@Bitrot@lemmy.sdf.org
@Bitrot@lemmy.sdf.org avatar

Bitrot

@Bitrot@lemmy.sdf.org

This profile is from a federated server and may be incomplete. Browse more on the original instance.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

iirc this is a plot point in the book “Fall; or, Dodge in Hell” by Neal Stephenson (sequel to Reamde). At some point the virtual world slows to a crawl so much that people outside of it cannot really track what is going on but it’s transparent to those inside the world. I might be misremembering exactly how it was implemented.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

Bookwyrm was missing a lot of books, and I couldn’t quickly figure out a way to add them. I am pretty invested in Storygraph already so it wasn’t a big priority to figure it out.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

The TPM holds the LUKS key.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

That is the tradeoff if one desires TPM-backed encryption. It really depends on the threat model.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

Yes, and we are responding to someone asking about using it with the TPM.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

Nobody thinks it needs to be involved. They want it involved so the drive is automatically unlocked at boot, but inaccessible if someone removes it from the machine to try and bypass login (and in the future, if someone tries tampering). Especially useful in machines you want useable without being physically present.

It’s not cajoling anything, it’s a built in feature you configure, although Ubuntu currently goes out of their way to remove the support from some tools.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

It’s not a new feature, it’s convenient and also has use cases outside of convenience (it’s also generally going to make stronger keys than any passphrase). Here is one way that has existed for years, except Ubuntu specifically patches it out: www.freedesktop.org/…/systemd-cryptenroll.html

It’s not a lot of work, it’s one command and a one word update in the crypttab.

Secure boot is generally a requirement to use the TPM.

Bitrot, (edited )
@Bitrot@lemmy.sdf.org avatar

Leaving keys accessible from any live distro. Keys in the TPM are not.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

You didn’t even know what it was how exactly do you know how much work it is to implement? Its about to be built into the Ubuntu installer.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

You didn’t know you could use it 30 minutes ago. It seems like you don’t know how it’s set up, what protection it does or does not offer, what the use cases might be, nor where any vulnerabilities may be. I’m wondering why you remain actively involved in the conversation with an opinion rather than sitting back and learning something new.

It offers convenience of not putting in an encryption passphrase at every boot, with reasonable security against a lost or stolen machine that nobody can just boot up a live usb and access the data. Its end-user behavior is like every other consumer operating system.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

They correctly point out elsewhere that you could just store the unlock on an unencrypted portion of drive itself.

Yes, I know.

Bitrot, (edited )
@Bitrot@lemmy.sdf.org avatar

It does protect against physical attacks. PCRs are used to tie keys to specific hardware and software configurations and versions, boot paths, kernel command line arguments, etc and will lock out if changed. One of the reasons Ubuntu waited so long for official support was to set up the infrastructure for unified kernels and signing, the kernel and initrd are unified and signed and verified before it will unlock to protect against sophisticated attacks that most people will never encounter. For most people worried about theft, having it lock out when the boot order is changed would be enough. And when running, brute forcing the login process is slow and can be made even more painful with lockouts.

The TPM functions very differently than putting keys on a permanently attached usb drive.

Bitrot, (edited )
@Bitrot@lemmy.sdf.org avatar

It does not. Flatpak uses the full platforms, the native package manager will install the individual libraries that are needed. This is technically a flathub thing and could be implemented more granularly, but I don’t think that is going to happen.

I’ve started getting warnings about deprecated platforms but flathub is very slow to update the packages that use them (even with reports), which is unfortunate too and not something I’ve encountered in my distro repository.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

That’s one of the largest downsides imo. People have had their libraries converted and suddenly they don’t have their owned music anymore.

Bitrot, (edited )
@Bitrot@lemmy.sdf.org avatar

I think most people that traditionally used iTunes didn’t keep other copies somewhere else, since it was meant to be the music manager for all music, so if it screws up their library they lose their files.

The uploading and syncing local files was (is) already a feature of iTunes Match. Apple Music just expands it to allow it for music they don’t own, however people have had it take their files and relabel them as Apple Music files and then lock them out if they cancel their subscription.

The downside is combining my local music management with their streaming service, I’d rather they were entirely separate with the option of playing local files, as Spotify does. The option to upload files would be fine.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

Tune My Music is legit. It is what Deezer uses if you transfer. I think if you do it through Deezer it’s even free: www.deezer.com/explore/…/transfer-playlist/

Bitrot,
@Bitrot@lemmy.sdf.org avatar

Broke the law. I think it’s more interesting that in general you also did not commit a crime (unless you were speeding ridiculously fast).

brandonleedy, to firefox
@brandonleedy@mastodon.social avatar

Okay hear me out. What if we all chipped in 5 bucks to @firefox? How many people would it take to fund it well enough so they don’t have to do layoffs? I get it, the FOSS community wants the “F” part but we all should contribute some for good infrastructure. And the idea that search engine payments from Google is what keeps Firefox afloat should worry us all. We need browser engine diversity if the web is going to stay open and not littered with walled gardens any more than it already is.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

That isn’t for Firefox development though, that is for the Foundation and their advocacy work. The Mozilla Corporation builds Firefox and last I checked they do not take donations (unlike MZLA Technologies that builds Thunderbird, which is also a for-profit but still rakes non-tax-deductible donations). The Corporation is the one doing layoffs.

Bitrot, (edited )
@Bitrot@lemmy.sdf.org avatar

The Mozilla Corporation is not a non-profit. This confusion is why articles talking about what “Mozilla” is doing are also doing a disservice unless they are specific. The Foundation is not doing layoffs, and the interim CEO at the Corporation came from Airbnb after eBay, PayPal, and Skype. She isn’t working for $400k.

The previous CEO made $6,903,089 in 2022, they are employee number 8 on the 990.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

The Mozilla Corporation does not take donations for Firefox development.

Bitrot, (edited )
@Bitrot@lemmy.sdf.org avatar

I don’t think most of the legal restrictions apply at all, actually, as long as the entities are kept sufficiently separated. That’s one of the reasons non-profits use a for-profit subsidiary that pays taxes for its income. I’m not sure if they have to report the CEO salary on the 990, except the previous CEO was also a staff member of the Foundation (no other corporate executives are listed, despite likely being competitively compensated).

I have no problem with how it is set up, but to say the executive was making $400k is incorrect, as he has nothing to do with Firefox. The entity that is doing layoffs pays its executives millions.

I do wish they made the distinction more obvious though. I see a lot of criticism for advocacy things the Foundation does “distracting from Firefox” when it is not the case.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

It’s a win for Apple, but isn’t it also sort of a loss because they’re not popular enough to count?

Bitrot,
@Bitrot@lemmy.sdf.org avatar

If you lived through 3.0 nothing feels glacial.

Bitrot,
@Bitrot@lemmy.sdf.org avatar

I noticed she singles out everything except parents.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • bokunoheroacademia
  • everett
  • DreamBathrooms
  • cisconetworking
  • rosin
  • magazineikmin
  • Youngstown
  • tacticalgear
  • slotface
  • osvaldo12
  • mdbf
  • kavyap
  • khanakhh
  • thenastyranch
  • Leos
  • rhentai
  • InstantRegret
  • modclub
  • ethstaker
  • tester
  • lostlight
  • cubers
  • Durango
  • GTA5RPClips
  • normalnudes
  • relationshipadvice
  • HellsKitchen
  • sketchdaily
  • All magazines