What an unhinged rant. Even 30 seconds after posting I can barely understand my point. I’ll leave it there unedited though.

The root cause of this issue that they identify, is 100% the kind of AI that they’ll build for this situation.

Old mate wants to use it to keep people on their best behaviour. The kind of subjective wording that whatever he doesn’t like, is the exact reason people lie in court.

Power to that thought process through systemising it, legitimising it, is exactly part of the problem.

What’s that American who said lies about the eating cats then justifying it by saying “I’d lie if it got the American public to wake up”. Let me get the quote…

https://www.mediaite.com/news/remarkable-confession-jd-vance-absolutely-floors-observers-with-comment-that-hes-been-creating-stories-about-migrant-pet-eating/

If I have to create stories so that the American media actually pays attention to the suffering of the American people, then that’s what I’m going to do.

Yep. It’s not infallible, it’s intentional. Intent goes into the creation of systems and implementations. These are the kind of people that want these systems. They’re justified in their own minds.

So to close the loop you linked that article and it’s point was:

More than half of wrongful convictions can be traced to witnesses who lied

Don’t give them reason for more ways to do so. Don’t give them legitimacy. That’s deterministic. It’s intent. It’s not failed if it worked. Your opinion on a system which is failed or fallible is not the same as the Oracle hocho who wants to be God.

They’re not sharing your values, morals, ethics or compassion.

I saw a sign on each street light on a bike path in my town that said “these street lights use aluminium cabling because the copper was stolen”.

Your plan will work.

This is no different to me having a email dedicated to searching for a house to give to real estate agents and someone saying “I don’t think it’s legal that a house has an email”. It was frustrating reading up until your comment that people just didn’t get it.

https://www.theverge.com/2022/8/21/23315513/google-photos-csam-scanning-account-deletion-investigation

Google looks. Google reports. Even if you did nothing wrong you’re guilty until you prove innocent and even then you’ll never get your account back.

I spent like 20 minutes self hosting and running over tailscale so traffic is always private… Never had an issue. I’ve got over 20 devices accessible on it.

Easy to remote register over ssh just by sending the installer plus running with server name plus key, then setting a static password.

I still think gaming wide moonlight is great though. You won’t really regret that.

Other then legacy and uefi does it have a CSM compatibility support mode? An option to enable usb initialisation before bios? Eg wait for usb initialisation?

Some “boot faster” options kind of reorder boot initialisation to a point where it’s not holding the system back.

Though I’m really running out of suggestions… I can imagine you’re pretty frustrated. I know my Dell laptop was a pain to get the right settings to get usb to boot and the stupid 100db beep to silent on boot interruption.

And you probably confirmed that live boot worked too I assume.

In the actual bios, can you see a boot order and see uefi for Windows/whatever is on your internal disk? But not any other entries?

I suggest a few more things:

Try a different brand usb. Different motherboards sometimes don’t support some usb brands. In fact, a Lenovo server I rebuilt refused to boot off certain usbs.

Some motherboards don’t initialise boot off some usb ports. Sometimes the additional ports are on another controller and initialise too slow.

Just try a straight working Ubuntu live boot usb to remove any ventoy from equation. Ubuntu has real signed uefi (and no shim) granted by Microsoft. I think that’s how it works, uefi is a mess.

Try to start isolating all the different factors, and there could be more. It doesn’t necessarily mean anything definitive if it works on another machine.

It’s PKI, public key infrastructure. It’s secure so it’s used in many applications. Including ssh using keys.

For me I want to know how much frame latency there is since I’m suspicious and I want to try things to see the effect and I just don’t know how to get that information in an OSD like I can with msi afterburner.

If someone knows what can do this in Linux, please reply!

Instead I just stopped all competitive and cooperative gaming. Which is a bit of a shame. Sometimes I’ll load up windows to join friends but usually by the time I’ve updated whatever game I’ve gotten over it.

Don’t get me wrong, hiccups aside I’m very happy which is why I’m in Linux most of the time. But it’s not always a wonderful world.

This will be able to do cross site (apps) information collection within other sites (apps) in this profile. The way this works is one of many, and complicated so: https://blog.mozilla.org/en/products/firefox/cross-site-tracking-lets-unpack-that/

The idea of profiles is to stop this behaviour and other behaviours through isolation. Along with other practices makes up a privacy-in-depth (layered) approach. It doesn’t solve everything.

For example if you are in the same house sharing an internet connection, it is possible to say “at least one outstation in this house (IP) are interested in ‘x’ and therefore I should target everyone in that house because people who live together are interested in similar things”. Even if you isolate, you could still teach a data hoarding company like meta you like something simply by them by necessity needing your IP to communicate.

