Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday October 09, @05:54PM   Printer-friendly
from the pentagon-says-no dept.

Volume 189 of The PCLinuxOS Magazine has an article on Bill Gates' evil prophecy from 40 years ago where he aims for ending general-purpose computing. He achieves that goal a step at a time over the decades, with the help of many a mole and quisling. Lately, the Pluton chip and Restricted Boot play both play key roles towards ending this era of general-purpose computing. The Pluton chip is an extension of the Trusted Platform Module (TPM) used by Vista10 and required by Vista11. Canonical, the maker of Ubuntu, and even its upstream source, Debian, folded years ago in regards to secure boot by using Microsoft's signing key, possibly cementing that as the norm. The article covers that and many other incidents leading up to the current situation.

There is an ever-decreasing amount of time left to keep general-purpose computing alive and the author signs off with how to approach the political maneuvers going on:

The implications are already starting to show

At the beginning of the year, Matthew Garrett, the researcher who created the UEFI bootloader for Linux (which I do not agree with at all, as it sets a precedent for Microsoft to abuse the market, with its position of power, should not be allowed under any circumstances) said that the Pluton chip was not an attack on users' freedom to use whatever operating system they wanted, which was not a threat.

In July 2022, he recanted, when he was unable to install Linux on a high-end Thinkpad Z13, complaining that this was not a legal practice by Lenovo.

But, that's what Microsoft wants. Under the guise of enforcing security, it blocks the machine's access to the user himself, being the gatekeeper of personal computing. In other words, "my" microcomputer is over. From now on, it will be Microsoft's microcomputer, and only what it allows will run...[sic]

It is up to us, the users, to boycott AMD products that contain the Pluton chip, to favor recycled or refurbished computers. And there is still more to do:

  • Support the Free Software Foundation's campaigns against Windows 11
  • Support the Right to Repair movement, in the person of Louis Rossman, one of the most prominent activists of this movement
  • Bomb your congressmen with emails & phone calls, so that Microsoft is legally pressured not to go ahead with the Pluton project.

So folks, things have never been so in jeopardy as they are today. Microsoft wants to be the big brother, and dictate what everyone can run on their computers, under the benevolent guise of ensuring security. We can't afford that, or the future of personal computing and privacy will be ruined.

Finally, let's not forget that anyone who says they don't need privacy because they have nothing to hide is the same thing as not defending freedom of speech, because they have nothing to say...[sic]

Let's fight this! The scenario is ugly, and the battle will be hard!

However, procrastination by using only old or refurbished computers does nothing to address the cause of the problem. There is a finite supply of old equipment, anyway, and eventually they will run out. If there are no new general-purpose laptops, desktops, and servers in the pipeline by then the era of useful computing will have drawn to a close.

Previously:
(2022) Responsible Stewardship of the UEFI Secure Boot Ecosystem
(2020) Red Hat and CentOS Systems Aren't Booting Due to BootHole Patches
(2018) First-ever UEFI Rootkit Spotted in the Wild
(2014) Rootkits Target 64-bit PCs - Secure Boot Is Not Always Secure


Original Submission

Related Stories

Rootkits Target 64-bit PCs - Secure Boot Is Not Always Secure 29 comments

Lucian Constantin writes at PC World that with the increasing number of 64-bit systems, experts say the incentive is growing for attackers to invest in methods of bypassing defenses like the PatchGuard kernel patching protection and the digital signature enforcement for drivers. "These protections have certainly increased the cost to build and deploy rootkits on 64-bit platforms," say McAfee researchers but roadblocks set in place by 64-bit systems now appear to be "mere speed bumps for well-organized attackers", who have already found ways to gain entry at the kernel level."

The Secure Boot feature of the Unified Extensible Firmware Interface (UEFI) the BIOS replacement in newer computers-was designed specifically to prevent the installation of bootkits. It works by checking that the boot code inside the MBR is on a pre-approved whitelist and is digitally signed before executing it. However, over the past year security researchers have found several vulnerabilities in UEFI implementations used by many computer manufacturers that can be exploited from inside the OS to disable Secure Boot. Mitre security researcher Corey Kallenberg estimates that Secure Boot can be bypassed on about half of the computers that have the feature enabled. According to Kallenberg, OEMs have started to pay a lot more attention to BIOS security research and have started to react over the past year. "I think we're finally at a place where you'll see OEMs take this more seriously."

First-ever UEFI Rootkit Spotted in the Wild 33 comments

The company ESET, based in Slovakia, has announced finding the first-ever UEFI rootkit in the wild. Once infected with the malware the only option is to reflash the SPI firmware or else replace the whole motherboard.

First spotted in early 2017, LoJax is a trojaned version of a popular legitimate LoJack laptop anti-theft software from Absolute Software, which installs its agent into the system's BIOS to survive OS re-installation or drive replacement and notifies device owner of its location in case the laptop gets stolen.

