two different types of 5G. 5G NSA is using 5G, but on the same 4G network resulting in little to no speed change. And then there’s 5G SA, the one you actually want but probably isn’t deployed anywhere outside major cities if that.
32·1 天前And then they only deliver up to 720p because your device hasn’t been blessed by capitalism
From the first post in this chain
That said, I’ve always just enrolled my own keys. I know some other distros that make you enroll their keys as well like Bazzite. At least that way you don’t depend on Microsoft’s keys and shim or anything, clean proper secure boot straight into UKI.
I didn’t start talking about it, this was many comments above
1·2 天前Yep, you need a pin for your TPM to be safe. Here’s a proof of concept of someone unlocking Linux systems without TPM pin.
https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/
TPM + Pin with Secure Boot is still unbroken AFAIK
I don’t think you understand what “enrolling your own keys” means in the context of Secure Boot.
The key affected here is specifically for the Linux shim signed by Microsoft. It is used by GRUB and some distros to work with Secure Boot.
Enrolling your own key means you add a new certificate to the key store. This is completely separate from the one provided by Microsoft and controlled only by you. The common recommendation is to remove all built-in keys and only add your own, to make this system as secure as possible.
I’d wait a bit more. As the article says, Canonical recently also upped the RISC-V requirements for their 26.04 LTS and this SBC doesn’t meet those.
13·5 天前I agree that having more degrees of usage would be useful, but erring on the side of caution and declaring any AI use as a first step is better than doing nothing.
Is there a list of certified manufacturers/devices somewhere?
I couldn’t find anything on the page for the certification, only steps to contact them.
I don’t think Microsoft cares
A few years ago Windows invented a new sleep state, s0ix, instead of the previous s3 state. This makes a laptop behave more like a phone, able to wake up when it receives new data.
Unfortunately this is usually implemented badly and also causing the removal or neglect of previously reliable s3 sleep.
1·7 天前That was the term, thanks
Your root disk is usually mounted at Z: so any ransomware could just encrypt that
Note sure what they’re called, but plenty of houses here have metal blinds on the outside that work perfectly for blocking the sun.
Idk, you seem kinda gullible