• 0 Posts
  • 402 Comments
Joined 1 year ago
cake
Cake day: July 29th, 2023

help-circle
  • The TPM is not a dedicated cryptographic processor, it’s an external keystore with a few select functions. You’re thinking of an HSM which is used almost exclusively in servers that have to handle thousands of secrets per second.

    CPUs have had dedicated AES hardware for decades which is why LUKS and Bitlocler use it by default.

    The TPM just allows certain keys and secrets to be generated and stored physically separate from the CPU as a security measure.

    Bitlocker and LUKS will store a master key in the TPM so that you don’t have to enter a password every time you boot. They retrieve it from the TPM and then use it to unlock the actual encryption key which is done entirely in the CPU. If the TPM detects foul play such as secure boot alteration, it will refuse to give the key or clear itself.

    Using the TPM for constant encryption like at rest disk encryption would be way too slow.

    It’s so so small that most modern TPMs have been integrated into the CPU or even simulated via the motherboard firmware (fTPM and PTT).


  • I still fail to see how windows 11 was anything but a collusion scam to sell new hardware.

    None of the changes including TPM requirements required a new iteration. Nothing about the underlying NT dropped any of the old and antiquated BS despite Microsoft hiring some morons to advertise the fact on reddit to all the insiders asking questions.

    They even let the media pick up a fake report that Windows 11 was related to the Core OS and a brand new kernel was in the works.

    If Microsoft wanted a marketing strategy, they could have properly started naming feature updates and adverising them similar to Apple.

    8, 10, and 11 have also been a pain on enterprise because Microsoft axed their QA team. I seriously hope any new firms start considering linux desktop as a valid option. All they really need is a vendor to offer a solid distro along with an agreement to rapidly create/deploy any software solution so they don’t get scared looking at the cheap entry windows stuff.



  • And now we sit back and watch everyone in this thread who shat on 3rd party for “wasting votes” throwing around stupid takes like:

    • Erm RCV will prevent this from being viable, we should just try to fix the Democrat party instead
    • Working class people don’t have the time and money to make a grassroots movement. Clearly we need PAC money to win because that worked so well for Kamala and Clinton
    • PAC money is superior to actual constituents and voters
    • 4 years isn’t enough for a new party to work, we need to vote Democrat first to kick the Republicans out before we do anything else
    • 3rd party would only affect the Democrats and split them up

  • The Fedora doc on this is a bit old but it’s still mostly the same:

    Secure boot activates a lock-down mode in the Linux kernel which disables various features kernel functionality:

    • Loading kernel modules that are not signed by a trusted key.
    • Using kexec to load an unsigned kernel image.
    • Hibernation and resume from hibernation.
    • User-space access to physical memory and I/O ports.
    • Module parameters that allow setting memory and I/O port addresses.
    • Writing to MSRs through /dev/cpu/*/msr.
    • Use of custom ACPI methods and tables.

    The implementation of secure boot is still questionable to this day, but it is understandable that it doesn’t always play nice with Linux. I do believe you can use hibernate now as long as you have an encrypted swap (LUKS).

    I can definitely see the pain if you happen to be a kernel dev or use linux on any SBC with IO ports you want to mess with in userspace and not make en entire overkill kernel module for.


  • The main thing they are trying to do is make it more difficult to find this stuff via google, which tbh is still easy without reddit.

    But even Switch homebrew has been a pain. Most of it is one off software made years ago because no sane dev wanted to actually keep up with all the firmware releases and limited control of CFW. Github/Gitlab repos keep getting banned left and right for tools not even related to piracy.

    3DS has full fledged apps with teams behind everything and HShop which makes it very easy for everyone. Switch still doesn’t have a definitive method of handling NSP/XCIs, and all the auto download internet repos are invite only to hide from Nintendo.

    I’m really hoping someone finds some serious hardware bypass in their next console after what they did to the emulation scene. They really deserve to go through the insane R4 piracy age all over again for nuking everything online.