According to researchers, the hackers slightly modified the LoJack software to gain its ability to overwrite UEFI module and changed the background process that communicates with Absolute Software's server to report to Fancy Bear's C&C servers.

UEFI is an overly complex replacement for BIOS, and is often conflated with one of its payloads, Restricted Boot aka Secure Boot.


Original Submission

Red Hat and CentOS Systems Aren’t Booting Due to BootHole Patches 96 comments

Red Hat and CentOS systems aren’t booting due to BootHole patches:

Early this morning, an urgent bug showed up at Red Hat's bugzilla bug tracker—a user discovered that the RHSA_2020:3216 grub2 security update and RHSA-2020:3218 kernel security update rendered an RHEL 8.2 system unbootable.

[...] The patches were intended to close a newly discovered vulnerability in the GRUB2 boot manager called BootHole.

[...] Unfortunately, Red Hat's patch to GRUB2 and the kernel, once applied, are leaving patched systems unbootable. The issue is confirmed to affect RHEL 7.8 and RHEL 8.2, and it may affect RHEL 8.1 and 7.9 as well. RHEL-derivative distribution CentOS is also affected.

Red Hat is currently advising users not to apply the GRUB2 security patches (RHSA-2020:3216 or RHSA-2020:3217) until these issues have been resolved.

Ubuntu and Debian are also apparently affected.


Original Submission

Responsible Stewardship of the UEFI Secure Boot Ecosystem 22 comments

https://mjg59.dreamwidth.org/60248.html

After I mentioned that Lenovo are now shipping laptops that only boot Windows by default, a few people pointed to a Lenovo document that says:

"Starting in 2022 for Secured-core PCs it is a Microsoft requirement for the 3rd Party Certificate to be disabled by default."

"Secured-core" is a term used to describe machines that meet a certain set of Microsoft requirements around firmware security, and by and large it's a good thing - devices that meet these requirements are resilient against a whole bunch of potential attacks in the early boot process. But unfortunately the 2022 requirements don't seem to be publicly available, so it's difficult to know what's being asked for and why. But first, some background.

[...] Given the association with the secured-core requirements, this is presumably a security decision of some kind. Unfortunately, we have no real idea what this security decision is intended to protect against. The most likely scenario is concerns about the (in)security of binaries signed with the third-party signing key - there are some legitimate concerns here, but I'm going to cover why I don't think they're terribly realistic.

The first point is that, from a boot security perspective, a signed bootloader that will happily boot unsigned code kind of defeats the point. Kaspersky did it anyway. The second is that even a signed bootloader that is intended to only boot signed code may run into issues in the event of security vulnerabilities - the Boothole vulnerabilities are an example of this, covering multiple issues in GRUB that could allow for arbitrary code execution and potential loading of untrusted code.


Original Submission

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Interesting) by Opportunist on Sunday October 09, @06:17PM

    by Opportunist (5545) on Sunday October 09, @06:17PM (#1275704)

    The Cyberpunk P&P RPG listed a few decks that were prohibitively expensive, which was kinda odd when you think that computers in general were dirt cheap.

    Not it starts to make sense. The decks are the pieces that can actually run the kind of software you want, instead of being locked down to doing their master's bidding. Cyberpunk 2020 finally becomes real, just a few years late.

  • (Score: 5, Insightful) by Rosco P. Coltrane on Sunday October 09, @06:19PM (23 children)

    by Rosco P. Coltrane (4757) on Sunday October 09, @06:19PM (#1275706)

    The author is outraged at Microsoft's play to take control of personal computers, but probably owns a cellphone that is his, yet is entirely under the control of a creepy giant big data company hell-bent on extracting as much data as possible from everybody on Earth, and has been for a decade and a half now.

    Why isn't he outraged about that too uh?

    Cuz I sure am. I've been hopping mad since those goddamn devices appeared on the scene. And for some odd reason, nobody seems to bat an eyelid over the astonishingly frightening level of control Google and Apple have over the mobile computer of essentially everybody on the planet, that hold's a goodly portion of everybody most private data, and that is increasingly impossible to live without.

    How nobody is scared to death and outraged over this, and why no government seems to be reacting even a little bit is totally beyond me.

    Microsoft controlling PCs... Yeah. But please go after Google and Apple first. Because THEY are much more dangerous and they're already completely entrenched.

    • (Score: 3, Insightful) by JoeMerchant on Sunday October 09, @06:57PM (16 children)

      by JoeMerchant (3937) on Sunday October 09, @06:57PM (#1275714)

      Implication #1 of the current cell phone OS landscape: projects that I could easily develop on cellphone hardware are instead developed on different, more open hardware - or sometimes not developed at all.

      Implication #2: my cellphone (and associated cloud services) are the sole repository of exactly zero data of value of mine. If it means anything to me it is backed up on external SSD devices that I can easily access from a variety of hardware and OSs. I do tend to over rely on data storage by PCs I control and fail to backup sufficiently, but the cloud and or my phones: zero trust.

