Dive into the controversial start of "Battlefield 6" with this eye-opening video! As the early access beta kicks off, reports of cheating have surfaced, rais...
(3) What’s your income? What region of the world do you live in and what hardware is available to you? I’m still using an am4 platform PC as my daily driver because I can’t burn money. One of my buddies has an AM3 PC. Many people use modified surplus office PCs (especially in developing nations like South America or SEA), which don’t have secure boot as an option. Check your privilege, and maybe donate some of your spare hardware to those who need it, if you want to make this “a non issue” for everyone.
(4) Yeah. I own my hardware, I configure my software. I gut Windows like a fish and keep it on a leash for these games, and use Linux for my work and for the games that respect the ecosystem.
New keys have already been released and you can always just create and enroll your own damn keys. This is sensationalist nonsense.
“Check my privilege” over secure boot? Calm down, Karen.
I think gaming on PC is going to get interesting in the coming decade as Microsoft kicks third parties out of the kernel (thanks crowdstrike!) and more and more people just stop putting up with windows. Enterprise in the US is hooked but everyone else? Na, they are gonna drop it.
Edit: these are listed as 1,3,and 4 in my post in voyager but lemmy shows 123. Interesting.
On the list thing, it seems that adding numbers with periods in a list seems to auto configure it to ascending numbers. That’s why I used (1) (3) (4). Weird, but I guess that’s the work around.
Enrolling your keys doesn’t work btw, because battlefield checks which keys you enroll, only accepting the default MS keys. Also on the hardware front, it is a big problem for gamers on a sub-300 USD budget these days - the best deals are on legacy hardware or surplus office equipment, mainly AM3-AM4 era.
The number list is how markdown works. You can enter all 1’s and it will automatically create ordered list.
Handy when you may need to edit list items, as you dont need to renumber even in plain text.
Markdown spec should allow for explicit number by using a bracket ‘)’ instead of a dot, but it may not work everywhere.
Let’s give it a go
I recently had an rfid scanner immediately rma-d back that had just been returned to us. The new issue was caused by a setting and not by a defect. I asked our IT/help desk if it WAS a setting that could be changed
“I don’t know. I get the thing, I check these settings, I check those settings, that’s all I know”
😑😑😑
So me and another person are out of our equipment for another couple weeks while the scanner is sent back for “repairs” and the repair people will go “😑 tap tap tap idiots”
(Edit: I know it’s a setting because I talked with the other person who uses it and I explained the issue and he let me know it is something he changes)
And Microsoft is shutting out most third parties in the near future because of Crowdstrike, so Linux likely won’t be supporting Secure Boot in the future, even if someone did want to enable it for some odd reason.
Microsoft’s kicking third parties out of the kernel because of crowdstrike. Secure boot is a completely different thing Microsoft can’t kick people out of.
Do you have any advice for someone that dual boots SteamOS and Windows 10 on a Steam Deck?
I’ve heard online that since SteamOS manually signs keys or something, that if any changes happen to the kernel that later need to be updated by SteamOS, I’d need to re-sign the keys or whatever. Idk I’m not well versed in any of this
I’ve heard it’s as easy as downloading the M$ keys to enable Secure Boot, but I also don’t want to brick my Deck.
Windows 10 support is ending soon so there’s no reason to have it on your steam deck. Steam will stop supporting it sooner after Microsoft does, just like steam does with Apples operating system.
Needlessly intrusive. Can obviously be circumvented by cheaters anyway, so quite possibly superfluous. Apart from that it protects against the kinds of attacks that typically require physical access to the computer. If you have physical access you have full access anyway. Etc.
I get your pc, “tamper” it, then i install a fake bios that tells you all is well and that your tpm and secureboot and whatever else bullcrap they invent is still happy.
A USB keylogger is not detectable by the computer, not in firmware nor operating system. It passively sniffs the traffic between the USB keyboard and the computer, to be dumped out later.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.
Rules
1. Submissions have to be related to games
Video games, tabletop, or otherwise. Posts not related to games will be deleted.
