Binding of Isaac is a game that takes hundreds of hours to beat, and worked well on iPad. It cost $15. It was removed and so Edmund McMillen the creator resolved to never publish on Apple platforms again. Disappointing for me because his new game is Windows only, but I can’t blame him.
I could have sworn there was a discussion about this years ago but I went looking for it on HN and just found a comment I made years ago, funny how that shakes out.
FWIW I witnessed a friend of mine playing Mewgenics via Proton on his Arch desktop. Seemed to work fine. So, only Windows-only to the usual degree, it doesn't seem to have any sort of problematic DRM or anti-cheat to worry about.
There used to be a beer designed to be mixed with milk called bilk. Last I heard, it was terrible. Maybe it's still around - I think it's Japanese, so it's unlikely I'd happen across it.
I really enjoyed Roadwarden. Interesting take on an old fantasy genre and gave me “this is ancient history” vibes. I’m not usually into visual novels but beat this game. It’s available for under $3 right now, I am showing 20 hours played, totally worth it.
This is interesting to see since on another HN post everyone is bemoaning how expensive it’s getting to use frontier models because Anthropic is massively throttling Pro Max Claude plans. That’s certainly not going to become more accessible to us normal folk through taxation.
This is why I have 50TB of HDD space and a plex server. We tried watching a show on Amazon Prime and it was brutal, so many commercials. My wife skipped backward because we missed a part and were too close to the ad break so it made us watch a second 1:30 reel of unskippable ads. We subscribe to Prime and I still downloaded it. I’m not going to let them boil this frog.
This happened to me when I tried to buy Oakley’s, it was because I’d changed my router to an ad blocking DNS which made their support session lookups fail, so they couldn’t help me. Transactions failing, all because of their site being too tightly integrated into tracking and ad platforms. I ended up going with Zenni and got similar glasses for 1/5 the price.
8khz polling rate mouse and keyboard, 240hz 4K monitor (with Oled to reduce smearing preferably, or it becomes very noticeable), 360hz 1440p, or 480hz 1080p, is current state of the art. You need a decent processor and GPU (especially the high refresh rate monitors as you’re pushing a huge amount data to your display, as only the newest GPUs support the newest display port standard) to run all this, but my Windows desktop is a joy to use because of all of this. Everything is super snappy. Alternatively, buying an iPad Pro is another excellent way to get very low latencies out of the box.
That's a good one. I probably should have brought up variance though. These cache-less systems had none. Windows might just decide to index a bunch of stuff and trash your cache, and it runs slow for a bit while loading gigabytes of crap back into memory. When I flip my lightswitch, it's always (perceptibly) the same amount of time until the light comes on. Click a button on the screen? Uh...
Hah, that’s a good point! Unfortunately I have Hue smart bulbs and while they’re extremely convenient and better than most, there is sometimes a slight pause when using my WiFi controlled color schemes to switch between my configured red and daylight modes. What you gain in convenience and accessibility (being able to say “turn off the master bedroom” when I’m tired is amazing) I’ve lost in pure speed and consistency.
My friend just made an app. The idea sounds really dumb and he keeps asking me to install it. He’s never written a line of code in his life. I’d imagine a lot of the apps are stuff like this. It’s an app that tells you who died today, and who you’ve managed to outlive. Seems really glum and a downer.
My grandparents would have loved this. They spent most of the mornings scanning through obituaries for old friends who had died. Might be one of those bittersweet hobbies you get into when you reach your 80s.
Eventually these super expensive SXM data center GPUs will cost pennies on the dollar, and we’ll be able to snatch up H200s for our homelabs. Give it a decade.
Also eventually these WEIGHTS will leak. You can’t have the world’s most valuable data that can just be copied to a hard drive stay in the bottle forever, even if it’s worth a billion dollars. Somehow, some way, that genie’s going to get out, be it by some spiteful employee with nothing to lose, some state actor, or just a fuck up of epic proportions.
