You are here

Agreguesi i feed

New Research Provides Evidence of Strong Early Magnetic Field Around Earth

Slashdot - 5 orë 58 min më parë
New research from the University of Rochester provides evidence that the magnetic field that first formed around Earth was even stronger than scientists previously believed. The research, published in the journal PNAS, will help scientists draw conclusions about the sustainability of Earth's magnetic shield and whether or not there are other planets in the solar system with the conditions necessary to harbor life. Phys.Org reports: Using new paleomagnetic, electron microscope, geochemical, and paleointensity data, the researchers dated and analyzed zircon crystals -- the oldest known terrestrial materials -- collected from sites in Australia. The zircons, which are about two-tenths of a millimeter, contain even smaller magnetic particles that lock in the magnetization of the earth at the time the zircons were formed. Previous research by [John Tarduno, Professor of Earth and Environmental Sciences and Dean of Research for Arts, Sciences, and Engineering at Rochester] found that Earth's magnetic field is at least 4.2 billion years old and has existed for nearly as long as the planet. Earth's inner core, on the other hand, is a relatively recent addition: it formed only about 565 million years ago, according to research published by Tarduno and his colleagues earlier this year. While the researchers initially believed Earth's early magnetic field had a weak intensity, the new zircon data suggests a stronger field. But, because the inner core had not yet formed, the strong field that originally developed 4 billion years ago must have been powered by a different mechanism. "We think that mechanism is chemical precipitation of magnesium oxide within Earth," Tarduno says. The magnesium oxide was likely dissolved by extreme heat related to the giant impact that formed Earth's moon. As the inside of Earth cooled, magnesium oxide could precipitate out, driving convection and the geodynamo. The researchers believe inner Earth eventually exhausted the magnesium oxide source to the point that the magnetic field almost completely collapsed 565 million years ago. But the formation of the inner core provided a new source to power the geodynamo and the planetary magnetic shield Earth has today.

Read more of this story at Slashdot.

A Newly-Discovered Part of Our Immune System Could Be Harnessed To Treat All Cancers, Say Scientists.

Slashdot - 9 orë 28 min më parë
An anonymous reader quotes a report from the BBC: The Cardiff University team discovered a method of killing prostate, breast, lung and other cancers in lab tests. The findings, published in Nature Immunology, have not been tested in patients, but the researchers say they have "enormous potential." Our immune system is our body's natural defense against infection, but it also attacks cancerous cells. The scientists were looking for "unconventional" and previously undiscovered ways the immune system naturally attacks tumors. What they found was a T-cell inside people's blood. This is an immune cell that can scan the body to assess whether there is a threat that needs to be eliminated. The difference is this one could attack a wide range of cancers. T-cells have "receptors" on their surface that allow them to "see" at a chemical level. The Cardiff team discovered a T-cell and its receptor that could find and kill a wide range of cancerous cells in the lab including lung, skin, blood, colon, breast, bone, prostate, ovarian, kidney and cervical cancer cells. Crucially, it left normal tissues untouched. Exactly how it does this is still being explored. This particular T-cell receptor interacts with a molecule called MR1, which is on the surface of every cell in the human body. It is thought MR1 is flagging the distorted metabolism going on inside a cancerous cell to the immune system. Treatment would include extracting T-cells from a blood sample of a cancer patient and then genetically modifying them so they were reprogrammed to make the cancer-finding receptor. The upgraded cells would be grown in vast quantities in the lab and then put back into the patient.

Read more of this story at Slashdot.

Loot Boxes Push Kids Into Gambling, Says England's NHS Mental Health Director

Slashdot - 11 orë 28 min më parë
Claire Murdoch, mental health director of England's National Health Service (NHS), has reignited the loot box controversy with a report claiming they push young people into "under the radar" gambling. PC Gamer reports: "Frankly no company should be setting kids up for addiction by teaching them to gamble on the content of these loot boxes", she said. "No firm should sell to children loot box games with this element of chance, so yes those sales should end." Loot boxes aren't currently regulated by England's Gambling Commission because their contents can't be monetized. The report calls this a "loophole" because, "Despite this, third party websites selling gaming accounts and rare items are commonplace and easy to find on places such as eBay across the internet." Murdoch called on game publishers to ban games whose loot boxes encourage children to gamble, as well as to introduce spending limits, tell players the odds of receiving each item before they buy a loot box, and "Support parents by increasing their awareness on the risks of in-game spending." As for what those risks are, the report says, "Investigations have found numerous cases of children spending money without their parents' knowledge, including a 16-year-old paying 2,000 British Pounds on a basketball game and a 15-year-old losing 1,000 British Pounds in a shooting game."

