This year has been quieter than the last few; the booms not as big, and not as many in the past week. People are much poorer around here is my takeaway

deleted by creator

Think it has a hole, a shithole, in need of a shitpost. Fucking worthless gas chamber shit is a resignation of all life rights

The shim is the secure boot key that slides under the Microsoft package key on your machine. There is a US department of defense PDF floating around that goes into how to set your own keys in UEFI but your bootloader form the OEM may not include all of the UEFI stuff to do this in the user interface. There is a way to boot into UEFI ad set keys manually. The tool is called Keytool. Gentoo has a guide but it is written for advanced competency (beyond mine).

As far as I am aware, only the base vanilla Ubuntu is signed under the shim key for Debian. All of the official Fedora distros are under their shim IIRC. The unofficials like Silverblue are not – again IIRC.

The shim is only available to the person that is the final package maintainer for the distro. They have a key signed by Microsoft so that you are literally using the Windows key to sign the bootable code of the distro. This comes with headaches as you will not be able to modify and run kernel bootable executable stuff, but that may not matter to you. In particular, it makes Nvidia stuff a pain in the ass if you need to freeze or alter the kernel module driver in some way.

The Microsoft key is the second level key, sorry I forget the names of the levels. I know one is called the Package Key but I forget the other and which level is higher by name. The higher level key is the one from the manufacturer. They can send or possibly force updates to UEFI using this key. These keys are also compromised from time to time so there is that too. The fact you can boot into UEFI sounds scary AF to me and my paranoid ass but whatever. The MINIX system always running in the background of x86 is another (Intel ME/AMD has equivalent).

You don’t have to change your keys but you can if you wish, or you’re supposed to be able to. If you sign your own key at the highest level (manufacturer), then you can use a Microsoft website to get a new key at the OS level and use it. Then you fully control Secure Boot and your UEFI. I recommend looking up the PDF. If you search Lemmy I have talked about it with people a few times and linked it but I don’t have it bookmarked and am too lazy to go find it for you right now. That guide goes through the details in a very approachable way intended for competent people in general but not niche IT or CS grad level like how Arch or Gentoo tend to write, it was very RHEL level approachable.

Look up Gentoo, Arch, and RHEL for documentation. You can also reference linux-hardware.org to potentially check what others are running. Scan and uploaded your stuff to share with others too. It is easy and only takes a minute.

UEFI is a can of worms. I don’t know enough to be more helpful. When messing with SB keys, Gentoo had good info when I needed it. Fedora uses the Anaconda system for SB stuff and is quite advanced. That is another place to look for clues.

Leaves echo chamber ahhh WTF!

I post hobby stuff I’m working on. Everybody seems to care very little. I try to say stop being assholes and people hate for it.

Bias here seems typical for tech geekigarchy. After 2 years on Lemmy – echo chambers are also self selecting and self filtering.

US is not supporting Russia, but Iran is. Israel is atrocious and it would not surprise me at all if they absolutely know about Oct 7th well in advance. It was the result if their prejudice and Palestinian concentration camps before Oct 7th in either case that caused the initial attack. However it was not entirely without cause like with Russia in Ukraine. Everywhere is complicated. The USA is super polarized and in pretty bad shape, but it us not exporting suicide bombers. Is it better to target with 10 million dollar munitions remotely no, but those are not targeting crowds of people as the primary goal

It was the change in Syria and the mountain on the boarder that Israel now controls that changed the geopolitical situation and strategy. The radar shadow of that mountain was what prevented Israel from having an opportunity to stop or influence Iran’s nuclear policy. Some deeper depth geopolitical youtubers have done uploads on this change and implications. The position will likely end up back in Syrian hands eventually… or it might. Again like I have said elsewhere, I don’t support Israel or their escalations but Iran is shit. They are supplying arms to Russia, exporting terrorism, and run by a disordered misogynistic group of men that kill in the name of fantasy and a collective imaginary friend that no one has ever had a real conversation with. That is fucking cave man level bullshit from anyone anywhere.

I don’t support either.

If you can take out all nukes, hell yeah. Bomb all of them into oblivion. I’m for first do no harm and live and let live.

If my neighbor is talking about shooting up a school, and no one I report them to seems to change the situation, and I see them loading up the car to go shoot up the school, I’m not going to feel bad about shooting my neighbor then and there, if I have no other option. I don’t care to wait until they pull the trigger at the school to confirm their intentions.

I mean you’re ultimately talking to a physically disabled guy living in the USA where I face homelessness and a terrible future. I despise this country and know the lack of ethics better than most. Still, the primary exporters of jihad are still the primary exporters of jihad.

