Did a new release of `ssh-tpm-agent`, `v0.8.0`.
Notable changes is hierarchy keys, keyctl backed passwords and some preliminary landlock support.
https://github.com/Foxboron/ssh-tpm-agent/releases/tag/v0.8.0
Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit 
Teilen erbeten 
als PDF:
https://cryptpad.digitalcourage.de/file/#/2/file/NdmBgSYkRCto8B+JmJkE9mQ4/
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit
Teilen erbeten
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
https://cryptpad.digitalcourage.de/file/#/2/file/C3-dKGz23Qhw1ZSBmDnOAK3s/
Via #TPM @ 5:12pm ET, Mar 06, 2025
A federal judge ruled that President #Trump’s firing of #GwynneWilcox was unlawful and ordered her restored to the #NationalLaborRelationsBoard in an opinion that excoriated his quest to craft a new, super-powerful presidency.
“A President who touts an image of himself as a ‘king’ or a ‘dictator,’ perhaps as his vision of effective leadership, fundamentally misapprehends the role under Article II of the U.S. #Constitution"
https://talkingpointsmemo.com/news/judge-nlrb-trump-supreme-court
Imaginative threat scenario:
When it comes to #SecureBoot some people don't want to enroll Microsoft keys because they are afraid it opens up the possibility of booting malicious boot environments.
My LUKS password is TPM sealed with PCR7 and requires a PIN. Microsoft keys enrolled.
You are a threat actor trying to decrypt my disk. You have managed to successfully boot a malicious initramfs and presented me with a LUKS prompt.
What do you do once I hit enter?
TPM и Secure boot это полурак полухуй на десктопах
TPM более менее надёжно может защищать с PIN, но и тут есть проблемы, хер разбери у тебя на плате китайский камущек сделанный джунхуем за три копейки без защиты от tampering или что то реально рабочее, шифровуются ли линии - непонятно, куча нюансов, Проще тупо включить argon в luks и быть уверенным что так оно за себя постоит.
А Secure Boot, в каких случаях он хоть что то полезное делает вообще? Ядро повреждено вирусней и так вы в безопасности? Так тогда это уже пиздец и с компа уже все унесли.
Хрень это все вообщем, microsoft как обычно шизы
#linux #tpm #secure_boot #opsec #luks
DId a new release of age-plugin-tpm. Mainly just patches and some rewritten integration tests.
Also uses the experimental Go age plugin API.
https://github.com/Foxboron/age-plugin-tpm/releases/tag/v0.3.0
In today's #TPM #TheWeekender, #JohnLight reports that #Trump's #DOGE is ostensibly modeled after the Ministry of Deregulation and State Transformation created by #JavierMilei. What Light fails to mention is #Argentina's inflation rate hasn't been below 15% since 2016, and it's been above 100% since Milei was elected.
This is why I've pulled most of my retirement money out stocks and put it in gold, silver, and CDs. 
about it.
#politics #USPol
https://talkingpointsmemo.com/the-weekender/as-congressional-gop-cheers-trumps-rampage-the-courts-are-the-last-hope-to-stop-him
https://tradingeconomics.com/argentina/inflation-cpi
My talk on `ssh-tpm-agent` I held at #FOSDEM has been released!
Abstract: https://fosdem.org/2025/schedule/event/fosdem-2025-5544-hardware-backed-ssh-keys-ssh-tpm-agent/
Slides: https://pub.linderud.dev/talks/Hardware-backed-SSH-keys.pdf
#BreakingNews
#TrumpCoup #TreasuryTakeover:
Via #WiredNews in #TheBackChannel #TPM
"#DOGE...not only has 
full access to these systems, he has already made extensive changes to the code base for these critical payment system[s].™
"A 25-year-old DOGE operative named #MarkoElez in fact has admin privileges on these critical systems, which directly control and pay out roughly 95% of payments made by the U.S. government, incl. Social Security checks,..."
https://talkingpointsmemo.com/edblog/musk-cronies-dive-into-treasury-dept-payments-code-base
A few hours ago, @nytimes wrote:
«"It is very clear that, if there is a middle of all of this hot mess of division, Americans want us to work together when we can and find common ground," Sen. Amy Klobuchar tells the Opinion writer Michelle Cottle.»
I'm going to pray that they've been sitting on that quote for weeks and that it's not the evidence of dangerous cluelessness by Klobuchar that it appears to be.