Some people try to say ‘I’ve got a VPS with a VPN to communicate all traffic through’ but that doesn’t add any privacy, your exposed VPS with its IP is an IP only for you and still all collected information about you would be able to be thumbprinted to that IP across many services (eg instagram whatsapp and Facebook). A public VPN provider in this case adds a layer of obfuscation since you can change your IP rapidly and it’s an IP that’s shared with other unrelated users. Which is exactly why many services like reddit are banning access from them under the guise of “oh training data leaks from VPN, and we want to sell it” bs.

Anyway it’s a tough world out there to be private. I’m at an age where after 10 years without Facebook and I never had instagram, everyone knows I’m contactable via sms. It’s not secure, it’s barely private, but I don’t really “chat” except at the pub. So that’s where they ask me to visit. Lol.

Hate to break it to you, but most IT Managers don’t care about crowdstrike: they’re forced to choose some kind of EDR to complete audits. But yes things like crowdstrike, huntress, sentinelone, even Microsoft Defender all run on Linux too.

Well, what I really wonder is if because the kernel can include it, if this will make an install more agnostic. Like literally pull my disk out of a gaming nvidia machine, and plug it into my AMD machine with full working graphics. If so this is good for me since I use a usb-c nvme ssd for my os to boot from on my work and home machines and laptops for when I’m not worrying. All three currently have nvidia cards and this works ok. I have some games to chill and take a break. My works core OS for work MDM etc unmodified. I like it that way.

I realise this is not a terribly useful case, but I could see it for graphically optimised VM migrations too not that I have many. Less work in transitioning gives greater flexibility.

Sorry to clarify: updates come as security or as feature updates. If I’ve already got a standard operating environment (SOE) with all the features I/staff need to do work, I don’t need new features.

I then have to watch cves with my cve trackers to know when software updates are needed and all devices with those software get updated and the SOE is updated.

I can go on a rant about how bad the Linux has recently made my life as someone’s policy is that any Linux bug might be a security vulnerability and therefore I now have infinite noise in my cve feed, which in turn is making decisions on how to mitigate security issues hard, but that is beyond this discussion.

So in short I’m only talking about when you update, updating only security fixes, not the software and features. Live patching security vulnerabilities is pretty much free low effort, low impact, and in my personal opinion, absolutely critical. But software features patching can be disruptive, leaves little to be gained, and really only should be driven for a request to need that feature at which point it would also include an update to the SOE.

They probably have been using it for years, and for the last more then a decade I’ve been using Ubuntu as my main Linux distribution since I have work to do and I’ll get to doing work faster in ubuntu than any other distribution.

Why did I start with Ubuntu? 10+ years ago Ubuntu was lightyears ahead for community support for issues. Again, I had work to do, I wasn’t hobbyist playing “fuck windows”.

In fact look at things like ROS where you can get going with “apt install ros-noetic-desktop” and now you can build your robotics stuff instantly. Every dependency to start and all the other tooling is there too. Sure a bunch of people would now say “use nix” but my autonomous robotics project doesn’t care I am trying to get lidar, camera, motors, and SLAM algorithms to work. I don’t want to care or think about compiling ROS for some arch distribution.

I won’t say I don’t dabble with other distributions but if I’ve got work to do, I’m going to use the tools I already know better than the back of my hand. And at the time, when selecting these tools, Ubuntu had it answered and is stable enough to have been unchanging for basically a decade.

Oh and if I needed to, I could pay and get support so the CEO can hear that risk is gone too (despite almost every other vendor we pay never actually resolving a issue before we find and fix it… Though I do like also being able to say “we have raised a ticket with vendor x and am waiting on a reply”).

From my perspective, if used for work, automatic security updates should be mandatory. Linux is damn impressive with live patch. With thousands or even tens of thousands of endpoints, it’s negligent to not patch.

Features? Don’t care. But security updates are essential in a large organisation.

The worst part of the Linux fan base is the users who hate forced updates, and also don’t believe in AV. Ok on your home network that’s not very risky compared to a corp network with a million student and staff personal information often with byo devices only a network segment away and APT groups targeting you because they know your reputation is worth something to ransom.

The messaging around this so far doesn’t lead me to want to follow the fork on production. As a sysadmin I’m not rushing out to swap my reverse proxy.

The problem is I’m speculating but it seems like the developer was only continuing to develop under condition that they continued control over the nginx decision making.

So currently it looks like from a user of nginx, the cve registration is protecting me with open communication. From a security aspect, a security researcher probably needs that cve to count as a bug bounty.

From the developers perspective, f5 broke the pact of decision control being with the developer. But for me, I would rather it be registered and I’m informed even if I know my configuration doesn’t use it.

Again, assuming a lot here. But I agree with f5. That feature even beta could be in a dev or test environment. That’s enough reason to know.

Edit:Long term, I don’t know where I’ll land. Personally I’d rather be with the developer, except I need to trust that the solution is open not in source, but in communication. It’s a weird situation.