      Implication #3: my phone is mostly a dumb terminal, it takes photos, records videos, connects me to voice and video calls, serves as a 4G-WiFi bridge hotspot, shows me news, and I'm tapping this post on it now, but all of these are ephemeral connection activities. It does virtually nothing when it is "away" from my attention, unlike most of my other computing devices and services. The phone is a non exclusive portal for most things, though it is the only thing I use regularly for voice calls on the POTS network.

      --
      Україна досі не є частиною Росії. https://en.interfax.com.ua/news/general/878601.html Слава Україні 🌻
      • (Score: 3, Insightful) by Sjolfr on Sunday October 09, @07:40PM (5 children)

        by Sjolfr (17977) on Sunday October 09, @07:40PM (#1275722)

        Just be aware that most people have neither the information nor the technical thought processes to consciously split their processing workload so discretely. The vast majority of people just use what they can afford, which means one device a lot of the times. That means they use their phone for everything.

        Regardless, having the ability to work around these problems is not the answer. They shouldn't BE problems to begin with. So many linux distributions are just marketed pieces of junk these days. They do not adhere to open standards like they should. Most don't even adhere to basic standards of practice anymore. I kind of wonder if there will ever be a day when root is no longer directly accessible. Some linux distros are heading in that direction.

        The only saving grace in linux is that the kernel is still owned and managed by technical people via opensource licenses instead of bureaucratic agendas.

        • (Score: 4, Interesting) by JoeMerchant on Sunday October 09, @11:27PM (4 children)

          by JoeMerchant (3937) on Sunday October 09, @11:27PM (#1275754)

          About 15 years ago, Nokia was in the process of mismanaging their Linux based smartphone project, slowly killing all my hopes and dreams of such a useful and self-manageable device. Then Microsoft bought them...

          Some years later, the Jolla project put more nails in the coffin...

          --
          Україна досі не є частиною Росії. https://en.interfax.com.ua/news/general/878601.html Слава Україні 🌻
          • (Score: 3, Insightful) by canopic jug on Monday October 10, @05:42AM (3 children)

            by canopic jug (3949) on Monday October 10, @05:42AM (#1275788) Journal

            Close but not quite. The mismanagement of their Linux-based smart phone did not start until Microsoft's Elop arrived and then started killing Nokia [blogs.com]. If you dig around enough in articles from 2010, you'll find that Nokia's Linux-based phone was getting better reviews than the iPhone -- up until Elop killed the line. If you're wondering why he sold of the headquarters and did other things to drive the company into the ground post haste, you'll also find some article from a little later exposing the fact that the Nokia board of directors had signed Elop up with a contract containing a $25 million bonus if he sold the company to M$. They did that while lying about it being just another standard contract.

            Tomi Ahonen's site [blogs.com] has a real treasure trove of well-documented analysis from that time, 2010 and a few following years. Without Nokia's Linux-based line of phones, the market became stale, uninnovative, and a duopoly between Google and Apple. While M$ Windows-based Lumia failure peaked out at approximately 3% of all sales, activation statistics show that less than half of them actually saw any use at all. They were still outnumbered by non-Nokia Linux-based phones. Lumia quickly went away. Now the market is just Android versus iPhone with Jolla not even being a statistical error and had been for a long while about 85% Android and 14% iPhone. However, now that has shifted greatly especially in some markets like in the US. Currently, in the US over 50% of the smartphones are iPhone [petapixel.com].

            Phones are not general-purpose computers even though they are basically portable super computers. Anecdotally, I can say that I no longer know anyone who has written programs (aka "apps") for either iPhone or Android who was not already being paid to do so professionally. Both Apple and Google have made it increasingly difficult to get custom software onto the phone, especially via their "app" stores.

            Smartphones are also terribly inefficient to use for any type of computing activity, so you have to wonder about the loss of productivity and output at a global scale, too, when so many try to do a task on a smartphone instead of waiting a few minutes and getting the same task done in a tenth the time and effort on a normal desktop or laptop.

            --
            Money is not free speech. Elections should not be auctions.
            • (Score: 2) by JoeMerchant on Monday October 10, @10:39AM

              by JoeMerchant (3937) on Monday October 10, @10:39AM (#1275811)

              Matter of perspective... Being Nokia, the hardware was in good shape, but the Qt software development had a number of internal to Nokia developers who later said the smartphone project was a smoldering dumpster fire.

              A lot of this came out during Jolla development, then Jolla mismanaged their finances and hardware release, and never quite got traction for their OS work...

              --
              Україна досі не є частиною Росії. https://en.interfax.com.ua/news/general/878601.html Слава Україні 🌻
            • (Score: 2) by JoeMerchant on Monday October 10, @10:47AM

              by JoeMerchant (3937) on Monday October 10, @10:47AM (#1275813)

              As for software development on a single smartphone, that's not too hard to do. Where it falls apart is when the OS updates and shifts the landscape sufficiently to require significant rework, particularly of the interesting features which are constantly labeled "security risk" and given new APIs, debatable whether they get any more secure, but clearly they obsolete a lot of applications that would otherwise have continued to work.

