Computer talk OS Windows Linux MAC

chuft That's cool you've written encryption software. I certainly haven't.

Right, that's the point of any encryption software: to prevent someone with physical access to the entire computer or the drives alone from reading data off the drives.

I use Linux Unified Key Setup ver 2 (LUKS2). The Key Derivation Function used in LUKS2 is called ArgonID. To brute force enough passphrases (passphrase/password, same thing) to guess a random five word passphrase using ArgonID would cost 10 billion USD worth of electricity, as I noted earlier. Adding an extra word to the passphrase would increase this cost by a factor of ten thousand. In light of that there is absolutely no reason I would want to require an additional key stored in TPM as the benefit is insignificant and the risk of being locked out by a hardware failure is huge and requires me to keep a physical recovery key somewhere which is another vulnerability. The only benefit I can see to a TPM key is for people who use weak passwords (i.e. most people) to ensure that if their drives are stolen or hardware tampered with the drives can't be accessed.

Yep, when I boot my laptop I'm prompted to enter the decryption passphrase to decrypt the disk before the OS will load. This password prompt is part of LUKS encryption software. It's a small, hardened OS whose only job is to run the Key Derivation Function which unlocks the rest of the drive if the correct passphrase is input and allows the main OS (Linux Mint) to boot.

I agree that's how it works. You seem to have a bit of a hangup about how onerous a decryption key is, though. It's just a passphrase. When I boot my computer I enter my passphrase that I created using principles for strong password creation, which you should be doing anyway, and that's it. The average person can't comprehend that if you forget your decryption password your data is gone forever, so Microsoft pushes you to a Microsoft account so they can manage your recovery key. LUKS allows me to load a recovery key to a removable media if I wanted to, but in this case I don't. Like I said, I will never forget this password--it would just be an extra vulnerability.

Sure, but that's no big deal. I use the same passphrase which must be entered when I plug the drive in. It takes all of 5 seconds. Personally I just back up my files and my firefox data, not the whole OS. If something goes horribly wrong I just re-install, but that never happens.

Tried buying a license from the Microsoft Store. It took my payment and says order complete. No email and no license key. So now I'm dead in the water unless and until some email comes with my license key. There isn't even a support option for problems like this on their site.

This seems to happen often.

https://answers.microsoft.com/en-us/...6-1fe5828e307f

Wonder if I will have to do a chargeback on my credit card.

Android has tons of flaws, I will say. Also, that's actually very interesting about Unix / Linux / MacOS and their differences. Also, Linux is less popular because of the usage of command lines. Tons of people I know don't wanna use command lines including me. And the fact there's barely any software for Linux.

No email came and I was disturbed by some things I read online while waiting so I started a support chat. Average wait time 33 minutes, 23 people in front of me. It was more like an hour. You could not pick Windows or sales as your issue, so I had to pick something at random, I picked Outlook.

Well. I sat in the waiting queue, then finally got to state my problem - I had purchased Windows 11 Pro (Download) from the Microsoft site, but received no email with the license key, nor was it shown in my account.

I had to create an account to buy this by the way, and there is no password, they just email you at the address you give as a sort of "SFA" where the email confirmation logs you in by itself. The account has no password. There is no way to add one. This alone was very strange, and means you can't log into your Microsoft account without access to your email from another source. This also means you can't log in if the internet is down, your email is down, etc. since you can't get their push notification.


https://www.forbes.com/sites/zakdoff...-use-password/





I mean WTF. What does this even mean. A login with just...a login name? They have a lot of talk about passkeys but my machine, like most Windows machines, has no biometrics (unlike Macs which have fingerprint scanners).



Well the chat guy says, we don't send keys anymore, the license is attached to your account. When you log into your new computer with it the key will automatically be applied.

(There was no warning about this when buying, it said Download. What if I didn't want to use this account I just created to buy the license as my admin account? Like it or not, the license was now attached to this account.)

