Computers and the internet gave you freedom. Trusted Computing would take your freedom.
Learn why: https://vimeo.com/5168045

  • 4 Posts
  • 1.68K Comments
Joined 1 年前
cake
Cake day: 2023年6月7日

help-circle

  • these only handle crypto. they’re not a replacement for stripe, and saying that it is is a very large stretch. stripe is used for handling fiat payments, and there’s a reason even Liberapay only supports that and Paypal: because all others are worse or questionable.

    such services (recurring payment services) can’t really make use of crypto right now anyway, can they? they would either need to store your keys, or create a specialized wallet program and stop being a service, but the latter would also remove any possible transparency that the donation receiver may want to provide















  • Usually you would only need to reboot if you want to use the new kernel right away after an update.

    and the new version of all the software that is still running with the old version.

    For most of the programs, you don’t even need to restart them if they’re already running.

    how? won’t they keep being the old version?

    However, if you restart them they will run as the newer updated version.

    oh, yeah, we agree on that. but my point is that in my experience, a lot of software gets very confused if some libs it would use or resource files have changed after they were started. often that’s also the reason why holding back a package’s version makes trouble over time (because certain other packages can’t be updated either), or same with using custom repos that have a different release schedule or maybe are not even in sync with your distro




  • But an adversary could easily use a bad usb when they have physical access to the computer and glitter nail polish doesn’t detect that. I guess that this is why nail polish isn’t sufficient on its own and why we need also either trenchboor or Heads.

    it would be interesting to know how much does usbguard protect against this. of course you also need to do something to limit booting from usb, but how effective is usbguard in practice?
    what is the risk of sticks that tries to compromise the machine through kernel driver vulnerabilities?
    is it possible that it compromises some other firmware on the machine (like the EC in laptops)?
    or that it takes advantage of some hardware design failure?


    Personally I’ve only heard about Heads so far, but I think this is an interesting topic. Could you give us a short explanation about why is SRTM not enough, and what is a better way?