This community is focused on games, of all kinds. Any news item or discussion should be related to gaming in some way.
2. No bigotry or harassment, be civil
No bigotry, hardline stance. Try not to get too heated when entering into a discussion or debate.
We are here to talk and discuss about one of our passions, not fight or be exposed to hate. Posts or responses that are hateful will be deleted to keep the atmosphere good. If repeatedly violated, not only will the comment be deleted but a ban will be handed out as well. We judge each case individually.
3. No excessive self-promotion
Try to keep it to 10% self-promotion / 90% other stuff in your post history.
This is to prevent people from posting for the sole purpose of promoting their own website or social media account.
4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts
This community is mostly for discussion and news. Remember to search for the thing you’re submitting before posting to see if it’s already been posted.
We want to keep the quality of posts high. Therefore, memes, funny videos, low-effort posts and reposts are not allowed. We prohibit giveaways because we cannot be sure that the person holding the giveaway will actually do what they promise.
5. Mark Spoilers and NSFW
Make sure to mark your stuff or it may be removed.
No one wants to be spoiled. Therefore, always mark spoilers. Similarly mark NSFW, in case anyone is browsing in a public space or at work.
6. No linking to piracy
Don’t share it here, there are other places to find it. Discussion of piracy is fine.
We don’t want us moderators or the admins of lemmy.world to get in trouble for linking to piracy. Therefore, any link to piracy will be removed. Discussion of it is of course allowed.
beautiful. fuck secureboot.
Why?
(1) Yeah, well the secure boot keys needed for Linux distributions expire in September (https://www.tomshardware.com/tech-industry/cyber-security/microsoft-signing-key-required-for-secure-boot-uefi-bootloader-expires-in-september-which-could-be-problematic-for-linux-users), so that seems like a sustainable solution, sure buddy.
(3) What’s your income? What region of the world do you live in and what hardware is available to you? I’m still using an am4 platform PC as my daily driver because I can’t burn money. One of my buddies has an AM3 PC. Many people use modified surplus office PCs (especially in developing nations like South America or SEA), which don’t have secure boot as an option. Check your privilege, and maybe donate some of your spare hardware to those who need it, if you want to make this “a non issue” for everyone.
(4) Yeah. I own my hardware, I configure my software. I gut Windows like a fish and keep it on a leash for these games, and use Linux for my work and for the games that respect the ecosystem.
Edit: these are listed as 1,3,and 4 in my post in voyager but lemmy shows 123. Interesting.
On the list thing, it seems that adding numbers with periods in a list seems to auto configure it to ascending numbers. That’s why I used (1) (3) (4). Weird, but I guess that’s the work around.
Enrolling your keys doesn’t work btw, because battlefield checks which keys you enroll, only accepting the default MS keys. Also on the hardware front, it is a big problem for gamers on a sub-300 USD budget these days - the best deals are on legacy hardware or surplus office equipment, mainly AM3-AM4 era.
The number list is how markdown works. You can enter all 1’s and it will automatically create ordered list.
Handy when you may need to edit list items, as you dont need to renumber even in plain text.
Markdown spec should allow for explicit number by using a bracket ‘)’ instead of a dot, but it may not work everywhere.
Let’s give it a go
Hmm not quite what that should look like
I don’t think he needs a winning argument. I think EA needs to justify this kernel level AC, not the other way around.
I’m agreeing with point 4.
Weird, for me it was just flicking the switch in UEFI and now Grub and through it Windows 10 and Fedora 43 boot in Secure Boot.
Im fairly certain any legacy hardware that doesn’t have secure boot as an option is going to struggle loading BF6 regardless.
The first two points are not related to secure boot at all.
you think loading my own kernel modules is not related to secure boot? i guess you don’t work in IT then.
