The can opener.

As another poster mentioned, QubesOS with anti evil maid will work, but that’s the defense against state actors too and is overkill for this threat model.

BitLocker or any FDE using SecureBoot and PCR 7 will be sufficient for this (with Linux you also need PCRs 8+9 to protect against grub and initramfs attacks). Even if they can replace something in the boot chain with something trusted, it’ll change PCR 7 and you’d be prompted to unlock with a recovery key (don’t blindly enter it without verifying the boot chain and knowing why you’re being prompted).

With Secure Boot alone, the malicious bootloader would still need to be trusted (something like BlackLotus).

Also make sure you have a strong BIOS password and disable boot from USB, PXE, and anything else that isn’t the specific EFI bootloader used by your OS(es).

I use it for providing a text summary of YouTube videos that I can parse quickly. Because everything has to be a gorram video these days.

Probably the 9950x3d. And we’ve known for a while now that the cache would only be on one CCD.

You guys are finishing games?

I agree with the first part but vehemently disagree with the third paragraph.

I suspect it varies wildly based on where you live, but in Chicago there absolutely ARE places with waitstaff worth getting a burger from.

We still do.

But in this case, she’s serving him Great Pumpkin pie.

This was an amazing and informative answer. Thank you.

I don’t think I got them all.

I was one of those people. I still maintain hope, but the fear of what the algorithms will do outweighs that hope some days.

The thinking was that people’s core opinions are formed while they are young. They are mostly inherited from your family and society around you, so that information bubbles are formed early that are hard to break out of.

I thought that if people were exposed to multiple cultures and ideas from a young age through the Internet, they would understand them better – not just as foreign concepts told to them through a thick lens of bias from their parents and teachers.

However, I failed to predict the opposite powers. First were the echo chambers that formed, strengthening the deepest dark sides of humanity that, before, were kept locked away in basements lacking anyone with whom to discuss and provide validity. Then the corpos and MBAs figured out they could psychology game us all with algorithms. They didn’t necessarily know at first that the negative content would be the best for driving engagement; but they didn’t care either.

So right now I think the bad is outweighing the good. But I don’t think it has to stay this way forever.

A) Nope. You’re spreading FUD. Got a link?

B) I’m ignoring you. You’re talking gibberish.

B2) You’re still wrong and in over your head. Remember, the ask was for an out of box solution for full drive encryption, silently decrypted via TPM (using Secure Boot’s PCR 7) that still supports OS hibernation.

C) Wut?

A) You’ve said nothing relevant. We already knew all of this. Recall isn’t being installed or turned on on any of my Windows boxes. Copilot is dumb but it isn’t collecting any data you don’t voluntarily feed it.

B) I don’t disagree with whatever point you’re trying to make but it has nothing to do with Windows. Unless you know something we don’t?

B2) You’re lying

B3) What?!

C) You’re initiating searches through the Microsoft Windows Start Menu™ and are mad it’s launching Edge? Do I have that right?

A) None of that has actually happened. If you want to back down from hyperbole and provide specific examples, I will consider addressing them.

B) The U.S. Government is not an adversary in my threat model. If it is one in yours, I assume you are running Qubes OS, which is a completely different conversation. With Windows, I have access to Secure Boot and TPM-backed full drive encryption (including hibernation support) out of the box. Can you do that with Linux? Also, you know as well as everyone else here that the MSA requirement is easy to bypass.

C) Again, provide specifics. I don’t default any of my apps to Microsoft’s and this just doesn’t happen.

I’m sorry, I don’t get it. For what are we coping?

I should have mentioned that I still love Linux though…

So where do those of us who don’t think Windows is the literal worst OS ever fit into your analogy?

Then you apply the scientific method and/or research in search of truth.

• https://en.wikipedia.org/wiki/Scientific_method

• https://en.wikipedia.org/wiki/Research

My wife doesn’t like it when I introduce her as my ex-girlfriend.