Read more of this story at Slashdot.

Ultrafast Camera Takes 1 Trillion Frames Per Second of Transparent Objects, Phenomena

Slashdot - 12 orë 8 min më parë
After developing the world's fastest camera a little over a year ago, Caltech's Lihong Wang decided that wasn't good enough and started working on an even faster device. A new paper published in the journal Science Advances details a new camera from Wang that can take up to 1 trillion pictures per second of transparent objects. Phys.Org reports: The camera technology, which Wang calls phase-sensitive compressed ultrafast photography (pCUP), can take video not just of transparent objects but also of more ephemeral things like shockwaves and possibly even of the signals that travel through neurons. Wang explains that his new imaging system combines the high-speed photography system he previously developed with an old technology, phase-contrast microscopy, that was designed to allow better imaging of objects that are mostly transparent such as cells, which are mostly water. The fast-imaging portion of the system consists of something Wang calls lossless encoding compressed ultrafast technology (LLE-CUP). Unlike most other ultrafast video-imaging technologies that take a series of images in succession while repeating the events, the LLE-CUP system takes a single shot, capturing all the motion that occurs during the time that shot takes to complete. Since it is much quicker to take a single shot than multiple shots, LLE-CUP is capable of capturing motion, such as the movement of light itself, that is far too fast to be imaged by more typical camera technology. In the new paper, Wang and his fellow researchers demonstrate the capabilities of pCUP by imaging the spread of a shockwave through water and of a laser pulse traveling through a piece of crystalline material.

Read more of this story at Slashdot.

Huge PS5 Leak Spills a Bunch of Info On Sony's Reveal Event

Slashdot - 12 orë 48 min më parë
A PS5 leak posted on 4Chan, which was later reposted on Reddit, spills a bunch of information on the PlayStation 5 reveal event which is expected to take place in February. According to the leak, the PS5 will be unveiled on February 5 at a PlayStation Meeting event for the media. "The console design, controller, UI/home screen, certain features, console specs, talk from third parties/indie publishers, as well as announcements for PS5 exclusives will be shown," says the leaker. The leak says the PS5 will support backwards compatibility with games from all 5 PlayStation platforms; PS4 accessories will be compatible on the new console as well; and the specs will rival Microsoft's Xbox Series X console. Furthermore, it states that the PS5 will launch worldwide in October 2020, priced at $499 in the U.S. It'll also be launched with several exclusive titles. You can read the full list of details here.

Read more of this story at Slashdot.

Instagram Drops IGTV Button Because Nobody Was Using It

Slashdot - 13 orë 28 min më parë
Instagram is removing the annoying orange IGTV button from its homepage because hardly anyone was using it. "As we've continued to work on making it easier for people to create and discover IGTV content, we've learned that most people are finding IGTV content through previews in Feed, the IGTV channel in Explore, creators' profiles and the standalone app. Very few are clicking into the IGTV icon in the top right corner of the home screen in the Instagram app," a Facebook company spokesperson tells TechCrunch. "We always aim to keep Instagram as simple as possible, so we're removing this icon based on these learnings and feedback from our community." TechCrunch reports: Instagram users don't need the separate IGTV app to watch longer videos, as the IGTV experience is embedded in the main app and can be accessed via in-feed teasers, a tab of the Explore page, promo stickers in Stories, and profile tabs. Still, the fact that it wasn't an appealing enough destination to warrant a home page button shows IGTV hasn't become a staple like past Instagram launches including video, Stories, augmented reality filters, or Close Friends. Now users need to tap the IGTV tab inside Instagram Explore to view long-form video. Another thing absent from IGTV? Large view counts. The first 20 IGTV videos I saw today in its Popular feed all had fewer than 200,000 views. BabyAriel, a creator with nearly 10 million Instagram followers that the company touted as a top IGTV creator has only post 20 of the longer videos to date with only one receiving over 500,000 views. [...] In another sign that Instagram is folding IGTV deeper into its app rather than providing it more breathing room of its own, and that it's eager for more content, you can now opt to post IGTV videos right from the main Instagram feed post video uploader. AdWeek Social Pro reported this new "long video" upload option yesterday. A Facebook company spokesperson tells me "We want to keep our video upload process as simple as possible" and that "Our goal is to create a central place for video uploads."

Read more of this story at Slashdot.