              --
              Україна досі не є частиною Росії. https://en.interfax.com.ua/news/general/878601.html Слава Україні 🌻
            • (Score: 2) by JoeMerchant on Monday October 10, @11:14AM

              by JoeMerchant (3937) on Monday October 10, @11:14AM (#1275816)

              As to the inefficiency aspect, that's a matter of perspective. At the moment my mechanical keyboard and 25" monitor are in the same room as my sleeping wife, so while I could type this 3x or more faster on that interface if I could access it, in reality I can type this infinitely faster right now on my phone as compared to later when it won't happen due to higher priority tasks both on and off the computer.

              Somehow, quite illogically, it has become socially acceptable to bury your face into a 7" screen and occupy both hands tapping the touch screen in all kinds of settings where "real" computers are rejected due to their physical bulk.

              While smartphone interfaces are horribly slow and inefficient compared with the things they are replacing, their killer advantage is the constant availability of those clunky interfaces. Mine is a entertainment center computer remote, both through VNC and ssh, a garage door opener, IOT light switch controller, home thermostat control from anywhere (as in: left on a 7 day vacation and forgot to set the thermostat to economy...) And, it's a really crappy email and message board interface.

              For professional work away from my home desk, I carry a laptop (itself not quite as good as my "real" computer with mouse, big screen and better keyboard) and the phone becomes an internet hotspot. But for just being aware of incoming email and maybe tapping out a quick reply, the phone itself is capable... Actually, I carry two laptops (in a backpack) one with the corporate approved IT maintained Windows image that lets me access the company VPN and various "work apps" that don't work without that access, and an Ubuntu laptop that I do the bulk of my work on; no, dual boot is not allowed or possible with the corporate image, because: security, of course.

              Every interface has its compromises, it's not surprising that the handheld one available for a low monthly payment is winning the popularity contest, and also is subject to the most intense corporate abuses of privacy.

              --
              Україна досі не є частиною Росії. https://en.interfax.com.ua/news/general/878601.html Слава Україні 🌻
      • (Score: 5, Touché) by Rosco P. Coltrane on Sunday October 09, @07:48PM (9 children)

        by Rosco P. Coltrane (4757) on Sunday October 09, @07:48PM (#1275723)

        my phone is mostly a dumb terminal

        Keep telling yourself that.

        it takes photos, records videos, connects me to voice and video calls, serves as a 4G-WiFi bridge hotspot, shows me news, and I'm tapping this post on it now, but all of these are ephemeral connection activities

        The traces of you doing all that how when and where is called metada, and given enough of it - actually surprisingly little - Google gets to know more about you than you know yourself.

        It does virtually nothing when it is "away" from my attention

        Your cellphone is constantly at work reporting to various motherships about what's going on around it several times per minute.

        my cellphone (and associated cloud services) are the sole repository of exactly zero data of value of mine.

        Your valueless data is highly prized by Google, Apple and their advertiser clients for monetization. They don't give a shit what value it has to you: it's the money it brings them that matters to them.

        You are quite amazingly naive...

        • (Score: 3, Disagree) by c0lo on Sunday October 09, @11:26PM (5 children)

          by c0lo (156) on Sunday October 09, @11:26PM (#1275753) Journal

          my phone is mostly a dumb terminal

          Keep telling yourself that.

          What a way to miss the point.

          it takes photos, records videos, connects me to voice and video calls, serves as a 4G-WiFi bridge hotspot, shows me news, and I'm tapping this post on it now, but all of these are ephemeral connection activities

          The traces of you doing all that how when and where is called metada, and given enough of it - actually surprisingly little - Google gets to know more about you than you know yourself.

          Put it this way: (maybe there are other that can't, but) I can stop using a smart mobile anytime or restrict its use so that any tracking it does is meaningless for profiling me.
          But I cannot stop from using a computer, as I'm not going to write code or run CAD on a mobile any time soon.

          --
          https://www.youtube.com/watch?v=aoFiw2jMy-0
          • (Score: 3, Insightful) by Deeo Kain on Monday October 10, @12:30AM (4 children)

            by Deeo Kain (5848) on Monday October 10, @12:30AM (#1275763)

            Phones are NOT dumb terminals!
            They can do and are used to do whatever can be done with a laptop: email, browsing, private messaging, video and audio messaging, banking, crypto transactions, and so on.
            You could "stop using a smart mobile anytime or restrict its use" just like you could stop using your workstaion or restrict it's use.
            The point is that when you're using your phone the FAGAM tribe gets access to all your activities. The only safe phone is the one you do not use, that you actually NEVER use!

            • (Score: 0) by Anonymous Coward on Monday October 10, @01:59AM (1 child)

              by Anonymous Coward on Monday October 10, @01:59AM (#1275770)

              They can do and are used to do whatever can be done with a laptop: email, browsing, private messaging, video and audio messaging, banking, crypto transactions, and so on.

