Comments by "Edward Cullen" (@edwardcullen1739) on "Louis Rossmann" channel.

  1. Yeah, it's falling down? If it was any nicer, you couldn't afford it!
    90
  2. I've been through the mental transformation that Louis talked about - taking responsibility for myself, believing that there are things about my life I CAN control. I'm not rich, but I am VERY comfortable financially. Yes, the past 5-6 years have been INCREDIBLY painful.
    41
  3.  @ReeseGhost  Be quiet, the grown-ups are talking.
    28
  4.  @rsman23  Grow up.
    24
  5. Yeah, 12-13 was the assumed target audience for me... ... But having worked tech support, I wouldn't limit it to that group 😂
    16
  6. Louis has got me thinking about learning more about electronics... Given that I'm a software guy, this is almost sacrilege 🤣
    15
  7. Yeah, but the point of the licence in NYC isn't too enable people to do business, it's as Louis describes: to stifle competition.
    14
  8. This is why I have 0 respect for anyone who buys - and prominently displays - their Apple product.
    11
  9.  @kamranki  People get the masters they deserve. Once we're living in a Corporatist dystopia, I'll make sure to say "I told you so", before their hit squad comes for me.
    10
  10. For me, it's the frustration that "those in charge" are utterly incompetent, and seem to revel in preventing others from doing anything*... Combined with the knowledge that *so many of these problems have been solved and need little more than a modicum of will to effect.
    10
  11.  @Lostcontroller  It used to be called "Personnel Department". I don't have the faintest idea why it changed. In the UK, the professional HR body is still called CIPD - Chartered Institute of Personnel Development. I guess "personnel" implies that every employee is an individual...
    8
  12. My opinion that Apple is an evil organisation is not adjusted by this story... 😒
    7
  13.  @ExpatZ266  This is a very bad take. There is no such thing as "perfect security"; by your logic, there's no point having any security features on any device. AS WITH ALL SECURITY, it's about raising the bar; making it more difficult to complete a successful attack. This feature targets supply chain attacks, where a hostile actor intercepts hardware and modifies it. Without this feature, an attacker could simply flash the BIOS. With this feature, then must now also replace the CPU. Given that CPUs include their serial number internally, it's easy to verify that the CPU that left the factory is the one that arrived at the customer. Full hardware-to-software chain of trust is the future and there's no way around it - without it, Secure Boot is meaningless, reducing Secure Boot to security theatre...
    7
  14. My bro is an outlier - is smart (has a proper, hard-science degree) and works in HR. His experience of UK is: 1. Businesses often have terrible recruitment processes and systems. 2. Sometimes, it's not the HR/recruitment team failing, but the people doing the actual hiring (managers must interview, otherwise it causes problems down the line...) - he's had managers wait 2-3 weeks to get back to someone to offer an interview, then been all surprised Picachu face when they're "no longer available"... 🤦🏻‍♂️
    6
  15.  @rsman23  Mate, this is about decorum. This video is a serious subject; it's really important discussion and advice. Your comment was puerile and done entirely for your own benefit. It was childish in the extreme. I'm all for trolling, shit-posting and having a laugh, but there's a time and a place and this ain't it. You're simply upset I called you out. Get over yourself; grow up.
    6
  16.  @rsman23  Also, slander is spoken, written words are libel. A statement is only defamatory if it ascribes, as a matter of fact, something which is not true. "Grow up." is an instruction, not a statement of fact, so, de facto, cannot be defamatory. Even if you take the view that it implies something that is defamatory, this is easily countered by the typical usage of the entreatment; it is an expression an individual's opinion that another's behaviour is "childish" or "unbecoming of an adult". Because this is exactly what it is; an expression of my opinion.
    6
  17. You must be new. Welcome! You're in for a real show! 😂
    6
  18. This, so much, this! Realised a long time ago Apple were a bit sus, am now convinced that they truly are evil... Like "people exist to but Apple products", not the other way around...
    5
  19. If you're not failing, you're not trying hard enough...
    4
  20.  @bufordmaddogtannen  Sometimes, not even that! I've had comments blocked from being posted AT ALL! (And no, I'm not the kinda guy who drops n-bombs...)
