I'm fairly certain this will be more trouble to enforce than they are bargaining for, and may have some knock on negative side-effects.

However, assuming it isn't a complete failure and social media use is decreased substantially, it may provide some interesting independent data about childrens mental health and social media use.

like an unnecessary Wisk.

I will not take this unnecessary Wisk.

It's an interesting finding.
The article talks about the photoelectric effect being an analogy, though it reminds me more of how ultrasonic humidifiers work.

Comment

The $5 charge is separate, so it also comes with a $5 charge.

The idea of Walmart getting involved just sounds silly.

You make yourself look stupid and you make me feel stupid for having read what you wrote.

There you are

How could we be forced into using this untested system so quickly! We should start using it only after it's been used in other countries for 20 years!
Oh wait.

I hated it because I could scarcely read what he was doing when I sat next to him due to the viewing angle.

If I ever build a killbot, it will be activated by the phrase "confusing to users."

I think a lot of folks here are missing the point. The trouble is that the kernel running in secure boot mode has to be able to receive signed keys in a secure way (if you think secure boot is worth anything, many do not).

Linux running in secure boot mode is a done deal. The question is how do you import keys that are signed by Microsoft. In an ideal world you'd just upload the signed X.509 cert and you'd be done. Unfortunately, Microsoft will only sign PE binaries.

So the developers opted to enclose the X.509 cert in a PE binary. Unfortunately, that means the kernel needs to be able to read the PE binary and verify the signature all in kernel space, then extract the x,509 cert. This is undeniably messy.

Now lots of folks will argue that there's no point to this and it should be done in user space. I'm not going ti argue with that, but the reality is that most of the mechanics of this are already implemented, just not the PE stuff. You can sign kernel modules and verify them in kernel space with x.509 certs (at least by my reading of the thread).

Frankly, I think this is pretty much the only thing to do short of talking MS into signing x509 certs. The other suggested work-arounds involve additional authorities or doing stuff in user space. They are all workable, but are pretty clumsy compared to what's being proposed.

I think it may have been a mistake to just drop this ugly change on Linus without his involvement. My guess is that if the problem had been stated before coming up with a proposed implementaon, they might have come up with essentially the same solution with less drama.

"Men wanted for hazardous journey, small wages, and bitter cold, long months of complete darkness, constant danger, safe return doubtful, honor and recognition in case of success."

Despite the ominous tone of the ad, the response was overwhelming.

Too bad the ad probably never existed.

God liked it, so he put a ring on it.