              False.
              As examples, on my laptop, but not on my phone, I can:
              - run FreeCAD and the 3d printing slicer
              - run kicad
              - build a custom Linux kernel
              - typeset a PhD thesis in Latex
              - build apps that run on (Android) smart phones

              And, of course, my laptop is able to do all the "email, browsing, private messaging, video and audio messaging, banking, crypto transactions, and so on".
              With a VoIP server at home, I can even arrange to make or receive voice phones using my laptop.

              • (Score: 2) by Deeo Kain on Tuesday October 11, @09:05PM

                by Deeo Kain (5848) on Tuesday October 11, @09:05PM (#1276123)

                True.
                You can run a full Linux distro under Android.
                Desktop apps have their smartphone's equivalent.
                And I never stated or implied you cannot do on a desktop what you can do on a phone, so your point is moot.

            • (Score: 2) by c0lo on Monday October 10, @02:29AM (1 child)

              by c0lo (156) on Monday October 10, @02:29AM (#1275772) Journal

              Phones are NOT dumb terminals!

              Indeed. They are reduced intelligence terminals coupled with a range of sensors that spy on you.

              This being said, trying to escalate the battle for "my computer should be mine" to all devices will make one lose everywhere.
              I can abstain from making use of a smart phone (and replace its functions with dedicated devices + laptop which are "all mine") but I can't abstain from the use of my computer.

              --
              https://www.youtube.com/watch?v=aoFiw2jMy-0
              • (Score: 2) by Deeo Kain on Tuesday October 11, @09:07PM

                by Deeo Kain (5848) on Tuesday October 11, @09:07PM (#1276124)

                The "my computer should be mine" principle should be escalated to any device that could potentially have any relevant impact in your life. Failure in doing so is going to be a big loss for everyone.

        • (Score: 0) by Anonymous Coward on Sunday October 09, @11:29PM (1 child)

          by Anonymous Coward on Sunday October 09, @11:29PM (#1275755)

          Your cellphone is constantly at work reporting to various motherships about what's going on around it several times per minute.

          Well, it can try but, without a SIM card and with a restricted firewall on wifi, it's not gonna succeed.

          • (Score: 2) by Deeo Kain on Monday October 10, @12:34AM

            by Deeo Kain (5848) on Monday October 10, @12:34AM (#1275764)

            Then it would no longer be a phone and a portable device.
            You could perhaps fine-tune your home firewall, but what about when you're in shops, parlors, areas with public WiFi available?
            You have no control over those devices and networks.

        • (Score: 4, Insightful) by JoeMerchant on Sunday October 09, @11:55PM

          by JoeMerchant (3937) on Sunday October 09, @11:55PM (#1275758)

          Oh, it's a dumb terminal that mines all my data including GPS location and ambient speech.

          We had a friend visit who mentioned some obscure band she used to follow like a groupie - no searches performed, no Gmail containing the name, nada, but out of the blue I started receiving frequent news articles about the band for a month after that ambient speaking of their name in our house.

          I get a reminder every month about my GPS track history which goes back many years now. I'll usually review it, and it remembers where I have gone (or, at least where I took my phone) better than I do. If I ever don't want to be tracked, I'll leave my phone home. Since I work from home now, it would be hard to notice that as unusual. If I need POTS access while out on my secret journey, cash payment for a burner is possible, but that hasn't been a need of mine for a long time now.

          --
          Україна досі не є частиною Росії. https://en.interfax.com.ua/news/general/878601.html Слава Україні 🌻
    • (Score: 2) by RamiK on Sunday October 09, @08:54PM (3 children)

      by RamiK (1813) on Sunday October 09, @08:54PM (#1275739)

      What's stopping you from installing LineageOS or any of the other 1001 roms without the google play store services and apps? I've run my phone like that for years and it was perfectly fine. Only problem is the baseband rom (and to a lesser extent, their GPU blobs). But that's Qualcomm's; Not Google's.

      --
      compiling...
      • (Score: 1) by fustakrakich on Sunday October 09, @09:48PM (2 children)

        by fustakrakich (6150) on Sunday October 09, @09:48PM (#1275743) Journal

        But that's Qualcomm's; Not Google's.

        Same difference. They are bookends

        --
        La politica e i criminali sono la stessa cosa..
        • (Score: 2) by RamiK on Sunday October 09, @10:03PM

          by RamiK (1813) on Sunday October 09, @10:03PM (#1275745)

          There's some truth in that I'll give you that much.

          --
          compiling...
        • (Score: 2) by JoeMerchant on Monday October 10, @11:29AM

          by JoeMerchant (3937) on Monday October 10, @11:29AM (#1275818)

          While Qualcomm isn't much better than Google, at least without the main line Android installed your data is only being mined by law enforcement and the various "anti terrorist" government programs, legal and extra legal. So if you find the commercial data mining and targeted advertising offensive, that will stop, but you would be naive to think that any less data is being collected, stored, analyzed....

