Don't know, been rolling with Gentoo for some time now.
I wouldn't trust "out of the box" support anyway as that would imply trusting microsoft keys.
I've not read all of it, but if you're referring to the stuff at the beginning - none of those limitations apply to 5700xt.
If you mean something else - then, naturally, I would ask if it actually affects your media in the first place. It might, but I wouldn't expect that.
Podcini, got it on f-droid. Does what it says on the tin!
I mean if you're keeping the GPU - you can just set jellyfin to use VAAPI and utilise the gpu that way.
Do you know how that works? Is it something like Ubuntu where Canonical uses some sort of chain from Microsoft or do you have to embed the cert they provide into UEFI yourself?
Yes, failing to safeguard keys is fatal, but that applies to everything. But if fs you're storing keys on is behind luks and they're readable by root only - you're as safe enough. There're also LSMs like selinux that can increase the complexity of attack.
I don't know about nitrokey specifically, but TPM is an option (not good enough, imo) and a simple luks encrypted usb. You could get some convenience by storing the key to unlock it somewhere on the encrypted root.
In general - you cannot stop a targeted attack no matter what, but staying safe from all the automated ones is doable.
No it can't. You're still thinking about github and its built in "forking" mechanism.
There is no federated guthub because git itself is. Just clone the repo - you're part of the network already!
in case you want to tell me what I have is fine and I don't need an upgrade
What you have is fine and you don't need an upgrade 😁
But we're not looking for fine, are we? :)
I would keep the gpu and get as many cpu cores and ram as my budget allows. Once you cross into "stupid amount of RAM" territory you can start utilising tmpfs for transient things such as jellyfin transcode directory to:
- preserve those precious ssd writes (not really relevant anymore)
- make it more efficient (feels-good kind of relevant)
- running a filesystem in ram is really cool (most relevant, naturally :D)
It is a system one has to understand fully, i.e. not like ssh, where you can understand connecting to a remote host without bothering about key pairs, x11 forwading, etc.
I was lucky enough to have figured out Gentoo enough where plugging in secure boot was just extending my own system update script. Admittedly, I don't know how much other distros fight back.
In general - things that are colourful and/or have special effects.
Blue Planet, Top Gun Maverick, Fast and Furious saga (not the first few, 4k made no difference there) come to mind first atm.
Things that have acting and script itself as the main selling point generally are perfectly fine in 1080p. The Office and Slow Horses would be a good example of that, I suppose.
Personally, I get everything I want my son to watch in the highest quality I can - Shawshank Redemptiom and Shutter Island are the latest additions to my library that, I think, would absolutely fine in 1080p, but... 4K HDR it is :D
Yea, I guess that initial total lack of understanding and big headlines has left a long-lasting scar. Admittedly, secure boot could be used to lock a machine down if the ability to turn it off and/or manage the keys yourself was removed.
We'll get there, eventually :)
The Bootkitty sample ESET found is unable to override a defense, known as UEFI Secure Boot, that uses cryptographic signatures to ensure that each piece of software loaded during startup is trusted by a computer's manufacturer.
AKA not that big of a deal, yet. An article from another post about this also mentions GRUB explicitly as a requirement as well as PoC using self signed keys, which renders it sort of impossible to abuse.
UKI + your own keys + secure boot is still not broken.
This! I've done it many a time following 3.7 Full system backup. For some reason can't get table of contents to load on mobile and get a proper anchor link.
- Get a house with a garden (backyard)
- Start my own laptop/desktop line
- Obtain and maintain a naturally aspirated manual V12 Aston Martin
I wonder if this was the reason for f-droid suggesting removing firefox variants.
Not OP you've responded to, but the post really sets the tone for that.
Let it all out, dear Americans
It appears Trump is going to be the next president of US. I'm not sure such a thread is needed in the first place, but here goes.
Feeling anxious? Desperate? Got the expected result?
What do you think went wrong? What do you think went right? What do you think the future holds?
EDIT: it's official - https://www.bbc.co.uk/news/election/2024/us/results
Another blow for IT software house and its customers
Bloody solarwinds
It's called leaving the door wide open – especially in Proxmox
Leaving a builder account enabled after build has completed is a fairly big oversight.
13 October, Sunday, 12:00 UTC
Lemmy Cafe will be having its database upgraded.
Reasons
- PostgreSQL 17 has been released and the changelog is promising a lot of IO improvements. Lemmy sure could use it given the constant stream of small events flowing in.
Plan
- Point
nginxto the maintenance page - Shut down PostgreSQL 16
- Run the upgrade tool
- Start up PostgreSQL 17
- Point
nginxto lemmy
Expected downtime
About an hour, if things go well. More if not so.
Will try to keep the maintenance page updated.
Here's the timezone converter.
Linux contributors told to sort out their grammar lest they be actively corrected
Manners maketh man.
Also, rooting for Russian cybercriminals, a new DDoS record, sneaky Linux server malware and more
This does imply a cups server being open to the internet or an already breached network.
3.6 roentgen.
With 14 serious security flaws found, what a gift for spies and crooks
Hey, we own a few thousand of those! Oh, wait...
Might be a long few days coming 😮💨
What happened to Jellyfin?
There used to be a www-apps/jellyfin, but it is now gone. Anyone heard of a reason?
AI screengrab service to be opt-in, features encryption, biometrics, enclaves, more
Admittedly, I have a fairly serious bias against Microsoft, so it's unlikely they'll every say much I can trust; but I am genuinely surprised their marketing department didn't even bother coming up with another name to try selling this atrocity.
Lemmy.Cafe Housekeeping
Due to the recent @Soup's post I have decided to do some housekeeping. I've been getting frustrated at lemmy's performance at times as well and this simply was a wake up call, if you will.
I am sorry about no advance downtime annoucement - Sunday is the only day I can really put any meaningful amount of time into lemmy.
___ Things done today:
- Upgraded
databaseVM 1 core 2GB -> 2 cores 4GB. Double the compute, double the memory. - Adjusted database config to account for increased resources
- Adjusted
hugepagesconfig to account for increased database's requests - Updated both lemmy and database VMs
- Rebooted the lot
___
Thank you for your patience. I will also use this moment of focus to write up a financial report in a separate post.
Also, thank you, @Soup!
___ EDIT: I've also marked all instances known to lemmy.cafe as active. What this means is that lemmy.cafe will now keep retrying to federate to everything very aggressively. This is a compute-intensive process and will also impact performance for a few hours, until exponential backoff kicks in. I've done it to revive any falsely-marked-as-dead instances; there's no fix for it on lemmy itself.
Price rises, uncertainty after Broadcom takeover forcing users to look elsewhere for virtualization needs
The company I'm at right now is on this boat as well
Final judgment handed down by Court of Justice of the European Union
Wayland - split Super_L and Super_R
I have finally found an quick and easy write up by somebody on Reddit that worked for me first time!
Dual display on Sway has become much more usable now!
Ukraine drones set oil depot ablaze in Russia's Rostov, attack distant Kirov region
> There was no immediate comment from Ukraine.
What good is going fast if you can't get past the next rack?
> According to Mehta this kind of connectivity could support 512 GPUs in as few as eight racks, acting as a single scale-up system.
That's a biggin!
Despite early promises, moving between providers remains a complex and costly endeavor
> Despite early promises, moving between providers remains a complex and costly endeavor
Yea, it feels an awful lot like VC funded businesses - they lure you in with low pricing, bankrupt and buy out the competition and then hold you by the balls.