This is where TPMs, measured boot, and remote attestation come in.

You can run whatever kernel you want, but if it is not an approved kernel, you wouldn’t be able to attest to running an approved kernel; allowing whatever DRM scheme the developer put in to active.

I believe this is how the higher levels of Android’s Play Integrity system work.

I’ve used it a fair amount for memory mapped IO where the hardware defined bitfields. It is also useful when you have a data format with bitfields. I’d say it is also useful when your data does not respect byte boundaries, but the only time I’ve run into that involved the bit order being “backwards”, which means that I still had to bittwidle things back together.

From a performance perspective, a cache line is only 64 bytes. Space in registers, low level memory caches, and memory throughout are all limited as well.

What evidence is there that murder is effective in these circumstances?

A bit more context for that quote:

calling for a one-state solution without specifying equal rights for all people; Jewish in particular.

The “one state” in the one-state solution is Israel, which currently views itself as an occupying power, and has Jewish Supremacy enshrined in her basic law (essentially constitution). Jews are not the group that is at risk in this scenario.

So, your mom is OK with gay sex, and recognizes trans people as being their chosen gender? How progressive!

I was shopping for a new vacuum cleaner when a saw a portable carpet cleaner. Basically a vacuum with a precision nozel bolted to a water sprayer. It has been a complete game danger for cleaning up the mess my cats would sometimes leave. Although it is still not as effective as the course of dewormer their vet prescribed.

In the same way that Americans speak English.

Sure, their language is mutual intelligible with English, but if an Englishman comes over here and asks for some chips, they’re going to get a bag of crisps. They’ll mess up verb conjunction on a bunch of collective nouns.

And bless the souls of my Australian mates who come here and call everyone a cunt.

Biden tried to restart the deal back in 2021, and has been trying ever since.

However, it turns out that the US is not the only party involved in international treaties. We can’t just pick up the ball and go home mid game, then come back in a year with a new coach and expect every to continue playing like nothing happened

The original deal was a difficult achievement on its own. Now, we need to not only repeat that, but also deal with the fact that Iran does not trust us to follow through with our end of the deal. Overcoming that needs good negotiation, and a lot of concessions we did not want to make.

This is why administrations of both parties have historically upheld deals made by the opposing party that they didn’t like. Unilaterally breaking deals every 4 years because of who wins an election makes the US a non-credible partner in negotiations. You can’t just wave a wand and fix that.

I think what happened here is that something went wrong and messed up the permissions of some of the users files. MS help suggested that he login as an administrator and reatore the intended permissions.

I don’t work with Windows boxes, but see a similar situation come up often enough on Linux boxes. Typically, the cause is that the user elevated to root (e.g. the administrator account) and did something that probably should have been done from their normal account. Now, root owns some user files and things are a big mess until you go back to root and restore the permissions.

It use to be that this type of thing was not an issue on single user machines, because the one user had full privileges. The industry has since settled on a model of a single user nachine where the user typically has limited privileges, but can elevate when needed. This protects against a lot of ways a user can accidentally destroy their system.

Having said that, my understanding of Windows is that in a typical single user setup, you can elevate a single program to admin privileges by right clicking and selecting “run as administrator”, so the advice to login as an administrator may not have been nessasary.

Fetlife is not a dating app. They have actively not implemented features such as filter by age/gender in order to avoid becoming a dating app. If you are looking to get involved in your local kink community, Fetlife is the answer [0]. For anything else, it is garbage. If you try using it to get laid, you will just be pissing a bunch of people off.

[0] At least for my local kink community. Other areas might vary.

If that were the case then they would have written that into their constitution 70 years ago. And they wouldn’t have assasinated their own prime minister 30 years ago.

Heck, the current minister of national security Ben-Gvir was rejecting from mandatory constriction by the IDF, and convicted in an Israeli court of supporting (Jewish) terrorism after being indicted by an Israeli prosecutor.

These are not things that happen in a country that is unified in its goals.

The Israeli government has no idea what it is doing. Literally. The current government was a barely held together coalition prior to October 7. In the direct aftermath, they formed a unity government and war cabinet that collapsed last week.

Their prime minister has been indicated on corruption and bribertmy charges, which are currently on hold for obvious reasons. By most indications his primary motivation in this matter is to stay in power himself, with Israel’s national interests being secondary.

Individual members of IDF leadership have called Israel’s stated objectives “unachievable”.