          Personally, I feel that Google is doing a tremendous social service by defaulting to settings which put the collected data in your face. Getting a reminder that your flight leaves in 2 hours and that, in current traffic, you are a 45 minute drive from the airport, when all you did was receive an email with your flight info in it... that makes, at least some, people think about the implications of all this data mining, and hopefully shapes society a little better for everyone to benefit from it, rather than just the select few who have access to the data streams.

          --
          Україна досі не є частиною Росії. https://en.interfax.com.ua/news/general/878601.html Слава Україні 🌻
    • (Score: 5, Touché) by Deeo Kain on Monday October 10, @12:40AM

      by Deeo Kain (5848) on Monday October 10, @12:40AM (#1275765)

      Why isn't he outraged about that too uh?

      What makes you think he's not outraged about that?
      Writing about a different topic does not makes all the other topics irrilevant or acceptable.

    • (Score: 2) by Reziac on Monday October 10, @02:45AM

      by Reziac (2489) on Monday October 10, @02:45AM (#1275774) Homepage

      The author has ranted about other similar takeovers; IIRC there was one a while back about Google sucking shit out of your phone. This article isn't an isolated observation. But the magazine's purpose is not editorializing, so it' s not an everymonth thing.

      Tho the PCLOS philosophy has a strong streak of "Oh yeah? Try and make me."
      (Yeah, it's my favorite distro, by a long shot.)

      Otherwise... agreed, the Google/Apple datamonster has gone way too far toward being a real-life Skynet. And IMO the Chromebook was conceived to eject Microsoft from the desktop market, and only failed because it wasn't sufficiently fit for purpose to suck up consumers, let alone enterprise business.

      And wouldn't THAT have been a digital hell...

  • (Score: 2, Disagree) by einar on Sunday October 09, @06:45PM (2 children)

    by einar (494) on Sunday October 09, @06:45PM (#1275712)

    Yeah, it reads like a lot of drama about something which can be switched off: https://www.theregister.com/2022/03/02/microsoft_pluton_chip/ [theregister.com]

    • (Score: 5, Touché) by HammeredGlass on Sunday October 09, @07:15PM

      by HammeredGlass (12241) on Sunday October 09, @07:15PM (#1275719)

      those auth monsters, whether they be in govt or corp, always make it voluntary at first to get the early bootlickers adopters to take up the mantle, and then it becomes mandatory

    • (Score: 4, Insightful) by Sjolfr on Sunday October 09, @07:27PM

      by Sjolfr (17977) on Sunday October 09, @07:27PM (#1275721)

      For now you can switch this stuff off. Allowing it to be there is the problem though. All it takes is for some CEO to say ... "make it so no one can turn that off. It's for everyone's safety". That's always been my problem with Apple technology; it only lets you do things that it deems useful. Phones are the same thing. I like Samsung phones but they go to great lengths to prevent custom ROMs on their phones.

      Open source should go far beyond just software. It should apply to hardware, firmware, BIOS, and so on. Freedom is not the enemy. Yet that's the message we get .... give up your freedoms for perceived safety.

  • (Score: -1, Offtopic) by HammeredGlass on Sunday October 09, @07:01PM (11 children)

    by HammeredGlass (12241) on Sunday October 09, @07:01PM (#1275715)

    on another note, I am fucking around with zip files on unbuntu right now that can't handle the fact that some compression tools place a zero or one in some field that designates whether or not nix flavors of decompression tools simply can't cuz too hard

    even the built in file management software on my synology nas is totally bootfukced in the ear over this little thing which windows flavor of compression/decompression tools adapts to and doesn't make me read 10 year old forum posts showing that this problem is well known to everybody, bUt ThE siMPLe Fix is to SIMPLY edit the code using a hex editor???? NO!!! FUCK YOU nix world!

    • (Score: -1, Flamebait) by HammeredGlass on Sunday October 09, @07:11PM

      by HammeredGlass (12241) on Sunday October 09, @07:11PM (#1275717)

      btw, he knew nix people would enable and empower him to do this to a world that is sick and tired of the CLI and never want to see it ever again, and that it would be easy to run roughshod over people who saw windows works(who cares about security for my candy crush machine), and 'please review the man pages and open this readme.md that wont display correctly in 4 out of the 5 text viewer applications you've already installed while begging some codemonkey to not suggest opening the CLI and typing just a few dozen characters of nonsense using name that were arbitrarily assigned to the tool by some caffeine stunted goober at 4am to hopefully not have to additionally install a few dependencies that you have to compile yourself on your mainstream flavor of nix that allegedly works right out of the box(as long as all you want to do is change your desktop background and stare at it wondering why it is appears the bastard child of more than two OSes that have entirely different workflows)to finally be confronted with some message in the black void which states that there is a library which is unavailable for your current version of nix 5.0.1.04.1.a , but if you want to clean install a fresh copy of nix 5.0.1.04.1, then it may work, but no promises.

