exu

joined 2 years ago
sorted by: new top controversial old
Free hosting options for Pangolin in the EU? in c/selfhosted@lemmy.world
[–] exu@feditown.com 2 points 2 months ago (1 children)

How do you handle certificate renewals?

Nextcloud and Thinkfree Office sign partnership agreement to add more choices for users - Nextcloud in c/selfhosted@lemmy.world
[–] exu@feditown.com 2 points 2 months ago (1 children)

I only half remembered; it wasn't really layoffs, but a large management change without much apparent plan for oCIS.

Ex-ownCloud devs seek new start at OpenCloud – Owncloud owner wants to sue

Nextcloud and Thinkfree Office sign partnership agreement to add more choices for users - Nextcloud in c/selfhosted@lemmy.world
[–] exu@feditown.com 5 points 2 months ago (5 children)

Owncloud laid off the whole team working on that. They went to create OpenCloud instead.

Fedora Must (Carefully) Embrace Flathub in c/linux@lemmy.ml
[–] exu@feditown.com 10 points 2 months ago (3 children)

It's great they're having this discussion, but some of the arguments seem overblown and imply Flathub does less reviewing of app than actually does.

Outdated runtimes aren't great either, but as they learned with OBS, just updating to the newest version broke a bunch of stuff.

See this blog post for a response that was made to similar criticisms during the OBS issue. Flathub Safety: A Layered Approach from Source to User

Must be lvl 11 genius in c/lemmyshitpost@lemmy.world
[–] exu@feditown.com 9 points 2 months ago

Idk, you seem kinda gullible

UK wants to weasel out of demand for Apple encryption back door in c/technology@lemmy.world
[–] exu@feditown.com 60 points 2 months ago (31 children)

Only the US is allowed to backdoor every company globally! /s

6G mobile could divide the world in c/technology@lemmy.world
[–] exu@feditown.com 6 points 2 months ago* (last edited 2 months ago) (1 children)

Thing is, there are two different types of 5G. 5G NSA is using 5G, but on the same 4G network resulting in little to no speed change. And then there's 5G SA, the one you actually want but probably isn't deployed anywhere outside major cities if that.

Arrrrr! Welcome Aboard The Good Ship Matey 🏴‍☠️ in c/piracy@lemmy.dbzer0.com
[–] exu@feditown.com 38 points 2 months ago

And then they only deliver up to 720p because your device hasn't been blessed by capitalism

Linux and Secure Boot certificate expiration in c/linux@lemmy.ml
[–] exu@feditown.com 4 points 2 months ago

From the first post in this chain

That said, I've always just enrolled my own keys. I know some other distros that make you enroll their keys as well like Bazzite. At least that way you don't depend on Microsoft's keys and shim or anything, clean proper secure boot straight into UKI.

I didn't start talking about it, this was many comments above

Protecting against rogue devices with Full Disk Encryption and TPM in c/linux@lemmy.ml
[–] exu@feditown.com 1 points 2 months ago

Yep, you need a pin for your TPM to be safe. Here's a proof of concept of someone unlocking Linux systems without TPM pin.

https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/

Protecting against rogue devices with Full Disk Encryption and TPM in c/linux@lemmy.ml
[–] exu@feditown.com 2 points 2 months ago (1 children)

TPM + Pin with Secure Boot is still unbroken AFAIK

Linux and Secure Boot certificate expiration in c/linux@lemmy.ml
[–] exu@feditown.com 15 points 2 months ago (3 children)

I don't think you understand what "enrolling your own keys" means in the context of Secure Boot.

The key affected here is specifically for the Linux shim signed by Microsoft. It is used by GRUB and some distros to work with Secure Boot.

Enrolling your own key means you add a new certificate to the key store. This is completely separate from the one provided by Microsoft and controlled only by you. The common recommendation is to remove all built-in keys and only add your own, to make this system as secure as possible.

view more: ‹ prev next ›