Agreed.

And what’s particularly galling about this is that it’s never made any sense to me. Are you telling me an Android app, on compromised hardware or otherwise, could send malformed data that would for instance deposit $1M into my bank account? That doesn’t sound like an issue of local security. An app is just a frontend, all validation would still be through the banking infrastructure.

Hey man, yeah, I get it. I worry a lot about sounding like a conspiracy theorist; a real Chicken Little.

But when I look internally and ask myself why I make these posts, why I conspire so much about unknown futures, I come to two most likely outcomes:

1. I’m trying to trick you into installing Linux for some reason. Selfishly I guess if there’s a larger userbase demanding support for things then I can expect better support for myself. Or I’m just trying to sound like a pompous smartass in front of internet strangers. But those are a little obtuse.
2. I see a bunch of people standing in what I perceive (possibly incorrectly, but nonetheless) a trap and I’m shouting, “Hey, get outta there now before it springs!” because I have general empathy towards other people.

Worst case I’m wrong and I look a fool. I really don’t have a problem with that. I know who I’d trust if the positions were switched 💯

Ya boy Richard Stallman agrees and has been saying this for years (although this article is more recentish), https://www.gnu.org/philosophy/can-you-trust.en.html

“Treacherous computing” is a more appropriate name, because the plan is designed to make sure your computer will systematically disobey you. In fact, it is designed to stop your computer from functioning as a general-purpose computer. Every operation may require explicit permission.

As of 2022, the TPM2, a new “Trusted Platform Module”, really does support remote attestation and can support DRM. The threat I warned about in 2002 has become terrifyingly real.

Actual, honest to god reasons to upgrade to Windows 11 are already vague and questionable. Your average user probably doesn’t even see any particular reason and only perceives the nuisance of it. But it’s hard to fully close your iron fist around a platform when TPM enablement is so sparse in the consumer space. So what better way to do it than a mandatory OS upgrade with it as a system requirement and assure all (or a vast majority of) systems align at once?

Of course there are ways for stubborn users to skirt those requirements, but that misses the primary point of Trusted Computing. While the OS may baseline function to some degree, there’s no telling what functionality may be crippled by not being in a trusted state.

I don’t know the future any better than anyone else, I’m just trying to read the winds at the moment. I suspect they may not try to pull the entire trap closed all at once and that Windows 11 may continue to more or less function as we’ve seen past iterations. But the pieces will be in place by then and it’s only a matter of time before some greedy exec gives the word …

The article focuses a lot on the security of the boot process, but there’s no reason the TPM can’t be used for DRM as well (as an example, https://ieeexplore.ieee.org/document/5283799). It’s correct when it points out the locked down nature of consoles and phones.

We could conceivably be in for a future where Windows refuses to run code that’s not validated even after the OS boots. Or where it sees pirated software on the system and refuses to function in some manner until the software is removed/corrected to its liking.

There are so many possibilities here and all of them are bad.

• Forced online accounts so Microsoft always knows when/where you login
• Stored encryption keys so Microsoft could theoretically provide access to any computer the government requests
• Telemetry already reporting god only knows what metrics about what and how you use your software
• Forced AI that literally watches everything you do on your screen storing it in a known location making for a valuable target and also potentially/likely being used to create more telemetry and insights into your habits
• Eventual full control over your hardware by enforcing “trusted platform” restrictions

It’s so fucking brazen I’m gobsmacked. As an elder Millennial, I get it, I can already hear most of you tallying in your head if having to care about your OS is gonna be the final straw . This is no longer a nerdy request to please use Linux, this is a five alarm fire. Add to all this how much Microsoft is in bed with the US government and potential issues with all that on the horizon and I really, truly believe it’s time to switch, for your own good.

Please. Even if you’re not going to run out and install Linux tomorrow, you need to start mentally preparing yourself for the inevitability of the task. Get yourself accustomed to the idea and when you’re ready to dip your toes in, just know how many resources are out there for you.

And to the Linux community out there, there are going to be a lot of newcomers who don’t have the technical skills to undertake this and enjoy/appreciate this in the same way as you do. Be kind to them, the need for us to support each other has never been greater. Please.

https://www.pling.com/p/2142966/

Maybe not all that close, but it’s the best I can think of right now.

I think it has the general old school vibe, maybe you could tweak the colors to be a bit brighter like your example?

My last job tracked it, because of course they did. They could tell how often we logged into the AI tools and how many queries we ran a week and if we didn’t hit a certain number, we were reprimanded.

It was a support job. They wanted us running customer tickets to train the AI, we were basically training our replacement. And it’s obvious to everyone, we’re not stupid, so morale was absolutely in the fucking gutter.

https://x-plus.store/products/n150-netbook

I picked one of these up after it got some buzz the other week. Still waiting for delivery, though, will report back once I’ve had some hands-on time with it! Probably just going to do Arch.

