Oh you poor innocent soul. Some things are best left unsaid.

As long as the user owns the TPM and has full control over it, I don’t see a problem. I paid for that hardware. I want to use it. There are already tools that can talk to it. It’s just not fully implemented and integrated into the system in a secure fashion. Indirectly, you kind of point out why there hasn’t been as much motivation to provide these features because they’re associated with the user giving up control, but it doesn’t have to be this way. The hardware can work for me if the support were there.

With the right support, it can even be combined with the password. This lets me enforce that the drive only unlocks in this machine, with this password, and only with the software that I set. That’s certainly more secure than how most distros do FDE today. It covers more use cases and enables a much stronger threat model.

Wow, removed and banned. Based on the comments this must have been highly inappropriate.

One major obstacle is third party drivers, specifically Nvidia, that forces building and signing your own kernel modules. It can be done, but it’s certainly more complexity than distributing signed binary drivers from the distro. I think Ubuntu has preliminary support for TPM-backed FDE, but only if you aren’t using such drivers. It doesn’t work in combination.

I don’t want to sign my own modules. I want them to shipped signed, so the key isn’t expected to be on my machine. If I were doing kernel development work, I’d have disabled secure boot entirely anyway.

I would really like to see broad support for TPM-backed FDE, which also requires secure boot to work to implement this properly.

For me, this is essential to have for feature parity with Windows on laptop.

Intel, which is reportedly planning to lay off as much as 20% of its workforce, is the latest big tech company to mandate a return to the office.

They want people to quit on purpose. I believe it’s cheaper than unemployment or severance.

“I strongly believe that our sites need to be vibrant hubs of collaboration that reflect our culture in action,” Tan said. “When we spend time together in person, it fosters more engaging and productive discussion and debate. It drives better and faster decision-making. And it strengthens our connection with colleagues.”

Corpo bullshit.

Best pony? But that’s not Rainbow Dash!

My eyes, oh God my eyes!

I’m a married man in a great relationship. Our office is covered with My Little Pony merch and posters.

She thought it was weird, but she liked it because it was weird.

This post was next to a post about literal possums.

Sorry, I know that’s off-topic, but I thought it was cool and wanted to share that.

I assume that the picture is actually at the sensory garden area?

In a way, you can! On Lemmy you can run your own instance and then you can remove the post, but it only applies for users of your instance. That is my understanding. I’m not an admin. Take with grain of salt.

Maybe we’re just peering into his galaxy brain.

I’m sure he’ll receive a gentle recommendation.

I really wish they would stop thinking of the children because it’s never good things when they’re thinking about them.

Why is it when I read one of these news articles China always appears to negotiate from a position of strength while Trump sounds like a bumbling idiot?

In a sane country that would have you immediately removed from office because you clearly have expressed your intent to betray your position and the people.

Oh my God my coffee. My nose burns!

Wow you really can’t tell the difference between officials and gangs of criminals these days.

I think we have a few knuckleheads who think it improves the algorithm and don’t realize that Lemmy doesn’t work that way.

i.e. meh, not my type of post. I don’t care about trains. Downvote! Similar idea with comments thinking somehow it will show them better comments.

I sooner attribute this to ignorance rather than malice.