…or booting from alternate media to retrieve data from the disk in situ (depending on which measurements are used to seal the key in the TPM).
“Don’t let perfect be the enemy of good.” Vulnerabilities/limitations should be understood and you have every right to determine that TPM+PIN is the minimum control that addresses threats you’ve modeled and reduces risk to a tolerable level, but TPM-only encryption is not pointless. It reduces risk by increasing required attack complexity without impacting usability. That’s enough for a lot of people.
My mother was diagnosed with MG 25 years ago. Her first symptoms were droopy eyelid and double vision. Plasmapheresis helped, Prednisone had nasty side effects (glad to hear that sounds not to be the case for your father), prismatic glasses to un-double her vision kind of helped?
As her symptoms increased—-speech delay, difficulty swallowing, eye misalignment, all stemming from fatigue-induced nerve conduction delays which can culminate in respiratory failure—-myasthenic crisis, they opted for thymectomy (open surgery). She was probably 50 and while the recovery was lengthy, it drastically improved her symptoms and the amount of activity she could do before arose symptoms appeared. No more prism glasses or multi-second speech delays, or weekly plasmapheresis visits. If she spent too much time being active or driving on a sunny day (squinting), she’d feel the ocular fatigue first and know she had to rest or take a prednisone. Now her eyes are failing for other reasons but the thymectomy bought her 25 years and counting.
I’m glad your father survived his crisis. It sounds like you’re doing all of the conservative treatments (which is good; steroid noncompliance is a risk factor for crisis).
There are new medications that directly reduce or deactivate AChR antibodies. Non-invasive video-assisted thoracoscopic thymectomy is more viable today too (and thymectomy has been shown to decrease the frequency and severity of crises even where the thymus was considered normal). Plasmapheresis remains generally effective, if time consuming.
MG sucks. From one son to another, I hope you can get a few more good decades with your parent too.
I bought a very similar looking $120 Brother HL-2170W 13 years ago after moving cross country and being unable to justify schlepping my trusty Laserjet 4 Plus.
I’ve apparently only printed 6500 pages and I think I’ve changed the toner two or three times but it has been surprisingly trusty for the price point.
The fire apparatus I’ve worked on have a 120V inlet called a shoreline to keep equipment (MDT, radios, cardiac monitor, portable suction, and Lucas battery chargers, interior lighting, etc) operational at station without draining the battery.
Presumably this is the same thing whatismytenantid.com does under the hood.
Interesting (to me) is that the OpenID configuration endpoint provides the tenant ID for not only Commercial tenants but US Government (GCC & GCC-High) as well because the Azure AD portal has relatively new functionality to configure cross-tenant access settings by tenant ID or domain name but Gov tenants require you to obtain the tenant ID from the organization which is either security through obscurity or due to use of some Commercial-only Graph API call.
Not only is there phishing opportunity, it's being actively exploited to much greater financial effect (check fraud and identity theft), and you don't even need to go to the lengths of creating a company profile or a website as anyone can create a job posting for any company (with rare exception) [1].
Here's a very real series of events I'm privy to:
- Bad guy gets a domain name confusingly similar to the target company (maybe tack on "inc" or "llc").
- Bad guy gets access to a LinkedIn account (doesn't matter who or if they're connected to the company; stands to reason that a hacked account with existing connections adds credibility) and updates the title to CEO of target company.
- Bad guy posts an "Easy Apply" ad for a remote job with target company.
- That job listing automatically appears on target company's LinkedIn page.
- Bad guy begins receiving contact info for the job and gets to work.
- Following a weak interview process conducted entirely over IM or email, the candidate is hired.
- New hire provides identity documentation at bad actor’s request.
- Bad actor sends new hire a check with instructions to buy equipment for their home work area from a specific vendor who is also the bad actor.
- New hire deposits check and bank makes funds available before the check clearance process actually completes.
- New hire buys a few thousand dollars’ of equipment from a vendor that doesn’t exist with money they don’t actually have.
