  • I’m dubious of faster than life travel being for reasons beyond our understanding of physics. If there were a reasonable way to do so 1 race anywhere in the galaxy could have colonized the entire galaxy or at least a substantial portion thereof in only a few million years. If it is possible it seems to suggest that life is so rare that there are very few forms of higher intelligent life in the galaxy at any given time and probably relatively few ever.

    Most bugs aren’t unconditionally experienced by all comers or they would have been fixed. It’s entirely possible there are 17 horrible game breaking experience ruining bugs every single one triggered by a very specific combination of factors in a given work and out of millions of players one person to hit 5 and hate their life and many hit zero.

    If you had bothered to read you would note they mention concrete defects that effected their playing not nits they were picking based on depth of experience.

    Given extremely misery return policies if your game’s profitability is actually materially harmed let alone destroyed by returns you might have released a broken piece of shit and need to blame yourself rather than customers who believed in you enough to at least initially put their money where their mouth is.

    You see what others don’t and this doesn’t help you feel positive about products.

    Its a fucking game. If it doesn’t make you forget about it being a “product” and divert your attention from the reality for a few hours its developers have wholly and completely failed.

    your professional mind deformation

    Did this sound like how humans talk when you said it?

    I ask QAs questions like your fantasy to find out whether the person is able to perceive different work aspects from a business perspective

    You try to hire people who are literal soulless robots who think about the money that can be made from convincing people to pay you to shovel shit into their brain instead of having fun.

    . This is very important to discover in an interview to filter the red flag attitude

    Holy shit you might actually eventually hire someone who gives a fuck

    I wish you the best, OP.

    I just said you were a piece of shit nobody should hire but I totally “wish you the best”. If its a person you ought to avoid hiring its a person who walks into a legit conversation, shits all over it, insults people, and talks like a fucking robot.

    Can you possibly keep your negativity to yourself if you have nothing useful to contribute next time?

  • Present wisdom is to design something that would work well on mobile first so single column and then make it work on larger screens the easiest way being to keep everything the same except for replacing ☰ with the actual nav menu at a certain width and setting a max width that keeps it looking like stretched out crap.

  • You hire competent people to hold the election, you pass laws declaring how the election is to be held, and if people deviate you sue them or hold them accountable. If the people conducting your election are themselves corrupt AND are secure against consequences technology doesn’t in any way save you but it can trivially damn you if its impossible for even competent people to conduct fairly as is trivially true.

    You have not addressed a single point I have made. There is reason to believe electronic voting is impossible to secure with any presently forseeable level of technology while paper and pen are trivial to secure in ways that someone with a 6th grade education could have understood 100 years ago.

    We vote every few years. In WA state you show your ID and register once or check a checkbox when you register for your license or ID and we give you an ID for $5 if you are poor. Thereafter your ballots come in the mail with a book about candidates positions in their own words. You have at that point weeks to fill it out and either walk a few blocks and drop it in a designated drop box or put it in a mailbox and let your mailman carry it.

    Once the election is conducted we know the results in a few days. This is already incredibly easy, secure, and convenient. If there is any question ballots can be manually recounted by hand in a few more.

    Your suggestion would be incredibly hard to implement, flawed, and give up either secrecy or security right off the bat. Further since it would rely on inscrutable computer code a single bad actor anywhere in the world could corrupt another-wise clean election with no legal means to go back and switch horses after the election had taken place and was adjudicated.

    It is purely a nightmare of an idea implemented to cure the fiction of insecure paper ballots, to serve the specter of technology for technologies sake, and tickle the fancy of people who think they know what a smart person looks like.

    Voting electronically is an inevitability given technological progress anyway, especially as we move out into space, so arguing about it isn’t going to do any good.

    This is a complete fantasy. Changes in how elections are conducted don’t happen magically because the calendar flips over they are implemented by lawmakers who answer to constituents. Such lawmakers are generally old and are generally VERY conservative about technology and proponents of e-voting like yourself have no good answers to ANY of the inherent flaws of such a measure. Just because you think it will eventually be fit isn’t any reason to implement it now or ever.

    Come back when you have an answer to ALL the flaws of e-voting. EG when you have mathematically verifiably secure clients that are verifiably secure even handed to morons which is universally available and usable by all and which can be understood to be secure by even said idiots. Then after that magic trick you can explain why spending Trillions was totally worth it compared to simply electronically tabulating paper ballots and hand counting to verify so we can spend 5 minutes in front of a screen instead of 5 minutes with a pen and know the answer a day sooner.

