There was an EU-wide one that gota lot of its funding redirected to AI stuff recently that you might be thinking of.
There was an EU-wide one that gota lot of its funding redirected to AI stuff recently that you might be thinking of.
No, that is an entirely unrelated bad decision. It being okay to not have a popup to opt out of secure boot when it does its one job and notices you’re about to run insecure code in kernel mode doesn’t make every other user-hostile thing Microsoft ever does magically okay.
It’s upstream GRUB that’s decided the older GRUB versions are insecure and not to be trusted. Microsoft just propagated that to machines running distros that weren’t shipping patched GRUB builds yet. Up-to-date Debian wouldn’t be affected provided that they downstreamed fixes quickly.
https://fedia.io/m/linux@lemmy.ml/t/1111595/-/comment/6916699 says that Debian’s GRUB wasn’t affected, but another part of the boot sequence was.
You can’t trust users to make informed decisions about cybersecurity as most users don’t have the necessary background knowledge, so won’t think beyond this popup is annoying me and has a button to make it go away and I am smart and therefore immune to malware. Microsoft don’t want Windows to have the reputation for being infested with malware like it used to have, and users don’t want their bank details stolen. If something’s potentially going to be a bad idea, it’s better to only give the decision to people capable of making it an informed decision. That’s why we don’t let children opt into surgery or decide whether to have ice cream for dinner, and have their parents decide instead.
The comment you’re quoting was replying to someone suggesting a warning popup, and saying it would be a bad idea, rather than suggesting the secure boot UEFI option should be taken away. You need at least a little bit more awareness of the problem to know to toggle that setting.
But it does mean you can spend forty hours a week or thereabouts putting effort into a particular goal and maintaining the knowledge, skills and experience to keep doing it to a high standard without having to sink time and effort into something else in order to get paid enough to live on.
Those forks aren’t maintaining Firefox itself, just their own modifications. If a bug is found in Firefox, the LibreWolf team don’t have to fix it themselves, they can wait for Mozilla to do it, and incorporate the fix once it materialises. There are forks that diverge further, but they either get quickly abandoned after their creator realises how much of a headache maintenance will be, or they’re left with gaping security holes.
When the internet was becoming a world-changing technology, there weren’t thirty years of websites to keep working and malware to protect from, web standards were far simpler, and a much higher proportion of users were enthusiasts who were excited by anything they could get and didn’t mind if things were rough around the edges. Similarly, two brothers could make the world’s first aircraft that flew under its own power, and yet with the combined might of everyone working for Boeing, people are worried about airliner doors falling off and an eight-day space trip has become an eight-month one. Mature technologies need a lot more effort to build and maintain than emerging ones.
Maintaining a web browser in the 2020s is an expensive thing to do. You need full time employees who specialise in all the systems that make up a browser, and can’t leave security-critical parts like ensuring the integrity of the JavaScript sandbox to volunteer hobbyists. It’s far from the only thing Mozilla spend money on, so if they need to mage cost savings, it won’t necessarily stop them being able to maintain Firefox, but another organisation picking it up if they do stop isn’t likely.
If you’re doing things properly, you’ll know your Microsoft account password or have it in a password manager (and maybe have other account recovery options available like getting a password reset email etc.), and have a separate password for the PC you’re locked out of, which would be the thing you’d forgotten. If someone isn’t computer-literate, it’s totally plausible that they’d forget both passwords, have no password manager, and not have set up a recovery email address, and they’d lose all their data if they couldn’t get into their machine.
A lot of the comments are making the assumption that the buttons are telling the truth about being different sizes, but I’ve flushed plenty of toilets where both buttons do a full flush. If you can’t tell the difference after experimenting, it might just be broken or cheap tat.
Is that enough to mitigate how much worse bare Google is than it was ten years ago, back when they were winning against SEO bots? In my experience, it hasn’t been, but I’ve not done enough AI-aided web searches to have a good sample size.
If you give a chip more voltage, its transistors will switch faster, but they’ll degrade faster. Ideally, you want just barely enough voltage that everything’s reliably finished switching and all signals have propagated before it’s time for the next clock cycle, as that makes everything work and last as long as possible. When the degradation happens, at first it means things need more voltage to reach the same speed, and then they totally stop working. A little degradation over time is normal, but it’s not unreasonable to hope that it’ll take ten or twenty years to build up enough that a chip stops working at its default voltage.
The microcode bug they’ve identified and are fixing applies too much voltage to part of the chip under specific circumstances, so if an individual chip hasn’t experienced those circumstances very often, it could well have built up some degradation, but not enough that it’s stopped working reliably yet. That could range from having burned through a couple of days of lifetime, which won’t get noticed, to having a chip that’s in the condition you’d expect it to be in if it was twenty years old, which still could pass tests, but might keel over and die at any moment.
If they’re not doing a mass recall, and can’t come up with a test that says how affected an individual CPU has been without needing to be so damaged that it’s no longer reliable, then they’re betting that most people’s chips aren’t damaged enough to die until the after warranty expires. There’s still a big difference between the three years of their warranty and the ten to twenty years that people expect a CPU to function for, and customers whose parts die after thirty-seven months will lose out compared to what they thought they were buying.
It wasn’t me who you replied to originally - I agree that it’s most likely AMD are just being super cautious given historically how many times bad news for their competitors has been falsely equated by the press as equivalent to a minor issue they’ve had, and the delay moving things after the microcode update and therefore making launch-day benchmarking more favourable is just a bonus.
You’ve misunderstood. The original release date was set, then Intel announced the microcode update, which was after the original release date, then AMD announced that they’d be delaying the release date, and that new release date is after the microcode update.
Yes. Every time, it’s gone less well than opening a banana from the stem end, unless the banana was horrendously underripe. I’ve never had the problem the alternative approach is claiming to fix unless I’ve intentionally opened the banana badly on purpose to prove a point about the problem really being people opening from the stem end incompetently.
A) The peel becomes easier to tear faster than the inside gets softer. You don’t need to snap it, it doesn’t need nearly enough tension to count as a snap once it’s ripe.
B) The banana’s been selectively bred to want to be as delicious as possible. It only wants you to be happy.
Bananas are the way they are through millenia of selective breeding, so there’s no reason to think that monkeys know anything we don’t. If pinching the bottom is easier than bending the stem, your banana isn’t ripe yet and doesn’t want to be eaten until later.
They’re not supposed to have trust. That’s why they’re only allowed fully anonymised data under this scheme. They do pay the bills, though, so they can’t be completely banished until there’s an alternative source of money.
Coal, not oil, but it’s still an interesting fact.
It’s easy to get pressured into thinking it’s your responsibility. There’s also the risk that an unhappy company will make a non-copyleft clone of your project, pump resources into it until it’s what everyone uses by default, and then add proprietary extensions so no one uses the open-source version anymore, which, if you believe in the ideals of Free Software, is a bad thing.