I have seen some platforms locked to Microsoft first party keys only. They boiled the frog by starting with it being optional, able to enroll your own keys, and Microsoft signing third party bootloaders, but now there exists a Microsoft-only certificate regime that at least some vendors have selected, or at least made a selectable option. The pitch being that Windows shops that don't trust their users can be assured they aren't deviating from the blessed windows os their IT trusts.
jj4211
joined 2 years ago
Nvidia can't meaningfully sign their Linux drivers. A distribution can, in theory, include Nvidia drivers in their build and sign it, but the logistics of out of tree drivers is just impossible.
Redhat toys with the concept of a whitelisted ABI for some limited range of kernels, but I've never seen a driver actually roll with that.
Basically Linux would need to embrace some form of ABI, and there's been zero interest in doing so.
You will be able to tell slop from intelligence.
However, you won't be able to tell AI slop from human slop, and we've had human slop around and already overwhelming, but nothing compared to LLM slop volume.
In fact, reading AI slop text reminds me a lot of human slop I've seen, whether it's 'high school' style paper writing or clickbait word padding of an article.
It's frequently hard to tell at a glance codegen slop, you actually have to look at it and understand what's going on. An LLM that would produce such slop itself isn't going to be effective at detecting such slop.
Instead of new SSNs, how about we maybe the number less risky in general?
It should never have served as a "secret". Authenticating someone needs more than some account number. SSN should be more of a "username", not a password.
Look at the feature list bragged about. It's really simple stuff. I can absolutely believe they vibe coded that stuff.
The "hardest" one was to feed listener history to an LLM and have it generate a playlist based on the titles. That's such an absurdly trivial thing to do.
It's not rocket science. It's a trivial streaming music player.
And even if you babysit it and carefully tell it all the mistakes, it will learn nothing and suggest the same stupid mistakes next tim. I did actually know a human just like AI and he kept his job for years before quitting to grift another company because management refused to believe he sucked. So I'm not optimistic about AI screwing up discouraging business leaders.
Or even to true believers, they can just vibe code up just as good of an app.
It basically declares point blank that the technology does not matter, it's their marketing and music rights only that matter.
Most of these employera pay employees a couple thousand dollar bonus for any patw t they get out there successfully, with zero limitations on actually implementing the patent.
I wouldn't even mind if the fake grills looked decent, but they are just ugly. They seem to be thrashing around with what to do trying all sorts of ugly things.
Huh, how do they prevent you changing your own tire? Is this just that thing where they went with run flats and say you can't patch them and need to buy a whole new expensive tire or something else?
view more: next ›
The thing is in such a case secureboot doesn't help and is unnecessary. Secureboot only does anything for the concept of "trusted suppliers".
If the system has available signing keys for itself, well, hypothetical malware could sign itself using those same keys The OS security mechanisms are the only things protecting that, and in which case the signature validation is redundant.
You can have trusted boot, e.g. LUKS volume sealed to TPM PCRs, but secureboot just doesnt make sense as a mechanism for a user to only trust themselves.