Jussi Pakkanen: The Meson Manual is now available for purchase

Planet GNOME - 13 orë 32 min më parë
Some of you might remember that last year I ran a crowdfunding campaign to create a full written user manual for Meson. That failed fairly spectacularly, mostly due to the difficulty of getting any sort of visibility for these kinds of projects (i.e. on the Internet, everything drowns).

Not taking the hint I chose to write and publish it on my own anyway. It is now available on this web page for the price of 29.95€ plus a tax that depends on the country of purchase. Some countries which have unreasonable requirements for foreign online sellers such as India, Russia and South Korea have been geoblocked. Sorry about that. However you can still buy the book if you are traveling outside the country in question, but in that case all tax responsibilities for importing fall upon you.
What if you don't care about books?I don't have a Patreon or any other crowdfunding thing ongoing, because of the considerable legal uncertainties of running a donation based service for the public good in Finland. Selling digital goods for money is fine, so this is a convenient way for people to support my work on Meson financially.Will the book be made available under a free license?No. We already have one set of free documentation on the project web site. Everyone is free to use and contribute that documentation. This book contains no text from the existing documentation, it is all new and written from scratch.Is it available as a hard copy?No, the only available format is PDF. This is both to save trees and because international shipping of physical items is both time consuming and expensive.Getting review copiesIf you are a journalist and wish to write a review of the book for a publication, send me an email and I'll provide you with a free review copy.When was the book first made public?It was announced at the very beginning of my LCA2020 talk. See it for yourself in the embedded video below.Can you post about this on your favourite social media site / news aggregator / etc?Yes, by all means. It is hard to get visibility without so I appreciate all the help I can get.What was that site's URL again?https://meson-manual.com

Feds Seize WeLeakInfo.com For Selling Access To Stolen Data

Slashdot - Hën, 20/01/2020 - 11:50md
JustAnotherOldGuy shares a report from PC Magazine: The FBI has shut down a website that offered hackers easy access to 12 billion records stolen in thousands of data breaches. On Thursday, the Justice Department announced it had seized the internet domain to WeLeakInfo.com, a site that was cataloging data taken from more than 10,300 data breaches at various companies and websites over the years. Customers could pay as little as $2 to gain access to the massive trove of data, which was carefully indexed and searchable. In return, subscribers could look up a person's email address to find out what previously leaked passwords, names, phone numbers, and IP addresses had been associated with it. It isn't entirely clear how WeLeakInfo.com was obtaining the data breach records. But hackers routinely sell, trade, and collect such information on dark web marketplaces and forums.

Read more of this story at Slashdot.

Hospitals Give Tech Giants Access To Detailed Medical Records

Slashdot - Hën, 20/01/2020 - 11:44md
An anonymous reader quotes a report from The Wall Street Journal: Hospitals have granted Microsoft, IBM and Amazon the ability to access identifiable patient information under deals to crunch millions of health records, the latest examples of hospitals' growing influence in the data economy. This breadth of access wasn't always spelled out by hospitals and tech giants when the deals were struck. The scope of data sharing in these and other recently reported agreements reveals a powerful new role that hospitals play -- as brokers to technology companies racing into the $3 trillion health-care sector. Rapid digitization of health records in recent years and privacy laws enabling companies to swap patient data have positioned hospitals as a primary arbiter of how such sensitive data is shared. Microsoft and Providence, a Renton, Wash., hospital system with data for about 20 million patient visits a year, are developing cancer algorithms by using doctor's notes in patient medical records. The notes haven't been stripped of personally identifiable information, according to Providence. And an agreement between IBM and Brigham and Women's Hospital, in Boston, to jointly develop artificial intelligence allows the hospital to share personally identifiable data for specific requests, people involved in the agreement said -- though so far the hospital hasn't done so and has no current plans to do so, according to hospital and IBM officials. Microsoft executive Peter Lee in July described how his company would use Providence patient data without identifying information for algorithm development. In a December statement, he said patients' personal health data remains in Providence's control and declined to comment further. As for Amazon, the Fred Hutchinson Cancer Research Center, in Seattle, granted certain AWS employees access to health information that identifies individual patients. "The Hutch, a research institution with ties to hospitals, trained and tested Amazon Web Services software designed to read medical notes," the report says. "An AWS spokeswoman said it doesn't use personally identifiable data protected under federal privacy laws to develop or improve its services."

Read more of this story at Slashdot.