    If you continue to have zero answers to any of the challenges please don’t bother to respond. To reiterate the most serious

    • No way to verify AND have voting be anonymous

    • Clients are impossible to secure see reflections on trusting trust for the ultimate question

    • Possible for a single bad actor to corrupt the process from the outside

    • Impossible to audit with 100% certainty because the mechanism to conduct election and verify it rely on the same technology

    • Even if 100% secure proving this to the average person is basically impossible as it is well beyond their understanding. This makes it easy to drum up support for election denial fantasies like Trump even in the absence of any evidence.

    Please address every single point.

  • If you vote on your computer how exactly do you keep people’s computer from voting for them? How do you keep them from for instance changing the UI so that the graphic for candidate A actually registers a vote for B?

    How do you provide a way for user bob to verify he voted for A without also implicitly providing an easy way for him to verify his vote to someone pressuring him to share how he voted either to reward him for voting how that party pleases or to punish him for voting “incorrectly”.

    How do you provide a way to audit the vote without being able to see how people voted? If you do as you must have a database of ids to actual voters how do you keep that from leaking allowing everyone to see how everyone voted? Alternatively maybe it just leaks to whatever party is in control and THEY know how people voted so they can better target people for encouragement or suppression.

    Not a single one of these issues is an issue with paper ballots but every one of these is a deal breaker for e-voting and some of them are mathematically unsolvable like it being impossible to have an auditable and secret electronic ballot.

    Our current method of voting works and works well. We don’t NEED an answer a few days quicker at the expense of totally destroying actual security and secrecy. This is a dumb idea and we are all dumber for having spent time thinking about it.

  • Security is about understanding reasonable threat models. 99.99% of reasonable threats to your machine involve theft or loss of the entire machine and personal data or accounts being accessed. This doesn’t require advanced attacks or paranoia nor does it require extreme measures to protect against. No installer will create such a configuration without a passphrase because its a simple and effective step to take to protect your data that is enforced by systems created by people who are all smarter than you.

    Your cute statement about child porn is tasteless and thoughtless. I don’t take reasonable precautions like taking 5 seconds to type a password because I’m paranoid or criminal I do so because I have basic common sense.

    “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” https://en.wikipedia.org/wiki/Nothing_to_hide_argument

  • I never suggested there wasn’t value in the TPM for anyone although I think such validation has small value for most folks use case. Normal users are worried about theft of laptop by criminals not spies bugging their machine. I suggested that any configuration without a passphrase was inherently insecure.

    It’s not an “optimal setup” its the only setup that makes even the slightest sense because the alternative configuration can be defeated by a smart 12 year old with access to google.

  • Ah yes security brought to you by the same folks who brought you “bypass encryption by holding down the enter key” and “name your user 0day to get root access”

    It’s like putting security cams and interior locks all over your house instead of locking the front door. If your storage can’t be read without the passphrase then NOTHING can fail in such a way as to provide access. Simplicity and obvious correctness have virtues.

    There isn’t much reason to use anything other than FDE with a sufficient passphrase, auto login so the user doesn’t have to type two distinct passwords, and go luks suspends to evict key from memory on suspend.

    Boot up enter the passphrase -> see your desktop -> close the lid -> open the lid -> enter your passphrase

  • Yes because having firefox in /usr/bin/firefox is trashy and disorganized compared to having it in /home/$USER/.var/app/flatpak/app/org.mozilla.firefox/x86_64/stable/6b73214102d2c232a520923fc04166aed89fa52c392b4173ad77d44c1a8fb51b/files/bin/firefox and running firefox is so much more gross than flatpak run org.mozilla.firefox

    Can you like actually hear yourself?

  • On most systems you can press a hotkey in grub to edit the Linux command line that will be booted and in about 7 keystrokes gain access to any unlocked filesystem. Asking how you can break into a system you physically control is like asking how many ways you could break into a house supposing you had an hour alone with a crowbar the answers are legion. No machine in someone else’s hand which is unlocked can possibly be deemed secure.

    Even dumber no installer will create such an insecure configuration because the people that design Linux installers are smarter than you.

  • You aren’t actually asking to how to bypass encryption because the key is already in memory. You are asking about the much simpler task of compromising a computer with physical access to same. Depending on configuration this can be as ridiculous as killing the lockscreen process or as hard as physically opening the case chilling the contents of ram enough that data survives transfer to different physical hardware. See also the massive attack surface of the USB stack.