|
cadenza posted:i just got one of the new thinkpad x1 carbons Is it letting you boot at all? My thinking came with a USB boot disabled in bios
|
# ? Jun 10, 2016 15:11 |
|
|
# ? Apr 29, 2024 13:47 |
|
cadenza posted:i just got one of the new thinkpad x1 carbons except mine's not new, it's a 2nd gen from 2014. and it's also continuously run one install of arch since then with basically no problems quote:however i can't seem to actually do anything. i tried two distros with graphical installers too (lubutu and debian) to no avail. need to spend some time today reading about this computer's firmware i guess um idk, dd the Arch installer ISO onto a flash drive and hit F12 at boot to select the flash drive from the boot menu? worked for me. efi's hardly a new thing at this point, set up a GUID Partition Table then format and mount an EFI System Partition. Then do "bootctl install" and systemd-boot will set everything up for you: it will copy the necessary files to /boot in the right places, and configure your firmware to boot from there. EDIT Oh! that's right, you have to turn Secure Boot off in the firmware setup first. Sapozhnik fucked around with this message at 15:54 on Jun 10, 2016 |
# ? Jun 10, 2016 15:51 |
|
cadenza posted:i just got one of the new thinkpad x1 carbons It's preventing you from installing poo poo distro's. Use Fedora.
|
# ? Jun 10, 2016 16:10 |
|
Lysidas posted:yeah, what? no, just that the interface names dont matter except in as much as "dhcp everything and give ethernet (regardless of interface name) a preferred routing metric over wifi" yeah, that's what we do
|
# ? Jun 10, 2016 18:14 |
|
Mr Dog posted:efi's hardly a new thing at this point, set up a GUID Partition Table then format and mount an EFI System Partition. Then do "bootctl install" and systemd-boot will set everything up for you: it will copy the necessary files to /boot in the right places, and configure your firmware to boot from there. yeah, this is exactly what i did. i am going to root around in the bios (i might be forcing csm boot or something idk) and then perhaps just repartition the drive with an MBR or something. no problemos i actually need to go through all this again though once i've got things vaguely working the first time, cus i wanna set up FDE (and actually have no idea how i am gonna do that cus i've never done it before) i actually booted the machine into the oem windows 10 quickly when it first arrived to check it out and lmao @ the amount of poo poo you have to opt out of in the set up process. "Are you SURE you don't want to share your browsing details with advertisers????"
|
# ? Jun 10, 2016 18:19 |
|
cadenza posted:yeah, this is exactly what i did. i am going to root around in the bios (i might be forcing csm boot or something idk) and then perhaps just repartition the drive with an MBR or something. no problemos Are you doing fde with luks? I know that ubuntu and fedora and probably centos do it out of the box. If you are doing it from scratch with a distribution that doesn't support it, then you'll have to spend a lot of time in the initramfs to decrypt and mount the root partition before pivoting to it. Even with support from your distribution, if you plan on doing any fancy stuff (like a combination of lvm, raid, luks, and etc), make sure you configure crypttab correctly and that your crypt device is using the name in the crypttab before updating your initramfs. Such a pain when it doesn't work.
|
# ? Jun 10, 2016 19:02 |
|
This reminds me of the time when I asked ubuntu to partition a new computer and it used btrfs with subvolumes to configure partitions. Like, it put a @home subvolume on the /home partition. So when I tried to update it later, it couldn't find the partition because it didn't use subvolumes. The moral of the story is:
|
# ? Jun 10, 2016 19:07 |
celeron 300a posted:The moral of the story is:
|
|
# ? Jun 10, 2016 19:15 |
|
cadenza posted:yeah, this is exactly what i did. i am going to root around in the bios (i might be forcing csm boot or something idk) and then perhaps just repartition the drive with an MBR or something. no problemos You want to set up FDE. Who is the adversary? It is somebody determined enough to steal your laptop while it's suspended, splice power lines into your still-powered SSD and then move it into their own computer? Because that's only slightly less determination than what's required to do a cold boot attack on a suspended FDE system. Arguably less I suppose, one requires soldering skills and the other requires some slightly specialized system firmware on the attacker's system and a half-decent freezer. If not, then set a SATA password on your SSD from the firmware menu and don't worry about it any further. Unless it's an NVMe SSD in which congratulations although idk off the top of my head if NVMe supports any sort of password protection or not. Sapozhnik fucked around with this message at 19:26 on Jun 10, 2016 |
# ? Jun 10, 2016 19:23 |
|
Mr Dog posted:You want to set up FDE. Who is the adversary? It is somebody determined enough to steal your laptop while it's suspended, splice power lines into your still-powered SSD and then move it into their own computer? Because that's only slightly less determination than what's required to do a cold boot attack on a suspended FDE system. Arguably less I suppose, one requires soldering skills and the other requires some slightly specialized system firmware on the attacker's system and a half-decent freezer. edward snowden told me to do it tho
|
# ? Jun 10, 2016 20:40 |
|
cadenza posted:edward snowden told me to do it tho edward snowden is a wanted fugitive who's made personal enemies of the biggest and best funded intelligence agencies in the world. it's unlikely you face quite the same risks to your data.