Israel should not exist, and is a crusader state. The boarders of the middle east were absolute garbage and the result of the colonial era of cartel like western criminality. I don’t support any of that crap. That does not change the fact that Islam has no reformation to stop jihad like how separation of church and state and the christian reformation put an end to church based crusades. People can try to tone down the message but fundamentalists will always draw power from the most ignorant using this element of teaching. That can never and will never go away.

Removed by mod

deleted by creator

deleted by creator

The UEFI boot system is tricky and you need to get along with Secure Boot to do this. Secure Boot is outside of the Linux kernel. Both Fedora and Ubuntu have systems for this. Fedora uses the Anaconda system and I believe they do it best. I have had a W11 partition for 2 years and never used it once. It can’t even get on the internet with my firewall setup, but it is there and never had any issues the 3 times I logged into it.

I think all of the Fedora systems support the shim key and secure boot but I know Workstation does. For Ubuntu I think it is just the regular vanilla Ubuntu desktop that the shim supports. This may be somewhat sketchy with Nvidia or maybe not. Nvidia “”““open sourced””“” their kernel code but the actual nvcc compiler required to build the binaries is still proprietary crap.

I have a 3080Ti gaming laptop. It isn’t half bad with 16 GB of video RAM from all the way back in 2021. Nvidia is artificially holding back the vram because of monopoly nonsense. The new stuff has very little real consumer value as a result, at least with AI stuff I run. The hardware is a little faster, but more vram is absolutely critical and new stuff that is the same or worse than what I have from 3 generations and nearly 5 years ago is ridiculous.

The battery life blows and the GPU likely won’t even work on battery. It will get donkey balls hot with AI workloads, especially any kind of image gen. This results in lots of thermal throttling. All AI packages run as servers on your network. If you are thinking along these lines if running your own models, get a tower and run the thing remotely.

I manage, and need the ergonomics for physical disability reasons, but I still would prefer to have a separate tower to run models from.

Anyways, you can sign your own UEFI keys to use any distro, but this can be daunting for some people. The US defense department has a good PDF guide on setting your own keys. The UEFI bootloader for the machine may not have all key signing features implemented. There is a way to boot into UEFI directly and set the keys manually but this is not easy to find great guides on how to do it step by step. Gentoo has a tutorial on this, but it assumes a high level of competency.

Other than signing your own keys, the shim keys mentioned are special keys signed by Microsoft for the principal maintainer of the distro. These slide under the Microsoft key to keep secure boot enabled.

If you boot any secure boot enabled OS, the bootloader is required to delete any bootable unsigned code it finds. It does not matter if it is a shimmed Fedora or W11. If you have any other OS present in the boot list, it should be deleted. W11 is SB only, and this is where the real issues arise.

This is a 2.4 GHz directional WiFi antenna. Only the back element is connected to the transceiver. All of the other elements are there to focus the signal. Anything metallic within a few feet of an antenna will have a substantial effect on the signal. Think of it as light, because it is, only transparency of materials is a bit weird. The biggest issues will come from metallic materials that are earth grounded and anything with a wire length that is close to the wavelength of the radio light or below, especially around half and a quarter of the wavelength. That pictured wire pitch is spaced very close to the approximate 2.4 GHz wave length. For example most antenna are an insulated trace on a circuit board that is insulated with ground up to a point and then there is a small circuit element that stops the ground and the actual antenna trace continues for the respective light wavelength to transmit or receive. All an antenna is here is an exposed length of single conductor wire.

Are you insane? Debian is a base distro like any other and runs more hardware than any other. It has all of the bootstrapping tools to get hardware working.

Canonical is a server company and Ubuntu server is literally the product.

Arch is absolute garbage for most users unless you have a CS degree or you have entirely too much time on your hands and don’t mind an OS as your life project. Arch abhors tutorial content in all documentation and therefore dumps users into a rabbit hole regularly. Pacman is the worst package manager as it will actively break a system and present the user with the dumbest of choices at random because the maintainers are ultimately sadistic and lackadaisical. Arch is nearly identical to Gentoo with Arch binaries often based on Gentoo builds, yet Gentoo provides relevant instruction and documentation with any changes that require user intervention and does so at a responsible and ethical level that shows kindness, respect, and consideration completely absent from Arch. Arch is a troll by trolls for trolls. I’m more than capable of running it now, but I would never bother with such inconsiderate behavior.

10/10

deleted by creator

Fedora’s Anaconda system makes UEFI secure boot easy and ships with SELinux integrated but set to permissive by default. Their built in network filtering tools are pretty easy but I still just use OpenWRT on a separate device. Silverblue was nice for a few years but I switched to Workstation for a machine with Nvidia hw.