I think Americans want first for Congress to save Democracy, Amy. Because control of the public's attention is easily manipulated in social media, they may not realize it's in mortal danger, but it's Congress' job to know that fact.
If they, Democrats and Republicans alike, aren't describing it as a full-on assault on the Constitution, a coup, a sudden & complete dismantling of Democracy via a prior published & detailed plan, then they aren't solving the right problem and show no evidence of paying attention.
Even 4 years ago, on January 6, it wasn't "business as usual". We needed Congress on that day to continue a Constitutional government but NOT to hear budget debates and such mundane legislative things. We knew we were UNDER ATTACK.
This, now, today, is an ESCALATION OF THAT ATTACK, and she's talking like she wants to ignore it, treating this as an ordinary work day. Work together by IMPEACHING maybe, but nothing less. Do not underestimate the seriousness and urgency of what's going on. Do not get distracted.
If Congressfolk don't see this as an escalation, maybe because it's a "white collar" attack not (yet) involving guns, they can't respond properly. They must stop talking about this as something to legislate their way out of. We in the US are under a real time administrative assault. Stop taking weekends & holidays. This is not a schedulable event. They are preying on your willingness to pretend it can have a leisurely pace.
Congress has long been soft on white collar crime, treating it as a privilege of the elite, the donor class. Perhaps it's become invisible to them, even as it's far more sweeping and hurtful than much street crime. Maybe a white collar coup is then likewise invisible. We need them to wake up and SEE.
This time they're using ID cards to get into buildings they're taking over, but there's more to Constitutional government than right of entry. The Constitution spells out limits on power. They're violating limits so fast they can't all be checked fast enough. A Gish gallop assault on policy & power.
Sadly, I predicted this crisis on the ex-bird site Oct 13, 2016 (before 2016 vote). Talking Points Memo (TPM) had cited USA Today on Trump's propensity for legal challenges. I expected the same with Constitutional challenges. Just as happened. Our system barely handles a few challenges a year, not thousands.
#USPolitics #politics #USCongress #Congress #democracy #coup #TrumpCoup #oligarchy #fascism #authoritarianism #attack #assault #Jan6 #SCOTUS #Constitution #Lawless #Project2025 #TPM #Klobuchar #Senate #WhiteCollarCrime #WhiteCollarCoup #GishGallop
(This post is an expanded form of a thread I just posted to BlueSky.)
Heading for #FOSDEM today!
Feel free to reach out if you want to chat about TPMs, distro security, reproducible builds, supply chain stuff or general Linux things.
Else I can probably be found in the cantina with a bunch of other Arch people!
I will be talking in the security devroom tomorrow 15:00 about ssh-tpm-agent!
https://fosdem.org/2025/schedule/event/fosdem-2025-5544-hardware-backed-ssh-keys-ssh-tpm-agent/
So wie es aussieht, werden Admins mit #Windows11 und Trusted Platform Modules noch viel Spaß haben.
Ein #Firmware Update der Firma #STM für ein #TPM in #Dell Laptops führte offenbar dazu, dass der Bestätigungsschlüssel (Endorsement Key) und das Zertifikat für diesen Schlüssel nicht mehr übereinstimmen. Als Folge davon funktioniert #Windows #Autopilot nicht mehr und das TPM muss mit allen bereits installierten Schlüsseln (z.B. #BitLocker) zurückgesetzt werden.
#Admin
https://patchtuesday.com/blog/0x80070490-tpm-attestation-timed-out-on-windows-11-24h2/
MAME Devs Spent 628 Years Cracking Protection on 712 Retro Games
https://torrentfreak.com/mame-devs-spent-628-years-cracking-protection-on-712-retro-games-250118/
#Anti-Piracy #retrogaming #Emulators #mame #DRM #TPM
Bypassing disk encryption on systems with automatic TPM2 unlock – https://oddlama.org/blog/bypassing-disk-encryption-with-tpm2-unlock/
oddlama writes: '"Most TPM2 unlock setups fail to verify the LUKS identity of the decrypted partition. Since the initrd must reside in an unencrypted boot partition, an attacker can inspect it to learn how it decrypts the disk and also what type of filesystem it expects to find inside. By recreating the LUKS partition with a known key, we can confuse the initrd […]"' #tpm #linux #Encryption