      I don't care if nix is running all the servers and all the phones and every POS register in the world if you abandon the general computing world that Bill knew he could steal from us cuz some of you freaks want to feel ubermensch by using that godddamm terminal for everything

      remember the PC? nah, you don't and that's why Bill won

    • (Score: 2, Insightful) by Sjolfr on Sunday October 09, @07:13PM (7 children)

      by Sjolfr (17977) on Sunday October 09, @07:13PM (#1275718)

      I've been doing this for 30+ years. Compression is always software specific. I recall some small problems of decompression 20 years ago but, today, I find that hard to believe. There are multitudes of decompression programs out there for all platforms.

      Perhaps you're doing something wrong?

      • (Score: 0, Flamebait) by HammeredGlass on Sunday October 09, @07:20PM (6 children)

        by HammeredGlass (12241) on Sunday October 09, @07:20PM (#1275720)

        nah, fuck that.

        i used 7zip on windows for years(decades?) to open everything i came across on the web and now here i am using a 2022 release of unbuntu and it can't handle a zip file created by a standard corp program for general consumption and usage?

        nah, fuck that.

        • (Score: 2, Insightful) by Sjolfr on Sunday October 09, @08:13PM (3 children)

          by Sjolfr (17977) on Sunday October 09, @08:13PM (#1275731)

          Be more specific. How did you zip the file(s) exactly? What options and so on. What are you using to unzip them? Ubuntu has a few programs that can be used for that, including 7zip. Are you expecting that your filemanager handle the zip/unzip process for you? Are you using command line?

          7zip archives seem to work just fine under ubuntu using 7z e

          • (Score: 0, Flamebait) by HammeredGlass on Sunday October 09, @08:26PM (2 children)

            by HammeredGlass (12241) on Sunday October 09, @08:26PM (#1275733)

            reliving my nix experiences is akin to redoing any ptsd cause

            • (Score: 5, Touché) by Sjolfr on Sunday October 09, @08:33PM (1 child)

              by Sjolfr (17977) on Sunday October 09, @08:33PM (#1275734)

              Now the drama badge belongs to you.

        • (Score: 2) by tangomargarine on Sunday October 09, @11:03PM (1 child)

          by tangomargarine (667) on Sunday October 09, @11:03PM (#1275749)

          You know there's only one N in "Ubuntu", right?

          --
          "Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
    • (Score: 2) by RamiK on Sunday October 09, @08:43PM (1 child)

      by RamiK (1813) on Sunday October 09, @08:43PM (#1275735)

      Use 7zip. Run it in wine if you're too lazy to figure out p7zip.

      --
      compiling...
  • (Score: 2) by inertnet on Sunday October 09, @08:57PM

    by inertnet (4071) Subscriber Badge on Sunday October 09, @08:57PM (#1275740) Journal

    guise of ensuring security

    This is about security for the entertainment industry, to prevent you from playing "illegal content". It's of no benefit to you whatsoever.

    And possibly in the future to identify you (or rather your hardware).

  • (Score: 3, Insightful) by Gaaark on Sunday October 09, @10:13PM

    by Gaaark (41) Subscriber Badge on Sunday October 09, @10:13PM (#1275746) Journal

    Microsoft jerks linux off with one hand while snipping off it's balls with the other.

    Don't know how people can still trust MS with their data.

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
  • (Score: 4, Informative) by Deeo Kain on Monday October 10, @12:19AM (4 children)

    by Deeo Kain (5848) on Monday October 10, @12:19AM (#1275761)

    And support Open Hardware.
    Buy from https://www.thinkpenguin.com/, [thinkpenguin.com] https://system76.com/, [system76.com] https://puri.sm/, [puri.sm] https://www.starlabs.systems/, [www.starlabs.systems] any shop that produces and sells hardware with Linux preinstalled.
    Failure in making Linux-friendly hardware economically viable and sustainable would cost our digital freedom, so put your money where your tongue is.

    • (Score: 4, Informative) by maxwell demon on Monday October 10, @05:25PM

      by maxwell demon (1608) Subscriber Badge on Monday October 10, @05:25PM (#1275887) Journal

      To add one more option: My computer is from https://www.tuxedocomputers.com/ [tuxedocomputers.com]

      --
      The Tao of math: The numbers you can count are not the real numbers.
    • (Score: 2) by HammeredGlass on Monday October 10, @07:28PM

      by HammeredGlass (12241) on Monday October 10, @07:28PM (#1275905)

      You didn't manage to link a single page correctly and each one of those 404ed

    • (Score: 2) by bzipitidoo on Tuesday October 11, @06:08PM (1 child)

      by bzipitidoo (4388) Subscriber Badge on Tuesday October 11, @06:08PM (#1276076) Journal

      Should do more than buy hardware, and use a free OS.

      Right now, independent authors, musicians, and other artists favor copyright by something like 99%. They really believe copyright is the basis on which a career in art must be built. Offer them viable alternatives, and they'll change their opinions. What we have now is a very patchy crowdfunding system.

