Maybe the firmware file supplied by the Pop OS repo is broken? Download the firmware updater directly from Dell’s website and put it on a FAT32 USB drive. Nice thing about Dell BIOS is that you can use the .exe update without Windows - there should be an option in your BIOS to browse for the update file and apply it. Then install a fresh copy of Pop OS and don’t let it update firmware for now.

Interesting. I thought that all but the disk and CMOS were stateless once powered down for hibernation, but I’d love to hear from someone with expertise on how other components know that they were hibernated under Windows.

I want shows like Hell’s Kitchen but for tech stuff - criticizing people’s phones, gaming setups, and server rooms

Yes. Stuff like lucky outfits for interviews, choosing lucky days when I can’t make up my mind on when to schedule an appointment, and various other little rituals based in anecdote rather than written evidence. Perhaps a particularly satisfying story or two about why the world is the way it is in the absence of a more naturalistic explanation.

But not the ghost haunting, UFO, or skinwalker kind of stuff. Won’t believe it until I see it myself. Makes finding a good horror podcast a bit more challenging for me.

I suppose that works, but that’s quite drastic just to watch YT.

YouTube being YouTube. It’s aggressive enough that I occasionally get blocked even with a residential IP address.

I’m ready to be called milquetoast, and while I see where this comes from, it comes off idealistic if we are to communicate with people in the present day in any practical way. Do not forget how much of an improvement it already is over the likes of proprietary messaging apps and how much effort it already is to move people to Signal. It is surprisingly difficult for common folk to grasp the concept of anything but a phone number when it comes to messaging apps.

Establish a specific trusted channel of communication and a backup. Anything important must come through those instead of just any random source. Educate them on scams in general and if they aren’t on social media already, keep them away from it.

Especially if cognitive decline hasn’t set in yet, also encourage them to make healthier lifestyle choices, take preventative measures, get checked up, and perhaps even get hearing aids to keep their minds sharp for some more years.

I’ve personally provided them a locked-down device that only connects to my aforementioned trusted communication channels.

I’m interested to see if anyone else has run into the same situation and found a good thought process for it. Problem is, if I need to pull anything from a pseudonym over to an identifiable portfolio, that pseudonym is no longer useful. But I can’t really justify getting a personal domain name if all it’s doing is hosting a glorified resume.

On modern versions of common distros, it’ll probably work just fine if you install the driver from your distro’s repos. Don’t touch NVIDIA’s downloadable .run installer.

It’s getting better for Nvidia support on Linux, but there’s more edge case problems than with AMD or Intel graphics.

Very possible. Tangentially related, but deleted my account a while ago, went back to ask a question on a niche subreddit with a fresh account, and had my post shadow-deleted for lack of karma or whatever nonsense. Site is still riddled with bots despite all the high barriers to new users though.

It’s very understandable having to use Reddit for some niche communities, but don’t put yourself through it if you’re getting banned just for having a different opinion.

Most of the popular open-source ones are fine. VSCodium if you want a rich GUI or perhaps Geany if you want a lightweight but beginner-friendly editor. Only things you’ll have to watch out for are editors with online features like AI integration, particularly Microsoft VSCode and the new notepad.exe with AI.

This is for a SeaBIOS system without functional TPM.

Bypassing either password challenge for simplicity’s sake is just defeating the purpose of having LUKS on the full disk anyway. Just encrypt your home of that’s a problem for you and simplify things.

Could you explain this? I do not see how it would compromise the security model since the lock screen would be dismissed only after the LUKS password is entered. The screenlocker is only relevant when suspended to RAM as the LUKS key is no longer in RAM once hibernated.

Killing your lock screen from the session manager is going to cause all kinds of problems, so that’s not going to help. It’s not JUST a plain old process to kill, it’s the session manager. You kill it, and it’s going to ask you again anyway, and likely destroy your existing session.

I am using slock, which is separate from my session manager (startx in ~/.profile), and in my testing, I was able to kill it without issue.

