This bootkit is not unkillable yet. If the diagram is correct, then it installs itself on the EFI partition and not the EFI Firmware.

So, they are talking about a bootkit embedding itself into the uefi firmware, then the graphics show a malicious bootloader that resides in the EFI partition that can be removed by formatting.

Elgato does not want Linux users: https://github.com/tolga9009/elgato-gchd/issues/15#issuecomment-610984742

Alternatively they are using google and their webmail client, no windows mail needed.

Someone has to pay for that work. Either volunteers are donating their time, corporations “donate” work of their employees or hire it out because use of the project generates profits for them and they recognize not everyone can be a parasite (The FOSS model)

The other alternative is users paying directly.

If you want to use a closed source os, then pay for updates or you will be monetized on other ways. (In the case of MS that would be ads or the OS is just an incidental product used to drive sales of software or cloud computing)

A subscription for continued support seems fair. (If there are no ads).

They show no password prompt for the user with the “active” session for removable drives. Only system drives always require admin auth for formatting and partitioning. Maybe your session setup is not completely correct so your user session is not marked as the active session or you tried it with a drive that is considered a system drive.

I know. I meant switch back to signal if signal added official support.

This is the way. I might be open to switch back if they [signal] added [official] support for unified push, though

I mean the exact same 2.8GB file, with the exact same USB-C stick took FU***** 3 seconds on Linux !!

For that test you should run sync afterwards to make sure the file was really written and is not waiting in a cache.

It is possible to format removable drives without root access through udisks2, e.g with gnome-disks or KDE ISO image writer. GNOME Impression is another tool that should work.

Meanwhile Australia is going to fore carriers to disconnect customers with devices that are not guaranteed to support emergency calling over volte. As there are still unsolved problems with detecting that, the providers fall back to only allowing devices they provided themselves.

Middle man tls.

And that is why I pay for my own domain. The service can change, but my domain is eternal (or near enough for my purposes)

I wonder how fast a turnaround would really be. Can all the checks be run on the launchpad and how likely are repairs that cannot be done there?

Sorry, I have no idea.

The relevant polkit policies should be defined here: https://github.com/systemd/systemd/blob/main/src/login/org.freedesktop.login1.policy

Disabling is done with some rules like this: https://bbs.archlinux.org/viewtopic.php?id=152565

polkit.addRule(function(action, subject) {
  if (action.id.indexOf("org.freedesktop.login1.power-off") == 0) {
    return polkit.Result.AUTH_ADMIN;
  }
});

Some other examples: https://gist.github.com/grawity/3886114