That's why I focused on platform security. You can't fully eliminate the possibility, but you can make it as hard as possible to pull off. TPM+dm-verity is to make it hard for the user to even look at how it works and prevent filesystem modifications that would give them root access to intercept the key loading mechanism.

The part where the laptop continuously check and refreshes the key is to address the second part about just turning off WiFi: make it so if you do that, you have N hours to break the system open before it reboots itself and you've lost access to the key for good. This can also depend on hardware-backed checks like TPM measurements and signature, to make sure the data key is only handed over to the expected environment.

It's the same fundamental principles as Android and Play Integrity: use the security processor to attest the state of the device before the server agrees to send you stuff over. It's been worked around via leaked keys mostly because Google is lenient for older devices, but the actual secure enclave hasn't been broken yet.

The point is for the security to hold long enough the key's gone before they can get it, and without the key the laptop is effectively wiped. That's plenty for the overwhelming majority of "employee got fired and is pissed off and wants to retaliate", and the best that can be done without going remote desktop/VDI.

You'll first want to lock down the laptop with using the TPM so it only boots kernels signed by you, and also encrypt the drive using the TPM as the locking key so the key is only ever available to a kernel you signed. From there you'll probably want to use dm-verity to also verify the integrity of the system or at least during the boot process.

Then, on top of that, once online and the machine is still authorized to access that data, you download a key from a server under your control to unlock the rest of the drive (as another partition). And log those accesses of course.

Then, when you want to revoke access to it, all you have to do is stop replying with the key whenever requested. That just puts a ton of hurdles to overcome to access the data once the server stops handing the key. They would have to pry out the key from the TPM to unlock the first stage and even be able to see how it works and how to potentially obtain the key. They could still manage to copy the data out while the system is fully unlocked and still trusted, which you can make a lot harder by preventing access to external drives or network shares. But they have physical access so they kind of have the last word if they really really really want to exfiltrate data.

This is the best you can do because it's a passive: you stop supplying the unlock key so it's stuck locked encrypted with no key, so the best they can do is format the laptop and sell it or use it for themselves. Any sort of active command system can be pretty easy to counter: just don't get it online if you suspect the kill signal is coming, and it will never come, and therefore never get wiped. You want that system to be wiped by default unless your server decides it's not.

Same for KDE https://apps.kde.org/fr/kjournaldbrowser/

Soon: when you pause a video, it starts playing a video ad with audio, to make sure no silence time gets wasted from your speakers.

Epic is anti-consumer and also anti-Linux, they don't make any effort to support other platforms, the app is shit.

Meanwhile, Steam is

• Actively working with the FOSS community to help preserve old games
  • Kernel improvements for better graphics performance
  • Lots of VR and HDR work
  • Many contributions to the open-source AMD drivers
• Has been supporting Linux gaming for a decade with no signs of backing down
• They have a portable Linux gaming console experience, and it's intentionally left wide open for users to mess with
  • They've taken several community features and built them into the OS
• Their DRM is weak and unintrusive
• Their anticheat is ununtrusive
• The sales are pretty good
• They have tons of features for users:
  • Family sharing
  • Remote Play Together
  • Remote Play
  • Streaming
  • Community forums for every game
  • Mod workshop
  • Matchmaking
  • Steam Chat / Voice Chat / Streaming

The only appealing thing for EGS is, EGS takes a lower cut from the developers who just pockets it and doesn't even result in lower prices for users. As a Linux user, praise our Lord GabeN for all the good Valve has done for gamers. Even for the developers, most are quite happy with the services they get back from that 30% cut.

I'd say the dislike is mainly that for the users, EGS doesn't bring in anything new or interesting or useful that Steam didn't already do well, and goes directly against a lot of the good Steam has been doing. It's just a store that makes big developers slightly more happy.

Less and less about OpenAI is actually... open at all.

Isn't he the same person who calls adblocking piracy?

He's also got a generally nuanced opinion of piracy, in that it's justifiable in some situations. If you call it piracy and you're okay with piracy then it's not really a contradiction.

Being willing to talk about it despite working against your interests isn't always bad depending on context.