What a shitty banking app. The malware explanation could just be customer service boilerplate. They might have just implemented some commercial fingerprinting/analysis/security library in the app that freaked out at the minimal fingerprint of the GrapheneOS profile and defaulted to locking you out.

As individuals, we need to continue defending and advocating for our privacy - using privacy-respecting phones and software even if it’s difficult and organize against surveillance capitalism, or at least donate to existing advocacy groups. And the developers that make privacy-respecting alternatives more accessible. Not much of an easy way out since we’re up against Big Tech on a profoundly uneven playing field.

But for immediate issues like this, I would get a cheap separate phone with regular Android to handle the app if the bank doesn’t offer the same services through a browser. Try to keep it on an isolated network and only power it on when necessary.

I keep it around and don’t use subscription services or DLC, but the physical media itself doesn’t see everyday use, excluding books. When I had a bit more time during the quarantine, I digitized about half of my physical media library. Now if I need to pull something off the shelf, I’ll digitize it individually while I’m at it. After that point, I just run it off a hard drive or whatever portable device it’s on.

Most of my media purchases nowadays go to independent artists/developers where producing a physical copy is not always practical. Old stuff that was released on physical media often can be tracked down on archive.org since trawling eBay and thrift stores for those can get unsustainable. Everything else may be found in the high seas.

As for books, I’ll take physical copies whenever I can. I can’t stand prolonged reading on a backlit screen and I don’t do a good enough job keeping my e-ink reader charged.

Very much agree with the encryption key management. My friend group and I stopped using Matrix because the getting encryption right between all of our devices proved frustrating, especially if a reinstall or phone upgrade comes up.

If you have $150 to spare (depending on country), a secondhand Pixel 7a is a great starting point to try out GrapheneOS without directly contributing to Google. Just make sure it’s carrier unlocked so it allows bootloader unlocking. For $100 more, a Pixel 8a will get you several more years of software support. Practically everything just works with GrapheneOS.

Fairphone with /e/OS is leagues better than Googled Android, but little to no additional security hardening has been done over plain AOSP (which itself is quite secure against non-state-sponsored attacks to be fair). Also, some pings to Google have yet to be patched out, see https://eylenburg.github.io/android_comparison.htm

Linux phones are much better than they were a few years ago, but unless your workflow tolerates the occasional disruption due to a bug or missing feature, they aren’t exactly production-ready for most users. But a good sneak peek into the future of privacy phones given the way Android is headed now.

MicroG works for many things, but not everything. Google’s own apps don’t play well and some of my work apps don’t send notifications when using MicroG. But GrapheneOS supports a sandboxed, proper instance of Google Play Services should you need it.

Google Wallet and anything requiring the Play Integrity API will not work with third-party OSes, not even GrapheneOS (perhaps until they release their own phone).

It’s on the IzzyOnDroid repo: https://apt.izzysoft.de/fdroid/index/apk/com.cyb3rg0d.canvass

Fossify Paint does the same thing without adding the IzzyOnDroid repo, I just happen to have Canvass since it was the first thing that showed up when I searched.

My bad, misremembered that RiMusic fetches from Youtube music instead of Spotify

I definitely agree with you on this. My pet theory is that phones have been getting uncomfortably big, at least from my perspective, since the average consumer is expecting it to serve as a computing and productivity platform, while all I want is a nice little digital Swiss army knife. I’m only logged into my messaging apps and personal email, and don’t expect to do any sort of “productivity” on my phone. When my friends and colleagues assume I’m logged in to this-or-that on my phone, all I can think about is how afraid I would be if I were logged in to so many things on my personal phone. It’s so much harder to inspect what’s going on in the background of mobile devices.

One of the compromises I’ve had to accept is the closed, yet exploitable nature of the baseband and firmware. Also how much more spying it could do compared to any PC if an exploit were to get through. Compiling Coreboot and neutering the Intel ME taught me a lot about who’s really in control - and how much control we all lose to smartphone manufacturers and telecom companies.