  • mlg@lemmy.worldtoFediverse@lemmy.worldI really want to like Lemmy
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    1
    ·
    14 days ago

    Jokes on you the political content here is from the redditors who pretended to quit their award fueled addiction by also joining lemmy.

    Seriously though, compare c/Politics to c/Worldnews or c/News. There is a very large dissonance between the comments shared despite both communities posting the same news info…


  • I thought it was already fairly well established that symmetric encryption is not something that a quantum computer could potentially crack, only asymmetric encryption is theoretically possible due to its use of a prime order field.

    Shor’s algorithm is a quantum algorithm for finding the prime factors of an integer. It was developed in 1994 by the American mathematician Peter Shor.[1][2] It is one of the few known quantum algorithms with compelling potential applications and strong evidence of superpolynomial speedup compared to best known classical (non-quantum) algorithms

    a quantum computer with a sufficient number of qubits could operate without succumbing to quantum noise and other quantum-decoherence phenomena, then Shor’s algorithm could be used to break public-key cryptography schemes, such as

    • The RSA scheme
    • The Finite Field Diffie-Hellman key exchange
    • The Elliptic Curve Diffie-Hellman key exchange

    Moreover:

    The largest number reliably factored by Shor’s algorithm is 21 which was factored in 2012 (ie faster than a regular computer, the much higher records like 48 bit utilized pre and post processing and was faster on a regular computer).

    Even if we go with the assumption that the military is 10 years ahead in technology and can factor 221 with Shor’s, that’s still nowhere near enough to break RSA. Much more efficient to attack all the systemic flaws in RSA, hence why 1024 is no longer considered secure, 2048 is assumed to be breakable by any 3 letter agency, 4096 is assumed to be safe (for now), but mostly the latest and greatest is elliptical ECDSA/Ed25519 (of which NIST has been accused of rigging ECDSA for easier cracking lol).


  • Bruh this comments section is making the wrong conclusions

    Clamshell design was and always will be the superior space format. There’s a reason why the DS and 3DS had so much homebrew, it was practically the successor to PDAs.

    Android foldables have barely scratched the surface in split screen and back screen utility, but the half size alone makes it very nice to carry.

    The real issue here is that yet another small groundbreaking OEM died because Android device development is an oligopoly. Google, Samsung, Motorola, and Oppo simply took the technology the moment it was revealed and immediately made competitor devices, regardless of initial quality, to get investors excited.

    No one was gonna invest in some small Chinese OEM if the big ones were gonna do the same thing and guarantee sales + existence.

    This exactly why Android feature development has stalled so hard. Everyone sits around twiddling their thumbs for several generations worth of phones until another startup comes up with a new feature they can implement for cash grab. It’s so bad we literally lost features like NFC bumping just to match what everyone else is doing.

    If some startup made a phone with the camera shifted an inch to the center, I can guarantee you the next pixel or galaxy will have it for literally no practical reason other than to prevent competition.



  • Poor soul thinks said corporate media somehow exists completely outside of the scope of the DNC as if the DNC itself isn’t just a convention for corporate donors to show up and throw in their demands in exchange for campaign funds and lobbying money.

    I mean I’m sure the headline NYT article about Clinton having a 91% chance of winning was totally some next level corporate funded psyop and not a one of the many thousands of advertisements paid for by the DNC. /s

    No, it’s totally the corporate media that’s after her and has absolutely nothing to do with the candidate that dropped the entire uncommitted movement worth of constituents for $100 mil in corporate AIPAC money. /s






  • mlg@lemmy.worldtopolitics @lemmy.world*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    22 days ago

    Wasn’t there a recent conspiracy theory that the establishment doesn’t want Trump (hence the assassination attempts) because he’s an easily manipulated loose canon who doesn’t follow orders like a good shill should lol?

    Point being that dems lost this election because they are inherently more pro establishment and have been for a while.