Unfortunately, I think you’re going to run into trouble because fido authenticators are geared towards working as user authenticators rather than as device authenticators.
It certainly should be possible from a technical perspective, but implementation-wise, it’s very likely that the code focuses on making fido devices work with client keys, and using tpms for host keys, since that’s much more focused on headless server functionality.
Oval peg in a round hole.
I’ve found my preferences have been creeping up in price again, but only because I’ve found I want an actually physically lightweight laptop, and those have been getting more available, linux-able and capable.
I only need a few hundred dollars worth of computer, and anything more can live on a rack somewhere. I’ll pay more than that for my computer to be light enough I don’t need to think about.
Paranoia in the sense of being concerned with the ill intent of others, not the sense of an irrational worry about about persecution. Much like how the intelligence community itself is said to have institutional paranoia.
While they created a set of patches that would implement the security features that selinux provides, what was actually merged was the result of several years of open collaboration and development towards implementing those features.
There’s general agreement that the idea that the NSA proposed is good and an improvement, but there was, and still is, disagreement about the specific implementation approaches.
To avoid issues, an approach was taken to create a more generic system that selinux would then take advantage of. That’s why selinux, app armor and others can live side by without it being a constant maintenance and security nightmare. Each one lives in their little self contained auditable boxes, and the kernel just makes the “check authorization” function call and it flows into the right module by configuration.
The Linux community was pretty paranoid about the NSA in 2000, so the code definitely got a lot more scrutiny than the typical proposal.
A much easier way to introduce a backdoor would be to start a tiny company that produces some arbitrary piece of hardware which you then add kernel support for.
https://github.com/torvalds/linux/tree/master/drivers/input/keyboard - that’s just the keyboard drivers.
Now you’re adding code to the kernel and with the right driver and development ability you can plausibly make changes that have non-obvious impacts, and as a bonus if someone notices, you can just say “oops!” And not be “the god-damned NSA” who everyone expects to be up to something, and instead be 4 humble keyboard enthusiasts with an esoteric set of lighting and input opinions like are a dime a dozen on Kickstarter.
You wouldn’t phrase it like that. Android is based on Linux, and selinux is part of the Linux security subsystem. Android makes use of selinux features, among others, for security sandboxing.
Eeeeh, at least then there would theoretically be public accountability. The FCC has limited censorship power that they’re generally unobjectionable with.
I’m honestly more concerned with the censorship from private enterprises than with government consorship currently. Less accountability and less recourse.
It also really only becomes censorship if the rating system is used to prohibit speech. If we instead made it more like the nutritional guidelines on food it could instead give more of a content breakdown than setting an arbitrary age.
Additionally, most media is read in a contiguous scan. Streaming media is very much not random access.
Your typical access pattern is going to be seeking to a chunk, reading a few megabytes of data in a row for the streaming application to buffer, and then moving on. The ~10ms of access time at the start are next to irrelevant. Particularly when you consider that the OS has likely observed that you have unutilized RAM and loads the entire file into the memory cache to bypass the hard drive entirely.
Definitely not for either of those. Can get way better density from magnetic tape.
They say they got the increased capacity by increasing storage density, so the head shouldn’t have to move much further to read data.
You’ll get further putting a cache drive in front of your HDD regardless, so it’s vaguely moot.
Yes. You’ll have to learn some new things regardless, but you don’t need to know how to program.
What are you hoping to make happen?
The estate has a duty to maximize the value of the liquidation, and pay back creditors as best it can. Specifically to settle the debts.
While a creditor can’t dictate the value of the estate, they can offer to forgive debt, which is the same for the purposes of the estate.
If the cancelled debt would have been worth more than the cash, then the creditors would be rightfully furious if the state instead sold the asset for less cash and paid them that way.
If you owe me $50k, and I tell you your watch is worth $5k to me, and instead you sell it for $250 and give me that while declaring bankruptcy so I don’t get anything else, that’s a terrible outcome for me, and great for you if you sold the watch to your friend who then gave it back to you in exchange for $250 later.