Israel simultaneously wants to live in peace as a liberal Jewish state without commiting any form of ethnic clensing; and achieve its manifest destiny of establishing a Jewish theocracy across Judea and Samaria.

These are deep questions that get to the core of what Israel is and stands for. Questions that are to be answered by the Israeli constitution in the 50s. That never happened because Israel was never able to agree on a constitution [0].

Right now, Israel is just reacting, without any long term strategic vision. Various factions are trying to use that chaos to advance their own long term vision.

[0] Which led to the big judicial reform constitutional crisis that was a giant political crisis before October.

Blaise Pascal is famous for 2 things:

1. Pascal’s triangle. This describes how to expand expresions of the form (a+b)^n as well as to compute how many ways there are to pick k objects out of a set of n (ignoring order.

This triangle is computed by starting with 1 at the tip, then having each element be the some of its 2 parents (except the diagonal edges with only one parent, which remains as 1)

2. Pascal’s wager. This is a theological argument for a belief in god that goes “if you believe and god doesn’t exist, nothing happens. If you don’t believe and he does exist, you suffer for eternity. The logical choice is therefore to believe”

The natural conclusion is therefore to believe in all gods. If procelatizing happens in just the right way, and no one realizes people are talking about the same god, you end up with a triangle of polytheists, where the number of gods they believe in is given by Pascal’s triangle.

Edit: gid -> god

The question is, what symbolism do people draw from this gesture. The symbolism I see is viewing the current conflict through the lense of 80 years ago. And, in my view, the pervasive of that 80 year old lense to this conflict is the central problem to solving it.

If Germany wants to pay symbolic reparations for the Holocaust, fine. But don’t tie it to something that has nothing to do with the Holocaust.

No. It is the equivalent of a PC maker going “yeah. I don’t think we are going to put in a CD drive anymore because the DVD drive we have been including for years can do CDs as well”

Ramsey did not get rich from a $1 million loan.

He got rich by having $1.2 million in loans. Declaring bankruptcy, then building a financial media empire that teaches people to get rich by avoiding all debt; buying his books; attending his classes; and investing with financial advisors whom his organization carefully vets to assure that their kickback checks clear.

It is literally the 2 paragraphs that OP quoted in the submission.

I’m one of those security specialists (although not on mastodon). To be clear, if a vulnerable version of libxz were included in a distribution that we actually use; this would be an all hands on deck, drop everything until it is fixed emergency.

Having said that, for an average user, it probably doesn’t matter. First, many users just don’t have the vulnerable version installed. All things considered, it was found very quickly; so only rolling release distros would have it. Additionally, it appears that only .deb or .rpm based distributions would have it. Not because they are particularly vulnerable, the attack explicitly tests for it.

However, lets set all of this asside and assume a typical use is running a vulnerable system. In my assessment, the risk to them is still quite low. With most vulnerabilities, the hard part is discovering it. Once that happens, the barrier to exploiting it is relatively low, so you get a bunch of unrelated hackers trying to exploit any system they can find. This case is different; exploiting it requires the attackers private key. Even though the attack is now widely known, there is still only 1 organization capable of using it.

Further, this attack was sophisticated. I’m not going to go as far as others in saying that only a state actor could do it. However, it is hard to think of anyone other than a state actor who would do it. Maybe a group of college kids doing it for the lolz research? But, if the motivation us lolz, I don’t see them pivoting to do anything damaging with it. And even if they wanted to, there would still only be a handful of them. In short, this is one of those cases where obscurity works. Whoever did this attack does not know or care about Joe the Linux user; and they were probably never going to risk burning it by exploiting it on a large scale.

However, setting all of that asside, suppose you were using vulnerable software, and someone with the private key is interested in your home system. First, you would need to be running OpenSSH on a remotely accessible interface. [0]. Second, you would need your firewall to allow remote SSH traffic. Third, you would need your router to have port forwarding enabled; and explicitly configured to forward traffic to your OpenSSH server [1].

If all of that happens; then yes, you would be at risk.

[0] Even though the attack itself is in the libxz library, it appears to specifically target OpenSSH.

[1] Or, the attacker would need some other mechanism to get on the same network as you.

This is not a privacy bill. Anyone referring to it as a privacy bill is lying. Not even the bill title claims to be about privacy. It is the “Protecting Americans’4 Data from Foreign Adversaries Act of 2024”.

The US navy also has the world’s second largest air force. Beaten only by the US air force.