Phones don't brick with installing a ROM wrong just the same PCs don't brick when you fail to install an OS correctly on it. It just doesn't have a bootable OS on it.

Most phones have a download mode / fastboot which does exactly what you're asking for. You can pretty much always reflash a valid OS with fastboot.

BIOS on PCs is used for compatibility because most hardware manufacturers want to be compatible with existing operating systems. ARM does support UEFI.

Phones just don't have UEFI, because 99.999% of the time it will run only one operating system: the manufacturer's flavor of Android. Skipping an UEFI makes it boot faster because it can load directly into the Linux kernel which will initialize the hardware and already knows the precise hardware it's expecting to be present through its device tree. Chromebooks do that on x86 as well: they skip the firmware part and boot into Linux as early as possible, because it boots faster and it's a ton of code you don't need when you can just let Linux deal with it. Both are purpose built to run Linux, there's no point wasting time with a whole firmware interface nobody should ever need. Fastboot is a perfectly fine low-level bootloader interface that lets you flash ROMs just fine.

Basically, the SUID bit makes a program get the permissions of the owner when executed. If you set /bin/bash as SUID, suddenly every bash shell would be a root shell, kind of. Processes on Linux have a real user ID, an effective user ID, and also a saved user ID that can be used to temporarily drop privileges and gain them back again later.

So tools like sudo and doas use this mechanism to temporarily become root, then run checks to make sure you're allowed to use sudo, then run your command. But that process is still in your user's session and process group, and you're still its real user ID. If anything goes wrong between sudo being root and checking permissions, that can lead to a root shell when you weren't supposed to, and you have a root exploit. Sudo is entirely responsible for cleaning the environment before launching the child process so that it's safe.

Run0/systemd-run acts more like an API client. The client, running as your user, asks systemd to create a process and give you its inputs and outputs, which then creates it on your behalf on a clean process tree completely separate from your user session's process tree and group. The client never ever gets permissions, never has to check for the permissions, it's systemd that does over D-Bus through PolKit which are both isolated and unprivileged services. So there's no dangerous code running anywhere to exploit to gain privileges. And it makes run0 very non-special and boring in the process, it really does practically nothing. Want to make your own in Python? You can, safely and quite easily. Any app can easily integrate sudo functionnality fairly safely, and it'll even trigger the DE's elevated permission prompt, which is a separate process so you can grant sudo access to an app without it being able to know about your password.

Run0 takes care of interpreting what you want to do, D-Bus passes the message around, PolKit adds its stamp of approval to it, systemd takes care of spawning of the process and only the spawning of the process. Every bit does its job in isolation from the others so it's hard to exploit.

Seen similar stuff on TikTok.

That's the big problem with ad marketplaces and automation, the ads are rarely vetted by a human, you can just give them money, upload your ad and they'll happily display it. They rely entirely on users to report them which most people don't do because they're ads and they wont take it down unless it's really bad.

Throwing that kind of stuff at an LLM just doesn't make sense.

People need to understand that LLMs are not smart, they're just really fancy autocompletion. I hate that we call those "AI", there's no intelligence whatsoever in those still. It's machine learning. All it knows is what humans said in its training dataset which is a lot of news, wikipedia and social media. And most of what's available is world war and cold war data.

It's not producing millitary strategies, it's predicting what our world leaders are likely to say and do and what your newspapers would be saying in the provided scenario, most likely heavily based on world war and cold war rethoric. And that, it's quite unfortunately pretty good at it since we seem hell bent on repeating history lately. But the model, it's got zero clues what a military strategy is. All it knows is that a lot of people think nuking the enemy is an easy way towards peace.

Stop using LLMs wrong. They're amazing but they're not fucking magic

The ads come from an ad network where there is very little visibility into what's going to be displayed in your app. And bad people also keep managing to get their ads published even though the ad network doesn't allow them

And it all ties into the whole targeted advertising, where they also make sure very few people get the bad ad, and tries to target people they think may be more susceptible to these kinds of tactics. Depending on the amount of interactivity allowed, the ad can even display two different things if it deems you too savvy to fall for it.

It's basically unescapable unless you only use apps without ads, or pay for the ad-free versions.

The whole advertising industry is sketchy, more news at 10.