The Fridge: Ubuntu Weekly Newsletter Issue 614

Planet Ubuntu - Hën, 20/01/2020 - 11:40md

Welcome to the Ubuntu Weekly Newsletter, Issue 614 for the week of January 12 – 18, 2020. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik
  • Bashing-om
  • Chris Guiver
  • Wild Man
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

Frontier, an ISP In 29 States, Plans To File For Bankruptcy

Slashdot - Hën, 20/01/2020 - 11:10md
An anonymous reader quotes a report from Ars Technica: Frontier Communications is planning to file for bankruptcy within two months, Bloomberg reported last week. The telco "is asking creditors to help craft a turnaround deal that includes filing for bankruptcy by the middle of March, according to people with knowledge of the matter," Bloomberg wrote. Frontier CEO Bernie Han and other company executives "met with creditors and advisers Thursday and told them the company wants to negotiate a pre-packaged agreement before $356 million of debt payments come due March 15," the report said. The move would likely involve Chapter 11 bankruptcy to let Frontier "keep operating without interruption of telephone and broadband service to its customers." Frontier reported having $16.3 billion in long-term debt as of September 30, 2019. Frontier offers residential and business services in 29 states over its fiber and copper networks. Frontier offers broadband, TV, and phone services and reported revenue of $2 billion and a net loss of $345 million in the most recent quarter. Frontier has been losing customers and reducing its staff. Its residential-customer base dropped from 4.15 million to 3.81 million in the 12-month period ending September 30, 2019, including a loss of 90,000 customers in the most recent quarter. Also in that 12-month period, Frontier's business-customer base declined from 422,000 to 381,000. Meanwhile, Frontier had 19,132 employees as of September 30, 2019, down from 21,375 one year earlier. Frontier's financial performance last year was so bad that it refused to take any questions from investors during its quarterly earnings call in August. Frontier is in the process of selling its operations in Washington, Oregon, Idaho, and Montana to WaveDivision Capital.

Read more of this story at Slashdot.

China Reports More Than 200 Infections With New Coronavirus From Wuhan

Slashdot - Hën, 20/01/2020 - 10:30md
The outbreak of a new virus that began in the Chinese city of Wuhan last month appears to be far from over. Today, Chinese health authorities reported that over 130 new pneumonia cases caused by the virus were identified over the weekend, bringing the total in China alone to 201, including three outside Wuhan. From a report: There has also been a third death from the infection, and South Korea now has reported a case as well -- the third country outside China to do so. Meanwhile, the pattern of spread makes it increasingly unlikely that the virus does not transmit between people, some experts say. "Uncertainty and gaps remain, but it's clear that there is some level of person-to-person transmission," Jeremy Farrar, head of the Wellcome Trust in London, said in a statement today. "The sudden spike in cases is disconcerting, but not entirely unexpected," says Adam Kamradt-Scott, an infectious diseases specialist at the University of Sydney. As more people learn about the disease, more will go to doctors, Kamradt-Scott says, even with mild symptoms, whereas previously they might have just stayed home. And doctors are now on the lookout for the new disease. "The result is that you see a sudden surge in cases," he says. But âoeif we continue to see this trend continue over the next week where there are 50 to 100 new cases every day, then that would be cause for further concern."

Read more of this story at Slashdot.

People Can Be Identified By the Way They Dance

Slashdot - Hën, 20/01/2020 - 9:50md
Might it be possible that someday in the near future, an official might get you to dance around a bit, in order to confirm that you're really you? Perhaps not, but nonetheless, a recent study has determined that people's identities can be matched to their unique style of dancing. From a report: Scientists at Finland's University of Jyvaskyla started out by using motion capture technology to see if test subjects' psychological traits could be ascertained from the way in which they danced -- such traits included their mood, their level of empathy, and how extroverted or neurotic they were. The researchers were also interested in seeing if simply by watching a person dance, it would be possible to determine what sort of music they were dancing to. This only worked about 30 percent of the time. What they unintentionally discovered, however, was that regardless of the type of music, each person has a characteristic style of dancing that can be identified and matched specifically to themselves. Doing so is accomplished utilizing machine learning algorithms, in conjunction with the motion capture tech. In the study, a total of 73 volunteers each danced to eight genres of music â" these included Blues, Country, Dance/Electronica, Jazz, Metal, Pop, Reggae and Rap. The participants received no instructions, other than to "move any way that felt natural."

Read more of this story at Slashdot.

