The Framework 16 lets you put a pad with twenty-four additional buttons on it next to the keyboard. These 24 buttons can be programmed to do whatever you want with reprogrammable firmware.

Also, there are twenty-three different keyboard layouts available (IN ADDITION TO the 24-key macropad).

I think there are legitimate arguments against Framework, but this one clearly isn't cogent.

The post to which you're replying is implying that the lift shafts are entirely opaque to the wireless signal.

So it's fine if the user doesn't have a shaft between them and the AP. When they move so a straight line from the device to the AP crosses through a lift shaft, they enter the wireless "shadow" cast by that shaft, preventing them from contacting the AP. When they take another step forward the device might "come out of the shadow".

This is a difficult situation to deal with in roaming, where the visible AP set changes rapidly as the user moves a small amount.

TL;DR: I'm pretty sure the parent you're replying to "got it" and you didn't understand what they were trying to say.

As a slight hint, one of the more common types of corporation is an "LLC". LLC stands for Limited Liability Company.

If the company's owners had unlimited liability for problems the company caused, that wouldn't be much of an LLC, would it? The primary purpose of an LLC is to make it so that the owners (often the founders) cannot personally be held responsible for debts the company incurs, even debts incurred through their instructions.

This also includes debts caused by punishment for the company breaking civil contracts, but doesn't make individuals who use the company to break the law immune to criminal charges. But the standard of evidence for prosecuting that type of malfeasance is pretty high...

> primary purpose of an LLC is to make it so that the owners (often the founders) cannot personally be held responsible for debts the company incurs

It’s more so investors who aren’t involved in day-to-day decision making can invest without worrying that the founders will create liability for them.

This. You can still go after management in certain circumstances

I said the owners can't be held liable, I meant the owners can't be held liable.

You can "in certain circumstances" (negligence, overt criminality...) go after the managers. You probably can't go after the managers for things like producing a business plan they could have plausibly believed was legal and causing the company to incur civil liability.

In the situation described in this article, probably both the owners and the managers (likely the same people!) get away without being held accountable, and the victims have no recompense because the company folds.

LLCs are the limited liability form also most easily subject to veil-piercing (meaning, the courts ignore the limited liability shield to go after the assets of the owners) as most LLCs fail to properly maintain all the technical minutae necessary to actually keep the liability shield in place.

Insufficient capitalization is the #1 reason for piercing the veil (and also works well against corporations). This involves not putting enough investment into a company to pay the foreseeable debts it would incur from its activities. This means: if your LLC incurs debts knowing it lacks the ability to pay them off, the courts can pierce the LLC and go after you.

> Note that absent reasonable articulable suspicion of a crime, law enforcement in the US cannot legally forcibly identify people.

Could you cite a source for this?

If a law enforcement officer personally recognizes someone's face, I don't believe that it's illegal for them to know who the person is.

If a law enforcement officer turns to their non-cop buddy and asks "do you know this person?" and their buddy says "yeah that's Joe", I don't believe it's illegal for them to identify the person that way.

If a law enforcement officer picks up a phone and describes the person's face to their non-cop buddy and the buddy says "that sounds like Joe's face you're describing", I don't believe it's illegal for them to identify the person that way.

You can see where this is going, right? At what point does it become illegal to look up a person's face in a store of the-way-faces-look? Where does that become the "forcible identification" you're talking about?

Generally speaking, people expose their faces in public, and so those exposed faces can be remembered, photographed, and recalled without the person's consent or any warrant. This is legal in the USA - there is no expectation of privacy in a public space, and the police don't have to give you any more privacy than a private citizen would. They just cannot search you - and looking at your face, and potentially recognizing it, is not a search.

The only arguement I can see, is that the police should also not expect any privacy and have their names and faces visable, but thats the only relatively modern issue I've had.

And maybe no database that is always on and always accessable state and federal wide, since thats removing just general public exposure expectation.

> They just cannot search you

If instead of looking up your name in a name list, I look up your face in a face list, ain’t that searching?

I feel like what you’re ultimately asking hinges on when, legally, a photo turns into biometrics.

No, looking up your face in a list of faces is searching FOR you, not searching you.

Searching you means taking an inventory of the items on your person. It does not mean looking at you. In some cases, imaging you can be a "search" even where there is no physical contact (for example: a millimeter-wave scanner), but a photograph in a public place has never qualified as a "search" in the USA.

I understand your feelings, but so far as I know things like gait recognition, facial recognition, or even an iris scan derived from an ordinary photograph have never qualified as a "search" under U.S. law. Feel free to correct me if I am wrong on this: it's quite difficult to prove something has _not_ happened.

I think the legal line is not when it "becomes biometrics" or becomes identification. The legal line is when you are revealing a private property about an individual (for example, their blood type, or the contents of their pockets). Nothing visible to the naked eye in public is considered private, so nothing that derives identity from that public information is a "search".

