• 0 Posts
  • 8 Comments
Joined 1 year ago
cake
Cake day: August 15th, 2023

help-circle




  • While I don’t use TPM myself (I dislike being tied to a specific hardware) the way it protects you is:

    Disk is protected through encryption, so you can’t remove and inject anything/hack the password.

    If boot is protected/signed/authorized only, a random person can’t load an external OS and modify the disk either.

    All this together would say, even if someone acquires your computer, they can’t do anything to it without an account with access, or an exploit that works before a user logs.

    In a way, the attack surface can be bigger than if you simply encrypted your disk with a key and password protect that key.



  • mb_@lemm.eetoLinux@lemmy.mlBasic fonts
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    You can always compile your own Iosevka and adjust several pieces, I have done that selecting what I consider the best pieces a long time ago.

    The compiled font lives in an easy to access internal webserver that I just grab from every computer I use (=