- Check bounces and the jig is up.
By the time target company found out, LinkedIn has removed both the job ad and the profile that created it, but did not and would not reach out to the applicants to warn them of the scam nor provide those applicants to the target company (y'know, the company the applicants thought they were applying to; citing "privacy reasons").
While [1] says LinkedIn can do something to restrict who can post jobs on behalf of your company, it's wholly undocumented (and I suspect may not work well for companies relying on both internal and external sourcing). The only defensive measure I've identified is setting up a job alert for your company, specifically for Easy Apply and/or Remote positions as that seems to track with the scam.
The more nefarious ploy is how Axie infinity got shut down for millions of dollars in fraud because the targets opened a PDF that was actually sent by NK bad actors posting a fake high paying job and interview process
Yeah, my wife and I are both members of various slack workspaces (work, volunteer groups, social/industry groups, etc) so it was beneficial to use the same tool (with a free, private workspace) for us to not only chat but also keep track of things in different channels (#wanderlust, #whatdowedo, #whatdoweeat, etc).
I was about to say that due to the new 90-day policy, we stand to lose pretty much allof the content in those channels but as it turns out, except for one message from July 2020, we already have. I suppose it doesn’t matter to me now if it’s 10k messages or 3 months of history but the former amounted to 24 months.
I have this same need and am preparing an evaluation of Meshtastic in the field this month.
I'm part of a volunteer EMS division within a paid fire department and we staff foot teams and medical carts at large events at our 90,888-capacity stadium (football, concerts, etc; well over 100k including tailgaters at our biggest game of the year) and music festivals with 10-40k attendees on the adjacent golf course.
While we have fancy Motorola APX 8000XE, our on-site dispatch wholly lacks visibility into unit locations and the abysmal cell service precludes software solutions leveraging mobile phones.
Doesn't Motorola have location tracking systems which integrate or add-on to their radio systems? I know we used to have this on some of our VHF radios.
You could also look at using APRS for location tracking...
Edit: Also - you should be able to set up your phones with priority network access on FirstNet, right?
>Doesn't Motorola have location tracking systems which integrate or add-on to their radio systems?
Yes, the APX8000 has support for location tracking but we decided it'd be inappropriate to request anything of the regional communications center since they have their hands full with far more meaningful improvements to the 12 cities (40-odd fire stations) they support. Also, while I see value in tracking unit locations at our music festival events in particular, it falls well short of necessary.
>You could also look at using APRS for location tracking...
APRS would require we all have technician licenses and suitably equipped 2M radios. While a few of us are hams, it's not feasible to request dozens of volunteer EMTs go through that. Also APRS tracker hardware is at least twice as expensive as LilyGo's LoRa options ($55 for a T-Echo or $65-85 for a T-Beam w/case and battery vs $115 for the cheapest APRS tracker I've found--QRP Labs' LightAPRS [1]--not including designing a case and power delivery).
>Also - you should be able to set up your phones with priority network access on FirstNet, right?
We are indeed eligible for wireless priority services on our personal phones. AT&T FirstNet includes data priority but the couple members who got it didn't see an improvement. Verizon Frontline offers data priority but no one's opted in yet and T-Mobile only offers voice priority so low confidence in its viability.
Fundamentally, Meshtastic's attractiveness is not only in its low hardware cost but the lack of friction in not requiring anything of anyone beyond "hey, clip this thing on your bag, thanks."
> APRS would require we all have technician licenses
If you were using the "normal" APRS frequency, but if you set up your own iGate, you could run it in the public safety band, couldn't you? (If you had a frequency licensed and coordinated of course.)
Alternately, you could get a business band license and run it there. In that case, each individual doesn't need a license, just an org.
Sure, I could coordinate or license a frequency and build or acquire radios to use APRS but why? It requires greater effort, risk, and expense for the same result as the off-the-shelf solution.
https://youtu.be/jKVwEg4ZToI&t=25m45s
reply