|
# ? Jun 10, 2016 21:14 |
|
Lysidas posted:what is a "new" x1 carbon? i got one in february and it runs kubuntu 16.04 fine, though i had to totally disable the touchpad since it is garbage and the clitmouse is almost as good as the one on my old x61t earlier in the thread someone pointed out that the newest lenovos only include touchpad ps/2 support as a legacy fallback the touchpad will always be poo poo unless you can get it working with i2c
|
# ? Jun 10, 2016 23:33 |
|
Mr Dog posted:You want to set up FDE. Who is the adversary? It is somebody determined enough to steal your laptop while it's suspended, splice power lines into your still-powered SSD and then move it into their own computer? well, my laptop spends a lot more time suspended than in any other state. if it's gonna be stolen, it's gonna happen while the thing is suspended the adversary question is realistic though. i'm much more worried about my data at rest in the hands of a common thief than anything else. if the cops or intelligence forces are after me i have bigger problems than the encryption of my laptop drive
|
# ? Jun 10, 2016 23:34 |
|
Against common thieves you don't need FDE. In other fun Linux news, today I put Arch on a Raspberry Pi for grins and spent an hour debugging the weirdest permission poo poo and assuming there was some lovely misconfigured linux security module that was put there by the distribution builder loving things up. Eventually some googling clued me in to my idiocy: [root@alarmpi ~]# ls -ld / drwx------ mrdog mrdog 4096 Jun 10 2016 / oops yeah that would probably gently caress things up pretty hard lol
|
# ? Jun 11, 2016 00:17 |
|
so i decided to try to install lubuntu because i was a bit tired of loving around with arch but i get a shitload of squashfs errors when i try to do anything - i can get into the live mode but trying to do anything (even open a terminal) fails due to I/O errors. trying to install using the graphical installer just gives a shitload of squashfs errors too, just like with debian. the md5s on the images are correct, and i've tried other usb drives in other ports... edit: cadenza fucked around with this message at 03:50 on Jun 11, 2016 |
# ? Jun 11, 2016 03:46 |
|
cadenza posted:so i decided to try to install lubuntu because i was a bit tired of loving around with arch but i get a shitload of squashfs errors when i try to do anything - i can get into the live mode but trying to do anything (even open a terminal) fails due to I/O errors. Is this on a dvd or a flash stick? Does it work on the computer that made it? What does dmesg say? Have you tried a memory test?
|
# ? Jun 11, 2016 05:54 |
|
Mr Dog posted:Against common thieves you don't need FDE. these days I actually would expect a common thief (or whoever they pawn their stolen goods to) to probe any electronic devices for valuable information yeah that portable might get pawned for a fraction its value, but someone is going to see if it has any passwords, credit card numbers, etc. there are good reasons Apple defaulted to enabling FDE on all portables a few years back
|
# ? Jun 11, 2016 06:30 |
|
it's like nobody reads what i write. yes, and a disk password will handle that case just fine. a crack head stealing my laptop will fence it, and the person doing the fencing will not want to spend more than five minutes trying to get bank details out of it. which is more than you'd need to get around a disk password. if it's not an apple laptop then it probably has vanishingly small retail value as a stolen product but i don't really know, i'm not a crack head.
|
# ? Jun 11, 2016 13:28 |
|
Mr Dog posted:it's like nobody reads what i write. don't sign your posts
|
# ? Jun 11, 2016 13:59 |
|
so if fde is pointless, why are apple, microsoft, and all the linux distros busy making it easy to set up and use? why are they not listening to forums poster mr dog and just telling people to use sata passwords?
