Anyone who thinks a government can ban VPNs without destroying economy is deluded

Anyone who thinks government would never do something as utterly stupid as shooting itself repeatedly in the everything out of spite is deluded. Banning all form of encrypted traffic would be insane. Now tell me, how many insane things have we witnessed in the recent years from our collective governments?

Anything encrypted is blocked. Boom, done.

Is it stupid? Yes. Never stopped lawmakers.

It’s E2EE alright. Just, don’t ask what “ends” we’re talking about.

The drunk dude that’s always sitting on the ground near the park entrance and sell weird tissue dolls with curly hairs is more trustworthy, I’d say.

I can’t wait for a moment where he slip, jumping from the last thing to the next, and use the epstein files as a distraction for something else out of sheer stupidity.

This could be good, except that one move is shooting its own country in the everything.

No need. It seem it got fixed along the way. But that’s the point; I tried this a year ago, and it would not work, either under the default configuration with DRM enabled, or after disabling most of the privacy features, so I just gave up on it.

Firefox, for all the flaws regarding the direction Mozilla is taking, just worked out of the box. And for adoption, working out of the box immediately is kind of a requirement.

Both are completely unrelated to the discussion. TPM sometimes have issues regarding their security, but you can certainly use Secure Boot with your own signing keys to ensure the kernel you run is one you installed, which improves security. And you can use TPM to either keep your FDE keys, or only part of them combined with a PIN if you don’t fully trust them to be secure, so you keep strong encryption but with a bit of convenience.

Without a (properly configured) Secure Boot startup, anyone could just put a malware between the actual boot and your first kernel. If the first thing that happens when you boot is something asking for a password to be able to decrypt your storage, then an attacker can just put something here, grab your password, and let you proceed while storing in a a place it can be retrieved.

Is this scenario a concern for most people? That’s unlikely. But every computer sold these last five years (at least!) can be setup to reduce this risk, so why not take advantage of it.

Just update a W10 local install. It won’t even try to ask you to add a microsoft account.

Sure. It’s not anyone. It’s anyone that can get a warrant. Or anyone that have enough power/underhanded influence to ask them nicely. Or any admin that have access to cloud storage at MS (remember they where caught with some exec having full access to that a while ago). Or any big leak that could exfiltrate these data. And probably a handful of other people, like, someone getting access to your MS account for whatever reason (which kinda happen, seeing how people lose their mail account to phishing/scams all the time) suddenly having access to your keys from there.

If your keys are in a DB somewhere, there’s a lot of way they could get out. Would these ways coincide with someone actually having your drive at hand? Probably not. Still, the key not existing in plaintext in some third party storage close all these holes.

Your computer generate a random key using (hopefully) a trusted PRNG with good enough sources. This key is then used to encrypt your data. This key is stored in your computer’s TPM module, and provided to the OS only if the chip approves all the checks in places. In addition, you get that key displayed to you, so you can write it down (or alternatively save the key file somewhere of your convenience). This is relatively good as far as security goes (unless the TPM is broken, which can happen).

And then, unless you jumped through hoops to disable it, your PC sends the key to Microsoft so they can just keep it linked to your account. That’s the part that sucks, because then, they have the key, can unlock your drive on your behalf, and have to produce it if asked by a judge or something.

Note that there are relatively safe way to protect these keys even if they are backed up in “the cloud”, by encrypting them beforehand using your actual password. It’s not absolutely perfect, but can make it very hard/costly/impossible to retrieve, depending on the resources of the attacker/government agency. But MS didn’t chose this way. I don’t know if it’s because of sheer incompetence, inattention, or because this feature is claimed to be here to “help” people that lose their key, and as such are likely to lose their password too, but it is what it is.

Don’t worry, I’ve heard they limited this wonderful feature to paid accounts.

That’s assuming the setting is respected server-side, of course. With the track record of company doing AI training, respect of rules and law isn’t really part of their actions.

Open netflix. Even with a lot of features turned off and DRM enabled, it will regularly fail to load any content.

And, yes, the general user will want sites like netflix to work.

This shows how unhinged the whole recent hate on Firefox is. Turning off GenAI is literally one single setting

We heard of that “kill switch” way, way after the general outrage. Also, other software and services have an “AI killswitch” that conveniently fails to work from time to time, and is fixed only when people notice it.

It’s not unhinged to point finger at someone doing something that, from experience, as always turned bad. Also, if you think the hate (I use your word, I’d say distrust) for Firefox is only related to the recent “AI” push, you’re severely misinformed.

Yeah? That’s kinda the plan? Do you see a particular problem with a mostly renewable (to the scale of our species’ lifetime) source of energy, that can be implemented in various way to accommodate different situations, locations, and use, while trying to make things more efficient?

Because I don’t.

Because batteries are a point of tension in the adoption of some electricity-centric techs. Electricity production can be done in many different ways already (unless you suddenly decide to 100x the demand for shit and giggles), but a lot of applications requires batteries, which makes them some sort of choke point for adoption. Making them better, more accessible, cheaper, more friendly on the environment ease that.

The comparison is also on one end of the world focusing on the dying down side of things, while the other end is (allegedly) looking forward.

That’s why they’re compared.

Is it a “you’re holding it wrong” moment? Or a “no, it’s the consumers who are wrong” moment?

I’m pretty sure most countries have an idea of peace that does not openly include “start frivolous wars”. We’ll be ok without that.

If you can’t get it to work with just the provided installer, you can look into this : https://github.com/zelikos/davincibox

It works perfectly fine. The “missing codec” issues usually boils down to some commonly used codecs not being supported in the free version.