Most people who work IT don’t even know what a kernel is, tbf
I recently had an rfid scanner immediately rma-d back that had just been returned to us. The new issue was caused by a setting and not by a defect. I asked our IT/help desk if it WAS a setting that could be changed
“I don’t know. I get the thing, I check these settings, I check those settings, that’s all I know”
😑😑😑
So me and another person are out of our equipment for another couple weeks while the scanner is sent back for “repairs” and the repair people will go “😑 tap tap tap idiots”
(Edit: I know it’s a setting because I talked with the other person who uses it and I explained the issue and he let me know it is something he changes)
It doesn’t matter which kernel modules are used, as long as you have signed those changes before rebooting.
You can’t install most linux distributions with secure boot enabled.
This is outdated information. Linux has supported secure boot for quite a while now.
And Microsoft is shutting out most third parties in the near future because of Crowdstrike, so Linux likely won’t be supporting Secure Boot in the future, even if someone did want to enable it for some odd reason.
Microsoft can’t stop you from signing images with your own keys.
That’s what I do, and it’s almost entirely automated on Linux these days.
Microsoft’s kicking third parties out of the kernel because of crowdstrike. Secure boot is a completely different thing Microsoft can’t kick people out of.
Do you have any advice for someone that dual boots SteamOS and Windows 10 on a Steam Deck?
I’ve heard online that since SteamOS manually signs keys or something, that if any changes happen to the kernel that later need to be updated by SteamOS, I’d need to re-sign the keys or whatever. Idk I’m not well versed in any of this
I’ve heard it’s as easy as downloading the M$ keys to enable Secure Boot, but I also don’t want to brick my Deck.
Windows 10 support is ending soon so there’s no reason to have it on your steam deck. Steam will stop supporting it sooner after Microsoft does, just like steam does with Apples operating system.
Windows 10 commercial is ending, not the LTSC versions. Those are good for another 2-7 years iirc
Really? Which would those be? So far I haven’t come upon one.
Yeah that simply isn’t true. I use Secure Boot on all my Linux installs - both in the deb and rpm ecosystem system.
Sorry, I read it backwards – we agree, most Linux distributions do support Secure Boot
It fucks with Linux. I literally just disabled it to resolve a driver install issue before this announcement was made.
Secureboot doesn’t “fuck with Linux”. It does protect you from malware trying to install unsigned kernel modules.
Apparently that driver is unsigned, which is not the normal case nowadays.
Good to know, thanks
I was trying to install an Nvidia driver on Linux Mint, so I think I am safe.
Is that a realistic attack scenario that end users need to be concerned about?
This type of attack has been seen in the wild for quite some time. Ultimately it’s a security vs convenience decision.
Yes. That’s how you get undetectable rootkits.
This happens to roughly 1/3rd of all pc’s. But if you put secureboot ON and the FBI cant touch your pc
Linux can run with secure boot just fine though. Use your distros documentation to set it up.
Needlessly intrusive. Can obviously be circumvented by cheaters anyway, so quite possibly superfluous. Apart from that it protects against the kinds of attacks that typically require physical access to the computer. If you have physical access you have full access anyway. Etc.
You know secure boot was specifically made to protect users for this exact use case. Any tampering of the system will prevent the system from booting.
I get your pc, “tamper” it, then i install a fake bios that tells you all is well and that your tpm and secureboot and whatever else bullcrap they invent is still happy.
See the problem?
It won’t boot though, because the keys to decrypt the system are stored in the TPM.
Sure you could replace the whole OS, but that’s going to be very obvious and won’t allow you access to the data.
Isnt it possible to have a recovery key? Isnt that technically a backdoor? Maybe the terms are not correct but there is a way in physically.
A person with physical access can tamper with the OS, then tamper with the signing keys. Most secure boot systems allow you to install keys.
Secure boot can’t detect a USB keylogger. Nothing can.
The signature checks will immediately fail if ANY tampering has occurred.
Adding a USB keylogger that has not been signed will cause a signature verification failure during boot.
A USB keylogger is not detectable by the computer, not in firmware nor operating system. It passively sniffs the traffic between the USB keyboard and the computer, to be dumped out later.
If your keys are stored in the TPM for use during the secure boot phase, there will be nothing for it to log.
No, encrypt your drives.