    4
  21.  @timharbert7145  Your comment is ambiguous. If the ftards are the government, I agree; the "COVID crisis" will "never end". If you're talking about the population in general, then you clearly don't understand the first thing about virology/epidemiology. This virus is now endemic; by definition, it will never go away. It spreads too easily, but it is not deadly enough to "burn itself out" and we know that the vaccine only prevents serious illness, not any infection at all...
    4
  22. Pay 10's $1000s to be told that you're inherently evil and there's nothing you can do about it...
    4
  23.  @samuelmatheson9655  Nah man, more accurate description is "corporations buy corrupt politicians to pass laws favouring them and their evil practices."
    3
  24. The point of this feature is defeat supply chain attacks. If the machine leaves the factory without this feature enabled, you may as well not have it at all. Any way of disabling it defeats the purpose.
    3
  25.  @niyablake  Good point. What people are failing to ask is "Who buys the most Lenovo computers, Consumers or business?" Security is all about weakest link. What's the point in super-secure hardware in the DC if it can be compromised by someone putting a USB stick into the receptionist's computer when they are distracted? Or how secure is your network if the machines used by your admins are compromised? The issue here is that Lenovo is the first to make widespread use of this feature because of who their customers typically are, not that they're using it or that it exists at all. Louis is kinda right, but his lack of experience in security has led to a bad take and proves why security is as god-awful as it is generally; security is trumped by all other considerations. Whether it's Jayz2cents advising people to disable Windows Update 🤦‍♂️ or people misunderstanding a feature that may potentially, one day, maybe, mean buying second-hand parts will be more difficult or expensive, people just don't care about security or other people, they only care about money and themselves. One thing that people just aren't aware of is that this kind of thing is going to be standard sooner, rather than later. There's a good reason for that and it has nothing to do with "vendor lock-in".
    3
  26.  @heron5045  Yeah, but it isn't. It demonstrates a failure in understanding of: 1. The purpose of the feature. 2. How Secure Boot and Bitlocker works. 3. How machines are manage in a corporate/enterprise environment. The purpose is to defeat supply chain attacks. New keys can be loaded into the TPM and Bitlocker has a recovery password system (e.g. to allow a legitimate user to move the drive to another machine in case of hardware failure). A new machine will be re-imaged using a standardised installation source, meaning that Bitlocker would be set up after an attack took place. In practice, this idea would just make the feature pointless.
    3
  27.  @majstealth  Delphi is derived from Pascal. COBOL is one of the "original" programming languages, together with FORTRAN and a few others.
    3
  28.  @wcvp  Was with you, right up until you started dissing the cats. Cats are what the Internet was made for. Now go to your room and think about what you said!
    3
  29. YES!!! I am studying with Nigerians. They've literally just been telling me how corruption is destroying their country!
    3
  30.  @BrutusAlbion  Thanks to Brexit, farm labourers are now being offered as much as £30 an hour. "Mass immigration does not suppress wages." My arse! The EU is a Corporatist cartel, intended to keep the poor, poor. Not that they're replacing the EU workers with African migrants, coming by the boat-load...
    2
  31.  @jeanfrancoisdutremble9022  People's Republic of Canadistan
    2
  32.  @shy8054  No problem, I can see the lack of clarity in what I wrote... The definition of "Capitalism" was created by Socialists (may have been Marx, but I don't remember). The point is, that it strongly emphasises all the bad things, without being fair/accurate about all aspects - it was created expressly for the purpose of saying "Capitalism bad, Socialism good." My point is that the Marxist definition of Capitalism does not match the Adam Smith definition of "the free market". What we live under today isn't the free market either - it's a degenerate form (warned about by Smith...) where corporations effectively control the politicians who are supposed to be keeping them in-check.
    2
  33. "Anyone could have done this." Is what I constantly tell myself and the only way I can't fight it is to remind myself "yes, but nobody did". Only way I keep my imposter syndrome in check...
