data1701d (He/Him)

“Life forms. You precious little lifeforms. You tiny little lifeforms. Where are you?”

- Lt. Cmdr Data, Star Trek: Generations

  • 98 Posts
  • 640 Comments
Joined 1 year ago
cake
Cake day: March 7th, 2024

help-circle
  • You’re right that it was power-related - one of the options was an ASPM modification - but the issue seemed to be common to this chipset accross laptop brands.

    The fix I used came from this post: https://bbs.archlinux.org/viewtopic.php?id=286109

    My machine was a Thinkpad, but this article was also talking about problems on HP, Asus, etcetera. I think the 8852BE might just be cursed

    To be fair, I was using an E series Thinkpad, but in my defense, the E series seems to have improved a lot in the past few years - this was luckily the only issue I’ve had. I’ve had much more difficult times with Linux on other laptops. Heck, even my desktop had more setup than this when I was first starting out, though it was because I was using a Broadcom Wi-Fi card, as I also dual-booted with a Hackintosh and macOS only supports Broadcom Wi-Fi chipsets.



  • Vulnerabilities certainly do exist, but I’m pretty sure the attacker has to be well-equipped

    I’d call it a protection against data getting cracked in a petty theft, but if your attack vector is much more than that, there are other measures you should probably take. I think Clevis also works with Yubikeys and similar, meaning the system won’t decrypt without it plugged in.

    Heck, I think I know someone who just keeps their boot partition with the keys on it on a flash drive and hide it on their person.



  • I use Clevis to auto-unlock my encrypted root partition with my TPM; this means when my boot partition is updated (E.G a kernel update), I have to update the PCR register values in my TPM. I do it with my little script /usr/bin/update_pcr:

    #!/bin/bash
    clevis luks regen -d /dev/nvme1n1p3 -s 1 tpm2
    

    I run it with sudo and this handles it for me. The only issue is I can’t regenerate the binding immediately after the update; I have to reboot, manually enter my password to decrypt the drive, and then do it.

    Now, if I were really fancy and could get it to correctly update the TPM binding immediately after the update, I would have something like an apt package shim with a hook that does it seamlessly. Honestly, I’m surprised that distributions haven’t developed robust support for this; the technology is clearly available (I’m using it), but no one seems to have made a user-friendly way for the common user to have TPM encryption in the installer.


  • I’m pretty sure by default, virtual networks are not enabled automatically if you’re not using virt-manager GUI.

    To make it run automatically, run the following: virsh net-autostart default

    If it’s not that, just to make it easier to find information, what’s your host distro? I’m guessing by mention of Kickstart files that it’s something Red Hat related, possibly Rocky 9 based on your choice of guest.


  • Weird. It must be that my taste is very indie/alternative. You can always also check if the artist has their own shop.

    That’s how Jonathan Coulton does it. They Might Be Giants does it as well (in addition to a Bandcamp), but most of their stuff from 1990-1996 is stuck on their former label, so they can’t sell DRM-free audio, only vinyl and/or cassette.








  • Is this xfce-winxp-tc? I ‘ve played with it before and it’s awesome.

    However, I don’t use it because while the XP start menu replica is cool, I need a Win7-style search bar, and Whiskermenu sticks pit like a sore thumb here.

    I think a 7 replica would be awesome, but I think some parts of Aero can only truly be replicated with a new WM and DE, such as the color changes in the taskbar for different applications. Many themes just fall short - proportions and effects are slightly off and such.






  • Discord also has an app from Linux - you can get it as a Flatpak (an official one) or as a native package, although they don’t provide a repo for native packages and expect you to manually download a package file every time there is an update.

    For the native packages issue, someone created an apt repo on Github, and if you look in the CI routine, you can tell they’re using the official Discord packages and not modifying them.

    Honestly, I should probably be sandboxing it more.

    It’s annoying to use a proprietary service, but the This Might Be a Wiki community is rather enjoyable.