Have you imported the tails-signing.key yet? Usually you can double-click on that to import it using whatever graphical gpg frontend is set up on your system. It may ask you how well you trust the owner of the key. You can answer that question however you want without affecting this verification process.

Next, it looks like you run the instructions from this page: https://tails.net/install/expert/index.en.html#verify

Some of those command line parameters look a little paranoid. The basic command you want to run is: gpg --verify somefile.sig somefile.img

NTFS is considered pretty stable on Linux now. It should be safe to use indefinitely.

If you’re worried about the lack of Unix-style permissions and attributes in NTFS, then getting BTRFS or ext4 on Windows may be a good choice. Note that BTRFS is much more complicated than ext4, so ext4 may have better compatibility and lower risk of corruption. I used ext3 on Windows in 2007 and it was very reliable; ext4 today is very similar to ext3 from those days.

The absolute best compatibility would come from using a filesystem natively supported by both operating systems, developed without reverse engineering. That leaves only vfat (aka FAT32) and exfat. Both lack Unix-style permissions and attributes.

I agree that the repository should only contain source files, not the output of the build process. However, in some cases (like icon images) the source files may be binary. I think small binaries that are required to build and/or run the software, and that are not an output of any build process, do make sense to put in the repository.

How did you get into TSA Pre without providing fingerprints? I tried once, and they strictly refused to let me apply because I wouldn’t give fingerprints.

I have three ideas: First, you could switch the desktop environment to one of the ones that has a GUI settings tool to set passwordless automatic sign in. I think Gnome 3 on Ubuntu, and Mate Desktop on Linux Mint have that feature. There are probably others.

Second, you could switch your display manager to “nodm”. The display manager is the thing that runs the X server or Wayland, and it starts the greeter (the greeter is the program that shows the login screen). nodm is a special display manager that doesn’t use a greeter or ask for a password. It immediately starts the session using the username and desktop environment specified in its configuration file.

I use nodm for my HTPC and it works very well. The only downside is that you have to edit its configuration file, /etc/default/nodm , using a text editor. I’m not aware of any GUI configuration tool for it. However, it’s pretty easy to configure.

Third, you could abandon all display managers, and start the session manually, either from a shell script, or over SSH. This is a little more complex. You will probably want to get comfortable with SSH before trying this (SSH is the command-line analog of remote desktop).

I fucking guarantee that Linus Torvalds DOES believe in cryptography. Stop calling cryptocurrency “crypto”, because “crypto” is short for cryptography, not cryptocurrency.

Haha. I sent them an opt-out notice by email, and it bounced!

They are using Google email servers for discord .com and Google has apparently shadowbanned me. It gives an error message saying “The account [my email address] is disabled.” but I have never created a Google or Gmail account, and my email address is on a domain not associated with Google at all.

So I’ve completed my obligation to opt-out. Discord will have no record of it, but I have the email server logs to prove I sent it.

If, in the future, anyone needs to sue Discord and forgot to opt-out, feel free to use this same excuse.

Microsoft has enforced mandatory digital signatures for drivers, and getting a digital signing key from Microsoft costs a ton of money. So, presumably they do care.

In contrast, consider nProtect GameGuard, the anti-cheat system in Helldivers 2. It is a rootkit, and runs in the kernel. Why does Microsoft permit this? Shouldn’t this be blocked? It must be using either an exploit like the article, or a properly signed driver. Either way, Microsoft could fix it – by patching the exploit, or revoking the signing key.

The fact that Microsoft hasn’t done anything about malicious anticheat rootkits is a sign that they really don’t care. They just want their payment.

The good news is: the error shown there was a PCIe bus error, which means the error is somewhere between the NVME controller and your processor’s PCIe interface. Also good news: the errors you experienced were fully corrected, so you probably lost no data.

So the flash memory in the drive isn’t failing. That’s good because if the flash memory starts failing, it’s probably only going to fail more. In this case, your errors may be correctable: by replacing the motherboard, by replacing the processor, by reseating the NVME drive in its slot, by verifying that your power supply is reliable…

However, if your NVME controller actually does fail, it will be little consolation to tell you that your data is all still there on the flash chips, but with no way to get it. So now might be a good time to make a backup. Any time is a good time to make a backup, but now is an especially good time.

If you keep getting these errors at the same rate, then you probably don’t need to do anything, since the errors are being corrected. If you’re worried, you could use BTRFS and enable checksumming of data.

You know that stuff that appears on the screen before the operating system? That is the computer’s firmware. Sometimes it shows a brief memory check, sometimes it has a silly error message like “No keyboard detected. Press F1 to continue.” Sometimes it’s just a big image of the motherboard’s manufacturer’s logo. That firmware exists independently of the operating system, and will run even if you don’t have any operating system installed.

Most people refer to the firmware as the “BIOS”, but technically, BIOS refers to an API between the firmware and the operating system. About a decade ago, some people decided that “BIOS” was going to be replaced by “UEFI”, and operating systems would start having a new way to boot. What ended up happening is: the firmware on all recent computers supports both UEFI and BIOS interfaces (and everyone still calls it “BIOS”). Recent Windows versions seem to only boot in UEFI mode, but most Linux distros can boot in either UEFI or BIOS mode. The GRUB bootloader can also start itself up in either UEFI or BIOS mode.

USB live operating systems are limited in size and may have less functionality than other operating systems, so maybe they are only able to boot in one method or another. Try looking around in the firmware (or “BIOS” if you prefer) to see if you can change the boot method to allow both UEFI and BIOS operating systems.

It may help if you can take a picture of some of the firmware’s boot configuration menus.

How would me joining a union help with the Amazon problem? My pay and benefits (and my coworkers’ pay and benefits, to the extent of my knowledge) are very good, so we don’t currently need a union. My job is completely unrelated to Amazon, and my employer isn’t a customer of Amazon or its competitors.

I’m not going to stop complaining about Amazon.

Nobody’s saying to host it on-premises. The SaaSS article is advocating running software that you control on servers that you control. That’s it. The server is likely in a datacenter, and its hardware could be owned by the datacenter, the customer, or someone else. It could be a virtualized host.

The SaaSS article is about software and services, not hardware.

According to the repo, it builds fine on Linux. They just don’t distribute a binary for it.

https://github.com/intel/openvino-plugins-ai-audacity/issues/27

In many cases, they will cherrypick security fixes and other major bugfixes from the bleeding edge version, and put those fixes in the old versions of the software.

This is the same thing the PHP folks would do while the old PHP is supported. Once the old PHP is out of support but Ubuntu LTS is still in support, then the Ubuntu folks have to put in the extra work to do the cherrypicking.