I said no, I don't want to log into the computer with a Microsoft account when I install Windows, I want to do domain join and create a local account. That was the whole point of paying $200 for a Pro license - to avoid having to log in. This went round a bit until I said if they would not give me a key I needed a refund, since the page said "Download" and no key download was forthcoming. That got their attention and a supervisor came on. I already had my credit card site open in preparation for calling them and doing a chargeback.


The supervisor ended up calling me and reading a 25 character key to me over the phone.


So now I have a printout of what is supposedly a Win11 Pro key, received by dictation. Tomorrow I will see if it works. My blood pressure was too high to deal with this crap any more today. Had to kill some stuff in Underrail.

The basis for single key encryption by the way, since we are talking a lot about encryption, is actually pretty simple. It's the logical XOR operator.


You know what OR and AND mean. If I say "if you are under 4 feet or over 7 feet you can't go on this carnival ride" you understand if either condition is true, then the result - you can't go on the ride - is also true.

In Boolean algebra and symbolic logic (which predated computers interestingly - abstract mathematical theory became applied science when computers were invented) you have truth tables.

The OR truth table looks like this:

Basically if either or both conditions are true (a 1) then the result is a 1 (true). It's only false if both inputs are false.

In circuit design they teach you how these logic gates are made on the chip, which is kind of interesting - you use different combinations of truth gates to make the resulting truth gate.


You know what AND means. "If you are over 12 and have a ticket you can go on this ride." Both inputs have to be true for the output to be true.

The AND truth table looks like this:



The Exclusive OR operator is a little stranger. It says if one, but only one, of the inputs is true, then the result is true. "If the animal is a cat, or if it's not a cat but is a dog, you can board it at the kennel" means if (only) one of the two conditions is true, you can board it. If neither is true (it's a ferret) you can't. If both are true, you also can't, because something funny is going on with the records - an animal can't be both a cat and a dog, there is an error somewhere.

The XOR truth table looks like this:

And this operator is the basis of cryptography.


Let's say we have the capital letter A, which is ASCII code 65. In binary (which uses powers of 2) this would be represented like this (like in decimal, the smallest power is on the right, which is 2^0 which is 1).

0 1 0 0 0 0 0 1

That is, the 64 bit and the 1 bit are on, adding up to 65.


You want to encrypt this. So you use a key you make up that is secret. The key is some random bits, like this:

1 0 0 1 1 1 0 1

Its value is irrelevant. What's important is what bits are on.


So now you do an XOR operation, comparing each bit of the plaintext ("A") with the key (random gibberish) and the result is the ciphertext:

XOR
0 1 0 0 0 0 0 1 <- 65, i.e. "A"
0 0 0 1 1 1 0 1 <- your secret key
-----------------
0 1 0 1 1 1 0 0 <- your ciphertext, which happens to be 4+8+16+64 = 92, which in ASCII would be a "\" character.


So next you want to decrypt it. You have your key ready. Well the magic of XOR is that if the key is applied to the ciphertext, the output is...the original plaintext.

XOR
0 1 0 1 1 1 0 0 <- your ciphertext
0 0 0 1 1 1 0 1 <- your secret key
-----------------
0 1 0 0 0 0 0 1 <- 65, i.e. "A"


Now real encryption algorithms have a lot more going on to obfuscate the process, such as shifting bits around, multiplying numbers at various steps, and the like. But the beating heart of single key encryption - called symmetric key encryption, technically - is just what I showed above.



Public key encryption, like what is used in web handshake SSL - Secure Socket Layer, that little lock you see sometimes in web browsers - is more complex. There is a public key and a private key. You (or your browser) uses the public key put out by a website to encrypt something - typically a symmetric key your browser creates for the occasion - and sends it. The public key cannot decrypt, only encrypt. The site uses its private key to decrypt what you sent and now it has the symmetric key you sent that is also on your end. Now both sides can use the (much faster) symmetric key to send traffic back and forth without the heavy math overhead of single key encryption used for the initial contact.

Basically you can send mail that only the intended recipient can open, and it contains a much faster way to send encrypted stuff back and forth from then on.