China To Ban Single-Use Plastic Bags and Straws

Slashdot - Hën, 20/01/2020 - 9:10md
China, one of the world's biggest producers of plastic waste, is set to introduce a ban on all non-degradable plastic bags and single-use straws in major cities. From a report: As part of a plan to drastically reduce plastic pollution, China's government said the production and sale of disposable foam and plastic tableware, often used for takeout, and single-use plastic straws used in the catering industry will be banned by the end of the year. Disposable plastic products should not be "actively provided" by hotels by 2022. The changes were outlined in a document released on Sunday by China's National Development and Reform Commission and the Environment Ministry. The changes are part of a move to achieve a 30% reduction in non-degradable, disposable tableware for takeout in major cities within five years. Postal delivery outlets are also targeted in the new guidelines with a ban on non-degradable plastic packaging and disposable plastic woven bags by the end of 2022.

Read more of this story at Slashdot.

The Official Kubuntu 'Focus' Linux Laptop Goes on Sale

Slashdot - Hën, 20/01/2020 - 8:30md
You can buy an official Kubuntu laptop. Called "Focus". It is an absolutely powerhouse with top specs. From a report: Here's the specs list: CPU: Core i7-9750H 6c/12t 4.5GHz Turbo GPU: 6GB GTX-2060 RAM: 32GB Dual Channel DDR4 2666 RAM Storage: 1TB Samsung 970 EVO Plus NVMe Display: 16.1" matte 1080p IPS Keyboard: LED backlit, 3-4mm travel User expandable SDD, NVMe, and RAM Superior cooling The starting price for the Kubuntu Focus Laptop is $2395.

Read more of this story at Slashdot.

Cash, Plastic or Hand? Amazon Envisions Paying With a Wave

Slashdot - Hën, 20/01/2020 - 7:50md
Amazon wants to make your hand your credit card. From a report: The tech giant is creating checkout terminals that could be placed in bricks-and-mortar stores and allow shoppers to link their card information to their hands, WSJ reported over the weekend, citing people familiar with the matter. They could then pay for purchases with their palms, without having to pull out a card or phone. The company plans to pitch the terminals to coffee shops, fast-food restaurants and other merchants that do lots of repeat business with their customers, according to some of the people. Amazon declined to comment. Amazon, like other tech companies, is trying to further integrate itself into consumers' financial lives, leaving banks and card networks on edge. Apple introduced a credit card last year, and Google is rolling out checking accounts. If the Amazon terminals succeed, they could leapfrog mobile wallets such as Apple Pay while expanding Amazon's already-extensive access to consumer data. Amazon's projects are closely watched both by tech and financial companies, which are increasingly colliding in payments.

Read more of this story at Slashdot.

Bruce Schneier: Banning Facial Recognition Isn't Enough

Slashdot - Hën, 20/01/2020 - 7:10md
Bruce Schneier, writing at New York Times: Communities across the United States are starting to ban facial recognition technologies. In May of last year, San Francisco banned facial recognition; the neighboring city of Oakland soon followed, as did Somerville and Brookline in Massachusetts (a statewide ban may follow). In December, San Diego suspended a facial recognition program in advance of a new statewide law, which declared it illegal, coming into effect. Forty major music festivals pledged not to use the technology, and activists are calling for a nationwide ban. Many Democratic presidential candidates support at least a partial ban on the technology. These efforts are well intentioned, but facial recognition bans are the wrong way to fight against modern surveillance. Focusing on one particular identification method misconstrues the nature of the surveillance society we're in the process of building. Ubiquitous mass surveillance is increasingly the norm. In countries like China, a surveillance infrastructure is being built by the government for social control. In countries like the United States, it's being built by corporations in order to influence our buying behavior, and is incidentally used by the government. In all cases, modern mass surveillance has three broad components: identification, correlation and discrimination. Let's take them in turn. Facial recognition is a technology that can be used to identify people without their knowledge or consent. It relies on the prevalence of cameras, which are becoming both more powerful and smaller, and machine learning technologies that can match the output of these cameras with images from a database of existing photos. But that's just one identification technology among many. People can be identified at a distance by their heart beat or by their gait, using a laser-based system. Cameras are so good that they can read fingerprints and iris patterns from meters away. And even without any of these technologies, we can always be identified because our smartphones broadcast unique numbers called MAC addresses. Other things identify us as well: our phone numbers, our credit card numbers, the license plates on our cars. China, for example, uses multiple identification technologies to support its surveillance state.

Read more of this story at Slashdot.

