Lmst

I've seen people contemplating moving to #Linux since #Microsoft is ending support for #Windows 10 and now perfectly fine computers can't be upgraded because of #TPM.

Are people really doing that? I'm just wondering because I did that back in the day when Microsoft forced everyone to go to #Vista.

Ubuntu 25.10 cannot choose TPM based FDE #tpm #2510

https://askubuntu.com/q/1557247/612

@bbcnewsfeed You can easily upgrade unsupported devices to #Windows11 bypassing #TPM 2.0 & CPU check by using these methods: https://www.tomshardware.com/how-to/bypass-windows-11-tpm-requirement
Don't throw away your perfectly fine #Windows10 #PC!

Marrida novèla pels estatjant-as de #TPM (metropòli #tolon #provença #mediterranèa) ! Lo 9 d'octobre, lo prefècte de #var declarèt d’utilitat publica lo projècte de #BHNS (bus de naut nivèl de servici). Ça que la, la comission d’enquèsta aviá plantejat un nombre considerable de limits e de resèrvas qu'interrogavan la pertinéncia d'aqueste projècte de #TranspòrtPublic (cf. article çai-junt).
https://partitoccitanollioules.wordpress.com/2025/09/08/non-au-bhns-oui-au-tramway/

#VersionOccitana #Occitania

@ericdussart https://piaille.fr/@ericdussart/115360554281250534

Mauvaise nouvelle pour les habitant-es de #TPM (métropole #toulon #provence #mediterranee) ! Le 9 octobre, le préfet du #var a déclaré d’utilité publique le projet de #BHNS (bus à haut niveau de service). La commission d’enquête avait pourtant soulevé un nombre considérable de limites et de réserves qui interrogeaient la pertinence de ce projet de #TransportPublic (cf. article ci-joint).
https://partitoccitanollioules.wordpress.com/2025/09/08/non-au-bhns-oui-au-tramway/

USP precisa de voluntárias para estudo sobre ayahuasca e ciclo menstrual
- cijnusp
https://jornal.usp.br/campus-ribeirao-preto/usp-precisa-de-voluntarias-para-estudo-sobre-ayahuasca-e-ciclo-menstrual/
#CampusRibeiroPreto #Ayahuasca #Banisteriopsiscaapi #Ciclomenstrual #Psychotriaviridis #TPM

Reasons why I wrote my own parsers for PKCS#1, SEC1 and PKCS#8 on top of awesome rasn [1] crate instead of using e.g., pkcs8 crate is that:

1. Usually generic crates do so much useless shit outside of the app's requirements so it might not be huge effort to make focused code tuned for the app.
2. Compilation times.
3. It gave me so much DOWNGRADE options, thanks to simpler depenencies, which is huge robustness addition. It's something you learn to appreciate once you do anything embedded/FPGA on ANY language.

[1] https://github.com/librasn/rasn

#linux #rustlang #tpm

I did not know I was this far with loading PKCS#8 keys as I was fully focus for few weeks on TPM2_Import:

https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2sh.git/commit/?h=main&id=9b4e31f8bea02953d56d8243a1b9157096642c54

I.e. I had enough parsing code to tell the user that PKCS#8 is not supported that I could now just as well just plain load them ;-)

#linux #tpm

I'm now in zero known bugs state with tpm2sh so maybe it is good soon to release 0.11, which is first real release TBH. Previous were test code for tpm2-protocol

External key loading and import was like something I debugged ridiculous amount of times but considering how many openssl commands you need to do to achieve same result, I'm pretty happy :-)

I also stick to SEC1 and PKCS#1 simply because this is not openssl, and you can use other tools to convert keys to these formats. This allows me NOT to use crazy complex loader crates like pkcs8 crate and have my fully custom loaders made using rasn crate.

#linux #tpm

Finally upgraded my #TPM-less #win10 box to #win11 using #Rufus after teeth-n-hair lames at #Microsoft decided I was required to have a MS account and they deactivated my legit Win10 license until I created one 🖕

35 years, I've done just fine w/out a microsoft account and I would opine that my systems have been the more stable for it since I control my releases and don't suffer patch-Tuesday trauma or #NSA-warnings like the rest of the world

And now, this jank with the email 😠

in tpm2-tools one thing that destroys CLI ergonomics as temporary files that you trash your filesystem with.

I have:

❯ cargo run context list
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.07s
Running `target/debug/tpm2sh context list`
context://4a77dd6d38efc808 primary ecc-nist-p256(sha256)
context://83b9e6c06223acd6 secondary ecc-nist-p256(sha256)
context://e227342ffe74a76c secondary rsa-2048(sha256)

❯ cargo run session list
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.07s
Running `target/debug/tpm2sh session list`
tpm://0x02000000 hmac
tpm://0x03000001 policy

At start tpm2sh does refresh for both lists:

1. context load+save+flush for keys
2. context load+save for sessions

And detects stale loads and deletes those entries i.e, those from previous power cycle.

When one refers to contexts or sessions these URIs must be used as references. All the data is stored at ~/.cache/tpm2sh/.

Inorder to bring cross-compatibility with tpm2-tools load-command supports loading context files and migrating them to tpm2sh caches.

