Ich kann dir nur das aktuelle Interview der Lage der Nation mit Baerbock empfehlen. Es werden die Waffenlieferungen kritisch angesprochen. Ich finde es wichtig, ihre Position zu diesem Thema zu hören, um so die eigene Meinung besser bilden zu können. Hier der Link zur Online Version, falls kein Spotify genutzt wird.
The discussion around this isn’t differentiated enough. Germanys foreign Minister has explicitly stated that what was exported, is stuff whose purpose is defensive in nature, e.g. Ground to air missiles. I can’t say if that is true, though there is some corroborating material. Nevertheless arms exports is too general as a category in my opinion.
The dual root partitions we described in Deepin 20.5 are gone, but version 23 still sets up a moderately complex partitioning scheme, including an EFI system partition, a 1.5 GB
/boot
partition, a swap partition, and a 15 GB root partition, and the rest of the disk given to a partition labeled_dde_data
. All are in plain oldext4
format, but there’s some magic being done with the data partition that we didn’t have time to trace. It appears to be mounted at multiple places, including/home
,/var
,/opt
, and a mount point called/persistent
beneath them all. We’re not sure exactly how it’s been done, but the distro has some kind of atomic installation facility with rollback.
Lack of proper documentation by Deepins Devs is enough of a red flag for me to never consider trying it.
Does anyone know why they switched to this new packaging format, especially since they, as far as i can tell, were using flatpak before? I cant find any explanation on it in blog posts or release notes. In general i find the information they provide on implementations (atomic updates etc.) rather minimal.
Some SATA and NVMe devices support hardware encryption (TCG OPAL2 standard) and with the latest cryptsetup LUKS devices can be configured to use hardware encryption to encrypt the data either by itself or together with the existing dm-crypt software encryption. Support for this feature was added in the latest cryptsetup upstream release and we’d like to provide an option for users to use this feature when installing Fedora with disk encryption.
As this is an expert option, it will be available only through the kickstart interface. […] There will be two new options to select either hardware encryption only or hardware encryption in combination with software encryption (analogous to the
--hw-opal-only
and--hw-opal
options used when configuring hardware encryption withcryptsetup
).
It‘s not only about using the tpm to unlock the FDE, you should be able to do that on every distro with systemd-cryptenroll. The part that is new, is the the measuring of the systems integrity. It’s a way to ensure that the firmware has not been tampered with, the boot loader is the one that was installed and has not been replaced, that the kernel is exactly the one that comes from the distribution, that the kernel command line is the one that we expect, and that the initrd that is used does not contain any extra binary that we do not control.
Well then you‘ve said it yourself: “shortly after“ they were attacked. That is not really much of an argument.