|
# ? Jun 11, 2016 14:01 |
|
Because the government has BACKDOORS IN YOUR SATA FIRMWARE MAAAAAAAAAAAAN (this and a combination of wanting to play secret agent is probably actually the reason why the linux distros do it, no idea about the commercial oses though) eh, honestly though, i don't really know. to evaluate the effectiveness of a security measure you must first specify an adversary. unless you do that as your first step you're just jerking off. your adversary is the nsa taking a specific interest in you as a person? you're hosed, sorry. your adversary is a guy fencing laptops for crack heads? gently caress is he gonna do? i mean yeah i guess if everybody used sata passwords then some chinese hot-transplant kits custom-made for if you enjoy playing secret agent then don't let me stop you.
|
# ? Jun 11, 2016 14:34 |
|
it's also worth noting that all modern ssds AES-encrypt your data whether you set up drive security or not (if you don't then the ssd just stores the master key in plaintext in its configuration region). reason being that any useful cipher will give you a roughly equal distribution of 1s and 0s in the ciphertext, which is helpful for flash wear levelling at the bit level.
|
# ? Jun 11, 2016 14:37 |
|
most people who steal laptops, especially apple products are paranoid as hell about things like find my iphone/mac. in college i knew someone who stole an xbox and was paranoid about the person they stole it from contacting microsoft to track them. so they threw it off a bridge. i dont associate with that person anymore..
|
# ? Jun 11, 2016 16:49 |
|
its me the idiot using a sata password, i also use a bios password to make my computer super safe
|
# ? Jun 11, 2016 22:25 |
|
I filled my computer with poisonous bugs and steel locks.
|
# ? Jun 11, 2016 22:36 |
|
same
|
# ? Jun 11, 2016 22:36 |
|
Smythe posted:I filled my computer with poisonous bugs and steel locks. yosposters gently caress their computers and cum inside them
|
# ? Jun 11, 2016 22:38 |
|
Silver Alicorn posted:yosposters gently caress their computers and cum inside them Lmao
|
# ? Jun 11, 2016 22:40 |
|
Silver Alicorn posted:yosposters gently caress their computers and cum inside them what? you havent seen the banner ad?
|
# ? Jun 12, 2016 00:44 |
|
cadenza posted:i just got one of the new thinkpad x1 carbons nice. i have the gen 3 and i only bought it because they were flogging cheap souped-up ones ahead of gen 4, but it's now my favourite computer i've owned. i don't have a linux on it though but i do intend to load the combination microsoft and linux shell
|
# ? Jun 12, 2016 11:40 |
|
so i realised that installation media i created in linux were working absolutely fine, while those created in osx on 4 different drives all had problems i finally compared the versions of dd i was using and the version in osx is the bsd one from 1994... loving tim cook screwing me again. i guess now i can actually install the distribution i wanted to instead of relying on archboot (only thing that worked since it runs out of ram instead of off the media itself)
|
# ? Jun 13, 2016 20:04 |
|
https://blogs.gnome.org/desrt/2016/06/13/gtk-4-0-is-not-gtk-4/ lol loving hell, gnome really is a completely irredeemable clown show isn't it i'm sorry it took me so long to come to terms with this
|
# ? Jun 13, 2016 20:45 |
|
Mr Dog posted:loving hell, linux really is a completely irredeemable clown show
|
# ? Jun 13, 2016 21:01 |
|
i'm really disappointed i ever associated myself with gnome.
|
# ? Jun 13, 2016 21:24 |
|
Mr Dog posted:https://blogs.gnome.org/desrt/2016/06/13/gtk-4-0-is-not-gtk-4/ will the X number of GTK APIs that exist after 2X years all be maintained? seems like a nightmare scenario imo.
|
# ? Jun 13, 2016 21:30 |
|
we've been talking about it at the office and we cannot find where the supposed upside is
|
# ? Jun 13, 2016 21:35 |
|
the upside is that the gnome developers who want to work on shiny new stuff* won't have to worry about backwards compatibility any more. the only ones who will have to care about existing users will be the ones who choose to work on maintaining boring old stuff**. * i.e. all of them ** i.e. nobody
|
# ? Jun 13, 2016 21:42 |
What DE do people in this thread like, and why? I've been meaning to migrate from my ancient Ubuntu install to Fedora, and I'm trying to decide which spin to use.
|
|
# ? Jun 13, 2016 22:18 |
|
I like gnome but drat theyre making it hard to
|
# ? Jun 13, 2016 22:22 |
|
|
# ? Apr 29, 2024 13:47 |
|
Suspicious Dish posted:we've been talking about it at the office and we cannot find where the supposed upside is the upside is hopefully you switch to Qt
|
# ? Jun 13, 2016 22:24 |