This is decidedly not what I’d expect to be discussed at Thotcon. That said, super interesting!
As an avid pirate, I’ll say these days even the Denuvo game which were going years without cracks now have “cracks”, although they rely on hypervisor fixes and disabling secure boot and giving the hypervisor cracks unfettered access to your system to intercept the Denuvo checks. [0] It’s a dangerous game we’re playing to keep these AAA games bottom lines fat.
It has their uses. If, for example, a company wants to issue fleet computers to workers or school to students, you want to have secure boot on those devices to prevent tampering. Secure boot makes it so that physical access is not the end all of security.
If you own the computer yourself, you "ought" to be able to turn off these measures in a way that is undetectable. Being unable to do so would be the red line imho - and looking at those hypervisor cracks available, it's not quite being crossed. The pessimistic, but realistic future prediction is that various media companies would want and lobby for machines to have unbreakable enclaves for which they can "trust" to DRM your machine, and it's just boiling the frog right now. Windows 11's new TPM requirement is testament to that.
Switch to linux asap - that's about the only thing a consumer is capable of doing.
This is coming. In particular, without a Secure-Boot-enforced allowlist of operating systems, it will be near impossible to verify that an OS connecting to the internet complies with your locality's age verification laws, so it will soon be illegal to run a computer that does not make Secure Boot mandatory and connect it to the network.
If you're starting to think "huh, maybe that's why these age verification laws suddenly became all the rage", you're onto something. Whatever the case, "general purpose computing" is definitely cooked.
General purpose computing as it was done in the 1900s is cooked for the average user because there is no market incentive for it to exist. The actual market incentive revolves around apps as they provide user value along with the ability to deploy custom apps.
The laws in my locality place requirements on the service provider (e.g. the adult website operator), not on random computer owners or manufacturers or software vendors.
Newsom signed a law that places those requirements on every operating system in California, and in practice, organizations tend to comply with California's terrible laws no matter where you are, rather than stopping doing business there or making two variants of their products.
With software it's trivial to have a switch for "California compliant" mode, but in any case, that makes it clear that such criticisms should be directed at California. Other (generally "red") states already had a more reasonable solution: make the sites offering the restricted service liable for their actions just like other businesses.
The problem is that you could face liability if you do business in the United States and permit a minor in California to use an OS in non-California-compliant mode. If you're an "OS provider" in Wichita, KS, California will find that its jurisdiction still applies because the minor was in California and sue you in its courts. If you fail to turn up that's a judgement for the state by default. (And if you do turn up, it's a judgement for the state as soon as they prove a kid ran your non-age-checking OS.) And, thanks to the "full faith and credit" clause of the Constitution, California will be able to collect on its judgement against you in Wichita.
Hardware vendors are not going to want that kind of liability, in California, Colorado, New York, or anywhere else. So they will switch to selling hardware with locked bootloaders and only allowing approved operating systems within that locality (which for end-user PCs will mean pretty much just Windows). There is still foreign hardware, but those chinesium PCs are going to be confiscated by ICE unless the Chinese manufacturers also play ball.
Besides all this... federal legislation is coming.
If you'd humor me, or just read the last paragraph for a tldr...
So let's say a PC builder(an individual; not a company) were to donate a PC to charity. Let's say it's built with a fairly recent MSI motherboard(https://www.amazon.com/dp/B0BRQSWSFQ/) 'MSI PRO B760-P' if you'd prefer to avoid amazon.
I remove all my internal SSDs and NVME drives but buy a new 1tb SSD for whoever receives the PC. I also install a Linux OS, as well as sign the secure boot keys via sbctl myself, setup ukify, efibootmgr, etc. Everything the recipient would need to switch over to another OS if they so choose.
But oh no, the donated PC landed in the hands of Johnny, a 17-year old in California.
So who's at fault here, MSI for creating a BIOS that allows for non-windows EFI images to be installed? The PC Builder(donator) for knowingly installing Linux(though not knowing where it would end up)?