As a nice easy example... an officer smelling alchohol on the breath of a person in the course of a conversation is not a "search". An officer compelling that same person to breathe into a breathalyzer machine is. Applying the same standard to faces, you cannot make an individual put their eye to a scanner without reasonable suspicion, but if you can get a biometric scan from the invidual as they happen to walk about their day, doing that isn't searching them...

> Applying the same standard to faces, you cannot make an individual put their eye to a scanner without reasonable suspicion, but if you can get a biometric scan from the invidual as they happen to walk about their day, doing that isn't searching them...

There's a different standard that could apply with just a small amount of tweaking.

Many people's homes happen to leak IR out of their poorly-insulated windows, walls, and roofs. Anyone (police included) can get an IR camera and determine facts about what's going on in such a house. However, police must obtain a search warrant before doing so... despite the fact that the design of such a house means that it broadcasts all that information indiscriminately while one goes about one's day and the twin facts that IR cameras aren't dreadfully expensive and are available to anyone with the funds to get one.

The Supreme Court case that determined this hinges in part on things that would "previously have been unknowable without physical intrusion". This logic could be tweaked to cover things that would "previously have been unknowable without physical detention". The core problem with searches has never been the inconvenience involved in the search... it has always been the fact that you're being searched. New tech that removes the physical imposition of a type of search does not solve this problem. A long while back [0] NYPD was deploying mobile microwave scanners that they used to perform indiscriminate under-clothes searches of people who were committing the "crime" of being in public going about their day. IIRC, they wrapped this in «We're just looking for weapons, and it's only a pilot program, anyway!» language, but that doesn't change the fact that they were performing "stop and frisk" searches at scale.

[0] And maybe they're still doing this... I've not paid much attention to NYC's law enforcement insanity in quite a while.

The interior of the house is a private space. Things under your clothes are too. Revealing either of these things through whatever technology is a search.

The standard is whether something expected to be private is revealed. What your eyes look like (even in detail) is not that. There isn't a point on some line where the photograph becoming higher-quality applies a different standard than a low-resolution photo would.

This is actually how it works in India with "e-mandates".

In order to set up a recurring bill the merchant must get a "mandate" from the customer, which involves them approving the amount/frequency/term of the payment. The customer can at any time view a list of open mandates on their bank's web site/app and cancel any they wish. Recurring payments only succeed when the mandate remains valid.

The payment amount may be revised downward without getting a new mandate, but raising it up requires replacing the old mandate with a new one.

In order to make a non-initial charge the merchant must pre-authorize it with the bank a few days prior (handing the ID of mandate under which the charge is made to the bank), and pass the confirmation they get back from the bank when they do the real charge. The bank notifies the customer about the upcoming renewal and its amount.

IMO this is exactly how it should work.

> All metaphysical positions are ultimately unfalsifiable

This is not true, there are many metaphysical positions that are falsifiable.

For example, "anything shaped like an apple is an apple" is a metaphysical position. It defines what it means to be apple-ish. You could hold that metaphysical position and also "apples are always made of plant material" as another position you hold at the same time.

Then you could falsify the metaphysical position by presenting a stone carved into the shape of an apple. You could choose to deny reality and change your physical definition (what the definition of the word "apple" is), but if you think logically the evidence constructively falsifies the original metaphysical position.

I think what you might have been trying to say is that people tend to adopt metaphysical positions which are non-falsifiable. Yes, they do, but that doesn't mean no metaphysical arguments can be resolved through logic and experiment.

True, I should have been more careful with my wording. My point was actually that unfalsifiable metaphysical statements are not invalid in the same way that unfalsifiable physical/scientific statements are.

So yes, some metaphysical statements are falsifiable, and some have in fact been falsified over time. And, very importantly, many of the biggest metaphysical questions have no known falsifiable answers (at least none that are not already known to be false, of course).

The only purpose of SEV is to protect a guest against the person who controls the hypervisor.

So this is a threat against SEV.

A "threat actor" can be a company employee who is intentionally permitted to update internal documentation, but not intentionally permitted to change the behavior of an LLM whose context window includes that documentation.

I think it's reasonable for a security conference to talk about how if you put the internal documentation in the LLM context, that means you're elevating the permissions of anyone who can edit the documentation by transitively giving them the ability to instruct the LLM in its "actions" (outputs).

While it should be obvious that's what you're doing, I would say most people I talk to about LLMs do not understand that all parts of the context window together shape LLM output, and there is no such thing as "only obey instructions from the system prompt".

With PIV, the private keys are stored inside the smartcard (a Yubikey is just one type of smartcard) and don't leave it. They're used for encryption/decryption by the host.

Yes, it's generally sound, and is the primary means of authentication and encryption used by the US military for classified systems.

It does not. The files are copied to the recovery image, not the machine's encrypted drives.

My concern isn't where they are copied to, but where they are copied from.

They are copied from a thumb drive the person applying the exploit creates.

Yes, but my question was where the files on the thumb drive are coming from. At first, my understanding was that you needed to get them from the victim's machine. But, after watching a LowLevel video on YouTube, it seems those are universal files that you can get from the exploit's repo.