I’ll walk before I ride in a Nazi truck.

Never change, Lemmy.

User Fault FD “UFFD” support for enhancing the write-watches performance.

I’m too stupid to know what any of this means, but it bothers me so much that the title doesn’t say what it is.

In the future, games will renders about nine pixels and it will all be upscaling.

Turns out the giant earth heater wasn’t the best business concept.

Things are getting so bad I fear for being labeled a troublemaker and sent to the gulag over declining.

As long as the user owns the TPM and has full control over it, I don’t see a problem. I paid for that hardware. I want to use it. There are already tools that can talk to it. It’s just not fully implemented and integrated into the system in a secure fashion. Indirectly, you kind of point out why there hasn’t been as much motivation to provide these features because they’re associated with the user giving up control, but it doesn’t have to be this way. The hardware can work for me if the support were there.

With the right support, it can even be combined with the password. This lets me enforce that the drive only unlocks in this machine, with this password, and only with the software that I set. That’s certainly more secure than how most distros do FDE today. It covers more use cases and enables a much stronger threat model.

One major obstacle is third party drivers, specifically Nvidia, that forces building and signing your own kernel modules. It can be done, but it’s certainly more complexity than distributing signed binary drivers from the distro. I think Ubuntu has preliminary support for TPM-backed FDE, but only if you aren’t using such drivers. It doesn’t work in combination.

I don’t want to sign my own modules. I want them to shipped signed, so the key isn’t expected to be on my machine. If I were doing kernel development work, I’d have disabled secure boot entirely anyway.

I would really like to see broad support for TPM-backed FDE, which also requires secure boot to work to implement this properly.

For me, this is essential to have for feature parity with Windows on laptop.

That looks really cool!

By design. They don’t respect the judicial system.

I wonder if there’s a technical argument to not doing this – it’s harder for attacks to potentially change the setting if it isn’t a setting.

Twitter speed run.

They’ll send you to the Gulag here even if you didn’t commit a crime.

Looks great to me! I would be proud of it.

That’s a shame. Building your own NAS it’s not that difficult and a valuable learning experience.

Giggity

You can want all sorts of things. Wanting doesn’t change the world.

🩴

With better infrastructure and fast charging that shouldn’t be a big deal. I mean, we don’t have that infrastructure today, but ideally the gargantuan battery mode isn’t where we stay in the extreme long-term.

It could make a great town car.