The third major concept is the hash. A hash algorithm, like a public key algorithm, is one way. That means for a given input there is an output but you can't go backwards and there is only one valid input to generate a given output. This is how "passwords" should be stored on systems you log into. They do not have your password, they have the "hash" of your password.

For example if your password is "Skittles" then the hash function might output "67gTR*#1". On the host system, this gibberish is what is stored. When you log in with "Skittles" the host puts it through its hash algorithm and sees if the result is "67gTR*#1" and if it is, it knows it's you and lets you in. If someone hacks the host system, all they get is "67gTR*#1" and there is no algorithm that can turn this back into "Skittles" so they can't use the info they stole to log in. Knowing the hash does not let you know the password, it is essentially useless to an attacker.

For my glm-server I bought a 4TB NVMe SSD - Seagate Firecuda with heatsink - for about €300 in 2023. I was waiting for prices to drop further but it's now all the way up at €600.

It's almost an inverse graph of the USD/EUR conversion graph. While production is in China and Thailand.

SAMSUNG 990 PRO w/Heatsink SSD 4TB, PCIe Gen4 M.2 2280



$319.99

despite all the tariff BS

The best decision I ever made was upgrading my laptop’s 500GB M.2 drive to 2TB. I’m not sure whether they didn’t make 4TB ones when I did this in 2020 or whether they were available but astronomically expensive, but I don’t remember it being an option.

After so many years I’m finally almost out of memory, and my laptop only has one slot so adding a card isn’t an option.

Do I really need more than 2TB on a laptop, though? All the RAW files from my camera are on my desktop where I have an odd collection of HDDs including at least one 8TBer. It might just be an excuse to spend some money and have a fancy new drive. I’m pretty sure I could do some cleaning and free up enough space to keep me going for another long while.

You could just buy and plug in a Samsung external SSD. USB 3.2 whatever that means in the ever-changing USB nomenclature. Pretty fast though.

https://www.amazon.com/dp/B09VLHR4JC






and more

​


​




You mentioned earlier you use the desktop PC for gaming. What games? You've never mentioned computer gaming before.

I have externals, but nothing beats internal storage. I don't want to have to remember to pack my dongle or have something sticking out of my laptop to expand my storage. I could store all my big files (shows and movies) on an external and only plug it in when I'm going to watch something, but getting sick of that is exactly why I upgraded to 2TB internal in the first place

I grew up playing Nintendo. The Gameboy Advanced was my first system - me and my brother would link them up with the LAN cables to play Mario Cart. Then we got a Game Cube when those were new. By virtue of having siblings a lot of my video game time was dedicated to competitive multiplayer games like Mario Kart Double Dash, Monkey Ball and Super Smash Bros Melee. As my younger brothers got older they got into competitive PC games like League of Legends and CS:GO. I played to hang out with them and other people in our friend group who played casually, but I was never as into gaming or computers as them.

And... nothing's really changed since then. When I moved away from home I kept playing those games as a way to keep in touch. CS:GO, League, and other random competitive games that became popular such as Apex Legends or PUBG. I've kind of fallen out of even that, though. My brothers have moved on to more niche, hyper-competitive games (think MTG) and I can't invest the time to keep up with them.

I can't think of a story game I've played since my Nintendo days, stuff like Twilight Princes, Paper Mario, and a bunch of random games on the DS that I played as a teen. The World Ends With You was a particular favorite of 14 year old me: It made great use of the the stylus for swipe based fighting commands, had a cool Shibuya Tokyo aesthetic and an OST that still makes me feel nostalgic today:

Interesting. You like the competitive twitch stuff, BJ likes the first person roleplay/explore stuff, and I like co-op and single player isometric CRPG's and strategy/4X/wargame stuff. Although I will tolerate real time for space games like Homeworld and Battlefleet Gothic Armada.

nintendo.. interesting. opinions on the wii / wii u?

We had a Nintendo with Mario and other games. I don't think I played with it much and I didn't like the standard Mario games. There was one game that I liked but I can't remember the name. You had to think how to get out of this castle, which had all of these traps and black ghosts.

Reminds me of this classic game