most of those drinks are specifically designed with the ice in mind
Citation Needed
most of those drinks are specifically designed with the ice in mind
Citation Needed
I use it for providing a text summary of YouTube videos that I can parse quickly. Because everything has to be a gorram video these days.
This almost describes mine and my wife’s experience to a tee.
I feel bad for anyone trying to date online in this enshittified world today.
Yeah I was terrified of the headline at first, but after reading the article came to the same basic conclusion as you.
At first I thought they were going to find a way to trade our 401(k)s without our consent like the mortgage-backed securities from pre-2008.
You can order it dipped, wet, or dry. Wet is the traditional so it usually just has one or two ladles of juice poured over it. Dipped is when they dunk the whole thing. But the bread is high quality so it can usually take it. I prefer wet myself (hehe).
Probably the 9950x3d. And we’ve known for a while now that the cache would only be on one CCD.
Yeah you really need a password or TPM PIN protector to protect from cold boot attacks if that is in your threat model.
Bitlocker is extra vulberable because it stores the key in the TPM and requires no password to boot. An attacker can extract the key even if the computer is off when they get it.
This is not true.
You would additionally need to bypass Secure Boot with a separate exploit such as the one in this article (which is mitigated by disabling USB boot) or LogoFAIL to put the TPM PCRs in a state where the keys can be released.
LUKS2 is no different here as either can be TPM-only or require a separate PIN.
Linux on enterprise user endpoints is an insane proposition for most organizations.
You clearly have no experience managing thousands of endpoints securely.
You guys are finishing games?
An SSO-like payment system with tracking and revocation is a great idea and would be amazing for us consumers. I’m just not holding my breath waiting for the corpos to implement it.
While nowhere near perfect (far from it, really), as long as the sites you are shopping on are PCI-compliant (most should be), you don’t have to worry too much about a compromised site leaking your payment details for use elsewhere.
Basically just use a password manager and don’t worry about saving credit card (NOT debit card) details in the site as long as they aren’t extra-sketchy.
Same here. Sometimes the same/next day shipping can help in an emergency, but otherwise it’s local if possible, or direct from the vendor if not.
Amazon’s shipping has declined and everyone else’s has caught up to the point it’s not much of a difference anymore.
Looks like they found someone.
I disagree. You should not immediately go and replace the OS as soon as you get it.
Most modifications to the root filesystem persist through updates just fine. You simply need to add the relevant exclusions for your customizations. See the Development and Modding section here.
I have a significant amount of modifications to Steam OS, including an encrypted home partition (while excluding the steamapps subdirectory via bind mount) protected by TPM.
The only time an update breaks anything is if the kernel or initramfs updates, requiring me to re-enter the LUKS password and reenroll a new TPM protector. And this is only because they don’t support Secure Boot, so my PCR selection is limited. And I was on the Beta update channel for a while updating almost weekly without issue.
No, it’s amazing. Especially on the Steam Deck.
It doesn’t sound like he can do that without giving up his ownership stake in his company. Or is that what you are suggesting?
This is like the epitome of the XY Problem.
If you’re willing to wait 2 weeks for shipping (with an added shipping cost of $0.40) you can just order that stuff directly from Aliexpress and cut out the middle man.
Microsoft uses TPM PCRs 7+11 for BitLocker which is more secure than the Linux implementations mentioned in the article.
PCR 7 is the Secure Boot measurement which means it can’t be unlocked unless every signed boot component has not been tampered with up to the point of unlock by the EFI bootloader. PCR 11 is simply flipped from a 0 to a 1 by the bootloader to protect the keys from being extracted in user land from an already booted system.
The article is correct that most Linux implementations blindly following these kinds of “guides” are not secure. Without additional PCRs, specifically 8 and 9 measuring the grub commands (no single-user bypass) and initrd (which is usually on an unencrypted partition), it is trivial to bypass. But the downside of using these additional PCRs is that you need to manually unlock with a LUKS2 password and reseal the keys in TPM whenever the kernel and or initrd updates.
Of course to be really secure, you want to require a PIN in addition to TPM to unlock the disk under any OS. But Microsoft’s TPM-only implementation is fairly secure with only a few advanced vulnerabilities such as LogoFAIL and cold boot attacks.