      Another thing I've seen many a time is the employment contract that says anything you invent belongs to the company. Writers who "work for hire" get a raw deal. Many have been victims of Hollywood Accounting.

      Worse is the deal the researchers get. In exchange for the very limited fame of being selected for publication, the researcher gets to keep the job. There's an ongoing revolt against that system known as Plan S.

      • (Score: 2) by maxwell demon on Wednesday October 12, @04:21AM

        by maxwell demon (1608) Subscriber Badge on Wednesday October 12, @04:21AM (#1276189) Journal

        Copyright as such is not bad. The problem with copyright is that it lasts obscenely long, and that it covers also derivative works.

        Also don't confuse copyright with “copyright protection” technology.

        --
        The Tao of math: The numbers you can count are not the real numbers.
  • (Score: 4, Touché) by Subsentient on Monday October 10, @01:48AM

    by Subsentient (1111) on Monday October 10, @01:48AM (#1275769) Homepage Journal

    I've been screaming about this shit nearly since I first gained self-awareness as a kid.
    Good thing we're getting nuked soon. Some problems solve themselves.

    --
    "It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
  • (Score: 2, Insightful) by ElizabethGreene on Monday October 10, @05:07AM (6 children)

    by ElizabethGreene (6748) on Monday October 10, @05:07AM (#1275783)

    The purpose of running signed code at boot is to prevent malicious software from being able to run. You don't have to use a Microsoft key, and if you update your dbx you can make it explicitly NOT trust Ms signing keys.

    The TPM is a hardware device for generating and storing private keys in a way that protects them from being stolen even with kernel level access. How is that bad?

    • (Score: 3, Informative) by turgid on Monday October 10, @08:09AM

      by turgid (4318) Subscriber Badge on Monday October 10, @08:09AM (#1275798) Journal

      The TPM chip is opaque closed hardware. Do you trust it? And there's nothing to stop Microsoft issuing a decree in future demanding that PC hardware comes with Windows and the TMP locked down so the end user can't install a different OS "for piracy reasons."

    • (Score: 3, Informative) by Rich on Monday October 10, @10:39AM (4 children)

      by Rich (945) on Monday October 10, @10:39AM (#1275809) Journal

      I've seen a laptop (Medion brand, sold by ALDI in Germany) that was entirely locked up. No option in the BIOS, no chance to boot any of my Linux DVDs or a USB stick to recover any of her b0rked data. It was Windows 7 clean install time for her. As I understand it, providing a switch for the locked boot, or allowing to enter personal keys, is completely optional and up to the vendor.

      The frog is slowly being boiled.

      • (Score: 2) by ElizabethGreene on Monday October 10, @03:00PM (2 children)

        by ElizabethGreene (6748) on Monday October 10, @03:00PM (#1275852)

        Windows 7 didn't support secure boot. If that machine wouldn't boot any other OS it wasn't because of a TPM limitation.

        • (Score: 3, Insightful) by Rich on Monday October 10, @11:57PM (1 child)

          by Rich (945) on Monday October 10, @11:57PM (#1275947) Journal

          I have no idea because I'm not a Windows guy. It definitely was past the date where they introduced signed bootloaders. I wouldn't have looked in the BIOS for a switch to disable it, or to enter keys, if that hadn't been an issue by then. It flat out refused to start a Mint DVD I brought, which works on any of the ThinkPads, LifeBooks, or whatever went through my own hands.

          I think I made sure the drive could access the CD from when it had working Windows again, and tried again, so it hasn't been the drive not liking my burner. Or maybe it even threw up an error message mentioning boot logic. But really, I try to waste as little time as possible on Windows, even more so on Windows running on discount store laptops, and also on any technical discussion with people incompetent enough to run that stuff. I forgot the details, and I'm glad I did. I just didn't forget that the incident reinforced my view of all that.

          • (Score: 3, Insightful) by ElizabethGreene on Tuesday October 11, @02:12AM

            by ElizabethGreene (6748) on Tuesday October 11, @02:12AM (#1275960)

            I think you're right about the root problem being it's a grocery store laptop. I love our Aldi, but I'd be hesitant to buy any electronics smarter than a toaster from them. Corner-cutting is the bread-and-butter of low-end machines, and corner-cutting in desktops and laptops rarely works out well for the consumer.

      • (Score: 3, Insightful) by hendrikboom on Monday October 10, @09:00PM

        by hendrikboom (1125) on Monday October 10, @09:00PM (#1275919) Homepage Journal

        Spending real money on a laptop without knowing I can install the Linux of my choice? No way!

        And trying to get a non-spyware phone is also difficult.

        Yes, there's Purism and Pine. Both are pricey. Their batteries are replaceable, but it's really hard to get a replacement battery across an international border. For the pinephone, you can't even order a phone with a battery -- you have to order them separately.

        The Librem 5 costs $1200 if you're willing to wait a year for delivery. $2000 if you're not.

        Ouch!

(1)