Matthew Garrett: Verifying your system state in a secure and private way

Planet GNOME - Hën, 20/01/2020 - 1:53md
Most modern PCs have a Trusted Platform Module (TPM) and firmware that, together, support something called Trusted Boot. In Trusted Boot, each component in the boot chain generates a series of measurements of next component of the boot process and relevant configuration. These measurements are pushed to the TPM where they're combined with the existing values stored in a series of Platform Configuration Registers (PCRs) in such a way that the final PCR value depends on both the value and the order of the measurements it's given. If any measurements change, the final PCR value changes.

Windows takes advantage of this with its Bitlocker disk encryption technology. The disk encryption key is stored in the TPM along with a policy that tells it to release it only if a specific set of PCR values is correct. By default, the TPM will release the encryption key automatically if the PCR values match and the system will just transparently boot. If someone tampers with the boot process or configuration, the PCR values will no longer match and boot will halt to allow the user to provide the disk key in some other way.

Unfortunately the TPM keeps no record of how it got to a specific state. If the PCR values don't match, that's all we know - the TPM is unable to tell us what changed to result in this breakage. Fortunately, the system firmware maintains an event log as we go along. Each measurement that's pushed to the TPM is accompanied by a new entry in the event log, containing not only the hash that was pushed to the TPM but also metadata that tells us what was measured and why. Since the algorithm the TPM uses to calculate the hash values is known, we can replay the same values from the event log and verify that we end up with the same final value that's in the TPM. We can then examine the event log to see what changed.

Unfortunately, the event log is stored in unprotected system RAM. In order to be able to trust it we need to compare the values in the event log (which can be tampered with) with the values in the TPM (which are much harder to tamper with). Unfortunately if someone has tampered with the event log then they could also have tampered with the bits of the OS that are doing that comparison. Put simply, if the machine is in a potentially untrustworthy state, we can't trust that machine to tell us anything about itself.

This is solved using a procedure called Remote Attestation. The TPM can be asked to provide a digital signature of the PCR values, and this can be passed to a remote system along with the event log. That remote system can then examine the event log, make sure it corresponds to the signed PCR values and make a security decision based on the contents of the event log rather than just on the final PCR values. This makes the system significantly more flexible and aids diagnostics. Unfortunately, it also means you need a remote server and an internet connection and then some way for that remote server to tell you whether it thinks your system is trustworthy and also you need some way to believe that the remote server is trustworthy and all of this is well not ideal if you're not an enterprise.

Last week I gave a talk at linux.conf.au on one way around this. Basically, remote attestation places no constraints on the network protocol in use - while the implementations that exist all do this over IP, there's no requirement for them to do so. So I wrote an implementation that runs over Bluetooth, in theory allowing you to use your phone to serve as the remote agent. If you trust your phone, you can use it as a tool for determining if you should trust your laptop.

I've pushed some code that demos this. The current implementation does nothing other than tell you whether UEFI Secure Boot was enabled or not, and it's also not currently running on a phone. The phone bit of this is pretty straightforward to fix, but the rest is somewhat harder.

The big issue we face is that we frequently don't know what event log values we should be seeing. The first few values are produced by the system firmware and there's no standardised way to publish the expected values. The Linux Vendor Firmware Service has support for publishing these values, so for some systems we can get hold of this. But then you get to measurements of your bootloader and kernel, and those change every time you do an update. Ideally we'd have tooling for Linux distributions to publish known good values for each package version and for that to be common across distributions. This would allow tools to download metadata and verify that measurements correspond to legitimate builds from the distribution in question.

This does still leave the problem of the initramfs. Since initramfs files are usually generated locally, and depend on the locally installed versions of tools at the point they're built, we end up with no good way to precalculate those values. I proposed a possible solution to this a while back, but have done absolutely nothing to help make that happen. I suck. The right way to do this may actually just be to turn initramfs images into pre-built artifacts and figure out the config at runtime (dracut actually supports a bunch of this already), so I'm going to spend a while playing with that.

If we can pull these pieces together then we can get to a place where you can boot your laptop and then, before typing any authentication details, have your phone compare each component in the boot process to expected values. Assistance in all of this extremely gratefully received.

comments

next-20200120: linux-next

Kernel Linux - Hën, 20/01/2020 - 8:14pd
Version:next-20200120 (linux-next) Released:2020-01-20

5.5-rc7: mainline

Kernel Linux - Hën, 20/01/2020 - 1:02pd
Version:5.5-rc7 (mainline) Released:2020-01-20 Source:linux-5.5-rc7.tar.gz Patch:full (incremental)

Faqet

Subscribe to AlbLinux agreguesi