I don’t know that I’ve used enough handheld Linux devices to say. The only major one was I had Debian on my Surface Go 1. Power management never worked quite right - after a few suspends, I’d get these weird graphics glitches and have to reboot.

Also, I kind of hated the keyboard- it wasn’t very sturdy and often flexed, causing accidental trackpad clicks.

I still have the device, but when I need a portable Linux machine, I just go to my Thinkpad these days, which other than installing the backports kernel for Wi-Fi support and then adjusting the modprobe.d entry because it was Realtek pretty much just goes brrrr - even my desktop gave more of fuss, as I used to be in a room without ethernet and needed a card that worked with Windows, Linux, and Hackintosh (from before I got rid of my Windows install and my Hackintosh SSD conked out, leading me to switch to virtualization).

He also is oddly enraged about Debian including slightly old versions of Xscreensaver in stable. I get his reasons - dumb people will submit bug reports for things that might already be fixed - but also, Debian has a promise to keep and is well within their rights since the software is FOSS.

Not quite. Upon a Google, it looks like they are hacks, but Wayland doesn’t support programs (like the Xscreensaver daemon) blanking the screen and would need a standard to do so.

However, these screensavers are just individual binaries that the daemon executes, so although they won’t pop up automatically, you should still be able to run and enjoy them as fun little graphics demos.

I think you give valid examples and make your point well.

However, another weird thought is perhaps we’re always slowly dying to some extent. For instance, you at age 7 is dead; today, yourself at age 7 cannot speak or act or think. For instance, in a situation where your young self may have tried to buy a toy, you have different wants and make different decisions - you cannot perfectly replicate what that past self would have wanted.

This might be true even of myself from five seconds ago - I hadn’t thought of a certain wording of this concept yet, and so might have worded it differently under different circumstances - that “me” is gone and can’t do anything. This could be true even a millisecond ago, or a duration approaching either an instant or perhaps one cycle based on whatever the “clock rate” (if there is such a thing) or the human brain is.

However, to function, we need a convenient abstraction for what life and death are. I think my definition of life would be when one particular sum of experiences permanently terminates its (mostly) granular evolution.

Thomas and Will Riker both evolved from the same sum of experiences of the original William T Riker; since those sums of experience are still evolving, he is, within our convenient definition, alive.

Our family actually has a bunch that an aunt sent once.

Cool. In a little over a month, I hit 3 years.

Was about to cite TNG Tech Manual as well - although that also said that holodeck characters’ bodies were replicated meat puppets, which I think they didn’t stick with.

If it doesn’t simulate a connected monitor, it looks like there are little HDMI shims that do called EDID emulators that are available for relatively cheap.

(Note: Anything I say could be B.S. I could be completely misunderstanding this.)

Clevis isn’t too difficult to set up - Arch Wiki documents the process really well. I’ve found it works better with dracut that mkinitcpio.

As for PCR registers (which I haven’t set up yet but should), what I can tell, it sets the hash of the boot partition and UEFI settings in the TPM PCR register so it can check for tampering on the unencrypted boot partition and refuse to give the decryption keys if it does. That way, someone can’t doctor your boot partition and say, put the keys on a flash drive - I think they’d have to totally lobotomize your machine’s hardware to do it, which only someone who has both stolen your device and has the means/budget to do that would do.

You do need to make sure these registers are updated every kernel update, or else you’ll have to manually enter the LUKS password the next boot and update it then. I’m wondering if there’s a hook I can set up where every time the boot partition is updated, it updates PCR registers.

You’re somewhat right in the sense that the point of disk encryption is not to protect from remote attackers. However, physical access is a bigger problem in some cases (mostly laptops). I don’t do it on my desktop because I neither want to reinstall nor do I think someone who randomly breaks in is going to put in the effort to lug it away to their vehicle.

Clevis pretty much does TPM encryption and is in most distros’ repos. I use it on my Thinkpad. It would be nice if it had a GUI to set it up; more distros should have this as a default option.

You do have to have an unencrypted boot partition, but the issues with this can at least in be mitigated with PCR registers, which I need to set up.

It’s a smidge more difficult on Debian if you want to use a non-ext4 filesystem - granted for most people, ext4’s probably still fine. I use it on my desktop, which doesn’t have encryption.

Yes, fellow OpenTTD player.

I’m using LVM. The BIOS solution would be a bad idea because it would be more difficult to access the drive on other systems if you had to; LVM allows you to enter your password on other systems to decrypt.

Do your servers have TPM? Clevis might be the way to go; I use it on my Thinkpad and it makes my life easy. If the servers don’t have TPM, Clevis also supports this weird thing called Tang, which from what I can tell basically assures that the servers can only be automatically decrypted on your local network. If Clevis fails, you can have it fall back to letting you enter the LVM password.

Well, it was worth a shot.

I don’t do it for my desktop because 1) I highly doubt my desktop would get stolen. 2) I installed Linux before I was aware of encryption, and don’t have any desire to do a reinstall on my desktop at this time.

For my laptop, yes, I do (with exception of the boot partition), since it would be trivial to steal and this is a more recent install. I use clevis to auto-unlock the drive by getting keys from the TPM. I need to better protect myself against evil maids, though - luckily according to the Arch Wiki Clevis supports PCR registers.

I wouldn’t necessarily say that - Debian and FreeBSD releases have roughly the same support lifespan, meaning if installed on release day, you’d get a few (~5 years) years of support without major upgrades.

I’d say both systems have a high chance of success at upgrading to the immediate next version, so that becomes maybe 7 or 8 years when adding the years of support left on the now older immediate next version.

For a second immediate next upgrade, you might be right that a BSD has a better chance of surviving.

I wouldn’t know about Open SD, though, as they operate on point releases and I don’t know to what extent they prevent breaking changes.

I think you might win.

That might me it - when I search older media, say The Andy Griffith show, sure enough there are a crap ton of plates.

It might be a sort of Venn diagram thing - Trek/Wars plates came at the dusk of the commemorative plate era, while the fans were more likely than others to buy collectibles like plates, making them seem unique from other fandoms.