Especially given how easy it is to bypass Bitlocker anyway: https://youtu.be/Cc6vrQSVMII

The solution there isn’t to give your data to another country, it’s to take control of your data.

Buy an old machine, slap NextCloud on it, done.

They have a poor history of incidents that leaves many people not trust them.

https://manjarno.pages.dev/

I bet they’ll eventually get caught using coffee shop cameras and conversations for AI training, say it’s for training a security product or something.

It’s meant to protect the software, not the hardware. Of course you can still put a hardware keylogger on it.

You’re also only considering the use case of the owner and user being the same person. In a business context, the user and the owner are two different persons. It can be used to ensure the company’s MDM and security software aren’t tampered with, for example if you try to exfiltrate company data. In that situation, even if you have a keylogger, it doesn’t help you much, it still won’t allow you root access on the machine, because the user of the machine doesn’t have root access either.

Same with servers: you don’t even care if the hardware is keylogged, nobody’s ever using the local console anyway. But it’ll tell you if a tech at the datacentre opened the case, and they can’t backdoor the OS during a planned hardware maintenance.

Same with kiosk machines: you can deface the hardware all you want, the machine’s still not gonna let you order a free sandwich. If you buy one off eBay you can bypass secure boot and wipe it and use it, but it won’t let you sneak a USB on it while nobody’s watching and attack the network or anything like that.

But yes, for most consumers it’s a bit less useful and often exploited in anti-consumer ways.

It’s mostly for use cases where you can lose physical access to the computer like overnight at the office, at a hotel while travelling, in a shared server room, etc. It’s extra assurance that the computer runs the software you expect it to run and nothing else without at least being somewhat noisy about it.

This can in turn be used to use the TPM to get a disk encryption key, so you can do full disk encryption but still boot to a normal login screen without entering a password. It will only hand out the key with the correct signed boot chain.

If you have a desktop PC at home that nobody untrusted touches, then yeah there isn’t that much value to it for you.

If we deleted everything written by insufficiently pure developers, we wouldn’t have a Linux desktop. Especially if we count the ones that were smart enough to not bring up anything political in public.

Not a fan of DHH, but then you delete Rails then there’s no GitHub, GitLab, Mastodon, and many many other things given how popular Rails is, and that’s just that one guy.

If you include all the sketchy stuff that happens in the supply chain mining the minerals, processing, assembly all the way up to the final computer product, you just can’t morally justify supporting any manufacturer either.

This really doesn’t do anything useful other than feeling good to not support one of those guys. If anything it just adds extra political drama that feeds into a much bigger worldwide division problem.

At this point I just net user /add it, which just creates the user manually and then you can reboot and just log into it.

It’s not like you need anything from the OOBE at all, so might as well just skip it entirely.

Arguably, if it was normal to sideload apps it wouldn’t be as much of a barrier to users, but they’ve been conditionned to think they need an app and the only place you can ever get them is the store.

It’s a technical hurdle only because Apple decided they want to control everything, and same on Android because of Google’s ever increasing war on sideloading. You used to download an APK from the browser and it would go like “This is an app! Install?”, but now you have to go enable third party installation and all that, and now the whole Play Protect forcing developer validation coming up.

Because fear and hypocrisy, and pretending we’re somehow special as humans. It’s okay for us to copy this style, and replicate this drum set, and sample these sounds. We’re okay torrenting stuff because screw the big rich studios. We’re okay buying knockoff stuff because it’s cheaper.

We only care because it’s started crushing small creators struggling to make a living, and AI can gobble up training data faster than any human reasonably can in a lifetime.

Intellectual property has always been broken, AI just exposes the problem more clearly. It’s always been a double-standard.

At least a title would have been nice, at this point that’s just lazy to just paste the link of a repo and click post. Ok cool, but why are you sharing it, what’s cool about it, why should I click on this and spend time reading on it.

No, I would simply give them a box of condoms or whatever.

If they’re gonna do it, they’re gonna do it, and as a parent, you’re way better off with your kids comfortable not hiding it because if there’s complications you can intervene quickly. If the condom broke, you want the kid to come to you so you can get plan B and not have to deal with an abortion a couple weeks or even months later. It’s also way better they get caught doing it at home vs in a car and now be on the sex offender registry.

What you’re describing is abstinance and is common in religious families, and well know for being ineffective. Plus as you’ve described, it completely falls apart when bisexuality is involved, and it makes even less sense if it’s physically impossible to even get pregnant.

The same extends to alcohol, drugs, porn, whatever evil vice people are worried. If your kid’s gonna do drugs, you want them to feel comfortable calling you if they have a bad trip, and also feel comfortable giving you the drugs so you can get them to the hospital and they can quickly identify what you’re on and give the necessary medications.

They’re gonna learn about all that eventually, better they learn it from you. Punishment and “you’ll understand when you’re grown up” doesn’t work. If they’re old enough to ask, they’re old enough for the answers too.

There’s a reason it only supports Pixel phones: none of the other manufacturers produce phones that are suitable for it. All the other ones either don’t let you unlock the bootloader, won’t let you relock it with your own keys, or disables other security featurea. Meaning anyone can just flash whatever code they want to the phone and completely nullify the security model.

For a bit, OnePlus did support this but they quietly removed that feature with the Android 12 bootloader update, and otherwise cut you off from the TEE anyway so the OS can’t even verify the boot chain.

The GrapheneOS team said they would happily support other devices if any met their criterias for support. None do. Pixels are the only phone where you can properly flash a custom OS on, and relock the bootloader and disable OEM unlocking like it’s the official OS with all the security features functional.

That seems like a good way to get vendors to start only shipping firmware updaters that only runs on Windows again.

I don’t think I’ve ever updated a BIOS from any operating system, always flashed via the BIOS itself. Most can flash the BIOS without even a CPU installed these days.

It’s a good idea to validate the information before being outraged at it.

If that works, something with the PipeWire state might be weird. Tried deleting pipewire/wireplumber in ~/.local/state followed by a reboot (or restarting pipewire and wireplumber). That should reset it.

but really would feel bad for any packager maintainers.

It’s already unpackageable because of the license anyway.

The only “legit” way to get the emulator is their provided AppImage bundle, and nothing else. The author also has a rant about Flatpak being broken and unreliable and refusing to support that, so…

I find mostly complaints around Wayland not working like Xorg, like complaining they can’t just get the absolute cursor position and things like that.

Sounds very much like parroted points from probonopb’s rants, like claims of “broken by design”.

You can’t fork it or redistribute it… but you can distribute patches for users to apply, and those are easy to add in a PKGBUILD. That’s how a lot of game/ROM patches are distributed and they appear to be legal.

It’s an emulator, lets be real, the majority of the users couldn’t give a shit about license terms anyway.

ArchLinux users can be a pain sometimes, but we’re also often right when calling out someone’s broken software.

Given other drama around that project and the developer clearly being a Windows fanboy, they’re probably doing a lot wrong and blaming the Linux fragmentation for it instead of doing things properly, getting called out on it, and then being pissed at the users for it.

Makes me want to write an intentionally buggy PKGBUILD with wildly unsupported patches out of spite.