Anyone who buys into this deserves the financial ruin that will so obviously happen to them.

If you need to be able to do unions and you are doing it in javascript, you are being absurdly inefficient compared to setting up a postgres db, but i wont be able to convince you of this because of basically nonsense brainwashing from your corporate conditioning.

EDIT: Note to self, do not use lemmy while hangry.

Yep Im wayyyy off base here.

Ah yes, javascript, the database language.

Jesus fucking christ I am so glad I don’t work in the corporate tech sector anymore.

This person asked if they can make PopOS secure via TPM.

I am saying that while yes, you can, there isnt much point, because setting up LUKS to work with TPM is inconvenient, easy to fuck up, and basically offers no additional protection against all but extremely implausible security scenarios for basically everyone other than bladed server room admins worried about corporate espionage who are for some reason running bare metal PopOS on their server racks.

Like the only actual use case I can see for this is /maybe/ having a LUKS encrypted portable backup drive, but even then you can still base the encryption key in the actual main pc’s harddrive without using tpm, though at /that and only that point/ are we approaching parity between the difficulty of using or not using tpm to accomplish this.

Oh ok so the use case here is if this casual linux user asking this question has only their harddrive stolen from their pc or their laptop in their home or apartment or workplace, not their whole pc.

Mhm that seems likely.

I guess this maybe makes sense if youre running like a server room, but chances are low thats the actual context of this question.

Why would you run PopOS on a large operation’s servers?

Again, you dont need to use TPM to have a LUKS encrypted partition unlock automatically on boot.

You can just do this via the standard drive management included with PopOS.

Its not though, it requires a ton of extra work to set up, isn’t necessary, doesn’t allow you to do anything you can’t do without it.

You also do not need TPM to automatically decrypt drives on boot, I have also done this on PopOS for 3 years, with TPM disabled.

Ok… so… if you have TPM… and LUKS…

You still have a scenario where the encryption key is still on your physical device, LUKS with or without TPM, or … some kind of TPM based Linux encryption solution I have never heard of?

Does Windows Secure Boot work on Linux via the TPM?

No…

Am I missing something?

Theres no point in involving TPM in securing a linux computer.

In a scenario where you’ve physically lost your computer, using TPM or not it wont matter if your pc gets into the hands of someone who can attempt to brute force the keys.

If your pc is remotely compromised to the point it has something on it that can grab your keys, it also will not matter if you are using TPM in some way.

The only practical use of full disk encryption is if your linux pc and or laptop gets stolen and falls into the hands of a non tech savvy person, and in that scenario, going through the trouble of correctly binding LUKS to TPM will have just been a waste of time.

Thus, you should probably just use LUKS and not bother routing it through TPM.

Sure but you dont need to use TPM at all to use LUKS.

You can store the encryption key on the harddrive, in the LUKS partition layer.

Like thats the default of how LUKS works.

Im really confused why people think TPM needs to be involved in anyway when using LUKS.

Generally speaking you have to go out of your way to correctly cajole TPM v1 or v2 to actually correctly interface with LUKS.

Not necessarily?

Im pretty sure I used PopOS for 3 years with LUKS encryption with TPM disabled.

Why would you do this when PopOS offers LUKS1/2 disk encryption?

Yes this is a wonderful idea when you live in a magical fantasy world where the vast majority of people do not have any ability to invest in any stocks whatsoever.

These idiots truly just actually think everyone is slightly different versions of themselves.

Well the camera on this thing works fine for anything you would post and or view on social media resolutions, as well as basically any computer monitor under 4k.

If I was really interested in taking high resolution photos at 4k or higher, I actually just would get a proper camera with better ergonomics, ability to use a tripod, etc.

Cant really see why the vast majority of people would need that kind of resolution anyway unless theyre doing professional work.

I have a $200 crap phone with a headphone jack.

Does everything I need a phone to do.

Also with an analogue, cabled headset, it can pick up radio stations.

Headset cost $20 bucks. Not amazing, but shockingly good bass compared to a $20 dollar headset from when the first iPhone came out.

Nope, the phone is not made out of titanium.

I have dropped it plenty of times and its fine, no screen cracks or broken buttons, hell, I even accidentally dropped it fully into a bath tub once.

Turned it off, popped the back cover and the battery out, left it alone for 2 hours to dry out.

Its fine, no damage whatsoever.

I entirely fail to see why absurd processing power is necessary for anything beyond some mobile games, which are crap.

I have some ok free games 2D games, but theres only so much you can do with a touch screen.

This $200 piece of crap can run 99% of what 99% of people use their phones for 99% of the time.

Only downsides are no games, no stupidly high resolution cameras.

EDIT: I have been a software developer, database admin/dev, data analyst. Stereotypical tech worker in many ways. Never fucking understood why getting a 1000+ phone every year or two made any sense to anyone.

Basically not unless /another/ anti-trust lawsuit is brought against them, and also somehow Teddy Roosevelt time warps into exactly Biden’s location, explodes him Dr. Manhattan style inside out, immediately asks for a fitting suit, signature glasses, and this somehow stuns everyone into just letting him be President for the rest of Biden’s term.

God I still cannot believe how obviously bullshit that all was and how many fucking idiots parroted it hook line and sinker.

Wait, so, the Cloud is actually just a bunch of other computers, called servers, and the only real innovation is basically a load balancing system?

Next youre gonna tell me I wont be able to stream lagless video games and also do competitive multiplayer on my Google Stadia, pff, like youre some kind of expert or something.

/s

You are wrong about this, there are literally right now huge arguments going on and legal battles likely to start soon over the fact that ‘AI’ generated content is effectively a giant plagiarism/synthesis machine, as the models are nearly always trained on /massive/ swaths of content that include /many/ copyrighted works, as well as stuff that was simply never given express permission to be used in such a way.

Valve, for example, has officially taken a side, a few days ago stating in a policy update that you are not allowed to publish a game with ‘AI’ gen art, dialogue, or code, unless you can prove the training set for the ‘AI’ did not contain any source material you do not have the rights to use in a for profit manner.

I actually had a tankie tell me that Chinese is not actually a bunch of what us Americans would actually more properly call different languages altogether, when I told a story about a friend I knew from Hong Kong, speaking Cantonese and a little a English, had to actually go through me (Cantonese, English, capable of translating Cantonese to Vietnamese, but not Mandarin, because my phone waa bugging out), and a nearby Vietnamese shopkeep (Vietnamese, some Mandarin) to communicate to someone who only spoke Mandarin, and effectively nearly no English.

We did this comical routine of my friend typing Cantonese into my phone, translating it to Vietnamese, then to Mandarin via the shopkeep, then to the Mandarin speaking woman, then all the way back the other way, for about 20 minutes, to have a conversation that probably could otherwise have been had in 3 minutes.

There are in fact many regional /dialects/ of Chinese (beyond just Cantonese) that are actually so different that it is very common that one who can only speak one /dialect/ cannot actually communicate nearly at all with someone who knows only a different /dialect/.

I am putting /'s around dialect because actually a growing number of translators who know one or many of these /dialects/, as well as English, think it is more accurate to describe them as being different languages to those who speak English.

Anyway, yeah, had a tankie chew me out for pointing this out and call me a ‘gusano’, which is incredible because this is an insult popularized by Castro against counter revolutionaries.

I am an anarchist, and gusano is Spanish for maggot or worm.

It was truly a ludicrous exchange.