This is kind of what confuses me and I'm curious what this means for future hardware sold in the US and those who build PCs for their own use or others. Most modern motherboards are "locked down" by default, but can easily be unlocked by the end-user, it may take a few extra steps or be a bit harder to find but still pretty simple for someone moderately tech-savvy.
The full faith and credit clause does not apply if the court lacks jurisdiction, which California clearly would. There's a reason "California compliant" already exists as a phrase; you can buy and sell things that break California law outside of California. If you bring it in that's on you.
> If, for example, a company wants to issue fleet computers to workers or school to students, you want to have secure boot on those devices to prevent tampering. Secure boot makes it so that physical access is not the end all of security.
Measured boot is actually better for that: You can still boot whatever you want however you want, but hashes are different which can be used for e.g. remote attestation. Secure boot has to prevent that "unauthorized" code (whatever that means for each setup) can ever run. If it does, game over. That means less freedom and flexibility.
Measured boot isn't any better. Look at Android phones, where it's technically possible to unlock your bootloader, but a ton of apps (e.g., McDonald's and most banking apps) use remote attestation to see whether you did so and will refuse to work if you did.
Having an operating system purposefully allow support to installing rootkits should clearly be a bad idea. It shouldn't be surprising you have to turn off security features to install a rootkit.
Anti-cheat drivers are just as much of rootkits, and in practice, they have vulnerabilities that get a lot more hosts pwned than cheats do. Let's get Microsoft to stop loading their drivers.
I agree. Microsoft should provide proper integrity APIs to apps so they don't need such drivers. The fact that the PC ecosystem is so far behind XBox's for platform integrity is a big failure on Microsoft's part towards the PC gaming market.
Integrity is needed for a fair playing field. Their is consumer demand for such a fair playing field so it is a good thing for an operating system to respond to customer demand.
it is stupid to turn it off. It is incredibly easy to infect your system components without your knowning.
that being said, it does assume a certain trust in firmware vendors / oems. If you dont trust those, then dont buy from them.
i think for most ppl trusting OEM or trusting rando from interwebz with a custom hypervisor and requirement to cripple my system security are totally different things ..
u know they could actually make theyr HV support secure boot etc. to do it properly and have ur system run the cracks but not have gaping holes left by them -_-. lazy.
If you’re downloading torrents and running code with elevated privileges that infects your PC, 99% of people are absolutely hosed at that point anyway. I don’t see th real distinction between being owned at an elevated system level and owned by disabling system secure boot for a home user
Secure boot is an attempt to make covert persistence of an infection harder, that's all. It doesn't make it more or less likely for you to be compromised in the first place (and in general compromise of your user account is enough to be a big problem: most malware doesn't even need admin access let alone the ability to modify the parts of the system protected by secure boot)
As always in security, It Depends™; there are vulnerabilities that only impact systems with secure boot (and result in a situation worse than not having secure boot to begin with).
What I'm wondering for a while now: How do the game streaming services run the Denuvo titles? Do they get special builds? They will not run on bare metal hardware but in some kind of VM right? Wouldn't Denuvo detect that and stop working?
To add to this, almost every time a Denuvo game was “cracked” before the hypervisor methods it was because the dev accidentally published a demo with none of the Denuvo stuff. Happened to Lies of P a couple months after release.
Essentially secure boot is supposed to validate that only properly signed drivers are loaded on system startup. That allows you to block malicious/cheat drivers from being loaded because a signed AV/anticheat driver was loaded before and now it can properly control drivers that are being loaded after it.
Without it you are risking that the malicious driver will be loaded first and then make itself invisible to the later drivers.
Of course there are ways to bypass this too, but it adds a whole other layer of complexity.
Tldr
Secure boot is there so drivers loaded at boot time can trust that nothing was tampered with before they were loaded.
I could have sworn there was a discussion about this years ago but I went looking for it on HN and just found a comment I made years ago, funny how that shakes out.
reply