Except it’s Bob from Reboot instead of Jack Black.

100% agree and I would like to add on to it that it’s worth just posting information, too.

Did you run into a weird error with your Linux install and have a difficult, yet interesting time troubleshooting it? Post the solution! Even if it doesn’t directly address someone else’s problem, often finding pieces of an issue and correlating them with a bigger problem can help.

I don’t run a personal blog and downvotes mean literally nothing here, so have at it!

I went cold turkey on Reddit when they stopped API access and it was rough in the beginning, but I get ever so slightly hints of the old internet here on Lemmy. It’s raw, but it’s fresh and it’s ours. I love it.

This reminded me of the novel Boomsday by Christopher Buckley (same author that wrote the book Thank You for Smoking if you’re familiar) where Boomers are offered tax break incentives if they agree to kill themselves at age 75.

Except now Millennials are in the hot seat …

https://media4.giphy.com/media/v1.Y2lkPTc5MGI3NjExcWdkbDBhd2EzNW0yaWVjcG1laDRhYWw2dWt5eXppdTFjZGR1bm5ibiZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/hC2H9IdtXDlfotmF0B/giphy.gif

In addition to this, or rather before, you can run pacman -D --asdeps package_name to mark a package as a dep. If it is no longer required by something else it will be removed with the above. This can be useful for things that are deps that you installed manually at some point for some reason.

Oh, that’s some amazing info, thanks!

I had noticed this might be a problem when I was setting something up and tried to install a dependency that was already on the system. It informed me it was being set to explicit and I wondered if it might lead to a situation like that.

When I switched to Arch, I started a notebook in Obsidian with a bunch of different information in it, I have a section devoted to Maintenance. Here are a few things I’ve put in there:

Clean package cache with paccache: https://ostechnix.com/recommended-way-clean-package-cache-arch-linux/

Clean orphaned dependencies: sudo pacman -Rs $(pacman -Qtdq)

For yay, I’m unsure if I should be using -Yc, -Sc, or -Scc. If anyone has more info with that, I’d appreciate it.

For flatpak: flatpak uninstall --unused

And for journals: journalctl --vacuum-time 7days

That’s most of the “automatic” stuff, cruft that can be cleaned out with little to no consequence. Other than that, you’ll just have to manually review what you have on your system.

If anyone has other commands or comments on the ones I provided, I’d be happy to accept further advice here as well 😃

Yes, thank you, I think this is exactly what I’ve been feeling but unable to articulate properly.

I do feel there’s a great loss of knowledge in IT, but I’m also aware that I’m motivated by my own opinions and fear of job stability here. There are absolutely times when the cloud makes sense, and those arguments about capex v. opex nail it. I’d love to blame it entirely on greedy execs, but that upfront cost is hard to swallow for a new business, whether you’re planning on super/hyper scaling or not. Cohosting in a datacenter is a great option, but even then, most people simply won’t be willing to invest the time, as you put it.

I’ve had the luck of working for stable institutions like banks and biotech in the past where they built out their infrastructure for security and reliability properly and it was wonderful. I’ve also had the misfortune of working for hyperscaling startups with zero trust architecture built in Azure. It was a nightmare and I hated every day of it.

Like most things, the path forward is going to require a delicate balance, but there’s absolutely no fucking trusting Microsoft. When Europe says, “Hey, we’re getting nervous about your influence here” the response isn’t:

“In a time of geopolitical volatility, we are committed to providing digital stability. That is why today Microsoft is announcing five digital commitments to Europe. These start with an expansion of our cloud and AI infrastructure in Europe, aimed at enabling every country to fully use these technologies to strengthen their economic competitiveness. And they include a promise to uphold Europe’s digital resilience regardless of geopolitical and trade volatility.”

I mean, of course that’s what they’d say, but still. Fuck 'em.

Y’all, I gotta admit I’m really starting to feel old. I still do not fully believe that cloud hosting is the answer for everyone. For businesses of certain sizes, I think running your own stuff and maintaining that IT knowledge within your org is invaluable, but I’m just an IT gremlin who can’t properly articulate his thoughts.

Anyone more knowledgeable care to weigh in?

For those not in the know, “Trusted Computing” is a very specific THING and maybe not what you’d expect, https://en.wikipedia.org/wiki/Trusted_Computing

TC is controversial as the hardware is not only secured for its owner, but also against its owner, leading opponents of the technology like free software activist Richard Stallman to deride it as “treacherous computing”,[3][4] and certain scholarly articles to use scare quotes when referring to the technology.[5][6]

You can pretty much guess where I land.

a backup of your bitlocker key is in your Microsoft account, and normally nowhere else. It’s pretty easy for Microsoft to lock you out of your ow computer and data completely, if they wanted.