No, that’s actually still the market deciding. It’s a perfectly standard type of auction that discourages low-ball bids. Bidding is secret, you only get one bid, and you don’t know who or if anyone else is bidding.
If you want it, you make your best offer for what you’re willing to pay for it, and if someone else bid more they get it. If you would have been willing to pay more with more rounds of bidding, you should have bid that from the start.
Open-bid auctions get better prices for sellers when there are a lot of bidders, and better prices for buyers when there are few. Given there were two bidders, it’s fair to seek the most either party will bid, rather than seeking $1 more than the maximum the loosing party will pay.
That’s essentially what they did. They chose an auction type where each party offers as much as they’re willing to pay and the highest offer wins. The Sandy Hook families included a chunk of their debt in the offer which was part of the value.
No idea, and not entirely sure why it matters. If your goal is to sell an asset and maximize proceeds, it’s a known and unsurprising strategy, particularly since it gives higher returns when there are few bidders.
So it’s unfortunately not actually a sale until the judge approves it, it’s just an accepted bid.
Sorta like when buying a car. The salesman tells you the price for the vehicle, overpriced perks, and how much your trade in is worth, and you accept the final price. Then the salesman has to get the floor manager to agree, which they always do, because they’re the ones with authority to approve the sale. Then you can sign the paperwork and exchange money and you’ve actually processed the sale. Until then either party can walk away for any reason.
In this case, it’s like the floor manager rejected the sale because the cash part of the sale price was less than MSRP, and they didn’t think the trade in value mattered.
It’s not common for the sale to get rejected, and it’s even weirder for them to reject “not cash” instead of paying attention to value.
The judge saying the estate can’t accept debt forgiveness in lieu of cash is just odd, since it reduces the debt more than the cash would.
Sealed buds are usually better for that.
https://www.investopedia.com/terms/s/sealed-bid-auction.asp
Each party is incentivised to make the highest offer they’re willing to pay from the beginning, as opposed to negotiating the best price they can get.
Additionally, the families forgiving a significant amount of money as part of the bid should factor in, since the responsibility of the estate is to get the best deal, not the most cash.
A first price sealed bid auction is a perfectly common type of auction.
It’s functionally equivalent to an auction where you know the value of a thing (like we do a business being liquidated because the owner is in extremely deep unrelated legal debt), and the auctioneer starts by asking for the face value and then progressively lowers the ask until the first person accepts the price.
Instead of trying to get the lowest price possible, people are incentivised to start with their best offer for what they actually think the thing is valued. Allowing follow-up bids encourages people to low-ball and work their way up, which can reduce the price the seller gets for the item.
They’re not similar situations at all. For one, it’s an absurd difference in scale. Whatever your opinions of Amazon delivery driver working conditions and pay, it’s in no way comparable to “an invading army murdered their family”.
Second, whether or not I should push a button to give someone $5 with no obligation on their part is a different situation from getting a bandaid for a murdered family on the whim of the responsible party.
If you could push a button and a random person somewhere in the world gets $1 million, would you push the button?
… What? That’s such a non-sequitor that I’m honestly not sure if you replied to the wrong thing or something.
I can’t say that I would say the same thing in an entirely different situation with nothing to do with the other.
You’re not paying, you’re clicking a button to have Amazon give $5 of their money to the driver.
They could have just given a bunch of drivers $5, but then they wouldn’t make a bunch of customers think Amazon isn’t too bad.
So you should push the button, but also pointedly continue to think badly of Amazon.
It wasn’t the crypto key pair part I was referring to, it was the part where fido is geared towards interactive user auth, not non-interactive storage.
It wouldn’t have surprised me if the ssh devs hadn’t put implementing fido support for host keys high in the development list, or that it was tricky to find documentation for. Using something like a tpm is the more typical method.
There’s no technical reason it can’t work, and the op got it to work so clearly the implementation supports it, but that doesn’t mean it’s the most expected setup, which means it might have unexpected gaps in functionality or terrible documentation.