#linux #tpm

Here's an interesting problem.. I had installed Windows 7 on my LAN computer a few years back, but Steam started whining it would stop running on Windows 7 soon.

Microsoft is going to stop updating Windows 10 this month to try and force people to downgrade to Windows 11. And I have a feeling at some point relatively soon, Valve is going to stop supporting Windows 10.

But Windows 10 is the end of the line for me. For one, I won't ever use hardware that has a TPM chip on it, which 11 requires - and then there's the spyware, the ads.. fuck that shit.

So then I'll be sitting on a gaming library worth thousands of euros, and I won't be able to use it..

I think I need to stop buying Steam games soon, and I hope most games will keep working with some NoSteam hack.

And for me as a gamedev; I will always release my games non-exclusively on Steam, and also release on Itch and/or my own website.

** Update; yes, most games on Steam seem to run fine on Linux, so that's one way of postponing the issue! Still, we REALLY need to get away from centralized, monopolistic middle-man platforms! This will become an issue at some point, you just know they WILL enshittify.

Steam already started this process by offering platform lock-in services, like achievements and multiplayer over Steam, so games become harder to untangle from the platform.

#Games #Steam #Windows #TPM #Enshittification

Installation of Ubuntu with hardware-backed full disk encryption (TPM) fails with ClientError #systeminstallation #uefi #encryption #tpm #subiquity

https://askubuntu.com/q/1556937/612

Estoy empezando a dudar si seguir con #Aeon, ya que ciertos aspectos del sistema me resultan tan retorcidos como opacos.

Los aspectos a los que me refiero no están relacionados con el sistema operativo en sí, sino con #SecureBoot, #TPM y #UEFI. En serio, que vuelva legacy #BIOS, porque esto es una completa locura.

Es básicamente seguridad basada en oscuridad.

#openSUSE #TPM2

What’s next for openSUSE Tumbleweed & #MicroOS? This #oSC25 talk covers FDE with #TPM & #FIDO2, GRUB2‑BLS, making images (including encrypted ones) default, transactional-update improvements, systemd‑sysext, systemd‑pull, #sndiff, and more. https://youtu.be/MPMrlUj1sVA?si=6KA153_pVpo3KTlq

🖥️ Comment vérifier si le Secure Boot et le TPM sont activés sur votre PC

👉 https://www.justgeek.fr/verifier-secure-boot-et-tpm-142469/

#Tutoriel #SecureBoot #TPM #PC

#DRM, #TPM, #SecureBoot y anticheats. ¿Qué es? Pues la verdadera cara de #Steam, esa que a #Valve cada vez le cuesta más disimular.

Durante muchos años fui van de Steam y Valve, al igual que de #Ubuntu y #Canonical en el pasado lejano, pero yo no defiendo a las marcas porque sí, sino en base a que se ajusten a mis principios y a lo que demando de ellas.

Steam está viviendo un lento proceso de mierdificación que cada vez le cuesta más disimular. https://elchapuzasinformatico.com/2025/09/steam-secure-boot-tpm-rediseno/

#videojuegos

TPM2 driver was pretty static for multiple years but the volumes and use cases have been steadily increasing so right now many of the key parts are going through iterative rewrite:

https://lore.kernel.org/linux-integrity/aNQpvQBV43dhS6ad@kernel.org/

One thing I don't actually know about kernel is that can lib/* be used in the early boot code? I'd presume it can but just don't know the tidbit.

It would make whole a lot of sense to create decoupled command/response parsing/building implementation there and use that in the driver and early boot code.

#linux #kernel #tpm

📬 Flyoobe ermöglicht Windows 11 auch auf älterer Hardware
#Anleitungen #Internet #Softwareentwicklung #ESU #Flyby11 #Flyoobe #TPM #WhyNotWin11 #WinScript https://sc.tarnkappe.info/29daaf

🌘 防止物聯網裝置被複製：採用軟體信任模組的解決方案
➤ 軟體 TPM 如何鎖定你的物聯網裝置身份，阻止駭客複製
✤ https://www.embedded.com/preventing-iot-device-cloning/
此篇文章探討物聯網（IoT）裝置複製的嚴重安全威脅，這種攻擊讓駭客能竊取設備的密鑰和識別符，進而製造假冒裝置，潛入雲端服務進行監控、數據操縱或作為更大攻擊的後門。作者以 MQTT 協定為例，說明瞭憑證外洩如何導致單一複製裝置就能監聽系統的全部訊息流。文章介紹了使用可信平臺模組（TPM）來保護密鑰，並提出 Xedge 平臺上的軟體 TPM（softTPM）作為更易於部署且成本較低的替代方案。softTPM 透過將私鑰安全地鎖定在軟體模組內，確保即使韌體被複製，複製的裝置也無法通過身份驗證，從而有效防止裝置複製。
+ 這篇文章解釋得很清楚，TPM 的概念很有用，但硬體 TPM 成本太高了。softTPM 聽起來是個不錯的選擇，但不知實際部署的複雜度如何？
+ 強調 MQTT 的弱點很及
#物聯網安全 #裝置複製 #TPM #軟體TPM #Xedge #MQTT

#TPM

Client Info