581
🐧> 🪟 (lemmy.world)
submitted 2 days ago by [email protected] to c/[email protected]
top 50 comments
sorted by: hot top new old
[-] [email protected] 65 points 1 day ago

Using the capital punishment symbol instead of the killed in action symbol suggests windows was executed after the war (likely by installing linux lol)

[-] [email protected] 15 points 1 day ago

There are variations of the Skull and Crossbones here that have specific meaning?

[-] [email protected] 25 points 1 day ago

On wikipedia, capital punishment is a skull and amd bones, killed in action is a christian cross

[-] [email protected] 6 points 1 day ago

Thats kinda shitty its a cross. Like holding one religion above the others on a fucking encyclopedia.

[-] [email protected] 13 points 17 hours ago

It is not a Christian cross, the symbol is the dagger which is also often used for adding post-scriptum information or challenging parts of a text.

People often mistake it for a cross, given the look, but there's no actual preference towards any religion here.

The cross is an entirely different unicode character:

load more comments (1 replies)
[-] [email protected] 4 points 1 day ago

Is there a symbol for a zombie, something that supposedly died many times over but keeps coming back?

[-] [email protected] 1 points 12 hours ago* (last edited 12 hours ago)

That's the definition of a phoenix: 🐦‍🔥

[-] [email protected] 2 points 1 day ago

Because KIA takes way too much room on the page.

[-] [email protected] 78 points 2 days ago

Does "Secure Boot" actually benefit the end user in any way what so ever? Genuine question

[-] [email protected] 36 points 1 day ago

For you? No. For most people? Nope, not even close.

However, it mitigates certain threat vectors both on Windows and Linux, especially when paired with a TPM and disk encryption. Basically, you can no longer (terms and conditions apply) physically unscrew the storage and inject malware and then pop it back in. Nor can you just read data off the drive.

The threat vector is basically ”our employees keep leaving their laptops unattended in public”.

(Does LUKS with a password mitigate most of this? Yes. But normal people can’t be trusted with passwords and need the TPM to do it for them. And that basically requires SecureBoot to do properly.)

[-] [email protected] 1 points 14 hours ago

With LUKS, your boot/efi partition is still unencrypted. So someone could install a malicious bootloader, and you probably wouldn't know and would enter your password. With secure boot, the malicious bootloader won't boot because it has no valid signature.

[-] [email protected] 1 points 14 hours ago

Exactly. The malware can do whatever, but as long as the TPM measurements don’t add up the drive will remain encrypted. Given stringent enough TPM measurements and config you can probably boot signed malware without yielding access to the encrypted data.

In my view, SecureBoot is just icing on the cake that is measured boot via TPM. Nice icing though.

[-] [email protected] 10 points 1 day ago

That’s only one use of secure boot. It’s also supposed to prevent UEFI level rootkits, which is a much more important feature for most people.

[-] [email protected] 3 points 23 hours ago

True. Personally, I’m hoping for easier use of SecureBoot, TPM and encryption on Linux overall. People are complaining about BitLocker, but try doing the same on Linux. All the bits and pieces are there, but integrating everything and having it keep working through kernel upgrades isn’t fun at all.

[-] [email protected] 64 points 1 day ago

Well yes, assuming that:

  1. you trust the hardware manufacturer
  2. you can install your own keys (i.e. not locked by vendor)
  3. you secure your bios with a secure password
  4. you disable usb / network boot

With this you can make your laptop very tamper resistant. It will be basically impossible to tamper with the bootloader while the laptop is off. (e.g install keylogger to get disk-encryption password).

What they can do, is wipe the bios, which will remove your custom keys and will not boot your computer with secure boot enabled.

Something like a supply-side attack is still possible however. (e.g. tricking you into installing a malicious bootloader while the PC is booted)

Always use security in multiple layers, and to think about what you are securing yourself from.

[-] [email protected] 19 points 1 day ago* (last edited 1 day ago)

It prevents rootkit malware that loads before the OS and therefore is very difficult to detect. If enabled, it tells your machine to only load the OS if it's signed by a trusted key and hasn't been tampered with.

[-] bdonvr 36 points 1 day ago

Yes, as long as you get the option to disable it. And use custom keys.

It's uh, more secure.

[-] [email protected] 25 points 1 day ago

I enrolled custom keys and bricked my motherboard 🙃

[-] [email protected] 12 points 1 day ago

Same. Should've listened to securebootctl telling me the key was malformed.

[-] [email protected] 7 points 1 day ago

My keys were fine, I'd used them on a previous system. My best guess is boot failed because GPU firmware wasn't signed with my keys, only Microsoft's keys. And of course, I can't just CMOS clear, and I don't have an iGPU. It's crazy that an OS can brick my motherboard; I'd be a lot more forgiving if a BIOS option bricked it, but exposing a "brick me" option in efivars for any ring 0 software to press??

load more comments (1 replies)
[-] [email protected] 24 points 1 day ago

It's so secure that the first thing under Wikipedia's entry for Secure boot is Secure boot criticism

Yes this is a real, I'm not joking.

load more comments (5 replies)
[-] [email protected] 21 points 2 days ago

You can set it to run only specifically signed binaries on boot.

[-] [email protected] 9 points 1 day ago

Specifically signed by anyone with a key - which, considering multiple where leaked over time - is everyone.

[-] [email protected] 15 points 1 day ago* (last edited 1 day ago)

I have a motherboard in a state where it won't boot unless you pull and reinsert the cmos battery. After this it will boot exactly once.