    2
  34.  @jerrylove865  To build a chain of trust, every component must be verified/verifiable. You'll notice that one aspect of the chipset is full memory encryption. Without this, someone could, at the hardware level, inject code/data into the system. If the CPU is not part of the verification chain, then the security verification can be spoofed or circumvented.
    2
  35. I'm can't wait for them to be available in the UK! Hopefully there will be more options available when they do. I know for CERTAIN that I'm going to buy one in the first wave, regardless and will IMMEDIATELY get an AMD-based system too - even if it's only 6-months later!
    2
  36.  @powerwam024  Takes a big man to (publicly) admit fault. Genuine respect 👍
    2
  37. You mean, "one of the 2 date ordering methods which are logical"? 🤣
    2
  38. Watching another professional losing his shit at someone else's piss-poor work is strangely therapeutic...
    1
  39. On battle at a time 😉
    1
  40. Hah! You're all amateurs! Put a guy on a plane with a suitcase full of disks, because THAT'S how much data you're working with! 😉
    1
  41. This is a great example of strategic thinking. Well done Louis!
    1
  42. Or becomes mayor...
    1
  43. "We're in Albany." 🤣 Says it all.
    1
  44.  @_PatrickO  or just mount it on the underside of the table?
    1
  45.  @QoraxAudio  🤣🤣🤣
    1
  46.  @herbstwerk  !0
    1
  47.  @shy8054  Free market enterprise != Capitalism (straw-man created by Socialists) Free market enterprise != Corporatism (where corporations buy-off the politicians responsible for ensuring the market remains free)
    1
  48. In principle, the French approach of making information available to consumers is good. Let the market decide. If people want to pay $100 less for something that can't be repaired, well that's up to them...
    1
  49.  @esenel92  Meh, there will always be ransomware attacks. Malware could zap the BIOS right now anyway... This is a countermeasure to a specific kind of attack and it doesn't open any new avenues.
    1
  50.  @jerrylove865  Notwithstanding the obvious straw-man argument, you demonstrate a lack of knowledge and understanding of how computer hardware works, the attacks that this technology is intended to defeat and how it is actually implemented. And actually, verifying the keyboard IS important, as there have been recorded instances of people injecting key loggers into the keyboard at a hardware level. But, dafuk do I know? 🤷‍♂️ If you think this doesn't pass the "smell" test, it's because you have zero clue what "good" and "bad" are supposed to smell like. Asking for a circuit diagram is just a loser move. It's a pathetic attempt to "win" an "argument" by demanding something you know cannot be produced. Oh, and this isn't an argument. This is someone who actually knows what they're talking about correcting your misconceptions. Deal with it. I'll repeat: the objective here is to defeat supply chain and firmware-level malware injection attacks by making the operator aware that an attack has taken place and to also make those attacks more difficult. To defeat this implementation, one would need to replace the CPU, which can be detected by manually confirming the CPU serial number (which is hard coded into the CPU). If the the verification hardware is on the board, then it could be defeated by modifying the board, as, ultimately, it would be setting a pin out to high or low. Unless, of course, the CPU does a cryptographic verification of some hardware component... Which would require that the key be included in the CPU... Which is precisely the implementation they have 🤦‍♂️ This implementation, because it verifies the loaded BIOS image cannot be defeated (or would require obscene investment to defeat), because the CPU is doing the verification. Replacing the CPU can be detected by verify the serial number, which is hard-coded into the CPU itself. You would, therefore, need to either modify the CPU or somehow get a new CPU and spoof the serial number. Or, somehow, convince the CPU to load one BIOS image but verify another... Plus, you probably should verify your HDMI cables, because there's no reason it can't contain a transmitter that is mirroring the output... But of course, you knew that already, didn't you? And the reason for memory encryption is to ensure that the contents of memory cannot be modified by anything other than the CPU. A modified board could, theoretically, arbitrarily modify memory contents (say, by overwriting the fixed location at which the BIOS is loaded into memory, AFTER the CPU has done verification...) The bottom line here is that teams of people, who, individually are smarter, better educated and more experienced in defeating hardware-level attacks, than you or I, have put a LOT of time and effort into this design. They neither put in superfluous features, nor left out features that need to be there.
    1