I also bit the bullet and did a bazzite install and am blown away how seamless it has been for what I need. All the games I like run on Steam. Even Diablo 4 runs through the Blizzard launcher which does take some work to get installed, but nothing you can't find in a youtube video.
No issues using the system as my daily driver for personal things. I have dual monitors, one oriented vertically and one 144hz. All works great! I'd recommend it to anyone
The whole Universal Blue image ecosystem is so polished, consistent and coherent. Bazzite is their gaming image variant, I’ve also recently switched to Bluefin which is their Gnome variant on my workstation and everything works so nicely together, it’s the most joy I’ve had using a computer in a long time.
I've been very happy with Aurora-DX, which falls under the Universal Blue umbrella. I reboot it once a week to apply updates and I can roll back if I need to.
Do people really give candid feedback in skip levels? Your skip obviously doesn't trust your boss if they are having them. Are you really going to bad mouth your boss? They have the most direct control over your career at the present company.
If you don't feel free to be honest with your skip level that's on all 3 of you to fix.
If I put my own spin on something my boss has already explained is a problem he's working on, this gives my skip level confidence we all understand the problem approximately the same. If I say, "this thing came to me that I don't really agree but I'm doing my best to get it done" this only reflects well on both me (taking one for the team) and my boss (he carried forward an unpopular thing and trusted me to give it a shot).
And if I say, "this other team's behavior is causing me this problem" that's just facts. Data that we can all use to fix it. Maybe my skip level can explain the competing priorities and I'll decide to solve my problem another way.
From the article, "The low-cost, low-complexity attack works by placing a small piece of hardware between a single physical memory chip and the motherboard slot it plugs into. It also requires the attacker to compromise the operating system kernel". "Low-complexity" requires physical access and an OS compromise? What the hell would high complexity be?
Focused Ion Beam workstation, decap the relevant IC & probe its internal connections directly. If protected by a mesh, also use the FIB to deposit extra metal to bypass the mesh to make the probe holes. If protected by light sensors, also bypass them. Create glitches by shining highly focused lasers onto specific transistors at specific times. Etc. The sorts of attacks Christopher Tarnovsky did on a bunch of TPMs & talked about at DEFCON.
I was looking for the old CCC talk about this stuff, but I ended up finding out about a project called RayV Lite which seeks to democratize this hardware
I don't understand why AWS events have such terrible scheduling tools. I attended one in NYC and all I wanted was a calendar of all events so I could see what was going on when. Seems like such a simple request, but it's not offered. What benefit does the complexity of the existing system give to Amazon?
If there's no admission of guilt, there's always plausible deniability. That's why that part of these agreements are so important to those allegedly doing something. People settle out of court all of the time when they realize that the settlement paid out will be much cheaper than paying attorneys to fight and possibly win a court case. It also gets it out of the news cycle much faster as a one time story vs possible weeks to months of trials. "Look, we're not saying we did anything wrong here, but after crunching the numbers, it'll be cheaper for us to settle than to fight to prove we did nothing wrong" sounds like good business. Only an evangelist would sacrifice money to prove a point.
Not defending Booz Brothers at all, but alleging is all that happened
I wonder how a settlement affects internal accountability.
If this went to trial and it were proven that the company did XYZ, or even individuals in the company did X, Y, Z, presumably the company would in turn fire/discipline the employees (nominally) responsible for doing X, Y and Z.
Now, someone at the company probably knows if someone did X, Y, Z, even if there was no admission of wrongdoing. Do these employees still get disciplined, or does this mean the company doesn't acknowledge it happened internally (if it did), or do the employees get bonuses if doing XYZ netted more money than the settlement cost?
I don't think you realize how easy it is to steal these cars. Look up a few videos. You rip off the plastic on the steering column, pry out the ignition cylinder and then use the A end of a usb cable to turn the exposed nub to start the car. Under 30 seconds. While there are other issues going on, this is gross negligence on Kia/Hyundai to not use an immobilizer.
It shouldn't really matter that theft is easy. If you're prepared to smash a window, you could steal from homes and businesses, not just cars. There should be a strong enough deterrent to make it uncommon.
You may not be able to stop desparate people from stealing, but if kids are repeatedly stealing cars for entertainment, then problem isn't the security of the cars.
Cars have been this easy to steal forever. Thieves generally take your car in under 30 seconds regardless. This particular vulnerability was just one of the first to get fully documented and distributed to everybody and popularized by an algorithm.
What I understand from this specific case these models don't have an engine immobilizer AND it's very easy to turn on the ignition using a USB cable. If I understood it correctly this is easier than stealing a car in the 80s, you don't even have to smash a window, it's that bad.
The United States is an exception to the rule being the only first world country that I know of to not mandate engine immobilizers (I'm sure someone will be able to point an exception, but overall these are mandatory in a lot of countries for decades already).
You need to access the vehicle (if you are good by opening the door with a lockpick or with some other non-damaging trick, otherwise breaking a window), then you force the ignition block, removing the lock cylinder, then you use something to turn the ignition on.
In the '80's you would have probably used a screwdriver, as what remained below the removed lock cylinder would have been a slot, on these particular models you could use a pair of thin nosed pliers but a USB A connector is coincidentally just the right size for the "tab" that has to be turned.
Sorry, i might be being stupid, but this doesnt seem to be the case for me via who.is and its not on the icann list in the other child comment, any ideas?