It will also boot without issue if you don't have a cmos battery at all. This is obviously not ideal.

I wonder if these issues are related? I purchased the motherboard second hand in this state about a year ago. So it is far too early for this update, but it remains a mystery.

[-] [email protected] 1 points 7 hours ago

Y'know the setting in the bios where you can choose boot on power restore, stay off or last state? This relies on a capacitor on the motherboard near the bios battery to store the last state. This 5 cent capacitor can die and sometimes behave like you are saying. I had a repair guy fix it cheap and that server worked normally after that.

[-] [email protected] 14 points 1 day ago

Have you tried putting in a new battery?

[-] [email protected] 2 points 1 day ago

Ain't nobody got time for that

[-] [email protected] 3 points 1 day ago

I had something kiind of similar once, where it would only boot after trying to boot once, letting it run a bit in idle, and then rebooting where it would actually succeed. Turned out I forgot to put the clear cmos jumper back to neutral after i reset cmos.

So my best guess (other than new battery) is check the jumpers maybe

[-] [email protected] 47 points 2 days ago

I had this problem at work a week ago or so, at least with Fujitsu PCs. For them, the main cause isn't an empty CMOS battery, but rather that Fujitsu generally had too little BIOS cache, since there is nothing about it in the UEFI standard. The update basically overfilled that cache, rendering the BIOS completely unusable. The POST doesn't even go through fully.

The PC are sort of bricked, you gotta put the mainboard into recovery mode, put the ROM file on a freeBSD formatted stick and wait until you see instructions on the screen. Follow them, restart the PC. I recommend setting the BIOS to the optimized default settings, as not doing that might make the boot of Windows pretty slow in some cases. I did hear that it can delete the keys from the TPM, but I haven't seen that with my PCs at work.

[-] [email protected] 15 points 2 days ago
[-] [email protected] 45 points 2 days ago

most competent Microsoft developer

[-] [email protected] 19 points 2 days ago
load more comments (1 replies)
[-] [email protected] 41 points 2 days ago

What all am I looking at here? Or is this all meme?

[-] [email protected] 64 points 2 days ago

It's a meme about how draining the cmos battery bricked some PC's, I think. It's formatted like the Wikipedia sidebar summary for articles on wartime battles.

[-] [email protected] 6 points 1 day ago* (last edited 1 day ago)

You're in linuxmemes did you not expect a meme? xD

Also: Yes it's a meme based on a true story (see the other comments for more details)

The meme itself is based on https://knowyourmeme.com/memes/historical-battle-shitposts-decisive-victory

load more comments (3 replies)
[-] [email protected] 36 points 2 days ago

Wow what a super cool website without cookie opt-out.

[-] [email protected] 1 points 17 hours ago

Use Reader View in Firefox. I never accepted the cookies. 😉

[-] [email protected] 19 points 2 days ago

Not only that, if you try to click any of the links, like the partner list or privacy statements, it takes you to another page with the same pop-up over it... So you have to accept the shit to read their disclosures... What a shitty website, unless the purpose was to keep the information a secret, then it works great because I sure as shit didn't read it.

[-] [email protected] 13 points 2 days ago

The URL (borncity) has nothing to do with the topic (Windows Update), that's a sign of an SEO content farm

[-] [email protected] 5 points 1 day ago

Well the website (and the guy maintaing it) is pretty old. I think the blog posts reach back till Windows Vista. The guy itself wrote some books about Win95 so he has some experience.

The site is quite popular in Germany and the information is usually good summarized and helpful IMHO.

Anyway as always I recommend an adblocker when using the internet.

[-] [email protected] 3 points 1 day ago

What? The penguin bird is so fat that it is bigger than a window? Or... I know: "Stick penguin into hole!" But why? Nah... Hey, can somebody read ancient Egyptian?

[-] [email protected] 15 points 2 days ago

Allen&Heath sound controllers on Ubuntu had a funny failure too. It's touchscreen and extra screen would show nothing on boot although the sound controls (for one surface config) works. In order to fix that, you need a replacement battery, a keyboard to boot into it's BIOS and a password they don't disclose publicly. I revived a couple of these by a pure luck of discovering someone posting said passwords 5+ years ago. It's so hostile I hate it.

[-] [email protected] 7 points 1 day ago

But how many civilians cannibalized?

[-] [email protected] 1 points 1 day ago

There are no civilians when profit is involved.

load more comments (1 replies)
[-] [email protected] 8 points 2 days ago
load more comments
view more: next ›
this post was submitted on 07 Jul 2025
581 points (98.3% liked)

linuxmemes

26122 readers
406 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
  • Don't get baited into back-and-forth insults. We are not animals.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn, no politics, no trolling or ragebaiting.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
  • 5. 🇬🇧 Language/язык/Sprache
  • This is primarily an English-speaking community. 🇬🇧🇦🇺🇺🇸
  • Comments written in other languages are allowed.
  • The substance of a post should be comprehensible for people who only speak English.
  • Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
  • 6. (NEW!) Regarding public figuresWe all have our opinions, and certain public figures can be divisive. Keep in mind that this is a community for memes and light-hearted fun, not for airing grievances or leveling accusations.
  • Keep discussions polite and free of disparagement.
  • We are never in possession of all of the facts. Defamatory comments will not be tolerated.
  • Discussions that get too heated will be locked and offending comments removed.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.

    founded 2 years ago
    MODERATORS