Natanael

Could be that you loaded an incomplete set the second time…? 🤷

That would make it stop at the end of the bootloader with decryption failure, not full bricking

Could be a UEFI bug in the VM itself;

https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#Using_your_own_keys

Could also be that you didn’t sign your boot image since that command seems to load the secure boot signing key into the UEFI firmware, if you cleared other signing keys then potentially no code can load. You would have to load the keys for whatever UEFI firmware vendor is used (presumably that made by the VM software maker) or sign it yourself, etc.

Big mlem

Just give it a grill faceplate

Both

They extended Proton with instruction translation (FEX)

Yup, FEX to translate x86 to ARM.

Most of those things would only be possible by hiding them in a system update

It’s possible but complicated.

Since apps have access to the TPM API they can encrypt their own data in such a way that only the app’s own authorized processes can retrieve the decryption key from the TPM chip

There’s measures they could use in theory, but if you switch keyboard app away from Google’s and set private text mode, enable screenshot protection, etc, then you should be good.

For sites you visit occasionally, it’s better to enable tab isolation (use the containers feature) and then enable JS only for that domain (note the difference between allowing JS from that domain in any tab, vs only allowing that tab with that domain to use JS, you should do the latter)

https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/

If you’re switching to a different browser you may as well use the same browser but a second clean profile and use private tabs so it doesn’t retain history. Using private tabs in your main browser profile does also help but isn’t perfect because there’s still some metadata leaks occasionally.

Using a different browser could ironically make you easier to track - how unique you are is the main signal used to track you (user agent, OS, language, etc), and going for an even more rare config will help their tracking even if you delete session cookies. Especially if they have a tracker across multiple domains you visit from different browsers from the same IP, with similar device fingerprinting results across browsers. That’s a strong signal those sessions are linked. You want to NOT stand out to maintain your privacy.

Forbidden snacks

Probably the combination of having a controller and touchscreen but NOT having a keyboard. Or recognizing the CPU series (SoC type). Or both.

Telegram has been under fire from the start, lol. 'we have math PhDs" 🤷

There’s also a big difference between published specifications and threat models for the encryption which professionals can investigate in the code delivered to users, versus no published security information at all with pure reverse engineering as the only option

Apple at least has public specifications. Experts can dig into it and compare against the specs, which is far easier than digging into that kind of code blindly. The spec describes what it does when and why, so you don’t have to figure that out through reverse engineering, instead you can focus on looking for discrepancies

Proper open source with deterministic builds would be even better, but we aren’t getting that out of Apple. Specs is the next best thing.

BTW, plugging our cryptography community: !crypto@infosec.pub

Looks like the same dev from reddit

https://www.reddit.com/r/crypto/comments/1iumxl3/how_far_can_i_push_closesource_code_towards_being/

Depends on where the exact cause is. Sometimes it’s fixable in another layer (like a compatibility patch in wayland) if all the data is still there, but it really should be fixed in the driver

It’s usually a driver issue as in limited support for your specific graphics card, where some features are implemented differently from other models and not covered in full by the open source drivers

This is an issue with translating the graphics buffer to the screen, it’s a driver issue. There’s differences in the graphics APIs used by older and newer games, sometimes not every version is tested for a given driver / graphics card combination, so stuff like older OpenGL games might not work the same as a newer one running on Vulkan (or which Proton can translate to Vulkan)

What else do you have installed? KDE Connect?

Yup, don’t be sole owner if you can’t afford a lawyer to make sure you get a good deal