You make a good point, I’m missing the forest for the trees. Why even bother theorizing that BitLocker may be compromised when they’re removing local accounts for consumers and forcing the key to be uploaded to their servers anyway?

Yep! They don’t teach this stuff because consumer level cyber security is in the absolute pits of despair and moreover, they’re trying to do away with what little we have access to. Governments and police agencies like how easy it is to access files.

Personally I don’t bother with full disk encryption (FDE) since I don’t really have anything private on my main computer. Just a bunch of game files, comics, movies, etc. Anything extremely important such as tax documents, personal data, etc. is honestly very small and I keep in a little Proton Drive folder, <1GB total. I think the best approach is to simply educate yourself and be aware of what’s worth protecting and how best to protect that. Just enabling FDE and thinking you’re safe ignores all the other avenues that personal data can be stolen.

My current pet conspiracy theory is that FDE with BitLocker isn’t even worth it on Windows due to the TPM requirement. Why is that a bad thing? Your system probably has fTPM supported by the BIOS, why not just enable that?

https://techcommunity.microsoft.com/blog/windows-itpro-blog/tpm-2-0-–-a-necessity-for-a-secure-and-future-proof-windows-11/4339066

Integrating with features like Secure Boot and Windows Hello for Business, TPM 2.0 enhances security by ensuring that only verified software is executed and protecting confidential details.

https://ieeexplore.ieee.org/document/5283799 (I don’t believe we’ll see this EXACT implementation of DRM, I’m just providing an example of TPM being used for DRM and that these ideas have been in consideration since at least 2009).

Now, if I were Microsoft and I wanted to exert an excessive amount of control over your system by making sure you couldn’t run any inauthentic or “pirated” software to bring it more inline with the walled garden Apple approach they’ve been salivating over for the past decade+, you’d first need to ensure you had a good baseline enabled. You know, kind of like the thing you’d do by forcing everyone into an OS upgrade and trashing a lot of old hardware.

It won’t be instantaneous, I don’t know exactly how or what it’s going to look like when they start tightening their grip. Again, this is all speculation, but it’s not hard to connect the dots and their behavior over the past couple years does not give them the benefit of the doubt. Microsoft is no longer a company that can be assumed to be acting in the best interest of the average consumer, they’re not doing this for your security. They want to know that your computer is a “trusted platform”.

EDIT: Further lunatic conspiracy theories: BitLocker is/will be backdoored so Microsoft forcing you into that ecosystem further guarantees they have access to your system. This all stinks to me, like your landlord telling you how you can arrange the furniture in your own apartment.

Just used the default for one big partition. I used to do tedious partition configurations, but it always ended up biting me down the road more than helping. This drive is for the OS, games, and working files. I have a 16TB NAS that holds anything worth saving, so if I need to nuke the whole thing and do a reinstall, all I really end up doing is downloading a bunch of Steam games again.

I use Arch on all my systems now. It does great for gaming on both my beefy gaming PC and my little work laptop (within their respective punching weights). I haven’t felt the need to explore CachyOS or any other variants for performance gains and I really do appreciate how bare bones Arch is. Just having the lightweight OS that isn’t doing a darn thing beyond what I’ve asked it to claws back plenty of performance, although I’m speaking more in contrast to Windows than other distros having any sort of bloat.

Still, Arch has been the first distro I really committed to, I’ve been on it for a year and a half now and learning how to build it out taught me a lot about Linux.

Also, I’m just never sure how long some of this offshoot distros will hold on for, you know? Is that unfounded?

Second paragraph?

Tesla is just the latest to see the symbol of bearishness, which occurs when a company’s 50-day moving average crosses and drops below the 200-day average.

As an example,

https://assets.finbold.com/uploads/2024/06/What-is-a-death-cross--1024x631.jpg

As an American close to the tech industry, I’m often jealous of the GDPR. I understand it may not be perfect and often feels restrictive, but I think we’re seeing the results of unfettered “innovation” here in America right now and realizing that most of this “innovation” is not anything any of us ever wanted or needed and not nearly worth the price.

At some point in the past I noticed there is no longer an option to even opt-out of most emails. When purchasing something from a site, they’ll usually get my email as part of the ordering process and while I have searched and searched, most don’t make any indication for opting out. You’ll only notice days later when you’re getting spammed with promotions, sometimes daily.

As well, further restrictions must’ve been loosened because there are companies I’ve dealt with years ago that have begun emailing me promotions. Just the other week I got an email from a company that sounded vaguely familiar but I couldn’t recall. When I searched my inbox, I had bought a custom USB cable from them nearly 6 years ago.

Complete and utter lack of respect for consumer privacy. Disgusting. I hate it here.